From: Song Gao <gaosong@loongson.cn>
Date: Wed, 24 Jul 2024 01:58:53 +0000 (+0800)
Subject: target/loongarch: Fix helper_lddir() a CID INTEGER_OVERFLOW issue
X-Git-Tag: v9.0.3~65
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=50675777a07395e2ee84e3f2e7c90cf6522ef966;p=thirdparty%2Fqemu.git

target/loongarch: Fix helper_lddir() a CID INTEGER_OVERFLOW issue

When the lddir level is 4 and the base is a HugePage, we may try to put value 4
into a field in the TLBENTRY that is only 2 bits wide.

Fixes: Coverity CID 1547717
Fixes: 9c70db9a43388 ("target/loongarch: Fix tlb huge page loading issue")
Signed-off-by: Song Gao <gaosong@loongson.cn>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20240724015853.1317396-1-gaosong@loongson.cn>
(cherry picked from commit a18ffbcf8b9fabfc6c850ebb1d3e40a21b885c67)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
---

diff --git a/target/loongarch/tcg/tlb_helper.c b/target/loongarch/tcg/tlb_helper.c
index 57f53086324..22620054996 100644
--- a/target/loongarch/tcg/tlb_helper.c
+++ b/target/loongarch/tcg/tlb_helper.c
@@ -524,6 +524,7 @@ target_ulong helper_lddir(CPULoongArchState *env, target_ulong base,
         if (unlikely(level == 4)) {
             qemu_log_mask(LOG_GUEST_ERROR,
                           "Attempted use of level 4 huge page\n");
+            return base;
         }
 
         if (FIELD_EX64(base, TLBENTRY, LEVEL)) {