From: Tigran Sogomonian <tsogomonian@astralinux.ru>
Date: Fri, 27 Dec 2024 10:46:18 +0000 (+0300)
Subject: hw/misc: use extract64 instead of 1 << i
X-Git-Tag: v10.0.0-rc0~1^2~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d18591157e5adf0e4491eed9b2c99828ba52bd80;p=thirdparty%2Fqemu.git

hw/misc: use extract64 instead of 1 << i

1 << i is casted to uint64_t while bitwise and with val.
So this value may become 0xffffffff80000000 but only
31th "start" bit is required.
Use the bitfield extract() API instead.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Signed-off-by: Tigran Sogomonian <tsogomonian@astralinux.ru>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Link: https://lore.kernel.org/r/20241227104618.2526-1-tsogomonian@astralinux.ru
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---

diff --git a/hw/misc/mps2-fpgaio.c b/hw/misc/mps2-fpgaio.c
index d07568248d..04a3da5db0 100644
--- a/hw/misc/mps2-fpgaio.c
+++ b/hw/misc/mps2-fpgaio.c
@@ -198,7 +198,7 @@ static void mps2_fpgaio_write(void *opaque, hwaddr offset, uint64_t value,
 
             s->led0 = value & MAKE_64BIT_MASK(0, s->num_leds);
             for (i = 0; i < s->num_leds; i++) {
-                led_set_state(s->led[i], value & (1 << i));
+                led_set_state(s->led[i], extract64(value, i, 1));
             }
         }
         break;