Commit bbd426f542cb "MIPS: Simplify FP context access" modified the
SIFROMREG & SIFROMHREG macros such that they return unsigned rather
than signed 32b integers. I had believed that to be fine, but
inadvertently missed the mfc1 & mfhc1 cases which write to a struct
pt_regs regs element. On mips32 this is fine, but on mips64 those
saved regs fields are 64b wide. Using unsigned values caused the
32b value from the FP register to be zero rather than sign extended
as the architecture specifies, causing incorrect emulation of the
mfc1 & mfhc1 instructions. Fix by reintroducing the casts to signed
integers, and therefore the sign extension.
Signed-off-by: Paul Burton <paul.burton@xxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx # v3.15+
---
arch/mips/math-emu/cp1emu.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/arch/mips/math-emu/cp1emu.c b/arch/mips/math-emu/cp1emu.c
index ef8447f..298c1ae 100644
--- a/arch/mips/math-emu/cp1emu.c
+++ b/arch/mips/math-emu/cp1emu.c
@@ -655,9 +655,9 @@ static inline bool hybrid_fprs(void)
#define SIFROMREG(si, x) \
do { \
if (cop1_64bit(xcp) && !hybrid_fprs()) \
- (si) = get_fpr32(&ctx->fpr[x], 0); \
+ (si) = (int)get_fpr32(&ctx->fpr[x], 0); \
else \
- (si) = get_fpr32(&ctx->fpr[(x) & ~1], (x) & 1); \
+ (si) = (int)get_fpr32(&ctx->fpr[(x) & ~1], (x) & 1); \
} while (0)
#define SITOREG(si, x) \
@@ -672,7 +672,7 @@ do { \
} \
} while (0)
-#define SIFROMHREG(si, x) ((si) = get_fpr32(&ctx->fpr[x], 1))
+#define SIFROMHREG(si, x) ((si) = (int)get_fpr32(&ctx->fpr[x], 1))
#define SITOHREG(si, x) \
do { \
--
2.0.4
