* [PATCH] target/mips: Fix potential integer overflow (CID 1452921)
@ 2021-05-05 21:51 Philippe Mathieu-Daudé
2021-05-06 17:59 ` Richard Henderson
2021-05-11 3:19 ` Philippe Mathieu-Daudé
0 siblings, 2 replies; 3+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-05-05 21:51 UTC (permalink / raw)
To: qemu-devel
Cc: Aurelien Jarno, Aleksandar Rikalo, Richard Henderson,
Philippe Mathieu-Daudé
Use the BIT_ULL() macro to ensure we use 64-bit arithmetic.
This fixes the following Coverity issue (OVERFLOW_BEFORE_WIDEN):
CID 1452921: Integer handling issues:
Potentially overflowing expression "1 << w" with type "int"
(32 bits, signed) is evaluated using 32-bit arithmetic, and
then used in a context that expects an expression of type
"uint64_t" (64 bits, unsigned).
Fixes: 074cfcb4dae ("target/mips: Implement hardware page table walker")
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
target/mips/tcg/sysemu/tlb_helper.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/target/mips/tcg/sysemu/tlb_helper.c b/target/mips/tcg/sysemu/tlb_helper.c
index 259f780d19f..a150a014ec1 100644
--- a/target/mips/tcg/sysemu/tlb_helper.c
+++ b/target/mips/tcg/sysemu/tlb_helper.c
@@ -17,6 +17,7 @@
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*/
#include "qemu/osdep.h"
+#include "qemu/bitops.h"
#include "cpu.h"
#include "internal.h"
@@ -659,7 +660,7 @@ static int walk_directory(CPUMIPSState *env, uint64_t *vaddr,
w = directory_index - 1;
if (directory_index & 0x1) {
/* Generate adjacent page from same PTE for odd TLB page */
- lsb = (1 << w) >> 6;
+ lsb = BIT_ULL(w) >> 6;
*pw_entrylo0 = entry & ~lsb; /* even page */
*pw_entrylo1 = entry | lsb; /* odd page */
} else if (dph) {
--
2.26.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] target/mips: Fix potential integer overflow (CID 1452921)
2021-05-05 21:51 [PATCH] target/mips: Fix potential integer overflow (CID 1452921) Philippe Mathieu-Daudé
@ 2021-05-06 17:59 ` Richard Henderson
2021-05-11 3:19 ` Philippe Mathieu-Daudé
1 sibling, 0 replies; 3+ messages in thread
From: Richard Henderson @ 2021-05-06 17:59 UTC (permalink / raw)
To: Philippe Mathieu-Daudé, qemu-devel; +Cc: Aleksandar Rikalo, Aurelien Jarno
On 5/5/21 2:51 PM, Philippe Mathieu-Daudé wrote:
> Use the BIT_ULL() macro to ensure we use 64-bit arithmetic.
> This fixes the following Coverity issue (OVERFLOW_BEFORE_WIDEN):
>
> CID 1452921: Integer handling issues:
>
> Potentially overflowing expression "1 << w" with type "int"
> (32 bits, signed) is evaluated using 32-bit arithmetic, and
> then used in a context that expects an expression of type
> "uint64_t" (64 bits, unsigned).
>
> Fixes: 074cfcb4dae ("target/mips: Implement hardware page table walker")
> Signed-off-by: Philippe Mathieu-Daudé<f4bug@amsat.org>
> ---
> target/mips/tcg/sysemu/tlb_helper.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
r~
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] target/mips: Fix potential integer overflow (CID 1452921)
2021-05-05 21:51 [PATCH] target/mips: Fix potential integer overflow (CID 1452921) Philippe Mathieu-Daudé
2021-05-06 17:59 ` Richard Henderson
@ 2021-05-11 3:19 ` Philippe Mathieu-Daudé
1 sibling, 0 replies; 3+ messages in thread
From: Philippe Mathieu-Daudé @ 2021-05-11 3:19 UTC (permalink / raw)
To: qemu-devel; +Cc: Aleksandar Rikalo, Richard Henderson, Aurelien Jarno
On 5/5/21 11:51 PM, Philippe Mathieu-Daudé wrote:
> Use the BIT_ULL() macro to ensure we use 64-bit arithmetic.
> This fixes the following Coverity issue (OVERFLOW_BEFORE_WIDEN):
>
> CID 1452921: Integer handling issues:
>
> Potentially overflowing expression "1 << w" with type "int"
> (32 bits, signed) is evaluated using 32-bit arithmetic, and
> then used in a context that expects an expression of type
> "uint64_t" (64 bits, unsigned).
>
> Fixes: 074cfcb4dae ("target/mips: Implement hardware page table walker")
> Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> ---
> target/mips/tcg/sysemu/tlb_helper.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Thanks, applied to mips-next.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-05-11 3:20 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-05 21:51 [PATCH] target/mips: Fix potential integer overflow (CID 1452921) Philippe Mathieu-Daudé
2021-05-06 17:59 ` Richard Henderson
2021-05-11 3:19 ` Philippe Mathieu-Daudé
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).