qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] hw/dma: prevent overflow in soc_dma_set_request

From: Philippe Mathieu-Daudé
Subject: Re: [PATCH] hw/dma: prevent overflow in soc_dma_set_request
Date: Tue, 9 Apr 2024 15:25:14 +0200
User-agent: Mozilla Thunderbird 
On 9/4/24 14:02, Peter Maydell wrote:

On Tue, 9 Apr 2024 at 12:54, Anastasia Belova <abelova@astralinux.ru> wrote:


ch->num can reach values up to 31. Add casting to
a larger type before performing left shift to
prevent integer overflow.


If ch->num can only reach up to 31, then 1 << ch->num
is fine, because QEMU can assume that integers are 32 bits,
and we compile with -fwrapv so there isn't a problem with
shifting into the sign bit.

And I agree that we shouldn't ever have a ch->num greater
than 31, because the worst case here is when we call
soc_dma_init() with an argument of 32, which sets up
soc_dma_ch_s structs with values of num from 0 to 31.

So this doesn't seem to me to be fixing an active bug.
Am I missing something?


Maybe this path?

omap2420_mpu_init():
 -> omap_dma4_init(chans=32);
     -> soc_dma_init(n=32);
         -> s->chnum = 32;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]