[Qemu-commits] [qemu/qemu] b82604: accel/tcg: Assert mmu

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] b82604: accel/tcg: Assert mmu_idx in range be

From:	Richard Henderson
Subject:	[Qemu-commits] [qemu/qemu] b82604: accel/tcg: Assert mmu_idx in range before use in c...
Date:	Tue, 26 Apr 2022 21:43:59 -0700

  Branch: refs/heads/staging
  Home:   https://github.com/qemu/qemu
  Commit: b826044fc0c21d90a7fcfcf883cc8a8bf1bd7424
      
https://github.com/qemu/qemu/commit/b826044fc0c21d90a7fcfcf883cc8a8bf1bd7424
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
    M accel/tcg/cputlb.c

  Log Message:
  -----------
  accel/tcg: Assert mmu_idx in range before use in cputlb

Coverity reports out-of-bound accesses within cputlb.c.
This should be a false positive due to how the index is
decoded from MemOpIdx.  To be fair, nothing is checking
the correct bounds during encoding either.

Assert index in range before use, both to catch user errors
and to pacify static analysis.

Fixes: Coverity CID 1487120, 1487127, 1487170, 1487196, 1487215, 1487238
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Message-Id: <20220401170813.318609-1-richard.henderson@linaro.org>


  Commit: 21641ee5a9b31568c990c7fc949eeb9bcd0f6a0f
      
https://github.com/qemu/qemu/commit/21641ee5a9b31568c990c7fc949eeb9bcd0f6a0f
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
    M target/s390x/tcg/translate.c

  Log Message:
  -----------
  target/s390x: Fix the accumulation of ccm in op_icm

Coverity rightly reports that 0xff << pos can overflow.
This would affect the ICMH instruction.

Fixes: Coverity CID 1487161
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Thomas Huth <thuth@redhat.com>
Message-Id: <20220401193659.332079-1-richard.henderson@linaro.org>


  Commit: 0cbc135917141053c80480fefbe55f70bb3b1562
      
https://github.com/qemu/qemu/commit/0cbc135917141053c80480fefbe55f70bb3b1562
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
    M target/i386/tcg/fpu_helper.c

  Log Message:
  -----------
  target/i386: Suppress coverity warning on fsave/frstor

Coverity warns that 14 << data32 may overflow with respect
to the target_ulong to which it is subsequently added.
We know this wasn't true because data32 is in [1,2],
but the suggested fix is perfectly fine.

Fixes: Coverity CID 1487135, 1487256
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Damien Hedde <damien.hedde@greensocs.com>
Message-Id: <20220401184635.327423-1-richard.henderson@linaro.org>


  Commit: b880867f15623b2e82b0fa6b149753d7c18c615c
      
https://github.com/qemu/qemu/commit/b880867f15623b2e82b0fa6b149753d7c18c615c
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
    M fpu/softfloat.c

  Log Message:
  -----------
  softfloat: Fix declaration of partsN_compare

The declaration used 'int', while the definition used 'FloatRelation'.
This should have resulted in a compiler error, but mysteriously didn't.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220401132240.79730-2-richard.henderson@linaro.org>


  Commit: 9343c884445201cfd84955f199b13783fa829372
      
https://github.com/qemu/qemu/commit/9343c884445201cfd84955f199b13783fa829372
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
    M fpu/softfloat-parts.c.inc

  Log Message:
  -----------
  softfloat: Use FloatRelation within partsN_compare

As the return type is FloatRelation, it's clearer to
use the type for 'cmp' within the function.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220401132240.79730-3-richard.henderson@linaro.org>


  Commit: dee3fcfbb399a0e4ccedbf737b5b0b7f56ecd398
      
https://github.com/qemu/qemu/commit/dee3fcfbb399a0e4ccedbf737b5b0b7f56ecd398
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
    M fpu/softfloat.c

  Log Message:
  -----------
  softfloat: Use FloatRelation for fracN_cmp

Since the caller, partsN_compare, is now exclusively
using FloatRelation, it's clearer to use it here too.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20220401132240.79730-4-richard.henderson@linaro.org>


  Commit: 34723f59371f3fd02ea59b94674314b875504426
      
https://github.com/qemu/qemu/commit/34723f59371f3fd02ea59b94674314b875504426
  Author: Richard Henderson <richard.henderson@linaro.org>
  Date:   2022-04-26 (Tue, 26 Apr 2022)

  Changed paths:
    M accel/tcg/cputlb.c
    M fpu/softfloat-parts.c.inc
    M fpu/softfloat.c
    M target/i386/tcg/fpu_helper.c
    M target/s390x/tcg/translate.c

  Log Message:
  -----------
  Merge tag 'pull-tcg-20220426' of https://gitlab.com/rth7680/qemu into staging

Fix s390x ICMH cc computation.
Minor adjustments to satisfy Coverity.

# -----BEGIN PGP SIGNATURE-----
#
# iQFRBAABCgA7FiEEekgeeIaLTbaoWgXAZN846K9+IV8FAmJoyJcdHHJpY2hhcmQu
# aGVuZGVyc29uQGxpbmFyby5vcmcACgkQZN846K9+IV8ZBQf+OWlDwqNOF+XzyLfb
# pPFAwqNCDX+9rRP6eyouydoCe2n4djj6I4rF+ESdkzbXAxrDzhfBF496CWgFd/Ar
# HRdssehq0V8UY6Blyhig9OXrcwtdJAZrZhQrl5541VqEak89Sii84F0RNt1QdhvE
# HArSm5D78DJx7ZmAtDRZhc3uGOxJefKPTD/4FVnQZQRh9jHeuR9oClMm+1ksYkxo
# 52SkalMlUXZNVvpud8AkuZxWtTeEdzgGPRX/zXdXLMrYI0ZdrqVS/DbuJBA3zwkL
# r+VmPwDIwojn5cHnS8QzP545XdsQ3alWM1Blhi7lKrwS0LHjyD3BOSH1Dxen9IOc
# /Ip5fA==
# =ysOK
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue 26 Apr 2022 09:37:43 PM PDT
# gpg:                using RSA key 7A481E78868B4DB6A85A05C064DF38E8AF7E215F
# gpg:                issuer "richard.henderson@linaro.org"
# gpg: Good signature from "Richard Henderson <richard.henderson@linaro.org>" 
[ultimate]

* tag 'pull-tcg-20220426' of https://gitlab.com/rth7680/qemu:
  softfloat: Use FloatRelation for fracN_cmp
  softfloat: Use FloatRelation within partsN_compare
  softfloat: Fix declaration of partsN_compare
  target/i386: Suppress coverity warning on fsave/frstor
  target/s390x: Fix the accumulation of ccm in op_icm
  accel/tcg: Assert mmu_idx in range before use in cputlb

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>


Compare: https://github.com/qemu/qemu/compare/a72d9008092e...34723f59371f

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] b82604: accel/tcg: Assert mmu_idx in range before use in c..., Richard Henderson <=
- [Qemu-commits] [qemu/qemu] b82604: accel/tcg: Assert mmu_idx in range before use in c..., Richard Henderson, 2022/04/27

Prev by Date: [Qemu-commits] [qemu/qemu] 1466ef: qapi: rename BlockDirtyBitmapMergeSource to BlockD...
Next by Date: [Qemu-commits] [qemu/qemu] b82604: accel/tcg: Assert mmu_idx in range before use in c...
Previous by thread: [Qemu-commits] [qemu/qemu] 1466ef: qapi: rename BlockDirtyBitmapMergeSource to BlockD...
Next by thread: [Qemu-commits] [qemu/qemu] b82604: accel/tcg: Assert mmu_idx in range before use in c...
Index(es):
- Date
- Thread