qemu/target
Peter Maydell 0fe4cac5dd target/mips: Avoid shift by negative number in page_table_walk_refill()
Coverity points out that in page_table_walk_refill() we can
shift by a negative number, which is undefined behaviour
(CID 1452918, 1452920, 1452922).  We already catch the
negative directory_shift and leaf_shift as being a "bail
out early" case, but not until we've already used them to
calculated some offset values.

The shifts can be negative only if ptew > 1, so make the
bail-out-early check look directly at that, and only
calculate the shift amounts and the offsets based on them
after we have done that check. This allows
us to simplify the expressions used to calculate the
shift amounts, use an unsigned type, and avoids the
undefined behaviour.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
[PMD: Check for ptew > 1, use unsigned type]
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20230717213504.24777-3-philmd@linaro.org>
2023-07-25 14:41:16 +02:00
..
alpha target/alpha: Use float64_to_int64_modulo for CVTTQ 2023-07-01 08:26:54 +02:00
arm target/arm/ptw.c: Account for FEAT_RME when applying {N}SW, SA bits 2023-07-17 11:05:08 +01:00
avr target/avr: Fix handling of interrupts above 33. 2023-07-08 07:24:38 +03:00
cris target: Widen pc/cs_base in cpu_get_tb_cpu_state 2023-06-26 17:32:59 +02:00
hexagon target: Widen pc/cs_base in cpu_get_tb_cpu_state 2023-06-26 17:32:59 +02:00
hppa accel/tcg: Return bool from page_check_range 2023-07-15 08:02:32 +01:00
i386 target/i386: Use aesdec_ISB_ISR_IMC_AK 2023-07-08 07:30:18 +01:00
loongarch target/loongarch: Fix the CSRRD CPUID instruction on big endian hosts 2023-07-24 18:44:48 +02:00
m68k target: Widen pc/cs_base in cpu_get_tb_cpu_state 2023-06-26 17:32:59 +02:00
microblaze target/microblaze: Define TCG_GUEST_DEFAULT_MO 2023-06-26 17:33:00 +02:00
mips target/mips: Avoid shift by negative number in page_table_walk_refill() 2023-07-25 14:41:16 +02:00
nios2 target/nios2 : Explicitly ask for target-endian loads and stores 2023-07-01 08:26:54 +02:00
openrisc target: Widen pc/cs_base in cpu_get_tb_cpu_state 2023-06-26 17:32:59 +02:00
ppc target/ppc: Use aesdec_ISB_ISR_AK_IMC 2023-07-08 07:30:17 +01:00
riscv target/riscv: Fix LMUL check to use VLEN 2023-07-19 14:37:26 +10:00
rx target: Widen pc/cs_base in cpu_get_tb_cpu_state 2023-06-26 17:32:59 +02:00
s390x target/s390x: Fix assertion failure in VFMIN/VFMAX with type 13 2023-07-24 18:44:47 +02:00
sh4 target: Widen pc/cs_base in cpu_get_tb_cpu_state 2023-06-26 17:32:59 +02:00
sparc accel/tcg: Return bool from page_check_range 2023-07-15 08:02:32 +01:00
tricore target: Widen pc/cs_base in cpu_get_tb_cpu_state 2023-06-26 17:32:59 +02:00
xtensa target/xtensa: Assert that interrupt level is within bounds 2023-07-06 13:26:43 +01:00
Kconfig hw/loongarch: Add support loongson3 virt machine type. 2022-06-06 18:09:03 +00:00
meson.build target/loongarch: Add target build suport 2022-06-06 18:09:03 +00:00