[PATCH] target/i386: Remove dead assignment to ss in do

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64()
@ 2024-07-23 16:25 Peter Maydell
  2024-07-24  0:01 ` Richard Henderson
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Peter Maydell @ 2024-07-23 16:25 UTC (permalink / raw)
  To: qemu-devel; +Cc: Paolo Bonzini, Richard Henderson, Eduardo Habkost

Coverity points out that in do_interrupt64() in the "to inner
privilege" codepath we set "ss = 0", but because we also set
"new_stack = 1" there, later in the function we will always override
that value of ss with "ss = 0 | dpl".

Remove the unnecessary initialization of ss, which allows us to
reduce the scope of the variable to only where it is used.  Borrow a
comment from helper_lcall_protected() that explains what "0 | dpl"
means here.

Resolves: Coverity CID 1527395
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 target/i386/tcg/seg_helper.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/target/i386/tcg/seg_helper.c b/target/i386/tcg/seg_helper.c
index aac092a356b..bab552cd535 100644
--- a/target/i386/tcg/seg_helper.c
+++ b/target/i386/tcg/seg_helper.c
@@ -926,7 +926,7 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int,
     target_ulong ptr;
     int type, dpl, selector, cpl, ist;
     int has_error_code, new_stack;
-    uint32_t e1, e2, e3, ss, eflags;
+    uint32_t e1, e2, e3, eflags;
     target_ulong old_eip, offset;
     bool set_rf;
     StackAccess sa;
@@ -1007,7 +1007,6 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int,
         /* to inner privilege */
         new_stack = 1;
         sa.sp = get_rsp_from_tss(env, ist != 0 ? ist + 3 : dpl);
-        ss = 0;
     } else {
         /* to same privilege */
         if (env->eflags & VM_MASK) {
@@ -1040,7 +1039,7 @@ static void do_interrupt64(CPUX86State *env, int intno, int is_int,
     env->eflags &= ~(TF_MASK | VM_MASK | RF_MASK | NT_MASK);
 
     if (new_stack) {
-        ss = 0 | dpl;
+        uint32_t ss = 0 | dpl; /* SS = NULL selector with RPL = new CPL */
         cpu_x86_load_seg_cache(env, R_SS, ss, 0, 0, dpl << DESC_DPL_SHIFT);
     }
     env->regs[R_ESP] = sa.sp;
-- 
2.34.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64()
  2024-07-23 16:25 [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64() Peter Maydell
@ 2024-07-24  0:01 ` Richard Henderson
  2024-07-24  6:57 ` Philippe Mathieu-Daudé
  2024-07-29 16:02 ` Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Richard Henderson @ 2024-07-24  0:01 UTC (permalink / raw)
  To: Peter Maydell, qemu-devel; +Cc: Paolo Bonzini, Eduardo Habkost

On 7/24/24 02:25, Peter Maydell wrote:
> Coverity points out that in do_interrupt64() in the "to inner
> privilege" codepath we set "ss = 0", but because we also set
> "new_stack = 1" there, later in the function we will always override
> that value of ss with "ss = 0 | dpl".
> 
> Remove the unnecessary initialization of ss, which allows us to
> reduce the scope of the variable to only where it is used.  Borrow a
> comment from helper_lcall_protected() that explains what "0 | dpl"
> means here.
> 
> Resolves: Coverity CID 1527395
> Signed-off-by: Peter Maydell<peter.maydell@linaro.org>
> ---
>   target/i386/tcg/seg_helper.c | 5 ++---
>   1 file changed, 2 insertions(+), 3 deletions(-)

Reviewed-by: Richard Henderson <richard.henderson@linaro.org>

r~


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64()
  2024-07-23 16:25 [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64() Peter Maydell
  2024-07-24  0:01 ` Richard Henderson
@ 2024-07-24  6:57 ` Philippe Mathieu-Daudé
  2024-07-29 16:02 ` Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Philippe Mathieu-Daudé @ 2024-07-24  6:57 UTC (permalink / raw)
  To: Peter Maydell, qemu-devel
  Cc: Paolo Bonzini, Richard Henderson, Eduardo Habkost

On 23/7/24 18:25, Peter Maydell wrote:
> Coverity points out that in do_interrupt64() in the "to inner
> privilege" codepath we set "ss = 0", but because we also set
> "new_stack = 1" there, later in the function we will always override
> that value of ss with "ss = 0 | dpl".
> 
> Remove the unnecessary initialization of ss, which allows us to
> reduce the scope of the variable to only where it is used.  Borrow a
> comment from helper_lcall_protected() that explains what "0 | dpl"
> means here.
> 
> Resolves: Coverity CID 1527395
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
>   target/i386/tcg/seg_helper.c | 5 ++---
>   1 file changed, 2 insertions(+), 3 deletions(-)

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>



^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64()
  2024-07-23 16:25 [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64() Peter Maydell
  2024-07-24  0:01 ` Richard Henderson
  2024-07-24  6:57 ` Philippe Mathieu-Daudé
@ 2024-07-29 16:02 ` Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2024-07-29 16:02 UTC (permalink / raw)
  To: qemu-devel; +Cc: Paolo Bonzini, Richard Henderson, Eduardo Habkost

On Tue, 23 Jul 2024 at 17:25, Peter Maydell <peter.maydell@linaro.org> wrote:
>
> Coverity points out that in do_interrupt64() in the "to inner
> privilege" codepath we set "ss = 0", but because we also set
> "new_stack = 1" there, later in the function we will always override
> that value of ss with "ss = 0 | dpl".
>
> Remove the unnecessary initialization of ss, which allows us to
> reduce the scope of the variable to only where it is used.  Borrow a
> comment from helper_lcall_protected() that explains what "0 | dpl"
> means here.
>
> Resolves: Coverity CID 1527395
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>

I'll take this via target-arm.next since I'm doing a pullreq
anyway, unless you'd prefer otherwise.

thanks
-- PMM


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2024-07-29 16:02 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-23 16:25 [PATCH] target/i386: Remove dead assignment to ss in do_interrupt64() Peter Maydell
2024-07-24  0:01 ` Richard Henderson
2024-07-24  6:57 ` Philippe Mathieu-Daudé
2024-07-29 16:02 ` Peter Maydell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).