[Qemu-devel] defining VIXL

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] defining VIXL_DEBUG?
@ 2016-01-18 10:21 Paolo Bonzini
  2016-01-18 10:51 ` Peter Maydell
  0 siblings, 1 reply; 5+ messages in thread
From: Paolo Bonzini @ 2016-01-18 10:21 UTC (permalink / raw)
  To: qemu-devel, Peter Maydell

I've gotten four new Coverity reports in libvixl.  All of them are
caused by Coverity assuming that LaneSizeInBitsFromFormat can return 0.
 The actual code in the function is

    default: VIXL_UNREACHABLE(); return 0;

so this is obviously a false positive.  Defining VIXL_DEBUG would cause
VIXL_UNREACHABLE() to call abort().  Any opinion about whether/where to
do so?

Thanks,

Paolo

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] defining VIXL_DEBUG?
  2016-01-18 10:21 [Qemu-devel] defining VIXL_DEBUG? Paolo Bonzini
@ 2016-01-18 10:51 ` Peter Maydell
  2016-01-18 10:57   ` Paolo Bonzini
  0 siblings, 1 reply; 5+ messages in thread
From: Peter Maydell @ 2016-01-18 10:51 UTC (permalink / raw)
  To: Paolo Bonzini; +Cc: qemu-devel

On 18 January 2016 at 10:21, Paolo Bonzini <pbonzini@redhat.com> wrote:
> I've gotten four new Coverity reports in libvixl.  All of them are
> caused by Coverity assuming that LaneSizeInBitsFromFormat can return 0.

Yeah, I fed these back to upstream.

(There are also some others do do with integer overflow etc which
I think are unrelated to LaneSizeInBitsFromFormat.)

>  The actual code in the function is
>
>     default: VIXL_UNREACHABLE(); return 0;
>
> so this is obviously a false positive.  Defining VIXL_DEBUG would cause
> VIXL_UNREACHABLE() to call abort().  Any opinion about whether/where to
> do so?

Does defining it to call abort() result in unreachable-code warnings
for the "return 0;" ?

thanks
-- PMM

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] defining VIXL_DEBUG?
  2016-01-18 10:51 ` Peter Maydell
@ 2016-01-18 10:57   ` Paolo Bonzini
  2016-01-18 11:04     ` Peter Maydell
  0 siblings, 1 reply; 5+ messages in thread
From: Paolo Bonzini @ 2016-01-18 10:57 UTC (permalink / raw)
  To: Peter Maydell; +Cc: qemu-devel



On 18/01/2016 11:51, Peter Maydell wrote:
>>  The actual code in the function is
>> >
>> >     default: VIXL_UNREACHABLE(); return 0;
>> >
>> > so this is obviously a false positive.  Defining VIXL_DEBUG would cause
>> > VIXL_UNREACHABLE() to call abort().  Any opinion about whether/where to
>> > do so?
> Does defining it to call abort() result in unreachable-code warnings
> for the "return 0;" ?

I'm not sure, it would be minor though.

One issue I have found after posting is that I'm not sure whether bad
instructions (aka reserved encodings) are handled properly by libvixl.
See for example this:

    case 'A': {  // IAddSub.
      VIXL_ASSERT(instr->ShiftAddSub() <= 1);
      int64_t imm = instr->ImmAddSub() << (12 * instr->ShiftAddSub());
      AppendToOutput("#0x%" PRIx64 " (%" PRId64 ")", imm, imm);
      return 7;
    }

where the '1x' encodings of bits 22:23 (marked as reserved in the ARMv8
ARM) would cause an abort as far as I can see.

Paolo

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] defining VIXL_DEBUG?
  2016-01-18 10:57   ` Paolo Bonzini
@ 2016-01-18 11:04     ` Peter Maydell
  2016-01-18 15:15       ` Paolo Bonzini
  0 siblings, 1 reply; 5+ messages in thread
From: Peter Maydell @ 2016-01-18 11:04 UTC (permalink / raw)
  To: Paolo Bonzini; +Cc: qemu-devel

On 18 January 2016 at 10:57, Paolo Bonzini <pbonzini@redhat.com> wrote:
> One issue I have found after posting is that I'm not sure whether bad
> instructions (aka reserved encodings) are handled properly by libvixl.
> See for example this:
>
>     case 'A': {  // IAddSub.
>       VIXL_ASSERT(instr->ShiftAddSub() <= 1);
>       int64_t imm = instr->ImmAddSub() << (12 * instr->ShiftAddSub());
>       AppendToOutput("#0x%" PRIx64 " (%" PRId64 ")", imm, imm);
>       return 7;
>     }
>
> where the '1x' encodings of bits 22:23 (marked as reserved in the ARMv8
> ARM) would cause an abort as far as I can see.

Isn't this handled by  Decoder::DecodeAddSubImmediate(), which checks
bit 23?

In any case if we're worried it would be easy to set up a trivial
test loop that just feeds all 2^32 integers to the disassembler.

thanks
-- PMM

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [Qemu-devel] defining VIXL_DEBUG?
  2016-01-18 11:04     ` Peter Maydell
@ 2016-01-18 15:15       ` Paolo Bonzini
  0 siblings, 0 replies; 5+ messages in thread
From: Paolo Bonzini @ 2016-01-18 15:15 UTC (permalink / raw)
  To: Peter Maydell; +Cc: qemu-devel



On 18/01/2016 12:04, Peter Maydell wrote:
>> >
>> > where the '1x' encodings of bits 22:23 (marked as reserved in the ARMv8
>> > ARM) would cause an abort as far as I can see.
> Isn't this handled by  Decoder::DecodeAddSubImmediate(), which checks
> bit 23?

Yes, that's right.

Paolo

> In any case if we're worried it would be easy to set up a trivial
> test loop that just feeds all 2^32 integers to the disassembler.

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2016-01-18 15:15 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-01-18 10:21 [Qemu-devel] defining VIXL_DEBUG? Paolo Bonzini
2016-01-18 10:51 ` Peter Maydell
2016-01-18 10:57   ` Paolo Bonzini
2016-01-18 11:04     ` Peter Maydell
2016-01-18 15:15       ` Paolo Bonzini

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).