From: Paolo Bonzini <pbonzini@redhat.com>
To: Peter Maydell <peter.maydell@linaro.org>,
qemu-arm@nongnu.org, qemu-devel@nongnu.org
Cc: patches@linaro.org
Subject: Re: [Qemu-devel] [PATCH] hw/display/bcm2835_fb: Silence Coverity warning about multiply overflow
Date: Sat, 6 Oct 2018 01:22:31 +0200 [thread overview]
Message-ID: <66552e20-08c2-a0e2-bb28-e7669c548fe7@redhat.com> (raw)
In-Reply-To: <20181005133012.26490-1-peter.maydell@linaro.org>
On 05/10/2018 15:30, Peter Maydell wrote:
> Coverity complains (CID 1395628) that the multiply in the calculation
> of the framebuffer base is performed as 32x32 but then used in a
> context that takes a 64-bit hwaddr. This can't actually ever
> overflow the 32-bit result, because of the constraints placed on
> the s->config values in bcm2835_fb_validate_config(). But we
> can placate Coverity anyway, by explicitly casting one of the
> inputs to a hwaddr, so the whole expression is calculated with
> 64-bit arithmetic.
>
> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
> ---
> This is one of those cases where I was 50/50 about whether to just
> mark the coverity issue as a false-positive.
Agreed, but in the end it's not too much noise, so
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Thanks,
Paolo
> hw/display/bcm2835_fb.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/display/bcm2835_fb.c b/hw/display/bcm2835_fb.c
> index d534d00a65f..599863e4e17 100644
> --- a/hw/display/bcm2835_fb.c
> +++ b/hw/display/bcm2835_fb.c
> @@ -190,7 +190,7 @@ static void fb_update_display(void *opaque)
> }
>
> if (s->invalidate) {
> - hwaddr base = s->config.base + xoff + yoff * src_width;
> + hwaddr base = s->config.base + xoff + (hwaddr)yoff * src_width;
> framebuffer_update_memory_section(&s->fbsection, s->dma_mr,
> base,
> s->config.yres, src_width);
>
prev parent reply other threads:[~2018-10-05 23:27 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-05 13:30 [Qemu-devel] [PATCH] hw/display/bcm2835_fb: Silence Coverity warning about multiply overflow Peter Maydell
2018-10-05 23:22 ` Paolo Bonzini [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=66552e20-08c2-a0e2-bb28-e7669c548fe7@redhat.com \
--to=pbonzini@redhat.com \
--cc=patches@linaro.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).