From: Peter Maydell <peter.maydell@linaro.org>
To: Anastasia Belova <abelova@astralinux.ru>
Cc: qemu-devel@nongnu.org, Andrzej Zaborowski <balrogg@gmail.com>,
sdl.qemu@linuxtesting.org
Subject: Re: [PATCH] hw/dma: prevent overflow in soc_dma_set_request
Date: Fri, 19 Apr 2024 15:42:52 +0100 [thread overview]
Message-ID: <CAFEAcA_H53jOSVBjZ5tfOd_U1++CLVqzFSBHt1=amnouFrZwJA@mail.gmail.com> (raw)
In-Reply-To: <CAFEAcA9LTLjMtEtCfqnR8_-WSdo2ZZCb28C-roRXgcv+ULa3ww@mail.gmail.com>
On Tue, 9 Apr 2024 at 14:38, Peter Maydell <peter.maydell@linaro.org> wrote:
>
> On Tue, 9 Apr 2024 at 14:32, Anastasia Belova <abelova@astralinux.ru> wrote:
> >
> >
> >
> > 09/04/24 15:02, Peter Maydell пишет:
> > > On Tue, 9 Apr 2024 at 12:54, Anastasia Belova <abelova@astralinux.ru> wrote:
> > >> ch->num can reach values up to 31. Add casting to
> > >> a larger type before performing left shift to
> > >> prevent integer overflow.
> > > If ch->num can only reach up to 31, then 1 << ch->num
> > > is fine, because QEMU can assume that integers are 32 bits,
> > > and we compile with -fwrapv so there isn't a problem with
> > > shifting into the sign bit.
> >
> > Right, thanks for your comments.
> > I didn't know about this flag before. It became more clear for me now.
>
> Yep; if you're using a static analyser you probably want to
> configure it to accept the behaviours that are
> undefined-in-standard-C and which get defined behaviour
> with -fwrapv.
>
> This code is definitely a bit dubious, though, because
> ch_enable_mask is a uint64_t, so the intention was clearly
> to allow up to 64 channels. So I think we should take this
> patch anyway, with a slightly adjusted commit message.
>
> All the soc_dma.c code will probably be removed in the
> 9.2 release, because it's only used by the OMAP board models
> which we've just deprecated, so it doesn't seem worth spending
> too much time on cleaning up the code, but in this case you've
> already written the patch.
>
> I'll put this patch on my list to apply after we've made the
> 9.0 release and restarted development for 9.1.
Now applied to target-arm.next for 9.1 (with adjustments
to the commit message); thanks.
-- PMM
prev parent reply other threads:[~2024-04-19 14:43 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-09 11:53 [PATCH] hw/dma: prevent overflow in soc_dma_set_request Anastasia Belova
2024-04-09 12:02 ` Peter Maydell
2024-04-09 13:25 ` Philippe Mathieu-Daudé
2024-04-09 13:31 ` Anastasia Belova
2024-04-09 13:38 ` Peter Maydell
2024-04-19 14:42 ` Peter Maydell [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFEAcA_H53jOSVBjZ5tfOd_U1++CLVqzFSBHt1=amnouFrZwJA@mail.gmail.com' \
--to=peter.maydell@linaro.org \
--cc=abelova@astralinux.ru \
--cc=balrogg@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=sdl.qemu@linuxtesting.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).