From: Alistair Francis <alistair23@gmail.com>
To: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Cc: Peter Maydell <peter.maydell@linaro.org>,
qemu-devel@nongnu.org, qemu-riscv@nongnu.org,
alistair.francis@wdc.com, liwei1518@gmail.com,
zhiwei_liu@linux.alibaba.com, palmer@rivosinc.com
Subject: Re: [PATCH] target/riscv/csr.c: fix OVERFLOW_BEFORE_WIDEN in rmw_sctrdepth()
Date: Wed, 19 Mar 2025 10:08:27 +1000 [thread overview]
Message-ID: <CAKmqyKMLVvg_smq+Mije88C0a5wbMTA8F6XKbmd9gyQBwG9p3Q@mail.gmail.com> (raw)
In-Reply-To: <c17a3e7e-9383-4f37-9fc5-b93afbf13bd3@ventanamicro.com>
On Wed, Mar 19, 2025 at 5:08 AM Daniel Henrique Barboza
<dbarboza@ventanamicro.com> wrote:
>
>
>
> On 3/18/25 1:42 PM, Peter Maydell wrote:
> > On Fri, 7 Mar 2025 at 12:46, Daniel Henrique Barboza
> > <dbarboza@ventanamicro.com> wrote:
> >>
> >> Coverity found the following issue:
> >>
> >> >>> CID 1593156: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
> >> >>> Potentially overflowing expression "0x10 << depth" with type
> >> "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then
> >> used in a context that expects an expression of type "uint64_t" (64
> >> bits, unsigned).
> >> 4299 depth = 16 << depth;
> >>
> >> Fix it by forcing the expression to be 64 bits wide by using '16ULL'.
> >>
> >> Resolves: Coverity CID 1593156
> >> Fixes: c48bd18eae ("target/riscv: Add support for Control Transfer Records extension CSRs.")
> >> Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
> >> ---
> >> target/riscv/csr.c | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/target/riscv/csr.c b/target/riscv/csr.c
> >> index 0ebcca4597..e832ff3ca9 100644
> >> --- a/target/riscv/csr.c
> >> +++ b/target/riscv/csr.c
> >> @@ -4296,7 +4296,7 @@ static RISCVException rmw_sctrdepth(CPURISCVState *env, int csrno,
> >> }
> >>
> >> /* Update sctrstatus.WRPTR with a legal value */
> >> - depth = 16 << depth;
> >> + depth = 16ULL << depth;
> >> env->sctrstatus =
> >> env->sctrstatus & (~SCTRSTATUS_WRPTR_MASK | (depth - 1));
> >> }
> >
> > This is a clear false-positive from Coverity, by the way: we just
> > checked and enforced that depth is at most SCTRDEPTH_MAX, i.e. 4,
> > and 16 << 4 cannot possibly overflow anything.
>
> True. I wonder if we should keep this patch anyway due to the better code
> pattern in using ULL when left shifting into a 64 bit var, regardless of
> not fixing any overflows. There's a chance that we might copy/paste the
> existing pattern into another situation where an overflow might actually
> happen.
>
> I'll leave to Alistair to decide whether to keep to drop this patch. Either
> way works for me. Thanks,
Yeah, I figured it was a false positive with SCTRDEPTH_MAX being 4. It
seemed easiest to just "fix" it to keep Coverity happy though. It
doesn't cost us anything to fix it here.
Alistair
>
>
>
> Daniel
>
> >
> > -- PMM
>
>
prev parent reply other threads:[~2025-03-19 0:09 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-07 12:46 [PATCH] target/riscv/csr.c: fix OVERFLOW_BEFORE_WIDEN in rmw_sctrdepth() Daniel Henrique Barboza
2025-03-09 22:37 ` Alistair Francis
2025-03-09 22:42 ` Alistair Francis
2025-03-18 16:42 ` Peter Maydell
2025-03-18 19:07 ` Daniel Henrique Barboza
2025-03-19 0:08 ` Alistair Francis [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKmqyKMLVvg_smq+Mije88C0a5wbMTA8F6XKbmd9gyQBwG9p3Q@mail.gmail.com \
--to=alistair23@gmail.com \
--cc=alistair.francis@wdc.com \
--cc=dbarboza@ventanamicro.com \
--cc=liwei1518@gmail.com \
--cc=palmer@rivosinc.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-riscv@nongnu.org \
--cc=zhiwei_liu@linux.alibaba.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).