qemu-arm
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-arm] [PATCH] nvic: Fix miscalculation of offsets into ITNS arr


From: Richard Henderson
Subject: Re: [Qemu-arm] [PATCH] nvic: Fix miscalculation of offsets into ITNS array
Date: Thu, 12 Oct 2017 08:00:46 -0700
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.3.0

On 10/10/2017 08:54 AM, Peter Maydell wrote:
> This calculation of the first exception vector in
> the ITNS<n> register being accessed:
>         int startvec = 32 * (offset - 0x380) + NVIC_FIRST_IRQ;
> 
> is incorrect, because offset is in bytes, so we only want
> to multiply by 8.
> 
> Spotted by Coverity (CID 1381484, CID 1381488), though it is
> not correct that it actually overflows the buffer, because
> we have a 'startvec + i < s->num_irq' guard.
> 
> Signed-off-by: Peter Maydell <address@hidden>
> ---
> Oops. I guess this is what Coverity is there to catch :-)
> 
>  hw/intc/armv7m_nvic.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

Reviewed-by: Richard Henderson <address@hidden>


r~



reply via email to

[Prev in Thread] Current Thread [Next in Thread]