[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller
From: |
Peter Maydell |
Subject: |
Re: [Qemu-devel] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller |
Date: |
Thu, 18 Jan 2018 12:07:40 +0000 |
On 11 January 2018 at 04:59, David Gibson <address@hidden> wrote:
> From: BALATON Zoltan <address@hidden>
>
> This is a common generic PCI SATA controller that is also used in PCs
> but more importantly guests running on the Sam460ex board prefer this
> card and have a driver for it (unlike for other SATA controllers
> already emulated).
>
> Signed-off-by: BALATON Zoltan <address@hidden>
> Acked-by: John Snow <address@hidden>
> Signed-off-by: David Gibson <address@hidden>
> ---
> + case 0x10:
> + val = d->i.bmdma[0].cmd;
> + val |= (d->regs[0].confstat & (1UL << 11) ? (1 << 4) : 0);
> /*SATAINT0*/
> + val |= (d->regs[1].confstat & (1UL << 11) ? (1 << 6) : 0);
> /*SATAINT1*/
> + val |= (d->i.bmdma[1].status & BM_STATUS_INT ? (1 << 14) : 0);
> + val |= d->i.bmdma[0].status << 16;
> + val |= d->i.bmdma[1].status << 24;
> + break;
Hi. Coverity points out (CID 1385151) that the << 24 here will
potentially inadvertently set the high 32 bits of val if the top
bit in bmdma[1].status is 1. (This is because in x << 24 where
x is uint8_t x gets promoted to signed int, and then when that
signed int with a high bit set is converted to uint64_t for the
logical or it's done by sign-extending.
Adding a cast, like
val |= (uint32_t)d->i.bmdma[1].status << 24;
should fix this.
thanks
-- PMM
- [Qemu-devel] [PULL 09/11] Update dtc to fix compilation problem on Mac OS 10.6, (continued)
- [Qemu-devel] [PULL 09/11] Update dtc to fix compilation problem on Mac OS 10.6, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 10/11] hw/ppc: Remove the deprecated spapr-pci-vfio-host-bridge device, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 05/11] spapr_pci: use warn_report(), David Gibson, 2018/01/11
- [Qemu-devel] [PULL 08/11] target/ppc: more use of the PPC_*() macros, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 03/11] sm501: Add some more unimplemented registers, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 11/11] spapr: Correct compatibility mode setting for hotplugged CPUs, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 04/11] ppc4xx_i2c: Implement basic I2C functions, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 06/11] hw/ide: Emulate SiI3112 SATA controller, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 07/11] ppc/pnv: change powernv_ prefix to pnv_ for overall naming consistency, David Gibson, 2018/01/11
- [Qemu-devel] [PULL 01/11] pseries: Update SLOF firmware image to qemu-slof-20171214, David Gibson, 2018/01/11
- Re: [Qemu-devel] [PULL 00/11] ppc-for-2.12 queue 20180111, Peter Maydell, 2018/01/11