[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL v2 45/45] hw/intc: sifive_plic: Fix the pending register range che
From: |
Alistair Francis |
Subject: |
[PULL v2 45/45] hw/intc: sifive_plic: Fix the pending register range check |
Date: |
Thu, 22 Dec 2022 08:40:22 +1000 |
From: Bin Meng <bmeng@tinylab.org>
The pending register upper limit is currently set to
plic->num_sources >> 3, which is wrong, e.g.: considering
plic->num_sources is 7, the upper limit becomes 0 which fails
the range check if reading the pending register at pending_base.
Fixes: 1e24429e40df ("SiFive RISC-V PLIC Block")
Signed-off-by: Bin Meng <bmeng@tinylab.org>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-Id: <20221211030829.802437-16-bmeng@tinylab.org>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---
hw/intc/sifive_plic.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/hw/intc/sifive_plic.c b/hw/intc/sifive_plic.c
index 1a792cc3f5..5522ede2cf 100644
--- a/hw/intc/sifive_plic.c
+++ b/hw/intc/sifive_plic.c
@@ -143,7 +143,8 @@ static uint64_t sifive_plic_read(void *opaque, hwaddr addr,
unsigned size)
uint32_t irq = (addr - plic->priority_base) >> 2;
return plic->source_priority[irq];
- } else if (addr_between(addr, plic->pending_base, plic->num_sources >> 3))
{
+ } else if (addr_between(addr, plic->pending_base,
+ (plic->num_sources + 31) >> 3)) {
uint32_t word = (addr - plic->pending_base) >> 2;
return plic->pending[word];
@@ -202,7 +203,7 @@ static void sifive_plic_write(void *opaque, hwaddr addr,
uint64_t value,
sifive_plic_update(plic);
}
} else if (addr_between(addr, plic->pending_base,
- plic->num_sources >> 3)) {
+ (plic->num_sources + 31) >> 3)) {
qemu_log_mask(LOG_GUEST_ERROR,
"%s: invalid pending write: 0x%" HWADDR_PRIx "",
__func__, addr);
--
2.38.1
- [PULL v2 36/45] hw/intc: sifive_plic: Improve robustness of the PLIC config parser, (continued)
- [PULL v2 36/45] hw/intc: sifive_plic: Improve robustness of the PLIC config parser, Alistair Francis, 2022/12/21
- [PULL v2 34/45] hw/riscv: spike: Remove misleading comments, Alistair Francis, 2022/12/21
- [PULL v2 37/45] hw/intc: sifive_plic: Use error_setg() to propagate the error up via errp in sifive_plic_realize(), Alistair Francis, 2022/12/21
- [PULL v2 38/45] hw/intc: sifive_plic: Update "num-sources" property default value, Alistair Francis, 2022/12/21
- [PULL v2 39/45] hw/riscv: microchip_pfsoc: Fix the number of interrupt sources of PLIC, Alistair Francis, 2022/12/21
- [PULL v2 40/45] hw/riscv: sifive_e: Fix the number of interrupt sources of PLIC, Alistair Francis, 2022/12/21
- [PULL v2 42/45] hw/riscv: virt: Fix the value of "riscv, ndev" in the dtb, Alistair Francis, 2022/12/21
- [PULL v2 41/45] hw/riscv: sifive_u: Avoid using magic number for "riscv, ndev", Alistair Francis, 2022/12/21
- [PULL v2 43/45] hw/intc: sifive_plic: Change "priority-base" to start from interrupt source 0, Alistair Francis, 2022/12/21
- [PULL v2 44/45] hw/riscv: opentitan: Drop "hartid-base" and "priority-base" initialization, Alistair Francis, 2022/12/21
- [PULL v2 45/45] hw/intc: sifive_plic: Fix the pending register range check,
Alistair Francis <=