mirror of
https://github.com/qemu/qemu.git
synced 2024-12-13 05:33:34 +08:00
6e553f2a1b
Coverity reports, in sve_zcr_get_valid_len, "Subtract operation overflows on operands arm_cpu_vq_map_next_smaller(cpu, start_vq + 1U) and 1U" First, the aarch32 stub version of arm_cpu_vq_map_next_smaller, returning 0, does exactly what Coverity reports. Remove it. Second, the aarch64 version of arm_cpu_vq_map_next_smaller has a set of asserts, but they don't cover the case in question. Further, there is a fair amount of extra arithmetic needed to convert from the 0-based zcr register, to the 1-base vq form, to the 0-based bitmap, and back again. This can be simplified by leaving the value in the 0-based form. Finally, use test_bit to simplify the common case, where the length in the zcr registers is in fact a supported length. Reported-by: Coverity (CID 1407217) Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Reviewed-by: Andrew Jones <drjones@redhat.com> Message-id: 20191118091414.19440-1-richard.henderson@linaro.org Signed-off-by: Peter Maydell <peter.maydell@linaro.org> |
||
|---|---|---|
| .. | ||
| alpha | ||
| arm | ||
| cris | ||
| hppa | ||
| i386 | ||
| lm32 | ||
| m68k | ||
| microblaze | ||
| mips | ||
| moxie | ||
| nios2 | ||
| openrisc | ||
| ppc | ||
| riscv | ||
| s390x | ||
| sh4 | ||
| sparc | ||
| tilegx | ||
| tricore | ||
| unicore32 | ||
| xtensa | ||