Message ID | 20180216100617.25265-1-david@gibson.dropbear.id.au |
---|---|
State | New |
Headers | show |
On 16 February 2018 at 10:06, David Gibson <david@gibson.dropbear.id.au> wrote: > The following changes since commit cc5a0ae03e0d011521ca5b32d3995a299b6b3ad3: > > Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20180215-1' into staging (2018-02-15 18:37:46 +0000) > > are available in the Git repository at: > > git://github.com/dgibson/qemu.git tags/ppc-for-2.12-20180216 > > for you to fetch changes up to 58d5b22bbd505dc942d137d5d3da89ad9bc16c0a: > > ppc4xx: Add device models found in PPC440 core SoCs (2018-02-16 14:06:07 +1100) > > ---------------------------------------------------------------- > ppc patch queue 2018-02-16 > > Highlights of this batch: > * Conversion to TranslatorOps (Emilio Cota) > * Further bugfixes and cleanups to vcpu id allocation for pseries > (Greg Kurz) > * Another bugfix for HPT resizing (Daniel Henrique-Barboza) > * Macintosh CUDA cleanups (Mark Cave-Ayland) > * Further tweaks to Spectre/Meltdown mitigations (Suraj Singh) > Applied, thanks. -- PMM
On 16 February 2018 at 10:06, David Gibson <david@gibson.dropbear.id.au> wrote: > From: BALATON Zoltan <balaton@eik.bme.hu> > > These devices are found in newer SoCs based on 440 core e.g. the 460EX > (http://www.embeddeddeveloper.com/assets/processors/amcc/datasheets/ > PP460EX_DS2063.pdf) > > Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> > Signed-off-by: David Gibson <david@gibson.dropbear.id.au> > --- > +static target_ulong sdram_size(uint32_t bcr) > +{ > + target_ulong size; > + int sh; > + > + sh = 1024 - ((bcr >> 6) & 0x3ff); > + if (sh == 0) { > + size = -1; > + } else { > + size = 8 * M_BYTE * sh; > + } > + > + return size; > +} Hi. Coverity (CID 1390588) points out that the calculation "1024 - ((bcr >> 6) & 0x3ff" must result in a value of sh between 1 and 1024, and therefore the "sh == 0" branch of the if() is dead code. Is there an error in the size calculation here? thanks -- PMM
On Fri, 27 Apr 2018, Peter Maydell wrote: > On 16 February 2018 at 10:06, David Gibson <david@gibson.dropbear.id.au> wrote: >> From: BALATON Zoltan <balaton@eik.bme.hu> >> >> These devices are found in newer SoCs based on 440 core e.g. the 460EX >> (http://www.embeddeddeveloper.com/assets/processors/amcc/datasheets/ >> PP460EX_DS2063.pdf) >> >> Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu> >> Signed-off-by: David Gibson <david@gibson.dropbear.id.au> >> --- > >> +static target_ulong sdram_size(uint32_t bcr) >> +{ >> + target_ulong size; >> + int sh; >> + >> + sh = 1024 - ((bcr >> 6) & 0x3ff); >> + if (sh == 0) { >> + size = -1; >> + } else { >> + size = 8 * M_BYTE * sh; >> + } >> + >> + return size; >> +} > > Hi. Coverity (CID 1390588) points out that the calculation > "1024 - ((bcr >> 6) & 0x3ff" must result in a value of sh > between 1 and 1024, and therefore the "sh == 0" branch of > the if() is dead code. > > Is there an error in the size calculation here? Likely this is not entirely correct (see also the FIXME comment in sam460ex.c:73) but I still could not obtain the user manual of the SoC where I think this is documented so I don't really know what's the correct way here and I don't have time at the moment to try to guess from accessible sources (such as Linux and U-Boot). So for now I'd leave it as it is until I can find out what would be correct here but if the warning from Coverity is in your way feel free to patch this to remove the sh == 0 which should be OK if it can't ever happen. Regards, BALATON Zoltan