diff mbox

[PULL,2/3] target-i386: avoid overflow in the tsc-frequency property

Message ID 1435956459-18454-3-git-send-email-ehabkost@redhat.com
State New
Headers show

Commit Message

Eduardo Habkost July 3, 2015, 8:47 p.m. UTC 
From: Paolo Bonzini <pbonzini@redhat.com>

The TSC frequency fits comfortably in an int when expressed in kHz,
but it may overflow when converted to Hz.  In this case,
tsc-frequency returns a negative value because x86_cpuid_get_tsc_freq
does a 32-bit multiplication before assigning to int64_t.

For simplicity just make tsc_khz a 64-bit value.

Spotted by Coverity.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Eduardo Habkost <ehabkost@redhat.com>
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
---
 target-i386/cpu.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff mbox

Patch

diff --git a/target-i386/cpu.h b/target-i386/cpu.h
index d2eaea8..bbeef22 100644
--- a/target-i386/cpu.h
+++ b/target-i386/cpu.h
@@ -961,7 +961,7 @@  typedef struct CPUX86State {
     uint8_t has_error_code;
     uint32_t sipi_vector;
     bool tsc_valid;
-    int tsc_khz;
+    int64_t tsc_khz;
     void *kvm_xsave_buf;
 
     uint64_t mcg_cap;