[PULL,00/40] ivshmem: Fixes, cleanups, device model split

Commit Message

Markus Armbruster March 21, 2016, 12:11 p.m. UTC

Peter Maydell <peter.maydell@linaro.org> writes:

[...]
> Also some new clang ubsan warnings on x86 Linux:
> GTESTER check-qtest-i386
> [deleted existing warnings about slirp code]
> /home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:166:23: runtime
> error: shift exponent -1 is negative
> /home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:171:24: runtime
> error: shift exponent -1 is negative
> /home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:172:24: runtime
> error: shift exponent -1 is negative

Root cause tracked down with the appended patch.  PCI maintainers, you
might want to steal it.

Comments

Marcel Apfelbaum March 28, 2016, 6:02 a.m. UTC | #1

On 03/21/2016 02:11 PM, Markus Armbruster wrote:
> Peter Maydell <peter.maydell@linaro.org> writes:
>
> [...]
>> Also some new clang ubsan warnings on x86 Linux:
>> GTESTER check-qtest-i386
>> [deleted existing warnings about slirp code]
>> /home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:166:23: runtime
>> error: shift exponent -1 is negative
>> /home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:171:24: runtime
>> error: shift exponent -1 is negative
>> /home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:172:24: runtime
>> error: shift exponent -1 is negative
>
> Root cause tracked down with the appended patch.  PCI maintainers, you
> might want to steal it.
>

Had anyone handled this already?

Thanks,
Marcel

>
> diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> index e67664d..1937c42 100644
> --- a/hw/pci/pci.c
> +++ b/hw/pci/pci.c
> @@ -163,11 +163,13 @@ int pci_bar(PCIDevice *d, int reg)
>
>   static inline int pci_irq_state(PCIDevice *d, int irq_num)
>   {
> +    assert(irq_num >= 0);
>   	return (d->irq_state >> irq_num) & 0x1;
>   }
>
>   static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int level)
>   {
> +    assert(irq_num >= 0);
>   	d->irq_state &= ~(0x1 << irq_num);
>   	d->irq_state |= level << irq_num;
>   }
>

Michael S. Tsirkin March 28, 2016, 6:38 a.m. UTC | #2

On Mon, Mar 28, 2016 at 09:02:38AM +0300, Marcel Apfelbaum wrote:
> On 03/21/2016 02:11 PM, Markus Armbruster wrote:
> >Peter Maydell <peter.maydell@linaro.org> writes:
> >
> >[...]
> >>Also some new clang ubsan warnings on x86 Linux:
> >>GTESTER check-qtest-i386
> >>[deleted existing warnings about slirp code]
> >>/home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:166:23: runtime
> >>error: shift exponent -1 is negative
> >>/home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:171:24: runtime
> >>error: shift exponent -1 is negative
> >>/home/petmay01/linaro/qemu-for-merges/hw/pci/pci.c:172:24: runtime
> >>error: shift exponent -1 is negative
> >
> >Root cause tracked down with the appended patch.  PCI maintainers, you
> >might want to steal it.
> >
> 
> Had anyone handled this already?
> 
> Thanks,
> Marcel


No - pls post this as a patch.

> >
> >diff --git a/hw/pci/pci.c b/hw/pci/pci.c
> >index e67664d..1937c42 100644
> >--- a/hw/pci/pci.c
> >+++ b/hw/pci/pci.c
> >@@ -163,11 +163,13 @@ int pci_bar(PCIDevice *d, int reg)
> >
> >  static inline int pci_irq_state(PCIDevice *d, int irq_num)
> >  {
> >+    assert(irq_num >= 0);
> >  	return (d->irq_state >> irq_num) & 0x1;
> >  }
> >
> >  static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int level)
> >  {
> >+    assert(irq_num >= 0);
> >  	d->irq_state &= ~(0x1 << irq_num);
> >  	d->irq_state |= level << irq_num;
> >  }
> >

Patch

diff --git a/hw/pci/pci.c b/hw/pci/pci.c
index e67664d..1937c42 100644
--- a/hw/pci/pci.c
+++ b/hw/pci/pci.c
@@ -163,11 +163,13 @@  int pci_bar(PCIDevice *d, int reg)
 
 static inline int pci_irq_state(PCIDevice *d, int irq_num)
 {
+    assert(irq_num >= 0);
 	return (d->irq_state >> irq_num) & 0x1;
 }
 
 static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int level)
 {
+    assert(irq_num >= 0);
 	d->irq_state &= ~(0x1 << irq_num);
 	d->irq_state |= level << irq_num;
 }