aboutsummaryrefslogtreecommitdiff
path: root/hw
diff options
context:
space:
mode:
authorPhilippe Mathieu-Daudé <philmd@redhat.com>2020-11-02 16:52:16 +0000
committerPeter Maydell <peter.maydell@linaro.org>2020-11-02 16:52:16 +0000
commit744a790ec01a30033309e6a2155df4d61061e184 (patch)
tree668a161c5bca234db8fe5b4b347bd6ea1f79b331 /hw
parent437588d81d99ac91cb1e4ff060610458e67852d5 (diff)
downloadqemu-744a790ec01a30033309e6a2155df4d61061e184.zip
qemu-744a790ec01a30033309e6a2155df4d61061e184.tar.gz
qemu-744a790ec01a30033309e6a2155df4d61061e184.tar.bz2
hw/arm/smmuv3: Fix potential integer overflow (CID 1432363)
Use the BIT_ULL() macro to ensure we use 64-bit arithmetic. This fixes the following Coverity issue (OVERFLOW_BEFORE_WIDEN): CID 1432363 (#1 of 1): Unintentional integer overflow: overflow_before_widen: Potentially overflowing expression 1 << scale with type int (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type hwaddr (64 bits, unsigned). Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Acked-by: Eric Auger <eric.auger@redhat.com> Message-id: 20201030144617.1535064-1-philmd@redhat.com Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'hw')
-rw-r--r--hw/arm/smmuv3.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index 2017ba7..22607c3 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -17,6 +17,7 @@
*/
#include "qemu/osdep.h"
+#include "qemu/bitops.h"
#include "hw/irq.h"
#include "hw/sysbus.h"
#include "migration/vmstate.h"
@@ -864,7 +865,7 @@ static void smmuv3_s1_range_inval(SMMUState *s, Cmd *cmd)
scale = CMD_SCALE(cmd);
num = CMD_NUM(cmd);
ttl = CMD_TTL(cmd);
- num_pages = (num + 1) * (1 << (scale));
+ num_pages = (num + 1) * BIT_ULL(scale);
}
if (type == SMMU_CMD_TLBI_NH_VA) {