diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2025-07-10 17:15:52 +0100 |
|---|---|---|
| committer | Thomas Huth <thuth@redhat.com> | 2025-07-11 09:42:47 +0200 |
| commit | 3ffa21d293bf5e4f997ba117ee3e943344b71044 (patch) | |
| tree | 240051d2497571e50376fe3d1c316a3326869b5c /scripts/tracetool/backend/simple.py | |
| parent | 79d7e60c326bcb9d165e5d52a29b238937bedd8d (diff) | |
| download | qemu-3ffa21d293bf5e4f997ba117ee3e943344b71044.zip qemu-3ffa21d293bf5e4f997ba117ee3e943344b71044.tar.gz qemu-3ffa21d293bf5e4f997ba117ee3e943344b71044.tar.bz2 | |
hw/s390x/s390-pci-bus.c: Use g_assert_not_reached() in functions taking an ett
The s390-pci-bus.c code, Coverity complains about a possible overflow
because get_table_index() can return -1 if the ett value passed in is
not one of the three permitted ZPCI_ETT_PT, ZPCI_ETT_ST, ZPCI_ETT_RT,
but the caller in table_translate() doesn't check this and instead
uses the return value directly in a calculation of the guest address
to read from.
In fact this case cannot happen, because:
* get_table_index() is called only from table_translate()
* the only caller of table_translate() loops through the ett values
in the order RT, ST, PT until table_translate() returns 0
* table_translate() will return 0 for the error cases and when
translate_iscomplete() returns true
* translate_iscomplete() is always true for ZPCI_ETT_PT
So table_translate() is always called with a valid ett value.
Instead of having the various functions called from table_translate()
return a default or dummy value when the ett argument is out of range,
use g_assert_not_reached() to indicate that this is impossible.
Coverity: CID 1547609
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Matthew Rosato <mjrosato@linux.ibm.com>
Reviewed-by: Halil Pasic <pasic@linux.ibm.com>
Message-ID: <20250710161552.1287399-1-peter.maydell@linaro.org>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Diffstat (limited to 'scripts/tracetool/backend/simple.py')
0 files changed, 0 insertions, 0 deletions