ShuriZma
/
xemu
mirror of https://github.com/xemu-project/xemu.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

system/physmem: Where we assume we have a RAM MR, assert it 

In the functions invalidate_and_set_dirty() and
cpu_physical_memory_snapshot_and_clear_dirty(), we assume that we
are dealing with RAM memory regions. In this case we know that
memory_region_get_ram_addr() will succeed. Assert this before we
use the returned ram_addr_t in arithmetic.

This makes Coverity happier about these functions: it otherwise
complains that we might have an arithmetic overflow that stems
from the possible -1 return from memory_region_get_ram_addr().

Resolves: Coverity CID 1547629, 1547715

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Message-id: 20240723170513.1676453-1-peter.maydell@linaro.org
This commit is contained in:
Peter Maydell 2024-07-23 18:05:13 +01:00
parent 525650cd71
commit 73188068d7
1 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
system/physmem.c
View File

@ -923,13 +923,19 @@ DirtyBitmapSnapshot *cpu_physical_memory_snapshot_and_clear_dirty
(MemoryRegion *mr, hwaddr offset, hwaddr length, unsigned client) (MemoryRegion *mr, hwaddr offset, hwaddr length, unsigned client)
{ {
DirtyMemoryBlocks *blocks; DirtyMemoryBlocks *blocks;
ram_addr_t start = memory_region_get_ram_addr(mr) + offset; ram_addr_t start, first, last;
unsigned long align = 1UL << (TARGET_PAGE_BITS + BITS_PER_LEVEL); unsigned long align = 1UL << (TARGET_PAGE_BITS + BITS_PER_LEVEL);
ram_addr_t first = QEMU_ALIGN_DOWN(start, align);
ram_addr_t last = QEMU_ALIGN_UP(start + length, align);
DirtyBitmapSnapshot *snap; DirtyBitmapSnapshot *snap;
unsigned long page, end, dest; unsigned long page, end, dest;
start = memory_region_get_ram_addr(mr);
/* We know we're only called for RAM MemoryRegions */
assert(start != RAM_ADDR_INVALID);
start += offset;
first = QEMU_ALIGN_DOWN(start, align);
last = QEMU_ALIGN_UP(start + length, align);
snap = g_malloc0(sizeof(*snap) + snap = g_malloc0(sizeof(*snap) +
((last - first) >> (TARGET_PAGE_BITS + 3))); ((last - first) >> (TARGET_PAGE_BITS + 3)));
snap->start = first; snap->start = first;
@ -2659,7 +2665,11 @@ static void invalidate_and_set_dirty(MemoryRegion *mr, hwaddr addr,
hwaddr length) hwaddr length)
{ {
uint8_t dirty_log_mask = memory_region_get_dirty_log_mask(mr); uint8_t dirty_log_mask = memory_region_get_dirty_log_mask(mr);
addr += memory_region_get_ram_addr(mr); ram_addr_t ramaddr = memory_region_get_ram_addr(mr);
/* We know we're only called for RAM MemoryRegions */
assert(ramaddr != RAM_ADDR_INVALID);
addr += ramaddr;
/* No early return if dirty_log_mask is or becomes 0, because /* No early return if dirty_log_mask is or becomes 0, because
* cpu_physical_memory_set_dirty_range will still call * cpu_physical_memory_set_dirty_range will still call