On 11/12/19 11:23 AM, Peter Maydell wrote:
>> +static uint32_t sve_zcr_get_valid_len(ARMCPU *cpu, uint32_t start_len)
>> +{
>> + uint32_t start_vq = (start_len & 0xf) + 1;
>> +
>> + return arm_cpu_vq_map_next_smaller(cpu, start_vq + 1) - 1;
>
> "Subtract operation overflows on operands
> arm_cpu_vq_map_next_smaller(cpu, start_vq + 1U) and 1U"
>
> Certainly it looks as if arm_cpu_vq_map_next_smaller() can
> return 0, and claiming the valid length to be UINT_MAX
> seems a bit odd in that case.
The lsb is always set in the map, the minimum number we send to next_smaller is
2 -> so the minimum number returned from next_smaller is 1.
We should never return UINT_MAX.
> return bitnum == vq - 1 ? 0 : bitnum + 1;
But yes, this computation doesn't seem right.
The beginning assert should probably be (vq >= 2 ...)
and here we should assert bitnum != vq - 1.
r~
