On 17/7/23 23:35, Philippe Mathieu-Daudé wrote: Oops, invalid authorship, this should be:
From: Peter Maydell <peter.mayd...@linaro.org>
Coverity points out that in page_table_walk_refill() we can shift by a negative number, which is undefined behaviour (CID 1452918, 1452920, 1452922). We already catch the negative directory_shift and leaf_shift as being a "bail out early" case, but not until we've already used them to calculated some offset values. Move the calculation of the offset values to after we've done the "return early if ptew > 1" check. Signed-off-by: Peter Maydell <peter.mayd...@linaro.org> [PMD: Check for ptew > 1, use unsigned type] Signed-off-by: Philippe Mathieu-Daudé <phi...@linaro.org> --- target/mips/tcg/sysemu/tlb_helper.c | 32 +++++++++++++++-------------- 1 file changed, 17 insertions(+), 15 deletions(-)
