[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] a64 simd decode in handle_vec_simd_shli()
From: |
Peter Maydell |
Subject: |
[Qemu-devel] a64 simd decode in handle_vec_simd_shli() |
Date: |
Mon, 29 Oct 2018 12:06:10 +0000 |
Hi; Coverity is complaining (in CID 1396476) about a problem in the
handle_vec_simd_shli() function, where we might dereference sli_op[]
with a size that's greater than 3. It thinks size might be > 3 because
we do a check
if (size > 3 && !is_q) {
unallocated_encoding(s);
return;
}
suggesting that we could have is_q and size > 3.
I'm having difficulty figuring out where this check has come from;
it doesn't seem to match up with the pseudocode and in any case
I don't think size can ever be > 3. We calculate:
int size = 32 - clz32(immh) - 1;
where immh is a 4 bit field which we know cannot be all-zeroes.
So the clz32() return must be in {28,29,30,31} and the resulting
size is in {0,1,2,3}, so the check above can't ever fire.
Am I missing something? As far as I can see we should simply delete
the can't-happen condition, which will probably satisfy coverity.
thanks
-- PMM
- [Qemu-devel] a64 simd decode in handle_vec_simd_shli(),
Peter Maydell <=