diff options
| author |   Alexandra Diupina <adiupina@astralinux.ru> | 2024-04-28 21:11:31 +0300 |
|---|---|---|
| committer |   Peter Maydell <peter.maydell@linaro.org> | 2024-04-30 15:39:54 +0100 |
| commit | 4b00855f0ee2e2eee8fd2500ffef27c108be6dc3 (patch) | |
| tree | 4203dd2a9b8ab45760085e60bf22674fa70dfd88 /scripts/coverage/compare_gcov_json.py | |
| parent | target/arm: Default to 1GHz cntfrq for 'max' and new CPUs (diff) | |
| download | qemu-4b00855f0ee2e2eee8fd2500ffef27c108be6dc3.tar.xz qemu-4b00855f0ee2e2eee8fd2500ffef27c108be6dc3.zip | |
hw/dmax/xlnx_dpdma: fix handling of address_extension descriptor fields
The DMA descriptor structures for this device have
a set of "address extension" fields which extend the 32
bit source addresses with an extra 16 bits to give a
48 bit address:
https://docs.amd.com/r/en-US/ug1085-zynq-ultrascale-trm/ADDR_EXT-Field
However, we misimplemented this address extension in several ways:
* we only extracted 12 bits of the extension fields, not 16
* we didn't shift the extension field up far enough
* we accidentally did the shift as 32-bit arithmetic, which
meant that we would have an overflow instead of setting
bits [47:32] of the resulting 64-bit address
Add a type cast and use extract64() instead of extract32()
to avoid integer overflow on addition. Fix bit fields
extraction according to documentation.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Cc: qemu-stable@nongnu.org
Fixes: d3c6369a96 ("introduce xlnx-dpdma")
Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru>
Message-id: 20240428181131.23801-1-adiupina@astralinux.ru
[PMM: adjusted commit message]
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'scripts/coverage/compare_gcov_json.py')
0 files changed, 0 insertions, 0 deletions