On 13 November 2014 14:56, Peter Maydell <peter.mayd...@linaro.org> wrote: > The ARMv8 address translation system defines that a page table walk > starts at a level which depends on the translation granule size > and the number of bits of virtual address that need to be resolved. > Where the translation granule is 64KB and the guest sets the > TCR.TxSZ field to between 35 and 39, it's actually possible to > start at level 3 (the final level). QEMU's implementation failed > to handle this case, and so we would set level to 2 and behave > incorrectly (including invoking the C undefined behaviour of > shifting left by a negative number). Correct the code that > determines the starting level to deal with the start-at-3 case, > by replacing the if-else ladder with an expression derived from > the ARM ARM pseudocode version. > > This error was detected by the Coverity scan, which spotted > the potential shift by a negative number. > > Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Since this would be the sole patch in a target-arm pullreq for 2.2rc2, I'm just going to apply it directly to master... -- PMM
