Coverity is getting confused here. The index can never actually overflow. Does Coverity have a pragma or something to tell it it's OK?
The loop nest in question is (the index must be < 128) for (int offset = 1; offset < 128; offset <<= 1) { for (int k = 0; k < 128; k++) { if (!(k & offset)) { swap(vector1.ub[k], vector0.ub[k + offset]); } } } Basically, it's looking for elements to swap, and the "if (!(k & offset))" prevents "k + offset" from overflowing. Thanks, Taylor -----Original Message----- From: scan-ad...@coverity.com <scan-ad...@coverity.com> Sent: Thursday, November 4, 2021 4:08 PM To: Taylor Simpson <tsimp...@quicinc.com> Subject: New Defects reported by Coverity Scan for QEMU WARNING: This email originated from outside of Qualcomm. Please be wary of any links or attachments, and do not enable macros. Hi, Please find the latest report on new defect(s) introduced to QEMU found with Coverity Scan. 4 new defect(s) introduced to QEMU found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1465283: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12539 in helper_V6_vshuffvdd() /target/hexagon/helper_funcs_generated.c.inc: 12539 in helper_V6_vshuffvdd() ________________________________________________________________________________________________________ *** CID 1465283: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12539 in helper_V6_vshuffvdd() 12533 void HELPER(V6_vshuffvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12534 { 12535 uint32_t slot __attribute__((unused)) = 4; 12536 /* VddV is *(MMVectorPair *))VddV_void) */ 12537 /* VuV is *(MMVector *)(VuV_void) */ 12538 /* VvV is *(MMVector *)(VvV_void) */ >>> CID 1465283: (OVERRUN) >>> Overrunning array "((MMVectorPair *)VddV_void)->v[0].ub" of 128 bytes >>> at byte offset 128 using index "k + offset" (which evaluates to 128). 12539 { fHIDE(int offset;) VddV.v[0] = VvV; VddV.v[1] = VuV; for (offset=1; offset<fVBYTES(); offset<<=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VddV.v[1].ub[k], VddV.v[0].ub[k+offset]); } } } } } 12540 } 12541 12542 void HELPER(V6_vdeal)(CPUHexagonState *env, void *VyV_void, void *VxV_void, int32_t RtV) 12543 { 12544 uint32_t slot __attribute__((unused)) = 4; /target/hexagon/helper_funcs_generated.c.inc: 12539 in helper_V6_vshuffvdd() 12533 void HELPER(V6_vshuffvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12534 { 12535 uint32_t slot __attribute__((unused)) = 4; 12536 /* VddV is *(MMVectorPair *))VddV_void) */ 12537 /* VuV is *(MMVector *)(VuV_void) */ 12538 /* VvV is *(MMVector *)(VvV_void) */ >>> CID 1465283: (OVERRUN) >>> Overrunning array "((MMVectorPair *)VddV_void)->v[0].ub" of 128 bytes >>> at byte offset 128 using index "k + offset" (which evaluates to 128). 12539 { fHIDE(int offset;) VddV.v[0] = VvV; VddV.v[1] = VuV; for (offset=1; offset<fVBYTES(); offset<<=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VddV.v[1].ub[k], VddV.v[0].ub[k+offset]); } } } } } 12540 } 12541 12542 void HELPER(V6_vdeal)(CPUHexagonState *env, void *VyV_void, void *VxV_void, int32_t RtV) 12543 { 12544 uint32_t slot __attribute__((unused)) = 4; ** CID 1465282: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12547 in helper_V6_vdeal() /target/hexagon/helper_funcs_generated.c.inc: 12547 in helper_V6_vdeal() ________________________________________________________________________________________________________ *** CID 1465282: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12547 in helper_V6_vdeal() 12541 12542 void HELPER(V6_vdeal)(CPUHexagonState *env, void *VyV_void, void *VxV_void, int32_t RtV) 12543 { 12544 uint32_t slot __attribute__((unused)) = 4; 12545 /* VyV is *(MMVector *)(VyV_void) */ 12546 /* VxV is *(MMVector *)(VxV_void) */ >>> CID 1465282: (OVERRUN) >>> Overrunning array "((MMVector *)VxV_void)->ub" of 128 bytes at byte >>> offset 191 using index "k + offset" (which evaluates to 191). 12547 { fHIDE(int offset;) for (offset=fVBYTES()>>1; offset>0; offset>>=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VyV.ub[k], VxV.ub[k+offset]); } } } } } 12548 } 12549 12550 void HELPER(V6_vdealvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12551 { 12552 uint32_t slot __attribute__((unused)) = 4; /target/hexagon/helper_funcs_generated.c.inc: 12547 in helper_V6_vdeal() 12541 12542 void HELPER(V6_vdeal)(CPUHexagonState *env, void *VyV_void, void *VxV_void, int32_t RtV) 12543 { 12544 uint32_t slot __attribute__((unused)) = 4; 12545 /* VyV is *(MMVector *)(VyV_void) */ 12546 /* VxV is *(MMVector *)(VxV_void) */ >>> CID 1465282: (OVERRUN) >>> Overrunning array "((MMVector *)VxV_void)->ub" of 128 bytes at byte >>> offset 191 using index "k + offset" (which evaluates to 191). 12547 { fHIDE(int offset;) for (offset=fVBYTES()>>1; offset>0; offset>>=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VyV.ub[k], VxV.ub[k+offset]); } } } } } 12548 } 12549 12550 void HELPER(V6_vdealvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12551 { 12552 uint32_t slot __attribute__((unused)) = 4; ** CID 1465281: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12556 in helper_V6_vdealvdd() /target/hexagon/helper_funcs_generated.c.inc: 12556 in helper_V6_vdealvdd() ________________________________________________________________________________________________________ *** CID 1465281: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12556 in helper_V6_vdealvdd() 12550 void HELPER(V6_vdealvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12551 { 12552 uint32_t slot __attribute__((unused)) = 4; 12553 /* VddV is *(MMVectorPair *))VddV_void) */ 12554 /* VuV is *(MMVector *)(VuV_void) */ 12555 /* VvV is *(MMVector *)(VvV_void) */ >>> CID 1465281: (OVERRUN) >>> Overrunning array "((MMVectorPair *)VddV_void)->v[0].ub" of 128 bytes >>> at byte offset 191 using index "k + offset" (which evaluates to 191). 12556 { fHIDE(int offset;) VddV.v[0] = VvV; VddV.v[1] = VuV; for (offset=fVBYTES()>>1; offset>0; offset>>=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VddV.v[1].ub[k], VddV.v[0].ub[k+offset]); } } } } } 12557 } 12558 12559 void HELPER(V6_vshufoeh)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void) 12560 { 12561 uint32_t slot __attribute__((unused)) = 4; /target/hexagon/helper_funcs_generated.c.inc: 12556 in helper_V6_vdealvdd() 12550 void HELPER(V6_vdealvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12551 { 12552 uint32_t slot __attribute__((unused)) = 4; 12553 /* VddV is *(MMVectorPair *))VddV_void) */ 12554 /* VuV is *(MMVector *)(VuV_void) */ 12555 /* VvV is *(MMVector *)(VvV_void) */ >>> CID 1465281: (OVERRUN) >>> Overrunning array "((MMVectorPair *)VddV_void)->v[0].ub" of 128 bytes >>> at byte offset 191 using index "k + offset" (which evaluates to 191). 12556 { fHIDE(int offset;) VddV.v[0] = VvV; VddV.v[1] = VuV; for (offset=fVBYTES()>>1; offset>0; offset>>=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VddV.v[1].ub[k], VddV.v[0].ub[k+offset]); } } } } } 12557 } 12558 12559 void HELPER(V6_vshufoeh)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void) 12560 { 12561 uint32_t slot __attribute__((unused)) = 4; ** CID 1465280: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12530 in helper_V6_vshuff() /target/hexagon/helper_funcs_generated.c.inc: 12530 in helper_V6_vshuff() ________________________________________________________________________________________________________ *** CID 1465280: (OVERRUN) /target/hexagon/helper_funcs_generated.c.inc: 12530 in helper_V6_vshuff() 12524 12525 void HELPER(V6_vshuff)(CPUHexagonState *env, void *VyV_void, void *VxV_void, int32_t RtV) 12526 { 12527 uint32_t slot __attribute__((unused)) = 4; 12528 /* VyV is *(MMVector *)(VyV_void) */ 12529 /* VxV is *(MMVector *)(VxV_void) */ >>> CID 1465280: (OVERRUN) >>> Overrunning array "((MMVector *)VxV_void)->ub" of 128 bytes at byte >>> offset 128 using index "k + offset" (which evaluates to 128). 12530 { fHIDE(int offset;) for (offset=1; offset<fVBYTES(); offset<<=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VyV.ub[k], VxV.ub[k+offset]); } } } } } 12531 } 12532 12533 void HELPER(V6_vshuffvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12534 { 12535 uint32_t slot __attribute__((unused)) = 4; /target/hexagon/helper_funcs_generated.c.inc: 12530 in helper_V6_vshuff() 12524 12525 void HELPER(V6_vshuff)(CPUHexagonState *env, void *VyV_void, void *VxV_void, int32_t RtV) 12526 { 12527 uint32_t slot __attribute__((unused)) = 4; 12528 /* VyV is *(MMVector *)(VyV_void) */ 12529 /* VxV is *(MMVector *)(VxV_void) */ >>> CID 1465280: (OVERRUN) >>> Overrunning array "((MMVector *)VxV_void)->ub" of 128 bytes at byte >>> offset 128 using index "k + offset" (which evaluates to 128). 12530 { fHIDE(int offset;) for (offset=1; offset<fVBYTES(); offset<<=1) { if ( RtV & offset) { fHIDE(int k;) fVFOREACH(8, k) { if (!( k & offset)) { fSWAPB(VyV.ub[k], VxV.ub[k+offset]); } } } } } 12531 } 12532 12533 void HELPER(V6_vshuffvdd)(CPUHexagonState *env, void *VddV_void, void *VuV_void, void *VvV_void, int32_t RtV) 12534 { 12535 uint32_t slot __attribute__((unused)) = 4; ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrzEQNXe51mg-2FlKoEnRoarMq5nOxxfhqLUuo8HvG2S4Ew-3D-3DWlA7_8inUyGh-2BW1HT32W32IvBHxb7aFSEdSRWGNQjOj6Pu5XN1yTi5xRqR-2FauzTzQ8TTCMynbzlKK38dd4vnBgBOISaYuCt2P2K4Nr-2BQrwIRxT6vP6cSps-2FKfJeDwWOYjfHKEOE-2B37NVXcSeHy1g85Xu96TxRZSAMYgPybtVUE7VaHktMnSyFARcHi5Smh-2BOt7C17iCCDe0sIJueOT9wnUDuhhw-3D-3D To manage Coverity Scan email notifications for "tsimp...@quicinc.com", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxhog3V-2Bya4sYLKnckU-2FWJNYoLyk5CFNN4-2FzXAhh2yQgYkIiZFhMvotFhFxZUytWoxPeX55igX3u7EjcDuJbLuFws0HNjzT5-2FUbfBZiYi6yb8-3DVX4C_8inUyGh-2BW1HT32W32IvBHxb7aFSEdSRWGNQjOj6Pu5XN1yTi5xRqR-2FauzTzQ8TTCw-2FEqvaCcduK-2Fu0844eqQecio6W8FxY0JZVtlm0PPIP0AD11nL4sJi3gMc9nHHjGJSV9SIW-2B2UfY06pXWi-2BYos8wCxnEOUkZNMcTI-2BiUeK3HF1W2QdnwXTO58IHvsG3MEAqdq9-2BESzEdEojR94qp3ZA-3D-3D