Re: [PATCH v2 2/5] target/ppc: powerpc_excp: Add excp_vectors bounds check
On Wed, Dec 29, 2021 at 01:57:48PM -0300, Fabiano Rosas wrote:
> The next patch will start accessing the excp_vectors array earlier in
> the function, so add a bounds check as first thing here.
>
> This converts the empty return on POWERPC_EXCP_NONE to an error. This
> exception number never reaches this function and if it does it
> probably means something else went wrong up the line.
>
> Signed-off-by: Fabiano Rosas
Reviewed-by: David Gibson
> ---
> target/ppc/excp_helper.c | 7 ---
> 1 file changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
> index 8b9c6bc5a8..9a03e4b896 100644
> --- a/target/ppc/excp_helper.c
> +++ b/target/ppc/excp_helper.c
> @@ -300,6 +300,10 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int
> excp_model, int excp)
> target_ulong msr, new_msr, vector;
> int srr0, srr1, lev = -1;
>
> +if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) {
> +cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp);
> +}
> +
> qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx
>" => %08x (%02x)\n", env->nip, excp, env->error_code);
>
> @@ -353,9 +357,6 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int
> excp_model, int excp)
> #endif
>
> switch (excp) {
> -case POWERPC_EXCP_NONE:
> -/* Should never happen */
> -return;
> case POWERPC_EXCP_CRITICAL:/* Critical input
> */
> switch (excp_model) {
> case POWERPC_EXCP_40x:
--
David Gibson| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au | minimalist, thank you. NOT _the_ _other_
| _way_ _around_!
http://www.ozlabs.org/~dgibson
signature.asc
Description: PGP signature
Re: [PATCH v2 2/5] target/ppc: powerpc_excp: Add excp_vectors bounds check
On 12/29/21 17:57, Fabiano Rosas wrote:
The next patch will start accessing the excp_vectors array earlier in
the function, so add a bounds check as first thing here.
This converts the empty return on POWERPC_EXCP_NONE to an error. This
exception number never reaches this function and if it does it
probably means something else went wrong up the line.
Signed-off-by: Fabiano Rosas
Reviewed-by: Cédric Le Goater
Thanks,
C.
---
target/ppc/excp_helper.c | 7 ---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/target/ppc/excp_helper.c b/target/ppc/excp_helper.c
index 8b9c6bc5a8..9a03e4b896 100644
--- a/target/ppc/excp_helper.c
+++ b/target/ppc/excp_helper.c
@@ -300,6 +300,10 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int
excp_model, int excp)
target_ulong msr, new_msr, vector;
int srr0, srr1, lev = -1;
+if (excp <= POWERPC_EXCP_NONE || excp >= POWERPC_EXCP_NB) {
+cpu_abort(cs, "Invalid PowerPC exception %d. Aborting\n", excp);
+}
+
qemu_log_mask(CPU_LOG_INT, "Raise exception at " TARGET_FMT_lx
" => %08x (%02x)\n", env->nip, excp, env->error_code);
@@ -353,9 +357,6 @@ static inline void powerpc_excp(PowerPCCPU *cpu, int excp_model, int excp)
#endif
switch (excp) {
-case POWERPC_EXCP_NONE:
-/* Should never happen */
-return;
case POWERPC_EXCP_CRITICAL:/* Critical input
*/
switch (excp_model) {
case POWERPC_EXCP_40x:
Re: [PATCH v2 2/5] target/ppc: powerpc_excp: Add excp_vectors bounds check
On 12/29/21 8:57 AM, Fabiano Rosas wrote: The next patch will start accessing the excp_vectors array earlier in the function, so add a bounds check as first thing here. This converts the empty return on POWERPC_EXCP_NONE to an error. This exception number never reaches this function and if it does it probably means something else went wrong up the line. Signed-off-by: Fabiano Rosas Reviewed-by: Richard Henderson r~
