aboutsummaryrefslogtreecommitdiff
path: root/qemu-timer.c
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2014-11-13 14:56:09 +0000
committerPeter Maydell <peter.maydell@linaro.org>2014-11-17 19:30:28 +0000
commitd6be29e3fb5659102ac0e48e295d177cb67e32c5 (patch)
treef5658b03ccd9c31765b3020f4ac1b35a599d860d /qemu-timer.c
parent1aba4be97eb01b650d146c7f01dc961d55da62ab (diff)
target-arm: handle address translations that start at level 3
The ARMv8 address translation system defines that a page table walk starts at a level which depends on the translation granule size and the number of bits of virtual address that need to be resolved. Where the translation granule is 64KB and the guest sets the TCR.TxSZ field to between 35 and 39, it's actually possible to start at level 3 (the final level). QEMU's implementation failed to handle this case, and so we would set level to 2 and behave incorrectly (including invoking the C undefined behaviour of shifting left by a negative number). Correct the code that determines the starting level to deal with the start-at-3 case, by replacing the if-else ladder with an expression derived from the ARM ARM pseudocode version. This error was detected by the Coverity scan, which spotted the potential shift by a negative number. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Message-id: 1415890569-7454-1-git-send-email-peter.maydell@linaro.org
Diffstat (limited to 'qemu-timer.c')
0 files changed, 0 insertions, 0 deletions