From: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Date: Fri, 7 Mar 2025 12:46:02 +0000 (-0300)
Subject: target/riscv/csr.c: fix OVERFLOW_BEFORE_WIDEN in rmw_sctrdepth()
X-Git-Tag: v10.0.0-rc1~9^2~4
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ec6411a5251de3479d44c6e539d0e9596c68909b;p=thirdparty%2Fqemu.git

target/riscv/csr.c: fix OVERFLOW_BEFORE_WIDEN in rmw_sctrdepth()

Coverity found the following issue:

  >>>     CID 1593156:  Integer handling issues  (OVERFLOW_BEFORE_WIDEN)
  >>>     Potentially overflowing expression "0x10 << depth" with type
  "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then
  used in a context that expects an expression of type "uint64_t" (64
  bits, unsigned).
  4299             depth = 16 << depth;

Fix it by forcing the expression to be 64 bits wide by using '16ULL'.

Resolves: Coverity CID 1593156
Fixes: c48bd18eae ("target/riscv: Add support for Control Transfer Records extension CSRs.")
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Reviewed-by: Alistair Francis <alistair.francis@wdc.com>
Message-ID: <20250307124602.1905754-1-dbarboza@ventanamicro.com>
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
---

diff --git a/target/riscv/csr.c b/target/riscv/csr.c
index 8225e9bb4b..7948188356 100644
--- a/target/riscv/csr.c
+++ b/target/riscv/csr.c
@@ -4302,7 +4302,7 @@ static RISCVException rmw_sctrdepth(CPURISCVState *env, int csrno,
         }
 
         /* Update sctrstatus.WRPTR with a legal value */
-        depth = 16 << depth;
+        depth = 16ULL << depth;
         env->sctrstatus =
             env->sctrstatus & (~SCTRSTATUS_WRPTR_MASK | (depth - 1));
     }