qemu/hw
Peter Maydell cf5f7937b0 nvic: Fix miscalculation of offsets into ITNS array
This calculation of the first exception vector in
the ITNS<n> register being accessed:
        int startvec = 32 * (offset - 0x380) + NVIC_FIRST_IRQ;

is incorrect, because offset is in bytes, so we only want
to multiply by 8.

Spotted by Coverity (CID 1381484, CID 1381488), though it is
not correct that it actually overflows the buffer, because
we have a 'startvec + i < s->num_irq' guard.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 1507650856-11718-1-git-send-email-peter.maydell@linaro.org
2017-10-12 16:33:16 +01:00
..
9pfs 9pfs: check the size of transport buffer before marshaling 2017-09-20 08:48:52 +02:00
acpi Convert multi-line fprintf() to warn_report() 2017-09-19 14:09:34 +02:00
adc STM32F2xx: Add the ADC device 2016-10-04 13:28:07 +01:00
alpha cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
arm hw/arm/xlnx-zynqmp: Mark the "xlnx, zynqmp" device with user_creatable = false 2017-10-06 16:46:47 +01:00
audio migration: pre_save return int 2017-09-27 11:35:59 +01:00
block hw/block/onenand: Remove dead code block 2017-10-06 16:28:58 +02:00
bt bt: stop the sdp memory allocation craziness 2017-08-01 17:27:33 +02:00
char s390x/3270: handle writes of arbitrary length 2017-10-06 10:53:02 +02:00
core machine: Add a valid_cpu_types property 2017-10-09 23:21:52 -03:00
cpu cpu: don't allow negative core id 2017-08-02 18:30:13 -03:00
cris cris: replace cpu_cris_init() with cpu_generic_init() 2017-09-01 11:54:24 -03:00
display migration: Route more error paths 2017-09-27 11:44:18 +01:00
dma xilinx_axidma: Convert to DEFINE_PROP_LINK 2017-09-07 13:54:51 +01:00
gpio hw/gpio/omap_gpio.c: Don't use old_mmio 2017-09-21 16:34:27 +01:00
i2c migration: pre_save return int 2017-09-27 11:35:59 +01:00
i386 kvmclock: use the updated system_timer_msr 2017-10-02 14:39:51 +02:00
ide Migration pull 2017-09-27 2017-09-27 22:44:51 +01:00
input virtio-input: send rel-wheel events for wheel buttons 2017-09-29 10:36:33 +02:00
intc nvic: Fix miscalculation of offsets into ITNS array 2017-10-12 16:33:16 +01:00
ipack ipack: Update e-mail address 2016-05-18 15:04:27 +03:00
ipmi qom: enforce readonly nature of link's check callback 2017-07-14 12:04:42 +02:00
isa hw/isa/pc87312: Mark the device with user_creatable = false 2017-09-26 09:11:23 +03:00
lm32 cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
m68k cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
mem qmp: introduce query-memory-size-summary command 2017-09-14 15:52:10 +01:00
microblaze hw: Use new memory_region_init_{ram, rom, rom_device}() functions 2017-07-14 17:59:42 +01:00
mips mips: replace cpu_mips_init() with cpu_generic_init() 2017-09-21 13:25:37 +01:00
misc macio: use object link between MACIO_IDE and MAC_DBDMA object 2017-09-27 13:05:41 +10:00
moxie cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
net migration: pre_save return int 2017-09-27 11:35:59 +01:00
nios2 nios2: replace cpu_nios2_init() with cpu_generic_init() 2017-09-01 11:54:24 -03:00
nvram pc, pci, virtio: patches queued before 2.10 2017-09-08 16:04:42 +01:00
openrisc cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
pci net: Add SunGEM device emulation as found on Apple UniNorth 2017-09-15 10:29:48 +10:00
pci-bridge hw/pci: add QEMU-specific PCI capability to the Generic PCI Express Root Port 2017-09-08 16:15:17 +03:00
pci-host migration: pre_save return int 2017-09-27 11:35:59 +01:00
pcmcia hw: Clean up includes 2016-01-29 15:07:25 +00:00
ppc Migration pull 2017-09-27 2017-09-27 22:44:51 +01:00
s390x hw/s390x: Mark the "sclpquiesce" device with user_creatable = false 2017-10-06 10:53:02 +02:00
scsi migration: pre_save return int 2017-09-27 11:35:59 +01:00
sd hw/sd: fix out-of-bounds check for multi block reads 2017-10-06 16:46:47 +01:00
sh4 cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
smbios stubs: move smbios stubs to hw/smbios 2017-01-16 17:52:35 +01:00
sparc cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
sparc64 sun4u: use sunhme as default on-board NIC 2017-09-21 08:38:42 +01:00
ssi msf2: Add Smartfusion2 SPI controller 2017-09-21 16:36:56 +01:00
timer migration: pre_save return int 2017-09-27 11:35:59 +01:00
tpm clean-up: removed duplicate #includes 2016-10-28 18:17:24 +03:00
tricore cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
unicore32 cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
usb usb: fix host-stub.c build race 2017-10-05 11:03:25 +02:00
vfio s390x: sort some devices into categories 2017-10-06 10:53:02 +02:00
virtio migration: Route more error paths 2017-09-27 11:44:18 +01:00
watchdog watchdog/aspeed: fix variable type to store reload value 2017-10-12 13:20:06 +01:00
xen xen/pt: allow QEMU to request MSI unmasking at bind time 2017-09-20 19:05:27 -07:00
xenpv xenfb: remove xen_init_display "temporary" hack 2017-07-07 11:10:03 -07:00
xtensa cpu: make cpu_generic_init() abort QEMU on error 2017-09-19 09:09:32 -03:00
Makefile.objs 9pfs: fix dependencies 2017-08-30 18:23:25 +02:00