On Sat, Mar 21, 2020 at 7:50 AM Philippe Mathieu-Daudé
<phi...@redhat.com> wrote:
>
> pxa2xx_timer_tick4() takes an opaque pointer, then calls
> pxa2xx_timer_update4(), so the static analyzer can not
> verify that the 'n < 8':
>
> 425 static void pxa2xx_timer_tick4(void *opaque)
> 426 {
> 427 PXA2xxTimer4 *t = (PXA2xxTimer4 *) opaque;
> 428 PXA2xxTimerInfo *i = (PXA2xxTimerInfo *) t->tm.info;
> 429
> 430 pxa2xx_timer_tick(&t->tm);
> 433 if (t->control & (1 << 6))
> 434 pxa2xx_timer_update4(i, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL),
> t->tm.num - 4);
>
> 135 static void pxa2xx_timer_update4(void *opaque, uint64_t now_qemu, int n)
> 136 {
> 137 PXA2xxTimerInfo *s = (PXA2xxTimerInfo *) opaque;
> 140 static const int counters[8] = { 0, 0, 0, 0, 4, 4, 6, 6 };
> 142
> 143 if (s->tm4[n].control & (1 << 7))
> 144 counter = n;
> 145 else
> 146 counter = counters[n];
>
> Add an assert() to give the static analyzer a hint, this fixes a
> warning reported by Clang static code analyzer:
>
> CC hw/timer/pxa2xx_timer.o
> hw/timer/pxa2xx_timer.c:146:17: warning: Assigned value is garbage or
> undefined
> counter = counters[n];
> ^ ~~~~~~~~~~~
>
> Reported-by: Clang Static Analyzer
> Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Reviewed-by: Alistair Francis <alistair.fran...@wdc.com>
Alistair
> ---
> hw/timer/pxa2xx_timer.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/hw/timer/pxa2xx_timer.c b/hw/timer/pxa2xx_timer.c
> index cd172cc1e9..944c165889 100644
> --- a/hw/timer/pxa2xx_timer.c
> +++ b/hw/timer/pxa2xx_timer.c
> @@ -140,6 +140,7 @@ static void pxa2xx_timer_update4(void *opaque, uint64_t
> now_qemu, int n)
> static const int counters[8] = { 0, 0, 0, 0, 4, 4, 6, 6 };
> int counter;
>
> + assert(n < ARRAY_SIZE(counters));
> if (s->tm4[n].control & (1 << 7))
> counter = n;
> else
> --
> 2.21.1
>
>
