Xen project Mailing List

Re: [PATCH 3/5] libxg: drop dead assignment to "ptes" from xc_core_arch_map_p2m_list_rw()

To: Anthony PERARD <anthony.perard@xxxxxxxxxx>

Date: Wed, 14 Jun 2023 08:34:17 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=+uhD3DivwsvlcltU/FZHOGW0OPxHDbzzbL7bT66OREk=; b=PSLSAiN16i2n9cTfreGQlv3ovOZ7yWslE1Mp/Mn62zBeT6/4jxR2SJUd7N/HVkvED0S5laJFpJtsg+CizC+884BhzwGcbaXEkllVPmTg71gqmnZNdcjELxPXAZYrSqsuqPsRYotouEFMo1AmeMIgjOj8bDa09iIpA2/st95LAtAshmM0yMe8vd7Mjb3kv+0xWa+xPOItx1x9bMPEs8l6C8ZzlD8q8k1s0naM2SiUr10NfHhFv8Zoy7LbfD1kLPg2R8n+W6Q5Qe0lTMW3uQGJgEwQnbjTKliZ8wCXEx0g+wxGjO1KAj9MHek0SOl4jR1B3uF6ay7nHOQBxFjScfTohw==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=KfG0yaRwi3H/4UKQTL7hkZ4Jx2vRLaxT/WJ11ouQTo9KT6LWUMHhvqkppmWgGrR538pOW/PjeOjNLXQzD/eEaNBvEurQPP8y3PihtaJdXaZRNABDYAk3sbys7SGpdtcrqCXgk6FAz5Z+E+NmnjmPRtAkXLPUHMPcdksDgpD8I4yK+79sXWLtkn4Bai1M3t8lcZLLGHTp468gbl+qG7mxSkspRshT1aVEUb4+K+/YDYAExpNsIoN4y5FsYM9lgCuOZEmpnEAkk4/CKf2eh1W6nVPifexaZ0KcYufDR/K0fCp9+PMykyWGg53JMJkAJ0R4YDBJh9qFQ8vMHvasWGnZ0w==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, Juergen Gross <jgross@xxxxxxxx>

Delivery-date: Wed, 14 Jun 2023 06:34:46 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 13.06.2023 18:40, Anthony PERARD wrote: > On Tue, Jun 13, 2023 at 06:08:16PM +0200, Jan Beulich wrote: >> On 13.06.2023 18:03, Anthony PERARD wrote: >>> On Mon, Jun 12, 2023 at 01:46:40PM +0200, Jan Beulich wrote: >>>> The function returns immediately after the enclosing if(). >>>> >>>> Coverity ID: 1532314 >>>> Fixes: bd7a29c3d0b9 ("tools/libs/ctrl: fix xc_core_arch_map_p2m() to >>>> support linear p2m table") >>>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> >>>> >>>> --- a/tools/libs/guest/xg_core_x86.c >>>> +++ b/tools/libs/guest/xg_core_x86.c >>>> @@ -210,7 +210,6 @@ xc_core_arch_map_p2m_list_rw(xc_interfac >>>> } >>>> >>>> munmap(ptes, n_pages * PAGE_SIZE); >>>> - ptes = NULL; >>>> off = p2m_vaddr & ((mask >> shift) << shift); >>>> } >>> >>> Do we have to remove this assignment? What if someone adds code later >>> and reuse the content of the variable `ptes`? Or what if someone adds >>> codes after the loop, and handle an error with `goto out`, we would have >>> a double-munmap(). >> >> Imo it would be at that time when the assignment wants (re)adding. I > > I don't believe this is going to happen because I don't think a compiler > will find a mistake. Maybe a run of Coverity would tell that ptes is > reused after munmap(), but by the time Coverity run on the code, it > would be too late. > >> fully agree with the tool, and I expect Misra (if it was applied to >> the tool stack as well) would demand the very same change. > > I guess the issue here is that there's two paths out of the function, the > error path via "out" and the success path. If `ptes` is check on both > path, then the assignment would be needed, and it would be harder to > make a mistake; which can be done by having only one way out. > > If only we could restrict the scope of `ptes` to the for loop, we > wouldn't even need to set it to NULL. I can do that, but then I can't resist to shrink other variables' scopes as well, so it'll be somewhat bigger a change. Let's see how you like it. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.