[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 2/2] xen/common: Add NUMA node id bounds check to page_alloc.c/node_to_scrub

  • To: Shawn Anastasio <sanastasio@xxxxxxxxxxxxxxxxxxxxx>
  • From: Henry Wang <Henry.Wang@xxxxxxx>
  • Date: Tue, 26 Sep 2023 23:47:49 +0000
  • Accept-language: zh-CN, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mmKFjOyR+a+zxzq+ABjzXiX/32MJGrpCwnaIr/9KQk4=; b=UZC4ATzIrSrtZBBOI5KeuXvjmj1KV5Pl5scSTqhoi/1xa5DLGzbmcVtQ18CRdACA+e7Fszr76rl/prK2J51SN8JVMn30nkj4eiiLe8SuCWYjh3eg9B9rXouJ+FJ+/6fGjTCnXCSFo0MsFMColaicrySTr/BeeN3L2cqOJV+HCJoYBuSsvlth2q0/CoswxKA/6bF2hFsLi5QbYn7F4CNCpK67Yd5oLE9p+rko7uOMao36oi16AuaW0L2FFPu7l9v8aFYJJa3nUw4zC+01C4KiC23+MO4bL3xxDB6SwpWKEpAeoq9khyQRMMYcyk48kU+EYNXDaKe0wM8PzOA6aPJt5g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=HK4lUZ8W/pTzemjWZDEx4uA64yPp5Q6TgZGqnIeFoXJN1PW4jsQdl6FF4LK+fNJh/6KAdOldEN4YHfJ5YKXi1f9a319fXsg59mShwqOCqbH+69NIJtq8z9B+CPDKPY3Ch+3sMnAvfluXREgXHJGXFkvuID7ty0/FcnsguGOtQewBPFg1aD6k3N2rjI3tkvH51z2vzpCHnQJsLDHp6nIIGczNGniussL1JtH5UWjPt1sDDrpv5d5qVKEzD/RyXfQt+duyb4QI8huFh67B5pAB9KsGwF6b3y2MHONg/XqGtqWDIfw9H2CLeqIjPsKpgei8cHOB0gyPrpFf1fi3qacbgw==
  • Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Timothy Pearson <tpearson@xxxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Tue, 26 Sep 2023 23:48:18 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHZ8MpFWSy4Kouw2UKnWzY5oUxUlbAtxhQA
  • Thread-topic: [PATCH v3 2/2] xen/common: Add NUMA node id bounds check to page_alloc.c/node_to_scrub
Hi,

> On Sep 27, 2023, at 06:37, Shawn Anastasio <sanastasio@xxxxxxxxxxxxxxxxxxxxx> 
> wrote:
> 
> When building for Power with CONFIG_DEBUG unset, a compiler error gets
> raised inside page_alloc.c's node_to_scrub function:
> 
> common/page_alloc.c: In function 'node_to_scrub.part.0':
> common/page_alloc.c:1217:29: error: array subscript 1 is above array
>            bounds of 'long unsigned int[1]' [-Werror=array-bounds]
> 1217 |         if ( node_need_scrub[node] )
> 
> It appears that this is a false positive, given that in practice
> cycle_node should never return a node ID >= MAX_NUMNODES as long as the
> architecture's node_online_map is properly defined and initialized, so
> this additional bounds check is only to satisfy GCC.
> 
> Signed-off-by: Shawn Anastasio <sanastasio@xxxxxxxxxxxxxxxxxxxxx>
> Reviewed-by: Stefano Stabellini <sstabellini@xxxxxxxxxx>

I am seeing some discussions going on about this patch, but once this
is patch is ready for merge please feel free to add:

Release-acked-by: Henry Wang <Henry.Wang@xxxxxxx>

Kind regards,
Henry


> ---
> v2: Add comment to explain the bounds check.
> 
> xen/common/page_alloc.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
> 
> diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c
> index 35d9a26fa6..9b5df74fdd 100644
> --- a/xen/common/page_alloc.c
> +++ b/xen/common/page_alloc.c
> @@ -1211,6 +1211,14 @@ static unsigned int node_to_scrub(bool get_node)
>         } while ( !cpumask_empty(&node_to_cpumask(node)) &&
>                   (node != local_node) );
> 
> +        /*
> +         * In practice `node` will always be within MAX_NUMNODES, but GCC 
> can't
> +         * always see that, so an explicit check is necessary to avoid 
> tripping
> +         * its out-of-bounds array access warning (-Warray-bounds).
> +         */
> +        if ( node >= MAX_NUMNODES )
> +            break;
> +
>         if ( node == local_node )
>             break;
> 
> --
> 2.30.2
> 
>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.