Xen project Mailing List

Re: New Defects reported by Coverity Scan for XenProject

From: Alejandro Vallejo <alejandro.garciavallejo@xxxxxxx>

Date: Mon, 8 Sep 2025 14:48:55 +0200

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=suse.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0)

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZGJ3macmuZXuTtMYG3B2beZsSs4EKXW6dNRScVRlVrs=; b=Q5n0slTRXBTKCJ/u1ID0gJX3bZ3XVUwPaG6c/TwK6ydpjD3IXltKO0wx+rOspU+CcHK+feNhq2MOa6Eu+/i/KOKTswv/FKJapQCv6c3zI0+eDX6nsqnYLatIECqTYphSmKR/2ugQqhxlsiO5CvqZ3vHXErw66a2287JMh+37w1cUw3St77B4ThfMzTe9zZ8IRY93h+TBWPiwsB+rlHRDz2vx/p4nFpuWged1gpO4D+WbI/v3FLMG+KL++gGaHJ33U5whA0xMTSn/LHuVZBppiYvXDJ/JjJ9u31u4qmx34IYop2x+3lo+isLtY6HrljIWiHX+3fMnKk0EuZ0qN3B/4w==

Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=wPWn8qIgSkTf1qQnPkxNlH+nSpl9bg445X8+3OS6QM4ynDLv1VRU6D7JdFw2bLibjPo55bgvSrzq1cWBcMmatI11BNiJbeHZLGb3y2cquaSSwVRPy5K7lk9wHktgoBzWb0QQKHxoaqB2cgRXstm0Ehj1lsweCGCj4MkoM50Oz4IF7DqQSml//cfmDfI2oyBGeS/v9WiQ3O0/2pM6e+pv+EVZ6BjQFRWQny8ne2YC3z5/AcsTBGAhvjJUuQbZU1m4ff+DzhPNtHV4gplw00NAKDWgTHb+NxSavk8Bovz8LtZlzr67PmezgxrepWnPW0L9TY6vhXkj3CR5a8frMSQ42Q==

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Mon, 08 Sep 2025 12:49:06 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon Sep 8, 2025 at 1:25 PM CEST, Jan Beulich wrote: > On 08.09.2025 13:04, Alejandro Vallejo wrote: >> On Mon Sep 8, 2025 at 12:19 PM CEST, Jan Beulich wrote: >>> On 07.09.2025 16:37, scan-admin@xxxxxxxxxxxx wrote: >>>> ** CID 1665362: Integer handling issues (INTEGER_OVERFLOW) >>>> /xen/lib/find-next-bit.c: 104 in find_next_zero_bit() >>>> >>>> >>>> _____________________________________________________________________________________________ >>>> *** CID 1665362: Integer handling issues (INTEGER_OVERFLOW) >>>> /xen/lib/find-next-bit.c: 104 in find_next_zero_bit() >>>> 98 } >>>> 99 if (!size) >>>> 100 return result; >>>> 101 tmp = *p; >>>> 102 >>>> 103 found_first: >>>>>>> CID 1665362: Integer handling issues (INTEGER_OVERFLOW) >>>>>>> Expression "0xffffffffffffffffUL << size", where "size" is known to >>>>>>> be equal to 63, overflows the type of "0xffffffffffffffffUL << size", >>>>>>> which is type "unsigned long". >>>> 104 tmp |= ~0UL << size; >>>> 105 if (tmp == ~0UL) /* Are any bits zero? */ >>>> 106 return result + size; /* Nope. */ >>>> 107 found_middle: >>>> 108 return result + ffz(tmp); >>>> 109 } >>> >>> I cannot make sense of their claim. 0xffffffffffffffffUL << 63 is simply >>> 0x8000000000000000UL, isn't it? Where's the overflow there? There also >>> cannot be talk of a 32-bit build, or else ~0UL would have been transformed >>> to 0xffffffffUL. >> >> The offending line LGTM too. >> >> The only credible explanation I can think of is Coverity flagging discarded >> 1s >> on left shifts as loss of precision. >> >> If so, "~((1 << size) - 1)", or "(~0UL >> size) << size" should make it >> happy, >> but surely that error would flare up with all uses of GENMASK() too? > > And with any other non-zero values of "size" here. > > Jan Is this the only issue flagged? Or are there any others of the same kind? It might me easier to spot a pattern with a larger dataset. Cheers, Alejandro

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.