[libvirt] [PATCH 11/11] hypervisor: Revisit Coverity issues regarding cpumap

Jim Fehlig jfehlig at suse.com
Fri Feb 8 03:21:49 UTC 2013


John Ferlan wrote:
> Turns out the issue regarding ptr_arith and sign_exension weren't false
> positives. When shifting an 'unsigned char' as a target, it gets promoted
> to an 'int'; however, that 'int' cannot be shifted 32 bits which was how
> the algorithm was written. For the ptr_arith rather than index into the
> cpumap, change the to address as necessary and assign directly.
> ---
>  src/xen/xen_hypervisor.c | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
>   

IIRC, you and Eric have been discussing this change.  I hope Eric can
take a look since he has superior knowledge here :).

Regards,
Jim

> diff --git a/src/xen/xen_hypervisor.c b/src/xen/xen_hypervisor.c
> index 186f0c7..3ea70a2 100644
> --- a/src/xen/xen_hypervisor.c
> +++ b/src/xen/xen_hypervisor.c
> @@ -1766,17 +1766,17 @@ virXen_setvcpumap(int handle, int id, unsigned int vcpu,
>              ret = -1;
>      } else {
>          cpumap_t xen_cpumap; /* limited to 64 CPUs in old hypervisors */
> -        uint64_t *pm = &xen_cpumap;
> +        uint64_t *pm;
>          int j;
>  
>          if ((maplen > (int)sizeof(cpumap_t)) || (sizeof(cpumap_t) & 7))
>              return -1;
>  
> -        memset(pm, 0, sizeof(cpumap_t));
> +        memset(&xen_cpumap, 0, sizeof(cpumap_t));
>          for (j = 0; j < maplen; j++) {
> -            /* coverity[ptr_arith] */
> -            /* coverity[sign_extension] */
> -            *(pm + (j / 8)) |= cpumap[j] << (8 * (j & 7));
> +            if ((j & 7) == 0)
> +                pm = (uint64_t *)((uint64_t)&xen_cpumap + (j & ~0x7UL));
> +            *pm |= (uint64_t)cpumap[j] << (8 * (j & 7));
>          }
>  
>          if (hv_versions.hypervisor == 1) {
>   




More information about the libvir-list mailing list