Xen project Mailing List

[Xen-devel] [PATCH] Coverity: Improve model for {, un}map_domain_page()

To: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

Date: Mon, 6 Jan 2020 13:28:59 +0000

Authentication-results: esa3.hc3370-68.iphmx.com; dkim=none (message not signed) header.i=none; spf=None smtp.pra=andrew.cooper3@xxxxxxxxxx; spf=Pass smtp.mailfrom=Andrew.Cooper3@xxxxxxxxxx; spf=None smtp.helo=postmaster@xxxxxxxxxxxxxxx

Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxx>

Delivery-date: Mon, 06 Jan 2020 13:29:15 +0000

Ironport-sdr: Ndi8RPDQtGV0I0H7bNjNXctu+05f3q+L2Eh9rOMmL+/YHa3qRLdB8TgozLCRAwuILUPDhiN+75 0lKv4SO35q2yz25QTMiJWnNoJ9ttcGp1pFqMJaEsOGG7lufkLP1IOwBXPWfRmYyOSUidHmtrrd b9bHEf5jz5X/jQdjzSNPKvOdYt10LCRdym0GKaPAaNw43JHEpW2VAC1XDALemgbP0v6CtbNC/Z rLpJK+MmNBe4eJDk1quZXIrp2WkMp5Wcl0VpvM60972uHtIbP3MlwIsDYvZZMrxYBTL5nC3DTU LIE=

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

The first attempt resulted in several "Free of address-of expression (BAD_FREE)" issues, because of code which relies on the fact that any pointer in the same page is ok to pass to unmap_domain_page() Model this property to remove the issues. Coverity IDs: 1135356 113536{0,1} 1401300 141809{0,1} 1438864 Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> --- CC: George Dunlap <George.Dunlap@xxxxxxxxxxxxx> CC: Ian Jackson <ian.jackson@xxxxxxxxxx> CC: Jan Beulich <JBeulich@xxxxxxxx> CC: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx> CC: Wei Liu <wl@xxxxxxx> CC: Julien Grall <julien@xxxxxxx> As the only way of testing is to upload a new model, this change matches what I've already done in Snapshot 182435. --- misc/coverity/model.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/misc/coverity/model.c b/misc/coverity/model.c index bd62566a0d..1ec3fe8673 100644 --- a/misc/coverity/model.c +++ b/misc/coverity/model.c @@ -82,21 +82,31 @@ void xfree(void *va) * allocation of exactly 1 page. * * map_domain_page() never fails. (It will BUG() before returning NULL) - * - * TODO: work out how to correctly model the behaviour that this function will - * only ever return page aligned pointers. */ void *map_domain_page(unsigned long mfn) { - return __coverity_alloc__(PAGE_SIZE); + unsigned long ptr = (unsigned long)__coverity_alloc__(PAGE_SIZE); + + /* + * Expressing the alignment of the memory allocation isn't possible. As a + * substitute, tell Coverity to ignore any path where ptr isn't page + * aligned. + */ + if ( ptr & ~PAGE_MASK ) + __coverity_panic__(); + + return (void *)ptr; } /* - * unmap_domain_page() will unmap a page. Model it as a free(). + * unmap_domain_page() will unmap a page. Model it as a free(). Any *va + * within the page is valid to pass. */ void unmap_domain_page(const void *va) { - __coverity_free__(va); + unsigned long ptr = (unsigned long)va & PAGE_MASK; + + __coverity_free__((void *)ptr); } /* -- 2.11.0 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.