[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] device-tree: fix infinite loop issue in 'assign_shared_memory()'

  • To: Nicola Vetrini <nicola.vetrini@xxxxxxxxxxx>
  • From: Dmytro Prokopchuk1 <dmytro_prokopchuk1@xxxxxxxx>
  • Date: Thu, 28 Aug 2025 08:59:03 +0000
  • Accept-language: en-US, uk-UA, ru-RU
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=A0lXEm6g+lwJ0lk7JxnilHnI3CE2LfVstsxIveYN5zA=; b=BW6z1xboP3xArRsdxLb4UEUXmbP5ntyTil/hc6qy9KoiuaZ1HhIcBtbwEVelaqiBKcSjobxsTgCvproBUjdV2JXrQk9vnjM5ppJgs/mtcAfoQuQk/advDuNEytUWYLCqACoR6M0HOenqGRnv/tX2u2NF+vZL3smk2va+8dHBhu8sSAzrxBOdyP1Wak+NojSjE6ISsLoQMDSXs68+pXLczaRIgZiAgCVW/VTo6lPwOwle2d93fN4b+WHP9aY13iNZlX9cbgWlETUhta1f/5z/+IKvIzK037xm33Pv/w07VBWbCrIbf04fQbBkfJRmkfiXERk2M82RjjSMTBPriLYt/g==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=HFg9KiH7N3mFdIdh9JZ89PhhAgCn65AZRPqWrIKteCUAhlLXk7q2h/71bsmMq2EZ+qOIsWqX6FrSHpamgg5iMw4Aqe4rjtCnj70z8+gmxiG5jVzA0qFMo8n7Ew1QIkIw8hHo/RCTyx/fBFpvB5bCtkMpoKH2IyaWRAOks/Ew0fFPJFosRl4XFgqjV5kndx/eEIszvobH8eEmPUOB1SJyBSknqZ5TKiew/f3kRUpVdEN1yeGD5uBEep1BFSpuI8Q6oNwwmHFXbJ0bISWAWyuxjIOsoplC/E0+lKvrH/UJJ1yMiVtvWBE7gZELP60EjrmIijkxxzjIaIcDw8J7+2oQfQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=epam.com;
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>
  • Delivery-date: Thu, 28 Aug 2025 08:59:15 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHcF/Q482rbLahQD0qhywmRaenDcbR3vFaAgAAHwoA=
  • Thread-topic: [PATCH] device-tree: fix infinite loop issue in 'assign_shared_memory()'

On 8/28/25 11:31, Nicola Vetrini wrote:
> On 2025-08-28 10:17, Dmytro Prokopchuk1 wrote:
>> Resolve infinite loop issue in the 'fail:' cleanup path of the function
>> 'assign_shared_memory()'. The issue was caused by an 'unsigned long' type
>> for the loop counter 'i', which could underflow and wrap around, 
>> violating
>> termination conditions.
>> Change 'i' to a signed data type ('long') to ensure safe termination of
>> the 'while (--i >= 0)' loop.
>>
> 
> Then this likely should have Fixes tag. The R14.3 violation was found 
> after adding CONFIG_UNSUPPORTED=y to analyze.yaml?
Will add "Fixes".
Yes, with "CONFIG_UNSUPPORTED=y".
> 
>> This change adheres to MISRA Rule R14.3: "Controlling expressions shall
>> not be invariant."
>>
>> Signed-off-by: Dmytro Prokopchuk <dmytro_prokopchuk1@xxxxxxxx>
>> ---
>>  xen/common/device-tree/static-shmem.c | 3 ++-
>>  1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/xen/common/device-tree/static-shmem.c b/xen/common/ 
>> device-tree/static-shmem.c
>> index 8023c0a484..b4c772466c 100644
>> --- a/xen/common/device-tree/static-shmem.c
>> +++ b/xen/common/device-tree/static-shmem.c
>> @@ -134,7 +134,8 @@ static int __init assign_shared_memory(struct 
>> domain *d, paddr_t gbase,
>>  {
>>      mfn_t smfn;
>>      int ret = 0;
>> -    unsigned long nr_pages, nr_borrowers, i;
>> +    unsigned long nr_pages, nr_borrowers;
>> +    long i;
>>      struct page_info *page;
>>      paddr_t pbase, psize;
>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.