[dpdk-dev] [PATCH] mem: fix overflowed return value

[dpdk-dev] [PATCH] mem: fix overflowed return value

[Michal Kobylinski]

Fix issue reported by Coverity.

Coverity ID 13255: Overflowed return value: The return value will be too
small or even negative, likely resulting in unexpected behavior in a
caller that uses the return value. In rte_mem_virt2phy: An integer
overflow occurs, with the overflowed value used as the return value of
the function

Fixes: 3097de6e6bfb ("mem: get physical address of any pointer")

Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com>
---
 lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
index 5b9132c..6ceca5b 100644
--- a/lib/librte_eal/linuxapp/eal/eal_memory.c
+++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
@@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr)
 	 * the pfn (page frame number) are bits 0-54 (see
 	 * pagemap.txt in linux Documentation)
 	 */
-	physaddr = ((page & 0x7fffffffffffffULL) * page_size)
+	physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size)
 		+ ((unsigned long)virtaddr % page_size);
 	close(fd);
 	return physaddr;
-- 
1.9.1

Re: [dpdk-dev] [PATCH] mem: fix overflowed return value

[Stephen Hemminger]

On Fri, 22 Apr 2016 12:44:18 +0200
Michal Kobylinski <michalx.kobylinski@intel.com> wrote:

> Fix issue reported by Coverity.
> 
> Coverity ID 13255: Overflowed return value: The return value will be too
> small or even negative, likely resulting in unexpected behavior in a
> caller that uses the return value. In rte_mem_virt2phy: An integer
> overflow occurs, with the overflowed value used as the return value of
> the function
> 
> Fixes: 3097de6e6bfb ("mem: get physical address of any pointer")
> 
> Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com>
> ---
>  lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
> index 5b9132c..6ceca5b 100644
> --- a/lib/librte_eal/linuxapp/eal/eal_memory.c
> +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
> @@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr)
>  	 * the pfn (page frame number) are bits 0-54 (see
>  	 * pagemap.txt in linux Documentation)
>  	 */
> -	physaddr = ((page & 0x7fffffffffffffULL) * page_size)
> +	physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size)
>  		+ ((unsigned long)virtaddr % page_size);
>  	close(fd);
>  	return physaddr;

I am not trusting any of these Coverity patches you are sending.
It seems you think wraparound can be just fixed by casting, it can't

Re: [dpdk-dev] [PATCH] mem: fix overflowed return value

[Mrzyglod, DanielX T]

>-----Original Message-----
>From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Stephen Hemminger
>Sent: Friday, April 22, 2016 6:25 PM
>To: Kobylinski, MichalX <michalx.kobylinski@intel.com>
>Cc: thomas.monjalon@6wind.com; dev@dpdk.org
>Subject: Re: [dpdk-dev] [PATCH] mem: fix overflowed return value
>
>On Fri, 22 Apr 2016 12:44:18 +0200
>Michal Kobylinski <michalx.kobylinski@intel.com> wrote:
>
>> Fix issue reported by Coverity.
>>
>> Coverity ID 13255: Overflowed return value: The return value will be too
>> small or even negative, likely resulting in unexpected behavior in a
>> caller that uses the return value. In rte_mem_virt2phy: An integer
>> overflow occurs, with the overflowed value used as the return value of
>> the function
>>
>> Fixes: 3097de6e6bfb ("mem: get physical address of any pointer")
>>
>> Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com>
>> ---
>>  lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c
>b/lib/librte_eal/linuxapp/eal/eal_memory.c
>> index 5b9132c..6ceca5b 100644
>> --- a/lib/librte_eal/linuxapp/eal/eal_memory.c
>> +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
>> @@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr)
>>  	 * the pfn (page frame number) are bits 0-54 (see
>>  	 * pagemap.txt in linux Documentation)
>>  	 */
>> -	physaddr = ((page & 0x7fffffffffffffULL) * page_size)
>> +	physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size)
>>  		+ ((unsigned long)virtaddr % page_size);
>>  	close(fd);
>>  	return physaddr;
>
>I am not trusting any of these Coverity patches you are sending.
>It seems you think wraparound can be just fixed by casting, it can't

>From my point of view it's False Possitive there is no chance that page_size will be bigger than  long.
Coverity Assume that page_size may be 18446744071562067968 but it can't.

Only for glibc<2.1 we probably should change page_size = getpagesize();   to  page_size = sysconf(_SC_PAGESIZE); 
May I change this Coverity to False Positive or I missed something ? What's your opinion ? 

Re: [dpdk-dev] [PATCH] mem: fix overflowed return value

[Jastrzebski, MichalX K]

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Mrzyglod, DanielX
> T
> Sent: Wednesday, June 08, 2016 1:41 PM
> To: Stephen Hemminger <stephen@networkplumber.org>; Kobylinski,
> MichalX <michalx.kobylinski@intel.com>
> Cc: thomas.monjalon@6wind.com; dev@dpdk.org;
> david.marchand@6wind.com
> Subject: Re: [dpdk-dev] [PATCH] mem: fix overflowed return value
> 
> 
> 
> >-----Original Message-----
> >From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Stephen
> Hemminger
> >Sent: Friday, April 22, 2016 6:25 PM
> >To: Kobylinski, MichalX <michalx.kobylinski@intel.com>
> >Cc: thomas.monjalon@6wind.com; dev@dpdk.org
> >Subject: Re: [dpdk-dev] [PATCH] mem: fix overflowed return value
> >
> >On Fri, 22 Apr 2016 12:44:18 +0200
> >Michal Kobylinski <michalx.kobylinski@intel.com> wrote:
> >
> >> Fix issue reported by Coverity.
> >>
> >> Coverity ID 13255: Overflowed return value: The return value will be too
> >> small or even negative, likely resulting in unexpected behavior in a
> >> caller that uses the return value. In rte_mem_virt2phy: An integer
> >> overflow occurs, with the overflowed value used as the return value of
> >> the function
> >>
> >> Fixes: 3097de6e6bfb ("mem: get physical address of any pointer")
> >>
> >> Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com>
> >> ---
> >>  lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c
> >b/lib/librte_eal/linuxapp/eal/eal_memory.c
> >> index 5b9132c..6ceca5b 100644
> >> --- a/lib/librte_eal/linuxapp/eal/eal_memory.c
> >> +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
> >> @@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr)
> >>  	 * the pfn (page frame number) are bits 0-54 (see
> >>  	 * pagemap.txt in linux Documentation)
> >>  	 */
> >> -	physaddr = ((page & 0x7fffffffffffffULL) * page_size)
> >> +	physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size)
> >>  		+ ((unsigned long)virtaddr % page_size);
> >>  	close(fd);
> >>  	return physaddr;
> >
> >I am not trusting any of these Coverity patches you are sending.
> >It seems you think wraparound can be just fixed by casting, it can't
> 
> From my point of view it's False Possitive there is no chance that page_size
> will be bigger than  long.
> Coverity Assume that page_size may be 18446744071562067968 but it can't.
> 
> Only for glibc<2.1 we probably should change page_size = getpagesize();   to
> page_size = sysconf(_SC_PAGESIZE);
> May I change this Coverity to False Positive or I missed something ? What's
> your opinion ?

Hi David,
What is Your opinion about classifying this defect as false/positive? 
We would like to move forward with this work.

Michal