CA-406953: avoid pointer truncation and uninitialised value usage #19
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lindig
approved these changes
Feb 19, 2025
freddy77
approved these changes
Feb 20, 2025
freddy77
reviewed
Feb 20, 2025
The assert here checks for alignment, so technically truncating the upper bits is not wrong, but use the correct size. Signed-off-by: Edwin Török <[email protected]>
Whether we logged on page allocation failures or not depended on `ret` which was always uninitialized. Choose not to log, because logging can delay us by an arbitrary amount, and fencing is time sensitive. Signed-off-by: Edwin Török <[email protected]>
Signed-off-by: Edwin Török <[email protected]>
edwintorok
force-pushed
the
private/edvint/64bit
branch
from
9e3cb95 to
0d774b0
Compare
cleanupwatchdog.c:240:32: warning: cast to smaller integer type 'unsigned int' from 'sched_watchdog_t *' (aka 'struct sched_watchdog *') [-Wpointer-to-int-cast]
240 | hypercall.arg[1] = (__u64) (unsigned int) &arg; // pointer to u64
| ^~~~~~~~~~~~~~~~~~~
Signed-off-by: Edwin Török <[email protected]>
Signed-off-by: Edwin Török <[email protected]>
edwintorok
force-pushed
the
private/edvint/64bit
branch
from
0d774b0 to
458fdc2
Compare
Avoid these warnings: ``` statefileio.c:216:22: warning: cast to smaller integer type 'unsigned int' from 'struct _sf_global *' [-Wpointer-to-int-cast] ``` Signed-off-by: Edwin Török <[email protected]>
edwintorok
force-pushed
the
private/edvint/64bit
branch
from
458fdc2 to
e2f62e5
Compare
|
I've included this commit 1d279d5 into this PR, because without it we get another pointer-to-int-cast (which is an error now). This one calculates an offset, and that one won't exceed 32-bit, but still better to avoid the truncation. |
freddy77
approved these changes
Feb 21, 2025
edwintorok
added a commit
to edwintorok/xha
that referenced
this pull request
Feb 21, 2025
CA-406953: avoid pointer truncation and uninitialised value usage
edwintorok
added a commit
to edwintorok/xha
that referenced
this pull request
Feb 21, 2025
CA-406953: avoid pointer truncation and uninitialised value usage
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Looks like
xhanever got ported to 64-bit and still has a lot of 32-bit specific code.When casting a pointer to integer we should use
uintptr_t, which matches the size of a pointer (32-bit on 32-bit platforms, 64-bit on 64-bit platforms).Otherwise we may lose the upper 32-bit of a pointer in hypercall arguments, which will likely cause the hypercall to fail.
Found by compiler warnings (GCC/Clang).
There are more compiler warnings that we should fix, but they are not so critical as this one.