Re: [kbuild] arch/x86/kvm/x86.c:4988 kvm_arch_tsc_set_attr() warn: check for integer overflow 'offset'

From: Paolo Bonzini
Date: Tue Oct 11 2022 - 09:02:49 EST

Next message: Conor Dooley: "Re: [PATCH v2] riscv: always honor the CONFIG_CMDLINE_FORCE when parsing dtb"
Previous message: Peter Zijlstra: "Re: [PATCH] x86/tsc: Extend the watchdog check exemption to 4S/8S machine"
In reply to: Sean Christopherson: "Re: [kbuild] arch/x86/kvm/x86.c:4988 kvm_arch_tsc_set_attr() warn: check for integer overflow 'offset'"
Next in thread: Dan Carpenter: "Re: [kbuild] arch/x86/kvm/x86.c:4988 kvm_arch_tsc_set_attr() warn: check for integer overflow 'offset'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/10/22 20:39, Sean Christopherson wrote:

828ca89628bfcb Oliver Upton 2021-09-16 @4988 tsc = kvm_scale_tsc(vcpu, rdtsc(), vcpu->arch.l1_tsc_scaling_ratio) + offset;

Smatch hates obvious user triggerable integer overflows... No checking
on offset.

This is ok, and even necessary, e.g. if the host TSC > guest TSC.

(which in fact is the common case). Also this is unsigned which is fine according to the C standard, though I understand that static analyzers want to be stricter.

Is there anything
we can do in KVM to help Smatch avoid false positives? Or do you/Smatch already
maintain a list of known false positives?

Seconded.

Paolo

Next message: Conor Dooley: "Re: [PATCH v2] riscv: always honor the CONFIG_CMDLINE_FORCE when parsing dtb"
Previous message: Peter Zijlstra: "Re: [PATCH] x86/tsc: Extend the watchdog check exemption to 4S/8S machine"
In reply to: Sean Christopherson: "Re: [kbuild] arch/x86/kvm/x86.c:4988 kvm_arch_tsc_set_attr() warn: check for integer overflow 'offset'"
Next in thread: Dan Carpenter: "Re: [kbuild] arch/x86/kvm/x86.c:4988 kvm_arch_tsc_set_attr() warn: check for integer overflow 'offset'"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]