On 2025-08-28 10:17, Dmytro Prokopchuk1 wrote:
Resolve infinite loop issue in the 'fail:' cleanup path of the function
'assign_shared_memory()'. The issue was caused by an 'unsigned long'
type
for the loop counter 'i', which could underflow and wrap around,
violating
termination conditions.
Change 'i' to a signed data type ('long') to ensure safe termination of
the 'while (--i >= 0)' loop.
Then this likely should have Fixes tag. The R14.3 violation was found
after adding CONFIG_UNSUPPORTED=y to analyze.yaml?
This change adheres to MISRA Rule R14.3: "Controlling expressions shall
not be invariant."
Signed-off-by: Dmytro Prokopchuk <dmytro_prokopch...@epam.com>
---
xen/common/device-tree/static-shmem.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/xen/common/device-tree/static-shmem.c
b/xen/common/device-tree/static-shmem.c
index 8023c0a484..b4c772466c 100644
--- a/xen/common/device-tree/static-shmem.c
+++ b/xen/common/device-tree/static-shmem.c
@@ -134,7 +134,8 @@ static int __init assign_shared_memory(struct
domain *d, paddr_t gbase,
{
mfn_t smfn;
int ret = 0;
- unsigned long nr_pages, nr_borrowers, i;
+ unsigned long nr_pages, nr_borrowers;
+ long i;
struct page_info *page;
paddr_t pbase, psize;
--
Nicola Vetrini, B.Sc.
Software Engineer
BUGSENG (https://bugseng.com)
LinkedIn: https://www.linkedin.com/in/nicola-vetrini-a42471253
