From mboxrd@z Thu Jan  1 00:00:00 1970
From: Olivier Matz <olivier.matz@6wind.com>
Subject: Re: [PATCH] rte mempool: division or modulo by zero
Date: Mon, 16 May 2016 11:22:32 +0200
Message-ID: <57399158.7020509@6wind.com>
References: <1463057213-4123-1-git-send-email-slawomirx.mrozowicz@intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Cc: dev@dpdk.org
To: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Return-path: <dev-bounces@dpdk.org>
Received: from mail.droids-corp.org (zoll.droids-corp.org [94.23.50.67])
 by dpdk.org (Postfix) with ESMTP id 594938DB1
 for <dev@dpdk.org>; Mon, 16 May 2016 11:22:39 +0200 (CEST)
In-Reply-To: <1463057213-4123-1-git-send-email-slawomirx.mrozowicz@intel.com>
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Hi Slawomir,

On 05/12/2016 02:46 PM, Slawomir Mrozowicz wrote:
> Fix issue reported by Coverity.
> 
> Coverity ID 13243: Division or modulo by zero
> In function call rte_mempool_xmem_size, division by expression total_size
> which may be zero has undefined behavior.
> 
> Fixes: 148f963fb532 ("xen: core library changes")
> 
> Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
> ---
>  lib/librte_mempool/rte_mempool.c | 18 +++++++++++-------
>  1 file changed, 11 insertions(+), 7 deletions(-)
> 
> diff --git a/lib/librte_mempool/rte_mempool.c b/lib/librte_mempool/rte_mempool.c
> index f8781e1..01668c1 100644
> --- a/lib/librte_mempool/rte_mempool.c
> +++ b/lib/librte_mempool/rte_mempool.c
> @@ -327,15 +327,19 @@ rte_mempool_calc_obj_size(uint32_t elt_size, uint32_t flags,
>  size_t
>  rte_mempool_xmem_size(uint32_t elt_num, size_t elt_sz, uint32_t pg_shift)
>  {
> -	size_t n, pg_num, pg_sz, sz;
> +	size_t n, pg_num, pg_sz;
> +	size_t sz = 0;
>  
> -	pg_sz = (size_t)1 << pg_shift;
> +	if (elt_sz > 0) {
> +		pg_sz = (size_t)1 << pg_shift;
> +		n = pg_sz / elt_sz;
>  
> -	if ((n = pg_sz / elt_sz) > 0) {
> -		pg_num = (elt_num + n - 1) / n;
> -		sz = pg_num << pg_shift;
> -	} else {
> -		sz = RTE_ALIGN_CEIL(elt_sz, pg_sz) * elt_num;
> +		if (n > 0) {
> +			pg_num = (elt_num + n - 1) / n;
> +			sz = pg_num << pg_shift;
> +		} else {
> +			sz = RTE_ALIGN_CEIL(elt_sz, pg_sz) * elt_num;
> +		}
>  	}
>  
>  	return sz;
> 

I think it would be clearer (either for the patch and the code) to avoid
an additional indent, and do something like that:

	size_t
	rte_mempool_xmem_size(uint32_t elt_num, size_t elt_sz,
		uint32_t pg_shift)
	{
		if (elt_sz == 0)
			return 0;

		/* same code as before */

It will also facilitate the merge with
http://patchwork.dpdk.org/dev/patchwork/patch/12057/

Could you please submit a v2 with this logic?

Thanks,
Olivier