From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Fabiano Rosas <farosas@suse.de>
Cc: qemu-devel@nongnu.org, "Peter Xu" <peterx@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Peter Maydell" <peter.maydell@linaro.org>
Subject: Re: [PATCH 1/2] migration: Fix postcopy latency distribution formatting computation
Date: Thu, 17 Jul 2025 14:31:58 +0100 [thread overview]
Message-ID: <aHj7Ti_uzPv2Qshx@redhat.com> (raw)
In-Reply-To: <20250715124552.28038-2-farosas@suse.de>
On Tue, Jul 15, 2025 at 09:45:51AM -0300, Fabiano Rosas wrote:
> Coverity has caught a bug in the formatting of time intervals for
> postcopy latency distribution display in 'info migrate'.
>
> While bounds checking the labels array, sizeof is incorrectly being
> used. ARRAY_SIZE is the correct form of obtaining the size of an
> array.
>
> Fixes: 3345fb3b6d ("migration/postcopy: Add latency distribution report for blocktime")
> Resolves: Coverity CID 1612248
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Fabiano Rosas <farosas@suse.de>
> ---
> migration/migration-hmp-cmds.c | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/migration/migration-hmp-cmds.c b/migration/migration-hmp-cmds.c
> index cef5608210..bb954881d7 100644
> --- a/migration/migration-hmp-cmds.c
> +++ b/migration/migration-hmp-cmds.c
> @@ -57,11 +57,9 @@ static const gchar *format_time_str(uint64_t us)
> const char *units[] = {"us", "ms", "sec"};
> int index = 0;
>
> - while (us > 1000) {
> + while (us > 1000 && index + 1 < ARRAY_SIZE(units)) {
> us /= 1000;
> - if (++index >= (sizeof(units) - 1)) {
> - break;
> - }
> + index++;
> }
>
> return g_strdup_printf("%"PRIu64" %s", us, units[index]);
It occurrs to me that this is the same basic algorithmic problem as
converting storage sizes from bytes to KB/MB/GB/etc.
We have size_to_str() which does this conversion without needing any
loop at all.
Then there is freq_to_str() which has similar purpose but still uses
a loop, instead of the shortcut size_to_str has.
IMHO we should have a 'scaled_int_to_str' method that is common to
any place we need such scaled integer string conversions, and then
wrappers like "size_to_str", "freq_to_str" and "duration_to_str"
that pass in the required list of unit strings, and the divisor
and requested decimal precision, etc.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2025-07-17 15:40 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-15 12:45 [PATCH 0/2] migration: Fix possible access out of bounds Fabiano Rosas
2025-07-15 12:45 ` [PATCH 1/2] migration: Fix postcopy latency distribution formatting computation Fabiano Rosas
2025-07-15 14:01 ` Philippe Mathieu-Daudé
2025-07-16 10:26 ` Prasad Pandit
2025-07-16 13:36 ` Fabiano Rosas
2025-07-17 6:28 ` Prasad Pandit
2025-07-17 12:35 ` Fabiano Rosas
2025-07-17 13:31 ` Daniel P. Berrangé [this message]
2025-07-15 12:45 ` [PATCH 2/2] cutils: Add time_us_to_str Fabiano Rosas
2025-07-15 14:02 ` Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aHj7Ti_uzPv2Qshx@redhat.com \
--to=berrange@redhat.com \
--cc=farosas@suse.de \
--cc=peter.maydell@linaro.org \
--cc=peterx@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.