* Coverity: irdma_fill_device_info(): Null pointer dereferences
@ 2021-06-08 17:56 coverity-bot
2021-06-15 15:58 ` Saleem, Shiraz
0 siblings, 1 reply; 4+ messages in thread
From: coverity-bot @ 2021-06-08 17:56 UTC (permalink / raw)
To: Mustafa Ismail
Cc: Gustavo A. R. Silva, Jason Gunthorpe, Shiraz Saleem,
Gustavo A. R. Silva, linux-next
Hello!
This is an experimental semi-automated report about issues detected by
Coverity from a scan of next-20210608 as part of the linux-next scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan
You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by commits:
Wed Jun 2 19:55:16 2021 -0300
8498a30e1b94 ("RDMA/irdma: Register auxiliary driver and implement private channel OPs")
Coverity reported the following:
*** CID 1505164: Null pointer dereferences (NULL_RETURNS)
/drivers/infiniband/hw/irdma/main.c: 230 in irdma_fill_device_info()
224 rf->gen_ops.register_qset = irdma_lan_register_qset;
225 rf->gen_ops.unregister_qset = irdma_lan_unregister_qset;
226 rf->hw.hw_addr = pf->hw.hw_addr;
227 rf->pcidev = pf->pdev;
228 rf->msix_count = pf->num_rdma_msix;
229 rf->msix_entries = &pf->msix_entries[pf->rdma_base_vector];
vvv CID 1505164: Null pointer dereferences (NULL_RETURNS)
vvv Dereferencing "vsi", which is known to be "NULL".
230 rf->default_vsi.vsi_idx = vsi->vsi_num;
231 rf->protocol_used = IRDMA_ROCE_PROTOCOL_ONLY;
232 rf->rdma_ver = IRDMA_GEN_2;
233 rf->rsrc_profile = IRDMA_HMC_PROFILE_DEFAULT;
234 rf->rst_to = IRDMA_RST_TIMEOUT_HZ;
235 rf->gen_ops.request_reset = irdma_request_reset;
If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include these lines (but double-check the "Fixes" first):
Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1505164 ("Null pointer dereferences")
Fixes: 8498a30e1b94 ("RDMA/irdma: Register auxiliary driver and implement private channel OPs")
Thanks for your attention!
--
Coverity-bot
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: Coverity: irdma_fill_device_info(): Null pointer dereferences
2021-06-08 17:56 Coverity: irdma_fill_device_info(): Null pointer dereferences coverity-bot
@ 2021-06-15 15:58 ` Saleem, Shiraz
2021-06-15 16:01 ` Jason Gunthorpe
0 siblings, 1 reply; 4+ messages in thread
From: Saleem, Shiraz @ 2021-06-15 15:58 UTC (permalink / raw)
To: coverity-bot, Ismail, Mustafa, Nikolova, Tatyana E
Cc: Gustavo A. R. Silva, Jason Gunthorpe, Gustavo A. R. Silva, linux-next
> Subject: Coverity: irdma_fill_device_info(): Null pointer dereferences
>
> Hello!
>
> This is an experimental semi-automated report about issues detected by Coverity
> from a scan of next-20210608 as part of the linux-next scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
>
> You're getting this email because you were associated with the identified lines of
> code (noted below) that were touched by commits:
>
> Wed Jun 2 19:55:16 2021 -0300
> 8498a30e1b94 ("RDMA/irdma: Register auxiliary driver and implement private
> channel OPs")
>
> Coverity reported the following:
>
> *** CID 1505164: Null pointer dereferences (NULL_RETURNS)
> /drivers/infiniband/hw/irdma/main.c: 230 in irdma_fill_device_info()
> 224 rf->gen_ops.register_qset = irdma_lan_register_qset;
> 225 rf->gen_ops.unregister_qset = irdma_lan_unregister_qset;
> 226 rf->hw.hw_addr = pf->hw.hw_addr;
> 227 rf->pcidev = pf->pdev;
> 228 rf->msix_count = pf->num_rdma_msix;
> 229 rf->msix_entries = &pf->msix_entries[pf->rdma_base_vector];
> vvv CID 1505164: Null pointer dereferences (NULL_RETURNS)
> vvv Dereferencing "vsi", which is known to be "NULL".
This is a false +ve IMO.
This vsi object is obtained from the PCI driver's [ice] PF object.
And this pf->vsi is setup in ice_probe and always valid by the time this function
is called from irdma_probe.
> 230 rf->default_vsi.vsi_idx = vsi->vsi_num;
> 231 rf->protocol_used = IRDMA_ROCE_PROTOCOL_ONLY;
> 232 rf->rdma_ver = IRDMA_GEN_2;
> 233 rf->rsrc_profile = IRDMA_HMC_PROFILE_DEFAULT;
> 234 rf->rst_to = IRDMA_RST_TIMEOUT_HZ;
> 235 rf->gen_ops.request_reset = irdma_request_reset;
>
> If this is a false positive, please let us know so we can mark it as such, or teach
> the Coverity rules to be smarter. If not, please make sure fixes get into linux-next.
> :) For patches fixing this, please include these lines (but double-check the "Fixes"
> first):
>
> Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> Addresses-Coverity-ID: 1505164 ("Null pointer dereferences")
> Fixes: 8498a30e1b94 ("RDMA/irdma: Register auxiliary driver and implement
> private channel OPs")
>
> Thanks for your attention!
>
> --
> Coverity-bot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Coverity: irdma_fill_device_info(): Null pointer dereferences
2021-06-15 15:58 ` Saleem, Shiraz
@ 2021-06-15 16:01 ` Jason Gunthorpe
2021-06-17 14:18 ` Saleem, Shiraz
0 siblings, 1 reply; 4+ messages in thread
From: Jason Gunthorpe @ 2021-06-15 16:01 UTC (permalink / raw)
To: Saleem, Shiraz
Cc: coverity-bot, Ismail, Mustafa, Nikolova, Tatyana E,
Gustavo A. R. Silva, Gustavo A. R. Silva, linux-next
On Tue, Jun 15, 2021 at 03:58:52PM +0000, Saleem, Shiraz wrote:
> > Subject: Coverity: irdma_fill_device_info(): Null pointer dereferences
> >
> > Hello!
> >
> > This is an experimental semi-automated report about issues detected by Coverity
> > from a scan of next-20210608 as part of the linux-next scan project:
> > https://scan.coverity.com/projects/linux-next-weekly-scan
> >
> > You're getting this email because you were associated with the identified lines of
> > code (noted below) that were touched by commits:
> >
> > Wed Jun 2 19:55:16 2021 -0300
> > 8498a30e1b94 ("RDMA/irdma: Register auxiliary driver and implement private
> > channel OPs")
> >
> > Coverity reported the following:
> >
> > *** CID 1505164: Null pointer dereferences (NULL_RETURNS)
> > /drivers/infiniband/hw/irdma/main.c: 230 in irdma_fill_device_info()
> > 224 rf->gen_ops.register_qset = irdma_lan_register_qset;
> > 225 rf->gen_ops.unregister_qset = irdma_lan_unregister_qset;
> > 226 rf->hw.hw_addr = pf->hw.hw_addr;
> > 227 rf->pcidev = pf->pdev;
> > 228 rf->msix_count = pf->num_rdma_msix;
> > 229 rf->msix_entries = &pf->msix_entries[pf->rdma_base_vector];
> > vvv CID 1505164: Null pointer dereferences (NULL_RETURNS)
> > vvv Dereferencing "vsi", which is known to be "NULL".
>
> This is a false +ve IMO.
It is because of this:
static inline struct ice_vsi *ice_get_main_vsi(struct ice_pf *pf)
{
if (pf->vsi)
return pf->vsi[0];
return NULL;
}
If the above can't return null it should be rewritten
If something special about this case prevents null it should be
reworked in some way?
Jason
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: Coverity: irdma_fill_device_info(): Null pointer dereferences
2021-06-15 16:01 ` Jason Gunthorpe
@ 2021-06-17 14:18 ` Saleem, Shiraz
0 siblings, 0 replies; 4+ messages in thread
From: Saleem, Shiraz @ 2021-06-17 14:18 UTC (permalink / raw)
To: Jason Gunthorpe
Cc: coverity-bot, Ismail, Mustafa, Nikolova, Tatyana E,
Gustavo A. R. Silva, Gustavo A. R. Silva, linux-next, Nguyen,
Anthony L
> Subject: Re: Coverity: irdma_fill_device_info(): Null pointer dereferences
>
> On Tue, Jun 15, 2021 at 03:58:52PM +0000, Saleem, Shiraz wrote:
> > > Subject: Coverity: irdma_fill_device_info(): Null pointer
> > > dereferences
> > >
> > > Hello!
> > >
> > > This is an experimental semi-automated report about issues detected
> > > by Coverity from a scan of next-20210608 as part of the linux-next scan
> project:
> > > https://scan.coverity.com/projects/linux-next-weekly-scan
> > >
> > > You're getting this email because you were associated with the
> > > identified lines of code (noted below) that were touched by commits:
> > >
> > > Wed Jun 2 19:55:16 2021 -0300
> > > 8498a30e1b94 ("RDMA/irdma: Register auxiliary driver and
> > > implement private channel OPs")
> > >
> > > Coverity reported the following:
> > >
> > > *** CID 1505164: Null pointer dereferences (NULL_RETURNS)
> > > /drivers/infiniband/hw/irdma/main.c: 230 in irdma_fill_device_info()
> > > 224 rf->gen_ops.register_qset = irdma_lan_register_qset;
> > > 225 rf->gen_ops.unregister_qset = irdma_lan_unregister_qset;
> > > 226 rf->hw.hw_addr = pf->hw.hw_addr;
> > > 227 rf->pcidev = pf->pdev;
> > > 228 rf->msix_count = pf->num_rdma_msix;
> > > 229 rf->msix_entries = &pf->msix_entries[pf->rdma_base_vector];
> > > vvv CID 1505164: Null pointer dereferences (NULL_RETURNS)
> > > vvv Dereferencing "vsi", which is known to be "NULL".
> >
> > This is a false +ve IMO.
>
> It is because of this:
>
> static inline struct ice_vsi *ice_get_main_vsi(struct ice_pf *pf) {
> if (pf->vsi)
> return pf->vsi[0];
>
> return NULL;
> }
>
> If the above can't return null it should be rewritten
It does appear on review that the pf->vsi can really never be NULL for paths that call ice_get_main_vsi.
We are running some tests to confirm there is no fallout. And if so, we can just return pf->vsi[0]
as a fix.
Shiraz
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-06-17 14:18 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-08 17:56 Coverity: irdma_fill_device_info(): Null pointer dereferences coverity-bot
2021-06-15 15:58 ` Saleem, Shiraz
2021-06-15 16:01 ` Jason Gunthorpe
2021-06-17 14:18 ` Saleem, Shiraz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).