From: Stephen Hemminger <stephen@networkplumber.org>
To: Andrew Rybchenko <arybchenko@solarflare.com>
Cc: <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH 1/4] net/failsafe: avoid rte_memcpy if rte_realloc fails
Date: Wed, 7 Nov 2018 10:15:02 -0800 [thread overview]
Message-ID: <20181107101502.2cbaffde@shemminger-XPS-13-9360> (raw)
In-Reply-To: <5d2c4750-b418-c4fe-4e20-d7cc7ca4efe7@solarflare.com>
On Wed, 7 Nov 2018 09:30:13 +0300
Andrew Rybchenko <arybchenko@solarflare.com> wrote:
> On 11/6/18 10:30 PM, Stephen Hemminger wrote:
> > There is a potential issue seen by static tools if number of multicast
> > addresses is zero, and rte_realloc of zero size fails (ie returns NULL).
> > This won't happen in real world for a couple of reasons: Azure doesn't
> > support multicast (ie this is dead code);
>
> Is it guaranteed that Azure is the only user of the code?
> Sorry, it does not sound like an argument at all.
There are no guarantees in life...
Failsafe in DPDK is probably only useful with Azure.
AWS, GCP, and other clouds handle virtual networking differently.
There has been some talk of doing similar things with KVM, but the device
model is different there. Failsafe makes some assumptions about device
layering that are specific to Azure. It also has some generalizations about
cases that will never matter.
Vdev_netvsc is definitely Azure specific. It will be deprecated once
netvsc PMD is more widely supported.
>
> > and rte_realloc of zero size
> > will never fail, but safe to just always return -ENOMEM of realloc fails.
>
> It is false statement. If ptr is NULL, rte_malloc() is used which explicitly
> returns NULL if size is 0.
>
> > Coverity issue: 323487
>
> It is 100% false alarm from Coverity. rte_memcpy() does nothing
> if size is 0 and it is zero if number of addresses is zero.
> If we really want to cope with it (I'm not sure), just do rte_memcpy()
> in else branch. And it should explained in the comment that it is
> required to address false issue from static analysis tool only.
>
> Other option is to add check for dummy set (zero number of addresses
> when it is already zero, but it is extra lines of code and extra logic which
> is not actually required here. So, more harm from my point of view.
We are in agreement, it is a false alarm because:
* Coverity assumes that memcpy and rte_memcpy have same semantics.
* the case can't never happen
Any solution is fine because of that. You could flag it as false in Coverity
or change code to avoid warning. Just want to get it fixed, don't care how.
next prev parent reply other threads:[~2018-11-07 18:15 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-06 19:30 [dpdk-dev] [PATCH 0/4] Coverity issue fixes Stephen Hemminger
2018-11-06 19:30 ` [dpdk-dev] [PATCH 1/4] net/failsafe: avoid rte_memcpy if rte_realloc fails Stephen Hemminger
2018-11-07 6:30 ` Andrew Rybchenko
2018-11-07 18:15 ` Stephen Hemminger [this message]
2018-11-08 6:20 ` Andrew Rybchenko
2018-11-06 19:30 ` [dpdk-dev] [PATCH 2/4] bus/vmbus: fix directory handle leak on error Stephen Hemminger
2018-11-06 19:30 ` [dpdk-dev] [PATCH 3/4] net/tap: fix file descriptor " Stephen Hemminger
2018-11-07 10:02 ` Wiles, Keith
2018-11-06 19:30 ` [dpdk-dev] [PATCH 4/4] net/tap: fix warning about comparison of fd Stephen Hemminger
2018-11-07 10:03 ` Wiles, Keith
2018-11-14 1:00 ` [dpdk-dev] [PATCH 0/4] Coverity issue fixes Thomas Monjalon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181107101502.2cbaffde@shemminger-XPS-13-9360 \
--to=stephen@networkplumber.org \
--cc=arybchenko@solarflare.com \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).