From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0A854A0471 for ; Mon, 15 Jul 2019 06:06:26 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 233583423; Mon, 15 Jul 2019 06:06:25 +0200 (CEST) Received: from mail-pf1-f195.google.com (mail-pf1-f195.google.com [209.85.210.195]) by dpdk.org (Postfix) with ESMTP id 8EE2D2E81 for ; Mon, 15 Jul 2019 06:06:23 +0200 (CEST) Received: by mail-pf1-f195.google.com with SMTP id m30so6774791pff.8 for ; Sun, 14 Jul 2019 21:06:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9kDTp85sZn25eglb2yCZ8yCF+d1qu0BHr8Qfc/lih7Y=; b=vonOM4jUeR4/FxO4NpflmLT5K7sG1o2NiGCdhYR09j20DIyCtTYPAShDYTsgQCRW8c KTxMAHnbZmALyO8q1GzrNfIQH6rUuXwuDb9S8gVTsZgSqtw2m8nfVTULgA/me9hsi5P5 cIbw3iPz0XOXH9iqbvb1hMwZonMG4GBrxWJmzyImhphGxJ6t4b2Kz/1rLA7tkl2ooOlD h/r63oFD6xbfBxYWjdDKn0WUB/WhGZJxuGV6O7Px40bE6tB+HWXSbZMO4eNia2BRbe/t UW9Sq3cwdwmUDIG0BpTGj3kIRqZHDrL/8G4zwSyxOQiMUugVHuVLbyDKIFbhz5ukCFhk 24Lg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9kDTp85sZn25eglb2yCZ8yCF+d1qu0BHr8Qfc/lih7Y=; b=H9gWh0A4KnYCSOnmLh9KbGP3OIDtZFhU8S3Sf30LN2pkhCpd+tzTKpY3dDd4nOCMSD KGfPGp2aPaWATh+Cijqj9mPd9aEBRV+QvBe345IYTuXL7i+UDtU5DoFPBcSubbw8RPFP m3kiecCfFQsj3FpSFrVkMaW/7C4rD0wBsL5jtypf8T3q5Y0CsL5jNk7a31iXKc5YLU0r x84MjEHZOaC8Vlj3usJtIKwgfrE1pHNp24N0y0rBu8EDkeGsHGL3qy7KInswFoOsJEMy 4WxHQwIIvtnFtZUAcxlKhv64XFJguP2tM9u+mGc8p8lxx7hwqTVU6ImbRP2GT3Dsf20A DkEA== X-Gm-Message-State: APjAAAW93W8T6VxdsPnKz4+zTUDA7tmSLF7ut5PtjKVJVeOv15pCrlje 2Lqsv1Tyg1uNrTj3Tpz3Azc= X-Google-Smtp-Source: APXvYqw9Lil3qh4buAhRiqykt2ro4FeshR1GIKfRYOnfJ1iyucXaXQPIPXM1OYGSGGMPQSxVuFfXcg== X-Received: by 2002:a65:43c2:: with SMTP id n2mr24737839pgp.110.1563163582504; Sun, 14 Jul 2019 21:06:22 -0700 (PDT) Received: from hermes.lan (204-195-22-127.wavecable.com. [204.195.22.127]) by smtp.gmail.com with ESMTPSA id bg3sm15359846pjb.9.2019.07.14.21.06.21 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Sun, 14 Jul 2019 21:06:22 -0700 (PDT) Date: Sun, 14 Jul 2019 21:06:14 -0700 From: Stephen Hemminger To: Xiao Zhang Cc: dev@dpdk.org, qi.z.zhang@intel.com, xiao.w.wang@intel.com, beilei.xing@intel.com, wenzhuo.lu@intel.com, qiming.yang@intel.com, konstantin.ananyev@intel.com, jingjing.wu@intel.com Message-ID: <20190714210614.3da438a5@hermes.lan> In-Reply-To: <1562949587-8308-1-git-send-email-xiao.zhang@intel.com> References: <1562949587-8308-1-git-send-email-xiao.zhang@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] [DPDK] drivers/net: fix dereference after null check coverity X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On Sat, 13 Jul 2019 00:39:47 +0800 Xiao Zhang wrote: > This patch tries to fix the coverity issues of dereference after null > check. > > Coverity issue: 343452 > Coverity issue: 343447 > Coverity issue: 343422 > Coverity issue: 343416 > Coverity issue: 343407 > Coverity issue: 343403 > Coverity issue: 13245 > > Signed-off-by: Xiao Zhang I think this should be fixed deeper in the vector code. Example for ixgbe. static inline uint16_t reassemble_packets(struct ixgbe_rx_queue *rxq, struct rte_mbuf **rx_bufs, uint16_t nb_bufs, uint8_t *split_flags) { struct rte_mbuf *pkts[nb_bufs]; /*finished pkts*/ struct rte_mbuf *start = rxq->pkt_first_seg; So start is rxq->pkt_first_seg. But caller has already checked for NULL here. It has iterated across the first packets but not updated rxq->first_seg. if (rxq->pkt_first_seg == NULL) { /* find the first split flag, and only reassemble then*/ while (i < nb_bufs && !split_flags[i]) i++; if (i == nb_bufs) return nb_bufs; } return i + reassemble_packets(rxq, &rx_pkts[i], nb_bufs - i,