From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id C613147CE for ; Thu, 11 May 2017 18:47:40 +0200 (CEST) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 May 2017 09:47:39 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.38,325,1491289200"; d="scan'208";a="100915092" Received: from irsmsx108.ger.corp.intel.com ([163.33.3.3]) by fmsmga006.fm.intel.com with ESMTP; 11 May 2017 09:47:38 -0700 Received: from irsmsx104.ger.corp.intel.com ([169.254.5.170]) by IRSMSX108.ger.corp.intel.com ([169.254.11.239]) with mapi id 14.03.0319.002; Thu, 11 May 2017 17:47:37 +0100 From: "Mcnamara, John" To: Stephen Hemminger , Alejandro Lucero , "dev@dpdk.org" Thread-Topic: [dpdk-dev] New Coverity defects in VFIO Thread-Index: AQHSynUuFQdKnrHqVUGImxH10waqVqHvVZhw Date: Thu, 11 May 2017 16:47:37 +0000 Message-ID: References: <20170511093839.7c16ebd0@xeon-e3> In-Reply-To: <20170511093839.7c16ebd0@xeon-e3> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_IC x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNGYzZWQzOWMtZjdlOC00ODc5LWFkZGEtYjAzZDU5MmYzNTcwIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IlpNK1F5d3dHcDBHSE9HRmlmdUcrSm1RZDRUQk9CaTN2RlVCV1NjNVg1OWs9In0= dlp-product: dlpe-windows dlp-version: 10.0.102.7 dlp-reaction: no-action x-originating-ip: [163.33.239.181] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] New Coverity defects in VFIO X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 May 2017 16:47:41 -0000 > -----Original Message----- > From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Stephen Hemminger > Sent: Thursday, May 11, 2017 5:39 PM > To: Alejandro Lucero ; dev@dpdk.org > Subject: [dpdk-dev] New Coverity defects in VFIO >=20 > Looks like obvious C array bounds issues... >=20 Hi Stephen, Thanks for highlighting this, and previous, coverity reports. Just so you know we don't ignore these and after each run I send an automat= ed email to the author of each defect (based on git blame). Nevertheless the number of defects has been creeping up. It is currently ar= ound 70 having been down around 20 several months ago. I will start going through the backlog and pinging authors again in the nex= t few weeks. In the meantime if anyone has open coverity defects against them (check you= r past emails) can you please try to address them in the next few weeks. John > Begin forwarded message: >=20 > Date: Thu, 11 May 2017 06:32:38 -0700 > From: scan-admin@coverity.com > To: stephen@networkplumber.org > Subject: New Defects reported by Coverity Scan for DPDK Data Plane > Development Kit >=20 >=20 > Hi, >=20 > Please find the latest report on new defect(s) introduced to DPDK Data > Plane Development Kit found with Coverity Scan. >=20 > 4 new defect(s) introduced to DPDK Data Plane Development Kit found with > Coverity Scan. > 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the > recent build analyzed by Coverity Scan. >=20 > New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) >=20 >=20 > ** CID 144558: Parse warnings (PARSE_ERROR) > /tmp/auto-config-h.sh.116891.c: 3 in () >=20 >=20 > _________________________________________________________________________= _ > ______________________________ > *** CID 144558: Parse warnings (PARSE_ERROR) > /tmp/auto-config-h.sh.116891.c: 3 in () > 1 #include > 2 > >>> CID 144558: Parse warnings (PARSE_ERROR) > >>> identifier "TCA_FLOWER_KEY_VLAN_PRIO" is undefined >=20 > ** CID 144557: Memory - corruptions (OVERRUN) > /lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put() >=20 >=20 > _________________________________________________________________________= _ > ______________________________ > *** CID 144557: Memory - corruptions (OVERRUN) > /lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put() > 201 int i; > 202 > 203 i =3D get_vfio_group_idx(vfio_group_fd); > 204 if (i < 0 || i > VFIO_MAX_GROUPS) > 205 RTE_LOG(ERR, EAL, " wrong vfio_group index (%d)\n", i); > 206 else > >>> CID 144557: Memory - corruptions (OVERRUN) > >>> Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements a= t > element index 64 (byte offset 768) using index "i" (which evaluates to > 64). > 207 vfio_cfg.vfio_groups[i].devices--; > 208 } > 209 > 210 static int > 211 vfio_group_device_count(int vfio_group_fd) > 212 { >=20 > ** CID 144556: Memory - illegal accesses (OVERRUN) > /lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count() >=20 >=20 > _________________________________________________________________________= _ > ______________________________ > *** CID 144556: Memory - illegal accesses (OVERRUN) > /lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count() > 215 i =3D get_vfio_group_idx(vfio_group_fd); > 216 if (i < 0 || i > VFIO_MAX_GROUPS) { > 217 RTE_LOG(ERR, EAL, " wrong vfio_group index (%d)\n", i); > 218 return -1; > 219 } > 220 > >>> CID 144556: Memory - illegal accesses (OVERRUN) > >>> Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements a= t > element index 64 (byte offset 768) using index "i" (which evaluates to > 64). > 221 return vfio_cfg.vfio_groups[i].devices; > 222 } > 223 > 224 int > 225 clear_group(int vfio_group_fd) > 226 { >=20 > ** CID 144555: Memory - corruptions (OVERRUN) > /lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get() >=20 >=20 > _________________________________________________________________________= _ > ______________________________ > *** CID 144555: Memory - corruptions (OVERRUN) > /lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get() > 189 int i; > 190 > 191 i =3D get_vfio_group_idx(vfio_group_fd); > 192 if (i < 0 || i > VFIO_MAX_GROUPS) > 193 RTE_LOG(ERR, EAL, " wrong vfio_group index (%d)\n", i); > 194 else > >>> CID 144555: Memory - corruptions (OVERRUN) > >>> Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements a= t > element index 64 (byte offset 768) using index "i" (which evaluates to > 64). > 195 vfio_cfg.vfio_groups[i].devices++; > 196 } > 197 > 198 static void > 199 vfio_group_device_put(int vfio_group_fd) > 200 { >=20 >=20 > _________________________________________________________________________= _ > ______________________________ > To view the defects in Coverity Scan visit, > https://u2389337.ct.sendgrid.net/wf/click?upn=3D08onrYu34A-2BWcWUl-2F- > 2BfV0V05UPxvVjWch-2Bd2MGckcRatAu7kfwx-2FEYQLnaewVIzHeicA-2BXVfT6hZ5- > 2BlQUbOEuO498PDBpm2du3zbqLAIkSYNH-2F4pgPd0yf8CgX5U0jRj_5xu02FVv- > 2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsn= a > hFZyjQW3aqTA5h9rz-2BI7CfexKV5NFlSm1lW-2Fiif3a6-2Fu7- > 2Fs613T3n94FacSVILpwmgH4KcYzHtMPdTwJy1kCK02zCViEtNsq- > 2FCKPHCFx1r4p5UV6Psx61JLzOXw56M2GSEUOPo8sP2PR2MWjeCdy5rfIyU-3D >=20 > To manage Coverity Scan email notifications for > "stephen@networkplumber.org", click > https://u2389337.ct.sendgrid.net/wf/click?upn=3D08onrYu34A-2BWcWUl-2F- > 2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP- > 2FA8y06Nq4sKfrkUL5oDv8dgJj5BU3IfRYzaFCVGnOstQOuK3KKCEYrqlxJ2- > 2FPVogkBzkcq1Dg-2FyXbbLWT-2BUFivnCf-2Ffy5pynld3GGM7zvzbDuODpBlYA- > 3D_5xu02FVv- > 2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsn= a > hFZygYSNuU7rrSKQtPVcIi21MDpz6KZwG8nS4KmgXtet9991WL1lHRPs9GRo4zwJ-2Bnb- > 2FTnQYqob6zFOkhFpJ-2FjhXOQt2JMEhg-2FflJvekTxexy1BKKt- > 2FaadTS9JcUmvbkxxm73IxfO8iGv39u0aDGpPB0r8-3D