From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753894AbdEJPvq (ORCPT ); Wed, 10 May 2017 11:51:46 -0400 Received: from mail-db5eur01on0084.outbound.protection.outlook.com ([104.47.2.84]:59648 "EHLO EUR01-DB5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753563AbdEJPvo (ORCPT ); Wed, 10 May 2017 11:51:44 -0400 Authentication-Results: embeddedor.com; dkim=none (message not signed) header.d=none;embeddedor.com; dmarc=none action=none header.from=mellanox.com; Date: Wed, 10 May 2017 18:51:31 +0300 From: Ido Schimmel To: "Gustavo A. R. Silva" CC: Jiri Pirko , , Subject: Re: [net-mellanox] question about potential null pointer dereference Message-ID: <20170510155131.GA11944@splinter.mtl.com> References: <20170510103659.Horde.a0uOuKuhfTuy1DbqQ378EHK@gator4166.hostgator.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: <20170510103659.Horde.a0uOuKuhfTuy1DbqQ378EHK@gator4166.hostgator.com> User-Agent: Mutt/1.8.0 (2017-02-23) X-Originating-IP: [193.47.165.251] X-ClientProxiedBy: DB6PR1001CA0018.EURPRD10.PROD.OUTLOOK.COM (10.171.79.28) To HE1PR0501MB2010.eurprd05.prod.outlook.com (10.167.245.140) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 70ffe317-7c80-4dba-a784-08d497bc7346 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(22001)(48565401081)(201703131423075)(201703031133081);SRVR:HE1PR0501MB2010; X-Microsoft-Exchange-Diagnostics: 1;HE1PR0501MB2010;3:Fn461vCS0ncWOwupsBgJKhejJRYFivR6fj5NM10VuBmdIqTfgaeyOs6ZiHGkQhYX10vlLFaJbZtzct3i9fhhRuEruStKN5CgVxcAJ01FOethNnVjUUhgTmuqpnAEUDs5XQvO3DF8FWuey/J3LOz8sLrWFDZqOgK36j0rV+dmSJIKv1htrOlX53QoNLQ9xEDcrcxIo1u2CXoudhzlAmAc6H6+hrpRbKT2pcS+6EkXnXQHtkE3CKckxriGQjclPvFWdykmuw1+wigawu2I1G8aFY9RDfkzmz0ozaSZkIxERSeBa5/1dcZWToIohveqtLIiLyKPwpFTzMMvX0Xr9S+RIQU6dbye24I6kQn9Uc0ZDQE=;25:FWHxhdQuAWxZxJcF9ivAuwbQaLpk7Ek+sMemZ2p6lleTCEMSD+xWOtXV/UeI4gmH9Up/IcTnrowcFVNyWJ/vTCugiJ1Kg6YO5Voaa2LObVzw4bzFxaQodi5GGv+RtwbdgpJb4J+zrXYuMT+j5ehDhyDbeLeJTcSfJIHuML0mDhjcVt3zE+nzw72w7LIMVIxo5L5ChRj08H4qnmx7Uw7mt5FQLsPlunTOUrmVTnBgBvl8G4qgi5UiltFEZ+EacYMty2Ipbywlv2IPjWx2NSL2dhmfmtsKtrUKzhtAle7aXX96qe05uvy4fiCXdzJm8qjVu+HmW2lrGQEcJJqk2mfKMf5WPBfSal0AFlot5ayRw0Iufs28QlQElllm5xmTa1hbnqqRTHyA6dNmAmsOyXc0S+XShc8B9qVi/Ui+x6610hMz50dT68KNek7pXyeaPrbX5AcRyF6pZ/g4LwkOkL9aXfgpzLYfaSZv0l5JyGW2aWo= X-Microsoft-Exchange-Diagnostics: 1;HE1PR0501MB2010;31:6lyZ8lvCsxkGRTCJ00uzMXlxmeMQWRhNR+VHtZokWL2mOWBCPDLLlzEoZpilUEruMVrG/RFJ8K4jn4CiRodHKW4jnh8ZmST+z5tonfBxEQShcn3bs+eiGgQa+eGWG3K1a4I7S1In72MunrVMqeMmDvSnmTpsmIZQVxrF1xYPWikuiTkjSUnYKgK4kdj3fEDv8mhxY7sVsSr8dYFbI0CQaWlstvQguR6cVDdwWiuKWjG/Dc04B+UVNVvpMH2t3ttD;20:XrhnoyIm/RVcrtUfvY37l/nRRVkPKJFR0RUCBGEQ62J4aqU7V8JllY27hotlYjjY8xD+JE7KFlM9ZitlhLUGwUtX1gH/cJkFC5mmXVD944LMtaJqQdQquHt8Oh0xeKcucU/GzVlCiVaeESbfg23m1WU8o0G6GSjtwJMH7MSrQtOmCOJYMSk0HiVaURwJ2iwbRG6XNE5S+e4PpBRnjWppJXP9wk3iLE+SlY67iv1BLtazQ9y6Li65y97leB2DxWyslQ6clrgVGfvcroty1s3KG9ratP7gqZY68J8vnxb0lTp5NeFrSusHpDBp8RpdqOFF1lRA/b+6yvU5Q9LsqweFtkuIM3bijfDcorPuJGt672Uh3gReUYa1w5UKQoom+dI7F1gcqBtUmKNFlI0k3pgvJx+LoENh5bEYyh2NcRJp+y2CUYBuYQ4+TGCY9f7yvMiIV5PJWA825x80JSLHFvojapppviFsQArqR9vLGDsJXinkXe9RdftgXQnctqMomlQn X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:(166708455590820); X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(601004)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(6055026)(6041248)(20161123558100)(20161123564025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123555025)(20161123560025)(20161123562025)(6072148);SRVR:HE1PR0501MB2010;BCL:0;PCL:0;RULEID:;SRVR:HE1PR0501MB2010; X-Microsoft-Exchange-Diagnostics: 1;HE1PR0501MB2010;4:p1dtvF6KMiRvufSak1zpKgZgp1m4B/M4mk9+L8/n0Fg5ggCj9mXC7ohLQVWs3bKiywtXeRXrDBpUkEKXk+h2bmei24c+QpF4fa1BUvv5icBJodgPFxau1uXf6mDWvdUbm1KN5CTXLBGrwOW9P2BlHo4k3z29gejFLAo25JpkXkdJSqr32xXYwiBA9NBEeLAocnbD7/vNyqc6lwi8SRokSUk+T5f8xJVvND65OaLfRbmD+H1XeGPKRCyXjSEzZyQQp+/ROlnNMc4Y4j9AnZHPOKHhmp8v4p/Irtqpk/zswtiLV1Sl12xet9rVsDArnagpcgRIm+egYV5imxG1NBQdlfpJ5jryvhQHRYh06YfhI772R9XKKXzaLs8LPvaNxN6NQb7l1tW82nBaEeQNamx6fMnDYm8YV5qSEHUvPoMtDTxOpBlLRiyKrXYiyZzJNCCnf2mRWswFbtiJj4gTyMOPC2yvlCX5UEp1SdBcNldhZXhiAEHtTK1xNZD/e1BGQHWr4O/9Rsy/eVq+yS/rzGBb2yOUaRgZgzg74aXilIKiPkCt7IisXtcKXk8mIEoNjA27NYXbXTeFTxpByeBzSgdmey3153xf1X80sbqKT0DTg/9RzTaKKe+nZnzNcjJA9sXB3MlRJmvp+zP8skBGI3Gaw8NroNgxezNEdqjRMVcM5zThRmXnFO2XXxLJwr7cv00P7SVNrB5uys7IYxcS5A5bEhquHrZU4y3bAS1jgvHyOTXHv4/SjH5g1xQ+n8DLaLZcFNKn11IneZaxaarCHZ3O/bir6DIw4/fnTiFebxWz3b9cY9QBJ/D9LlEYgEPkf/YvKVcYdOGh1hNwo0BZ4X0VxbFKYVGWGCpx8Bvjt3LeV0w= X-Forefront-PRVS: 03030B9493 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(4630300001)(979002)(6069001)(6009001)(39860400002)(39400400002)(39850400002)(39450400003)(39840400002)(39410400002)(53754006)(24454002)(305945005)(86362001)(7736002)(6486002)(54906002)(2906002)(97756001)(66066001)(106356001)(42186005)(25786009)(189998001)(3846002)(4001350100001)(23726003)(1076002)(4326008)(6116002)(33656002)(47776003)(6306002)(53936002)(478600001)(38730400002)(5660300001)(6496005)(83506001)(50466002)(76506005)(8676002)(54356999)(81166006)(76176999)(6666003)(6916009)(110136004)(2950100002)(50986999)(9686003)(229853002)(6246003)(46406003)(18370500001)(969003)(989001)(999001)(1009001)(1019001);DIR:OUT;SFP:1101;SCL:1;SRVR:HE1PR0501MB2010;H:localhost;FPR:;SPF:None;MLV:ovrnspm;PTR:InfoNoRecords;LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;HE1PR0501MB2010;23:TcYGl4PlBVmj26XVuMR/5yl6cRCO1vW++aEyO6W?= =?us-ascii?Q?/jj/8KJeHN7gturkW8TupTQj9wszAsf3qubcpLA4a85iLfoL/pREXNkp3fBl?= =?us-ascii?Q?9/wkseO/kiKMaeBDtit5UczNuDKCmReP5pvphXPByMT8O37HOTA8FDdiyijR?= =?us-ascii?Q?YdALeFIP3rBgCY0yJEOrAQTfiyEn/ZW/Bb7dTROF7HBOJ84QrlZF7Kinm7X5?= =?us-ascii?Q?vbJA7Z7NpDAWyKtTu4oDrR9PxD65uy4QryX05hIak/kzn9RI1xB6PBs7bsIT?= =?us-ascii?Q?Ed5fD1Bz+R54X9//rMC2G3nZIJ2jqNUdBJmzLuihdv/mWzmWp/PxdoSs5jFy?= =?us-ascii?Q?MzV2cpx/jemH9QIIDnf1qF6SkAxScU9XgJa3tqlOIzi9F4dkPdYbvr44Q5ZF?= =?us-ascii?Q?tR9VaIcvZHB/qndoQk+FhczLiQPY/dEUuATZ3hQuxyh2De3PKqude5eWr0lT?= =?us-ascii?Q?Jb4mh/vFSJkW3SOrQyBFyt9gt2H2AaSE1vOiuaVyoeJXxXiFx1WQQs1G5Eer?= =?us-ascii?Q?iEns2dzc2p78oM1oPbC89joIQi/Qit0O6is3zGRmu1L1KSumSNB6efpGPG3E?= =?us-ascii?Q?I7lPp1YzVKK3XzXMw38TScMW9WnDbNiX5bYXpkn7jmOCrDXZz+fWUBEglsGf?= =?us-ascii?Q?8GtJ1EvMkaQJwjm5OgOk07Tk8x1npK1pl90Q0Bmsx4L/ysP607tykl2bTg7T?= =?us-ascii?Q?y95XlajW8Tx0v1slDDmNS9x6dzGi3j7wlugMseTE0NfY6q7UQJ3zen7oy3Rm?= =?us-ascii?Q?glODAkDwTu4UyfXbCRn7Wfbwqk1ILLFBbzwbkD9T5ifdUuHdMWge0CkZ5LOv?= =?us-ascii?Q?/XgdmtXYmwnlJCRhWgnBDAhKm6PzFDlh8chV4/JeXcI7RP2hqPyBmowOGWtG?= =?us-ascii?Q?ht4Nf5/pgbaRptxCvsyo0FzGalCJ67TBoiHIlSfJEMtr4S+6e7+GXKjZHcrA?= =?us-ascii?Q?Mhm+rGp+I32V8vdMCk6h2M2l2r3QZJBU92QTBnkH4ZArzxuI0+p3xXLMLO4M?= =?us-ascii?Q?XZGkp8wl0m2eA5uJgDwbOerabaDLVYoL2mBvyKRRW2yQE0xWghXh6XtMVYyp?= =?us-ascii?Q?ftG9BDjjmbmywUgs3cfksRu0c9E+2x8GbDNANpH4ctNk59faqrGEF/oiQ9iY?= =?us-ascii?Q?7kBdRhMeZJLk1iq5i9NXkrIrARKFtO0HFamxijgwqgsVjfvE695PVDpfKuf/?= =?us-ascii?Q?dNAOEv1nWy5qBViC0QIxEUMdQyAI+Hvs4FB/3ymhXPqicNmSleJYSjM2IJfV?= =?us-ascii?Q?EWeSKUkW7rK1g2DwvA3wSqdEn/IJd2xZW5pdm/92elv+YDK1BqGgmfw49T+A?= =?us-ascii?Q?7PJEYZJkIzeHMCgYvMU3ZZ20hV1rS65PeMgfvJngUGqZ5Dhf5d2doP/hNc5h?= =?us-ascii?Q?dTMw54rXPdId8F++rJx0bBRFV/5nMXDK7dAylAZcOGmE63rB/Uy/ZpEsJwtB?= =?us-ascii?Q?rjXKTFn9vKg=3D=3D?= X-Microsoft-Exchange-Diagnostics: 1;HE1PR0501MB2010;6:SOD/Tfxv7eV+Aq6X819s1q9Ljbkh0wnHetHvU7nSC1Uv1oPY0T77zjM5Gqy8UJrDeSh/lCvj/D+mImjK5J/E36MeRkUP6oBwz7AKG1EwMwofJT1tlaWn9J0gH+c1XZiLqYttnwSH+NBp7niupjoJgc7Ve4rYB1m+4zfP8cs4xyw5gTS1xXD+1GnLJDfUS3I44o+9hhFLu+RAW1usajZ8u3jIPPXYOnlNFdgTPnkDMWOwbcBBUzphxjl5/Z0Z/LMiBiDhtR31KWE6KMbCvwJo7NxrvYAgFlYjx6frTXBpHbmjUxqF3MBbMyzVFBJMZtksHDqwGnaCLVa0xDZ+LmRhCPtObwBx8MMWBZQkh+rX49gGuAXaXyABrtcE1ph0qF8epJXisjxDb1E6Pgt7JQF5JVPxcFP+4JEJVTNL1ZCgkTkzLzg4nOs9x6/Xn3+NIq6pkJoVMic9meHc7aIah8+oKDfEh2kkeHCUK2hUw0obldg+jxQjvVQB8nh8UVIO3bnY2yeoaazHEYJf2MZsfzRHx8gL2AlnXgeEVeI4NvsyJz8=;5:7QVriT87ooiTuCIWr/12L0c752D4bZR1hUCLx3JsONmabv5qh+PRRa4kTTzPQosRDbjszTPjKp5UksCBnD3pSfu+hapK9hkBdx2sGjZKTK0jJLX/98+dgDsWGo178dyImD+veAfhvzvS8wT8K5BhGg==;24:vxhss1Mr1NscwlCt0Zx4MvtBFod8ZGph/x0CbePI63RSEeo4g1UajZOJZDoLlL/0vtnWKU/4DlGK36u+wzlaYfLIzY5oWOpufqLSYx4heYQ= SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;HE1PR0501MB2010;7:ZdqewajyoR9cbtGUYPGVBns9ssGJi5NimQU29MWBGYDXSTVVm5FCKhZIObtRKIu5xzzMJ0me4FVWO34CuEMIGasUBGI9dcJsEpGv+OmenkT5eLAy8weaB1k7YDeOjYlzOj2b6ZBUhlEGshdCeQX7z79QhGTMVMw80b9L76GwDCG9fCQ4OL04pRwyJuJzYdThDGg6N1+7esT4zPwUlO7bhraT5XdmU+wASc3QV1SZ0vH3NOfvKRdP7YdNvDMJgYHMpGny86Y8fAfnx9rLEprF7Jq9ZJgXuT5v46kOyJIyejHFYRQ0WVjRI3DnXRR+/nSX8BiH/ozifcojWHNOuryxFg== X-OriginatorOrg: Mellanox.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 May 2017 15:51:40.6355 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0501MB2010 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, May 10, 2017 at 10:36:59AM -0500, Gustavo A. R. Silva wrote: > > Hello everybody, > > While looking into Coverity ID 1350941 I ran into the following piece of > code at drivers/net/ethernet/mellanox/mlxsw/spectrum_switchdev.c:1483: > > 1483static void mlxsw_sp_fdb_notify_mac_process(struct mlxsw_sp *mlxsw_sp, > 1484 char *sfn_pl, int rec_index, > 1485 bool adding) > 1486{ > 1487 struct mlxsw_sp_port *mlxsw_sp_port; > 1488 char mac[ETH_ALEN]; > 1489 u8 local_port; > 1490 u16 vid, fid; > 1491 bool do_notification = true; > 1492 int err; > 1493 > 1494 mlxsw_reg_sfn_mac_unpack(sfn_pl, rec_index, mac, &fid, > &local_port); > 1495 mlxsw_sp_port = mlxsw_sp->ports[local_port]; > 1496 if (!mlxsw_sp_port) { > 1497 dev_err_ratelimited(mlxsw_sp->bus_info->dev, "Incorrect > local port in FDB notification\n"); > 1498 goto just_remove; > 1499 } > 1500 > 1501 if (mlxsw_sp_fid_is_vfid(fid)) { > 1502 struct mlxsw_sp_port *mlxsw_sp_vport; > 1503 > 1504 mlxsw_sp_vport = > mlxsw_sp_port_vport_find_by_fid(mlxsw_sp_port, > 1505 fid); > 1506 if (!mlxsw_sp_vport) { > 1507 netdev_err(mlxsw_sp_port->dev, "Failed to find a > matching vPort following FDB notification\n"); > 1508 goto just_remove; > 1509 } > 1510 vid = 0; > 1511 /* Override the physical port with the vPort. */ > 1512 mlxsw_sp_port = mlxsw_sp_vport; > 1513 } else { > 1514 vid = fid; > 1515 } > 1516 > 1517do_fdb_op: > 1518 err = mlxsw_sp_port_fdb_uc_op(mlxsw_sp, local_port, mac, fid, > 1519 adding, true); > 1520 if (err) { > 1521 if (net_ratelimit()) > 1522 netdev_err(mlxsw_sp_port->dev, "Failed to set > FDB entry\n"); > 1523 return; > 1524 } > 1525 > 1526 if (!do_notification) > 1527 return; > 1528 mlxsw_sp_fdb_call_notifiers(mlxsw_sp_port->learning_sync, > 1529 adding, mac, vid, mlxsw_sp_port->dev); > 1530 return; > 1531 > 1532just_remove: > 1533 adding = false; > 1534 do_notification = false; > 1535 goto do_fdb_op; > 1536} > > > The issue here is that line 1496 implies that mlxsw_sp_port might be NULL. > If this is the case, the execution path jumps to line 1532 and then to line > 1517. All this could end up dereferencing a NULL pointer at line 1522. > > Is there any chance for mlxsw_sp_port to be NULL at line 1496 and, at the > same time, a NULL pointer dereference occurs at line 1522? > > I'm trying to figure out if this is a false positive or something that > actually needs to be fixed. In theory, yes, it can happen, but it didn't happen yet. I recently patched that and now it's in Jiri's queue. I guess he'll send it tomorrow. https://github.com/jpirko/linux_mlxsw/commit/4160fb9ad6eeacba7736cfdbf7f52248432c2e89 Thanks for looking into this! > > I'd really appreciate any comment on this. > Thank you! > -- > Gustavo A. R. Silva