From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andrew Rybchenko <arybchenko@solarflare.com>
Subject: Re: [PATCH 1/4] net/failsafe: avoid rte_memcpy if
 rte_realloc fails
Date: Wed, 7 Nov 2018 09:30:13 +0300
Message-ID: <5d2c4750-b418-c4fe-4e20-d7cc7ca4efe7@solarflare.com>
References: <20181106193005.5383-1-stephen@networkplumber.org>
 <20181106193005.5383-2-stephen@networkplumber.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format=flowed
Content-Transfer-Encoding: 7bit
To: Stephen Hemminger <stephen@networkplumber.org>, <dev@dpdk.org>
Return-path: <dev-bounces@dpdk.org>
Received: from dispatch1-us1.ppe-hosted.com (dispatch1-us1.ppe-hosted.com
 [67.231.154.164]) by dpdk.org (Postfix) with ESMTP id 1DD88201
 for <dev@dpdk.org>; Wed,  7 Nov 2018 07:30:24 +0100 (CET)
In-Reply-To: <20181106193005.5383-2-stephen@networkplumber.org>
Content-Language: en-GB
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

On 11/6/18 10:30 PM, Stephen Hemminger wrote:
> There is a potential issue seen by static tools if number of multicast
> addresses is zero, and rte_realloc of zero size fails (ie returns NULL).
> This won't happen in real world for a couple of reasons: Azure doesn't
> support multicast (ie this is dead code);

Is it guaranteed that Azure is the only user of the code?
Sorry, it does not sound like an argument at all.

> and rte_realloc of zero size
> will never fail, but safe to just always return -ENOMEM of realloc fails.

It is false statement. If ptr is NULL, rte_malloc() is used which explicitly
returns NULL if size is 0.

> Coverity issue: 323487

It is 100% false alarm from Coverity. rte_memcpy() does nothing
if size is 0 and it is zero if number of addresses is zero.
If we really want to cope with it (I'm not sure), just do rte_memcpy()
in else branch. And it should explained in the comment that it is
required to address false issue from static analysis tool only.

Other option is to add check for dummy set (zero number of addresses
when it is already zero, but it is extra lines of code and extra logic which
is not actually required here. So, more harm from my point of view.

> Fixes: 901efc0da925 ("net/failsafe: support multicast address list set")
> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> ---
>   drivers/net/failsafe/failsafe_ops.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/net/failsafe/failsafe_ops.c b/drivers/net/failsafe/failsafe_ops.c
> index 7f8bcd4c69f4..a20953a662e1 100644
> --- a/drivers/net/failsafe/failsafe_ops.c
> +++ b/drivers/net/failsafe/failsafe_ops.c
> @@ -1155,7 +1155,7 @@ fs_set_mc_addr_list(struct rte_eth_dev *dev,
>   
>   	mcast_addrs = rte_realloc(PRIV(dev)->mcast_addrs,
>   		nb_mc_addr * sizeof(PRIV(dev)->mcast_addrs[0]), 0);
> -	if (mcast_addrs == NULL && nb_mc_addr > 0) {
> +	if (mcast_addrs == NULL) {
>   		ret = -ENOMEM;
>   		goto rollback;
>   	}