[PATCH v4 0/2] HP-PARISC: LASI's NCR710 SCSI Controller

[PATCH v4 0/2] HP-PARISC: LASI's NCR710 SCSI Controller

[Soumyajyotii Ssarkar]

Fixing Defects reported by Coverity Scan for NCR710 SCSI Controller in QEMU.
QEMU runs the Coverity static analyzer to identify potential bugs in
code that has recently been merged.

In view of the above these issues came to light.
I would request you to please review the fixes for the same.

Reported by: Stefan Hajnoczi <stefanha@gmail.com>
and GuoHan Zhao <zhaoguohan@kylinos.cn>

Soumyajyotii Ssarkar (2):
  hw/scsi/ncr53c710.c: Fixing null pointer dereference issue.
  hw/scsi/ncr53c710.c: Fixing Incorrect expression  (IDENTICAL_BRANCHES)

 hw/scsi/ncr53c710.c | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

-- 
2.49.0

[PATCH v4 1/2] hw/scsi/ncr53c710.c: Fixing null pointer dereference issue.

[Soumyajyotii Ssarkar]

The code dereferences s->current before checking if it is NULL. Moved the
null check before the dereference to prevent potential crashes.

This issue could occur if s->current is NULL when the function reaches
the "Host adapter (re)connected" path, though this should not normally
happen during correct operation.
As suggested by: GuoHan Zhao <zhaoguohan@kylinos.cn>
Improved upon by: Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>

Reported-by: Stefan Hajnoczi <stefanha@gmail.com>
and GuoHan Zhao <zhaoguohan@kylinos.cn>

Signed-off-by: Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>
---
 hw/scsi/ncr53c710.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/scsi/ncr53c710.c b/hw/scsi/ncr53c710.c
index b3d4593b72..871f76c2a2 100644
--- a/hw/scsi/ncr53c710.c
+++ b/hw/scsi/ncr53c710.c
@@ -835,12 +835,11 @@ void ncr710_transfer_data(SCSIRequest *req, uint32_t len)
     }
 
     /* Host adapter (re)connected */
-    s->current->dma_len = len;
     s->command_complete = NCR710_CMD_DATA_READY;
-
     if (!s->current) {
         return;
     }
+    s->current->dma_len = len;
 
     if (s->waiting) {
         s->scntl1 |= NCR710_SCNTL1_CON;
-- 
2.49.0

[PATCH v4 2/2] hw/scsi/ncr53c710.c: Fixing Incorrect expression (IDENTICAL_BRANCHES)

[Soumyajyotii Ssarkar]

The issue stems from Sync and Async if-else condition.
The same code is executed when the condition "s->waiting != NCR710_WAIT_NONE" is true or false.
Because the code in the if-then branch and after the if statement is identical
So we can remove the unnecessary condition checking for Sync and Async
cases.
As reported by: Stefan Hajnoczi <stefanha@gmail.com>

Signed-off-by: Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>
---
 hw/scsi/ncr53c710.c | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/hw/scsi/ncr53c710.c b/hw/scsi/ncr53c710.c
index 871f76c2a2..3de264fde9 100644
--- a/hw/scsi/ncr53c710.c
+++ b/hw/scsi/ncr53c710.c
@@ -1366,11 +1366,6 @@ again:
         case PHASE_DI:
             s->waiting = NCR710_WAIT_DMA;
             ncr710_do_dma(s, 0);
-            if (s->waiting != NCR710_WAIT_NONE) {
-                /* Async - stop and wait */
-                break;
-            }
-            /* Sync - continue execution */
             break;
         case PHASE_CO:
             ncr710_do_command(s);
-- 
2.49.0

Re: [PATCH v4 0/2] HP-PARISC: LASI's NCR710 SCSI Controller

[Stefan Hajnoczi]

On Mon, Nov 3, 2025 at 1:40 PM Soumyajyotii Ssarkar
<soumyajyotisarkar23@gmail.com> wrote:
>
> Fixing Defects reported by Coverity Scan for NCR710 SCSI Controller in QEMU.
> QEMU runs the Coverity static analyzer to identify potential bugs in
> code that has recently been merged.
>
> In view of the above these issues came to light.
> I would request you to please review the fixes for the same.
>
> Reported by: Stefan Hajnoczi <stefanha@gmail.com>
> and GuoHan Zhao <zhaoguohan@kylinos.cn>
>
> Soumyajyotii Ssarkar (2):
>   hw/scsi/ncr53c710.c: Fixing null pointer dereference issue.
>   hw/scsi/ncr53c710.c: Fixing Incorrect expression  (IDENTICAL_BRANCHES)
>
>  hw/scsi/ncr53c710.c | 8 +-------
>  1 file changed, 1 insertion(+), 7 deletions(-)

I am not familiar with the device being emulated, so I have only
reviewed this for C issues:

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

Re: [PATCH v4 0/2] HP-PARISC: LASI's NCR710 SCSI Controller

[Helge Deller]

On 11/9/25 21:57, Stefan Hajnoczi wrote:
> On Mon, Nov 3, 2025 at 1:40 PM Soumyajyotii Ssarkar
> <soumyajyotisarkar23@gmail.com> wrote:
>>
>> Fixing Defects reported by Coverity Scan for NCR710 SCSI Controller in QEMU.
>> QEMU runs the Coverity static analyzer to identify potential bugs in
>> code that has recently been merged.
>>
>> In view of the above these issues came to light.
>> I would request you to please review the fixes for the same.
>>
>> Reported by: Stefan Hajnoczi <stefanha@gmail.com>
>> and GuoHan Zhao <zhaoguohan@kylinos.cn>
>>
>> Soumyajyotii Ssarkar (2):
>>    hw/scsi/ncr53c710.c: Fixing null pointer dereference issue.
>>    hw/scsi/ncr53c710.c: Fixing Incorrect expression  (IDENTICAL_BRANCHES)
>>
>>   hw/scsi/ncr53c710.c | 8 +-------
>>   1 file changed, 1 insertion(+), 7 deletions(-)
> 
> I am not familiar with the device being emulated, so I have only
> reviewed this for C issues:
> 
> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>

Thanks!
Btw, I just sent out a pull request which includes those patches.
(but in it I missed your Reviewed-by)

Helge

Re: [PATCH v4 0/2] HP-PARISC: LASI's NCR710 SCSI Controller

[Stefan Hajnoczi]

[-- Attachment #1: Type: text/plain, Size: 1314 bytes --]

On Sun, Nov 9, 2025, 17:08 Helge Deller <deller@gmx.de> wrote:

> On 11/9/25 21:57, Stefan Hajnoczi wrote:
> > On Mon, Nov 3, 2025 at 1:40 PM Soumyajyotii Ssarkar
> > <soumyajyotisarkar23@gmail.com> wrote:
> >>
> >> Fixing Defects reported by Coverity Scan for NCR710 SCSI Controller in
> QEMU.
> >> QEMU runs the Coverity static analyzer to identify potential bugs in
> >> code that has recently been merged.
> >>
> >> In view of the above these issues came to light.
> >> I would request you to please review the fixes for the same.
> >>
> >> Reported by: Stefan Hajnoczi <stefanha@gmail.com>
> >> and GuoHan Zhao <zhaoguohan@kylinos.cn>
> >>
> >> Soumyajyotii Ssarkar (2):
> >>    hw/scsi/ncr53c710.c: Fixing null pointer dereference issue.
> >>    hw/scsi/ncr53c710.c: Fixing Incorrect expression
> (IDENTICAL_BRANCHES)
> >>
> >>   hw/scsi/ncr53c710.c | 8 +-------
> >>   1 file changed, 1 insertion(+), 7 deletions(-)
> >
> > I am not familiar with the device being emulated, so I have only
> > reviewed this for C issues:
> >
> > Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
>
> Thanks!
> Btw, I just sent out a pull request which includes those patches.
> (but in it I missed your Reviewed-by)
>

Great! No worries about missing my R-b.

Stefan


> Helge
>

[-- Attachment #2: Type: text/html, Size: 2465 bytes --]