[PATCH] migration: fix coverity migrate_mode finding

[PATCH] migration: fix coverity migrate_mode finding

[Steve Sistare]

Coverity diagnoses a possible out-of-range array index here ...

    static GSList *migration_blockers[MIG_MODE__MAX];

    fill_source_migration_info() {
        GSList *cur_blocker = migration_blockers[migrate_mode()];

... because it does not know that MIG_MODE__MAX will never be returned as
a migration mode.  To fix, assert so in migrate_mode().

Fixes: fa3673e497a1 ("migration: per-mode blockers")

Reported-by: Peter Maydell <peter.maydell@linaro.org>
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Steve Sistare <steven.sistare@oracle.com>
---
 migration/options.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/migration/options.c b/migration/options.c
index 8d8ec73..3e3e0b9 100644
--- a/migration/options.c
+++ b/migration/options.c
@@ -833,8 +833,10 @@ uint64_t migrate_max_postcopy_bandwidth(void)
 MigMode migrate_mode(void)
 {
     MigrationState *s = migrate_get_current();
+    MigMode mode = s->parameters.mode;
 
-    return s->parameters.mode;
+    assert(mode >= 0 && mode < MIG_MODE__MAX);
+    return mode;
 }
 
 int migrate_multifd_channels(void)
-- 
1.8.3.1

Re: [PATCH] migration: fix coverity migrate_mode finding

[Fabiano Rosas]

Steve Sistare <steven.sistare@oracle.com> writes:

> Coverity diagnoses a possible out-of-range array index here ...
>
>     static GSList *migration_blockers[MIG_MODE__MAX];
>
>     fill_source_migration_info() {
>         GSList *cur_blocker = migration_blockers[migrate_mode()];
>
> ... because it does not know that MIG_MODE__MAX will never be returned as
> a migration mode.  To fix, assert so in migrate_mode().
>
> Fixes: fa3673e497a1 ("migration: per-mode blockers")
>
> Reported-by: Peter Maydell <peter.maydell@linaro.org>
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Steve Sistare <steven.sistare@oracle.com>
> ---
>  migration/options.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/migration/options.c b/migration/options.c
> index 8d8ec73..3e3e0b9 100644
> --- a/migration/options.c
> +++ b/migration/options.c
> @@ -833,8 +833,10 @@ uint64_t migrate_max_postcopy_bandwidth(void)
>  MigMode migrate_mode(void)
>  {
>      MigrationState *s = migrate_get_current();
> +    MigMode mode = s->parameters.mode;
>  
> -    return s->parameters.mode;
> +    assert(mode >= 0 && mode < MIG_MODE__MAX);
> +    return mode;
>  }
>  
>  int migrate_multifd_channels(void)

Reviewed-by: Fabiano Rosas <farosas@suse.de>

Re: [PATCH] migration: fix coverity migrate_mode finding

[Peter Xu]

On Mon, Nov 13, 2023 at 12:23:45PM -0800, Steve Sistare wrote:
> Coverity diagnoses a possible out-of-range array index here ...
> 
>     static GSList *migration_blockers[MIG_MODE__MAX];
> 
>     fill_source_migration_info() {
>         GSList *cur_blocker = migration_blockers[migrate_mode()];
> 
> ... because it does not know that MIG_MODE__MAX will never be returned as
> a migration mode.  To fix, assert so in migrate_mode().
> 
> Fixes: fa3673e497a1 ("migration: per-mode blockers")
> 
> Reported-by: Peter Maydell <peter.maydell@linaro.org>
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Steve Sistare <steven.sistare@oracle.com>

queued.

-- 
Peter Xu