[for-8.2] test-resv-mem: Fix CID 1523911

Message ID	20231110083654.277345-1-eric.auger@redhat.com
State	New
Headers	show Return-Path: <qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org> From: Eric Auger <eric.auger@redhat.com> To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org Cc: clg@redhat.com Subject: [PATCH for-8.2] test-resv-mem: Fix CID 1523911 Date: Fri, 10 Nov 2023 09:36:54 +0100 Message-ID: <20231110083654.277345-1-eric.auger@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=170.10.133.124; envelope-from=eric.auger@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Series	[for-8.2] test-resv-mem: Fix CID 1523911 \| expand [for-8.2] test-resv-mem: Fix CID 1523911

Message ID

20231110083654.277345-1-eric.auger@redhat.com

State

New

Headers

From: Eric Auger <eric.auger@redhat.com>
To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org,
 qemu-arm@nongnu.org, peter.maydell@linaro.org
Cc: clg@redhat.com
Subject: [PATCH for-8.2] test-resv-mem: Fix CID 1523911
Date: Fri, 10 Nov 2023 09:36:54 +0100
Message-ID: <20231110083654.277345-1-eric.auger@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=170.10.133.124;
 envelope-from=eric.auger@redhat.com; helo=us-smtp-delivery-124.mimecast.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001,
 DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001,
 SPF_HELO_NONE=0.001, SPF_PASS=-0.001,
 T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org
Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org

Series

[for-8.2] test-resv-mem: Fix CID 1523911 | expand

Commit Message

Eric Auger Nov. 10, 2023, 8:36 a.m. UTC

Coverity complains about passing "&expected" to "run_range_inverse_array",
which dereferences null "expected". I guess the problem is that the
compare_ranges() loop dereferences 'e' without testing it. However the
loop condition is based on 'ranges' which is garanteed to have
the same length as 'expected' given the g_assert_cmpint() just
before the loop. So the code looks safe to me.

Nevertheless adding a test on expected before the loop to get rid of the
warning.

Fixes: CID 1523901
Signed-off-by: Eric Auger <eric.auger@redhat.com>
Reported-by: Coverity (CID 1523901)

---

Hope this fixes the Coverity warning as I cannot test.
---
 tests/unit/test-resv-mem.c | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Thomas Huth Nov. 13, 2023, 7:21 a.m. UTC | #1

On 10/11/2023 09.36, Eric Auger wrote:
> Coverity complains about passing "&expected" to "run_range_inverse_array",
> which dereferences null "expected". I guess the problem is that the
> compare_ranges() loop dereferences 'e' without testing it. However the
> loop condition is based on 'ranges' which is garanteed to have
> the same length as 'expected' given the g_assert_cmpint() just
> before the loop. So the code looks safe to me.
> 
> Nevertheless adding a test on expected before the loop to get rid of the
> warning.
> 
> Fixes: CID 1523901
> Signed-off-by: Eric Auger <eric.auger@redhat.com>
> Reported-by: Coverity (CID 1523901)
> 
> ---
> 
> Hope this fixes the Coverity warning as I cannot test.
> ---
>   tests/unit/test-resv-mem.c | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> diff --git a/tests/unit/test-resv-mem.c b/tests/unit/test-resv-mem.c
> index 5963274e2c..cd8f7318cc 100644
> --- a/tests/unit/test-resv-mem.c
> +++ b/tests/unit/test-resv-mem.c
> @@ -44,6 +44,10 @@ static void compare_ranges(const char *prefix, GList *ranges,
>       print_ranges("out", ranges);
>       print_ranges("expected", expected);
>   #endif
> +    if (!expected) {
> +        g_assert_true(!ranges);
> +        return;
> +    }
>       g_assert_cmpint(g_list_length(ranges), ==, g_list_length(expected));
>       for (l = ranges, e = expected; l ; l = l->next, e = e->next) {
>           Range *r = (Range *)l->data;

Reviewed-by: Thomas Huth <thuth@redhat.com>

I'll queue it (unless somebody else wants to take this?).

Cédric Le Goater Nov. 13, 2023, 7:56 a.m. UTC | #2

On 11/13/23 08:21, Thomas Huth wrote:
> On 10/11/2023 09.36, Eric Auger wrote:
>> Coverity complains about passing "&expected" to "run_range_inverse_array",
>> which dereferences null "expected". I guess the problem is that the
>> compare_ranges() loop dereferences 'e' without testing it. However the
>> loop condition is based on 'ranges' which is garanteed to have
>> the same length as 'expected' given the g_assert_cmpint() just
>> before the loop. So the code looks safe to me.
>>
>> Nevertheless adding a test on expected before the loop to get rid of the
>> warning.
>>
>> Fixes: CID 1523901
>> Signed-off-by: Eric Auger <eric.auger@redhat.com>
>> Reported-by: Coverity (CID 1523901)
>>
>> ---
>>
>> Hope this fixes the Coverity warning as I cannot test.
>> ---
>>   tests/unit/test-resv-mem.c | 4 ++++
>>   1 file changed, 4 insertions(+)
>>
>> diff --git a/tests/unit/test-resv-mem.c b/tests/unit/test-resv-mem.c
>> index 5963274e2c..cd8f7318cc 100644
>> --- a/tests/unit/test-resv-mem.c
>> +++ b/tests/unit/test-resv-mem.c
>> @@ -44,6 +44,10 @@ static void compare_ranges(const char *prefix, GList *ranges,
>>       print_ranges("out", ranges);
>>       print_ranges("expected", expected);
>>   #endif
>> +    if (!expected) {
>> +        g_assert_true(!ranges);
>> +        return;
>> +    }
>>       g_assert_cmpint(g_list_length(ranges), ==, g_list_length(expected));
>>       for (l = ranges, e = expected; l ; l = l->next, e = e->next) {
>>           Range *r = (Range *)l->data;
> 
> Reviewed-by: Thomas Huth <thuth@redhat.com>
> 
> I'll queue it (unless somebody else wants to take this?).

There is also another fix for the same series :

   https://lore.kernel.org/qemu-devel/20231109170715.259520-1-eric.auger@redhat.com/

I was waiting to have a little more for VFIO to queue both but
they could go through your queue also.

Thanks,

C.

Thomas Huth Nov. 13, 2023, 7:59 a.m. UTC | #3

On 13/11/2023 08.56, Cédric Le Goater wrote:
> On 11/13/23 08:21, Thomas Huth wrote:
>> On 10/11/2023 09.36, Eric Auger wrote:
>>> Coverity complains about passing "&expected" to "run_range_inverse_array",
>>> which dereferences null "expected". I guess the problem is that the
>>> compare_ranges() loop dereferences 'e' without testing it. However the
>>> loop condition is based on 'ranges' which is garanteed to have
>>> the same length as 'expected' given the g_assert_cmpint() just
>>> before the loop. So the code looks safe to me.
>>>
>>> Nevertheless adding a test on expected before the loop to get rid of the
>>> warning.
>>>
>>> Fixes: CID 1523901
>>> Signed-off-by: Eric Auger <eric.auger@redhat.com>
>>> Reported-by: Coverity (CID 1523901)
>>>
>>> ---
>>>
>>> Hope this fixes the Coverity warning as I cannot test.
>>> ---
>>>   tests/unit/test-resv-mem.c | 4 ++++
>>>   1 file changed, 4 insertions(+)
>>>
>>> diff --git a/tests/unit/test-resv-mem.c b/tests/unit/test-resv-mem.c
>>> index 5963274e2c..cd8f7318cc 100644
>>> --- a/tests/unit/test-resv-mem.c
>>> +++ b/tests/unit/test-resv-mem.c
>>> @@ -44,6 +44,10 @@ static void compare_ranges(const char *prefix, GList 
>>> *ranges,
>>>       print_ranges("out", ranges);
>>>       print_ranges("expected", expected);
>>>   #endif
>>> +    if (!expected) {
>>> +        g_assert_true(!ranges);
>>> +        return;
>>> +    }
>>>       g_assert_cmpint(g_list_length(ranges), ==, g_list_length(expected));
>>>       for (l = ranges, e = expected; l ; l = l->next, e = e->next) {
>>>           Range *r = (Range *)l->data;
>>
>> Reviewed-by: Thomas Huth <thuth@redhat.com>
>>
>> I'll queue it (unless somebody else wants to take this?).
> 
> There is also another fix for the same series :
> 
>    
> https://lore.kernel.org/qemu-devel/20231109170715.259520-1-eric.auger@redhat.com/
> 
> I was waiting to have a little more for VFIO to queue both but
> they could go through your queue also.

I'm just looking at patches that affect tests/ ... the other fix is not 
related to that, so I won't pick up that one.

  Thomas

diff --git a/tests/unit/test-resv-mem.c b/tests/unit/test-resv-mem.c
index 5963274e2c..cd8f7318cc 100644
--- a/tests/unit/test-resv-mem.c
+++ b/tests/unit/test-resv-mem.c
@@ -44,6 +44,10 @@  static void compare_ranges(const char *prefix, GList *ranges,
     print_ranges("out", ranges);
     print_ranges("expected", expected);
 #endif
+    if (!expected) {
+        g_assert_true(!ranges);
+        return;
+    }
     g_assert_cmpint(g_list_length(ranges), ==, g_list_length(expected));
     for (l = ranges, e = expected; l ; l = l->next, e = e->next) {
         Range *r = (Range *)l->data;

[for-8.2] test-resv-mem: Fix CID 1523911

Commit Message

Comments

Patch