[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New Defects reported by Coverity Scan for XenProject


  • To: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Jan Beulich <jbeulich@xxxxxxxx>
  • Date: Mon, 6 Nov 2023 08:36:25 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4ReeFiBuHSMKwxCCL5+pdqeU2nqnFYLyt5jmD8RkNTQ=; b=Qf58OScDacVe8gOAxNYvwnR81SQuhKl7Wi9cFGKsZgs7AYTKzEp3FI54AjzkYWSw5oqyLN6hDy7QfIxHlldcuHApMupMpoiBQbqzD1pxWONnqKzvrylHMd++96E9gtgLwabR4lDXYSqeo1k3HwRxxC2iz4jHyz/sf+pZOxD5mAjya0VXLh0BIRI/oQI5Mho03WttaV9t9Akb0yINSZqhvhhM+bFw4NA+sv7zmoQ4unE6BQHenGN+BN538qex1Wzud11+EnGREkAtEGQ971NeVGAaM/FS1t6YQW1IsE0z9F45vk1OTP6rGyFGzdItIB5E+oqdonNyW6Ig+qgpHDzKiA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=J+kGoyey9nY9X5Gijoz8IE+LQ3IUmSUmSb5aTZ56VSqDF8dC8+s9DdZGlsYKJ+uVmzGGH+KQ8wkQ7LlLkcqOdG0eALA0kUyisIJlSDzPWjZF8CdLdDnjGyski/p0twZaUuO7bfBGJD5kwLVopkFxoYebRDlDkyYVdDkp4XWKssjqCf8cR5TsiDoyN7OngKXIr5qDjzHqPRlE6FVlrSLktb9XaiXofqsMfaGQS+vsxJY2/siXhZOBxVNBNdphDCPRLRy7OCvBBthUFPVO+MCDAFJ/D8IdsG+Oc3mgFt+cTHCz4Uvupn5XoO53fpeSANO8bvMx6uHiQSEpm3KZY4sGwA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;
  • Delivery-date: Mon, 06 Nov 2023 07:36:43 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 05.11.2023 10:58, scan-admin@xxxxxxxxxxxx wrote:
> Hi,
> 
> Please find the latest report on new defect(s) introduced to XenProject found 
> with Coverity Scan.
> 
> 1 new defect(s) introduced to XenProject found with Coverity Scan.
> 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> 
> 
> ** CID 1548622:  Null pointer dereferences  (NULL_RETURNS)
> /tools/firmware/xen-dir/xen-root/xen/arch/x86/cpu/mcheck/mcaction.c: 96 in 
> mc_memerr_dhandler()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 1548622:  Null pointer dereferences  (NULL_RETURNS)
> /tools/firmware/xen-dir/xen-root/xen/arch/x86/cpu/mcheck/mcaction.c: 96 in 
> mc_memerr_dhandler()
> 90                     d = rcu_lock_domain_by_id(bank->mc_domid);
> 91                     ASSERT(d);

No matter that this code can certainly do with hardening, how can - with
this ASSERT() - ...

> 92                     gfn = get_gpfn_from_mfn((bank->mc_addr) >> PAGE_SHIFT);
> 93     
> 94                     if ( unmmap_broken_page(d, mfn, gfn) )
> 95                     {
>>>>     CID 1548622:  Null pointer dereferences  (NULL_RETURNS)
>>>>     Dereferencing "d", which is known to be "NULL".
> 96                         printk("Unmap broken memory %"PRI_mfn" for DOM%d 
> failed\n",
> 97                                mfn_x(mfn), d->domain_id);

... Coverity "know" that d is going to be NULL here? Best I can infer is
that in a release build d _may_ end up being NULL.

Jan

> 98                         goto vmce_failed;
> 99                     }
> 100     
> 101                     mc_vcpuid = global->mc_vcpuid;
> 
> 
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, 
> https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrkTUyUdtq5BaG0O6OgOkaWpauWH6sxLlz8YmsOhJ7zG6w078-2FaiuRz-2FB00i-2BJg44c-3DkX6u_NrtkCdDF-2FTaaXLm1QcFPOFnojIs14Wzrh5dJFBeSVj1z0ksrlVQuW7Zy-2FqT57QjqzVjiJF2PJIK07-2BSEjUth5ouhE2qFNhId4LvekHJXd6ELiP0-2B8XnhP1gdLp7TRFFOvUeT6Lddf1YNNmN9XrN3-2BNawzLRRIl7-2FdJPswV5cGaWoBREWQjGxEUac95xJecxLgQNoDwwrxYdn9zW95rrbSw-3D-3D
> 
>   To manage Coverity Scan email notifications for "jbeulich@xxxxxxxx", click 
> https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxbOS2X-2FCa8eHT5AKto97sa5BC-2BcmyJ5bO5I-2FkczMtlG1epQQquNnD30oPjt4w9gsO1RjVU3f-2FwTsFle9tjKmWG5Kz60AmOhqmk5R1j-2BvLczY-3DAAhv_NrtkCdDF-2FTaaXLm1QcFPOFnojIs14Wzrh5dJFBeSVj1z0ksrlVQuW7Zy-2FqT57Qjqz6yaPk3udV-2B3LoxYpnR2IqMFgeYigqqRYw7WrjuBUd8j1KxekL3U98J70arECI-2BGRvwoXYzOJyfYbO5RKuSCm6Sa6RhyBu6G5o3KPByDgONSFcrLmsCWs9Tu18suJjyZJI0LMS3WFM-2BGpXs6QChyjA-3D-3D
> 




 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.