> -----Original Message-----
> From: dev [mailto:dev-boun...@dpdk.org] On Behalf Of Stephen Hemminger
> Sent: Thursday, May 11, 2017 5:39 PM
> To: Alejandro Lucero <alejandro.luc...@netronome.com>; dev@dpdk.org
> Subject: [dpdk-dev] New Coverity defects in VFIO
>
> Looks like obvious C array bounds issues...
>
Hi Stephen,
Thanks for highlighting this, and previous, coverity reports.
Just so you know we don't ignore these and after each run I send an automated
email to the author of each defect (based on git blame).
Nevertheless the number of defects has been creeping up. It is currently around
70 having been down around 20 several months ago.
I will start going through the backlog and pinging authors again in the next
few weeks.
In the meantime if anyone has open coverity defects against them (check your
past emails) can you please try to address them in the next few weeks.
John
> Begin forwarded message:
>
> Date: Thu, 11 May 2017 06:32:38 -0700
> From: scan-ad...@coverity.com
> To: step...@networkplumber.org
> Subject: New Defects reported by Coverity Scan for DPDK Data Plane
> Development Kit
>
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to DPDK Data
> Plane Development Kit found with Coverity Scan.
>
> 4 new defect(s) introduced to DPDK Data Plane Development Kit found with
> Coverity Scan.
> 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the
> recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s)
>
>
> ** CID 144558: Parse warnings (PARSE_ERROR)
> /tmp/auto-config-h.sh.116891.c: 3 in ()
>
>
> __________________________________________________________________________
> ______________________________
> *** CID 144558: Parse warnings (PARSE_ERROR)
> /tmp/auto-config-h.sh.116891.c: 3 in ()
> 1 #include <linux/pkt_cls.h>
> 2
> >>> CID 144558: Parse warnings (PARSE_ERROR)
> >>> identifier "TCA_FLOWER_KEY_VLAN_PRIO" is undefined
>
> ** CID 144557: Memory - corruptions (OVERRUN)
> /lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put()
>
>
> __________________________________________________________________________
> ______________________________
> *** CID 144557: Memory - corruptions (OVERRUN)
> /lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put()
> 201 int i;
> 202
> 203 i = get_vfio_group_idx(vfio_group_fd);
> 204 if (i < 0 || i > VFIO_MAX_GROUPS)
> 205 RTE_LOG(ERR, EAL, " wrong vfio_group index (%d)\n", i);
> 206 else
> >>> CID 144557: Memory - corruptions (OVERRUN)
> >>> Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at
> element index 64 (byte offset 768) using index "i" (which evaluates to
> 64).
> 207 vfio_cfg.vfio_groups[i].devices--;
> 208 }
> 209
> 210 static int
> 211 vfio_group_device_count(int vfio_group_fd)
> 212 {
>
> ** CID 144556: Memory - illegal accesses (OVERRUN)
> /lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count()
>
>
> __________________________________________________________________________
> ______________________________
> *** CID 144556: Memory - illegal accesses (OVERRUN)
> /lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count()
> 215 i = get_vfio_group_idx(vfio_group_fd);
> 216 if (i < 0 || i > VFIO_MAX_GROUPS) {
> 217 RTE_LOG(ERR, EAL, " wrong vfio_group index (%d)\n", i);
> 218 return -1;
> 219 }
> 220
> >>> CID 144556: Memory - illegal accesses (OVERRUN)
> >>> Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at
> element index 64 (byte offset 768) using index "i" (which evaluates to
> 64).
> 221 return vfio_cfg.vfio_groups[i].devices;
> 222 }
> 223
> 224 int
> 225 clear_group(int vfio_group_fd)
> 226 {
>
> ** CID 144555: Memory - corruptions (OVERRUN)
> /lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get()
>
>
> __________________________________________________________________________
> ______________________________
> *** CID 144555: Memory - corruptions (OVERRUN)
> /lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get()
> 189 int i;
> 190
> 191 i = get_vfio_group_idx(vfio_group_fd);
> 192 if (i < 0 || i > VFIO_MAX_GROUPS)
> 193 RTE_LOG(ERR, EAL, " wrong vfio_group index (%d)\n", i);
> 194 else
> >>> CID 144555: Memory - corruptions (OVERRUN)
> >>> Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at
> element index 64 (byte offset 768) using index "i" (which evaluates to
> 64).
> 195 vfio_cfg.vfio_groups[i].devices++;
> 196 }
> 197
> 198 static void
> 199 vfio_group_device_put(int vfio_group_fd)
> 200 {
>
>
> __________________________________________________________________________
> ______________________________
> To view the defects in Coverity Scan visit,
> https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-
> 2BfV0V05UPxvVjWch-2Bd2MGckcRatAu7kfwx-2FEYQLnaewVIzHeicA-2BXVfT6hZ5-
> 2BlQUbOEuO498PDBpm2du3zbqLAIkSYNH-2F4pgPd0yf8CgX5U0jRj_5xu02FVv-
> 2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsna
> hFZyjQW3aqTA5h9rz-2BI7CfexKV5NFlSm1lW-2Fiif3a6-2Fu7-
> 2Fs613T3n94FacSVILpwmgH4KcYzHtMPdTwJy1kCK02zCViEtNsq-
> 2FCKPHCFx1r4p5UV6Psx61JLzOXw56M2GSEUOPo8sP2PR2MWjeCdy5rfIyU-3D
>
> To manage Coverity Scan email notifications for
> "step...@networkplumber.org", click
> https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-
> 2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-
> 2FA8y06Nq4sKfrkUL5oDv8dgJj5BU3IfRYzaFCVGnOstQOuK3KKCEYrqlxJ2-
> 2FPVogkBzkcq1Dg-2FyXbbLWT-2BUFivnCf-2Ffy5pynld3GGM7zvzbDuODpBlYA-
> 3D_5xu02FVv-
> 2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsna
> hFZygYSNuU7rrSKQtPVcIi21MDpz6KZwG8nS4KmgXtet9991WL1lHRPs9GRo4zwJ-2Bnb-
> 2FTnQYqob6zFOkhFpJ-2FjhXOQt2JMEhg-2FflJvekTxexy1BKKt-
> 2FaadTS9JcUmvbkxxm73IxfO8iGv39u0aDGpPB0r8-3D
