Re: New Defects reported by Coverity Scan for XenProject

[Jan Beulich]

On 05.11.2023 10:58, scan-ad...@coverity.com wrote:
> Hi,
> 
> Please find the latest report on new defect(s) introduced to XenProject found 
> with Coverity Scan.
> 
> 1 new defect(s) introduced to XenProject found with Coverity Scan.
> 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> 
> 
> ** CID 1548622:  Null pointer dereferences  (NULL_RETURNS)
> /tools/firmware/xen-dir/xen-root/xen/arch/x86/cpu/mcheck/mcaction.c: 96 in 
> mc_memerr_dhandler()
> 
> 
> ________________________________________________________________________________________________________
> *** CID 1548622:  Null pointer dereferences  (NULL_RETURNS)
> /tools/firmware/xen-dir/xen-root/xen/arch/x86/cpu/mcheck/mcaction.c: 96 in 
> mc_memerr_dhandler()
> 90                     d = rcu_lock_domain_by_id(bank->mc_domid);
> 91                     ASSERT(d);

No matter that this code can certainly do with hardening, how can - with
this ASSERT() - ...

> 92                     gfn = get_gpfn_from_mfn((bank->mc_addr) >> PAGE_SHIFT);
> 93     
> 94                     if ( unmmap_broken_page(d, mfn, gfn) )
> 95                     {
>>>>     CID 1548622:  Null pointer dereferences  (NULL_RETURNS)
>>>>     Dereferencing "d", which is known to be "NULL".
> 96                         printk("Unmap broken memory %"PRI_mfn" for DOM%d 
> failed\n",
> 97                                mfn_x(mfn), d->domain_id);

... Coverity "know" that d is going to be NULL here? Best I can infer is
that in a release build d _may_ end up being NULL.

Jan

> 98                         goto vmce_failed;
> 99                     }
> 100     
> 101                     mc_vcpuid = global->mc_vcpuid;
> 
> 
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, 
> https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yrkTUyUdtq5BaG0O6OgOkaWpauWH6sxLlz8YmsOhJ7zG6w078-2FaiuRz-2FB00i-2BJg44c-3DkX6u_NrtkCdDF-2FTaaXLm1QcFPOFnojIs14Wzrh5dJFBeSVj1z0ksrlVQuW7Zy-2FqT57QjqzVjiJF2PJIK07-2BSEjUth5ouhE2qFNhId4LvekHJXd6ELiP0-2B8XnhP1gdLp7TRFFOvUeT6Lddf1YNNmN9XrN3-2BNawzLRRIl7-2FdJPswV5cGaWoBREWQjGxEUac95xJecxLgQNoDwwrxYdn9zW95rrbSw-3D-3D
> 
>   To manage Coverity Scan email notifications for "jbeul...@suse.com", click 
> https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxbOS2X-2FCa8eHT5AKto97sa5BC-2BcmyJ5bO5I-2FkczMtlG1epQQquNnD30oPjt4w9gsO1RjVU3f-2FwTsFle9tjKmWG5Kz60AmOhqmk5R1j-2BvLczY-3DAAhv_NrtkCdDF-2FTaaXLm1QcFPOFnojIs14Wzrh5dJFBeSVj1z0ksrlVQuW7Zy-2FqT57Qjqz6yaPk3udV-2B3LoxYpnR2IqMFgeYigqqRYw7WrjuBUd8j1KxekL3U98J70arECI-2BGRvwoXYzOJyfYbO5RKuSCm6Sa6RhyBu6G5o3KPByDgONSFcrLmsCWs9Tu18suJjyZJI0LMS3WFM-2BGpXs6QChyjA-3D-3D
>