drivers/gpu/drm/xe/xe_guc_capture.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-)
The pointer list->list is derefrenced before the Null check.
Fix this by moving the Null check outside the for loop, so that
the check is performed before the derefrencing.
This issue was reported by Coverity Scan.
https://scan7.scan.coverity.com/#/project-view/51525/11354
?selectedIssue=1600335
Fixes: a18c696fa5cb ("drm/xe/guc: Fix dereference before Null check")
Signed-off-by: Everest K.C. <everestkc@everestkc.com.np>
---
V1 -> V2: - Combined the `!list->list` check in preexisting if statement
- Added Fixes tag
- Added the link to the Coverity Scan report
drivers/gpu/drm/xe/xe_guc_capture.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/drivers/gpu/drm/xe/xe_guc_capture.c b/drivers/gpu/drm/xe/xe_guc_capture.c
index 41262bda20ed..947c3a6d0e5a 100644
--- a/drivers/gpu/drm/xe/xe_guc_capture.c
+++ b/drivers/gpu/drm/xe/xe_guc_capture.c
@@ -1531,7 +1531,7 @@ read_reg_to_node(struct xe_hw_engine *hwe, const struct __guc_mmio_reg_descr_gro
{
int i;
- if (!list || list->num_regs == 0)
+ if (!list || !list->list || list->num_regs == 0)
return;
if (!regs)
@@ -1541,9 +1541,6 @@ read_reg_to_node(struct xe_hw_engine *hwe, const struct __guc_mmio_reg_descr_gro
struct __guc_mmio_reg_descr desc = list->list[i];
u32 value;
- if (!list->list)
- return;
-
if (list->type == GUC_STATE_CAPTURE_TYPE_ENGINE_INSTANCE) {
value = xe_hw_engine_mmio_read32(hwe, desc.reg);
} else {
--
2.43.0
On Wed, Oct 09, 2024 at 03:39:20PM -0600, Everest K.C. wrote: > The pointer list->list is derefrenced before the Null check. > Fix this by moving the Null check outside the for loop, so that > the check is performed before the derefrencing. > Please, mention the effect on runtime if it's not totally obvious. In this case, someone reading the commit message would think that it leads to a NULL dereference but actually the pointer can't be NULL as I explained so there is no effect on run time. Say something like: "The list->list pointer cannot be NULL so this has no effect on runtime. It's just a correctness issue." Change Null to NULL so people don't think it's Java. ;) Also dereferencing has a typo. s/derefrencing/dereferencing/. > This issue was reported by Coverity Scan. > https://scan7.scan.coverity.com/#/project-view/51525/11354 > ?selectedIssue=1600335 Don't line break URLs like this. Just go over the 72-74 character limit. > > Fixes: a18c696fa5cb ("drm/xe/guc: Fix dereference before Null check") > Remove the blank line after Fixes. > Signed-off-by: Everest K.C. <everestkc@everestkc.com.np> > --- Otherwise, it looks good. Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org> regards, dan carpenter
On Thu, Oct 10, 2024 at 12:28 AM Dan Carpenter <dan.carpenter@linaro.org> wrote: > > On Wed, Oct 09, 2024 at 03:39:20PM -0600, Everest K.C. wrote: > > The pointer list->list is derefrenced before the Null check. > > Fix this by moving the Null check outside the for loop, so that > > the check is performed before the derefrencing. > > > > Please, mention the effect on runtime if it's not totally obvious. In this case, > someone reading the commit message would think that it leads to a NULL > dereference but actually the pointer can't be NULL as I explained so there is > no effect on run time. Say something like: > "The list->list pointer cannot be NULL so this has no effect on runtime. It's > just a correctness issue." > > Change Null to NULL so people don't think it's Java. ;) Also dereferencing > has a typo. s/derefrencing/dereferencing/. > > > > This issue was reported by Coverity Scan. > > https://scan7.scan.coverity.com/#/project-view/51525/11354 > > ?selectedIssue=1600335 > > Don't line break URLs like this. Just go over the 72-74 character limit. > > > > > Fixes: a18c696fa5cb ("drm/xe/guc: Fix dereference before Null check") > > > > Remove the blank line after Fixes. > > > Signed-off-by: Everest K.C. <everestkc@everestkc.com.np> > > --- > > Otherwise, it looks good. Will incorporate your feedback and will send a V3. Thank you for taking time to review it. > Reviewed-by: Dan Carpenter <dan.carpenter@linaro.org> > > regards, > dan carpenter > Thanks, Everest K.C.
© 2016 - 2024 Red Hat, Inc.