Hi Maxime,
> -----Original Message-----
> From: Maxime Coquelin <maxime.coque...@redhat.com>
> Sent: Friday, November 4, 2022 1:52 AM
> To: Vargas, Hernan <hernan.var...@intel.com>; dev@dpdk.org;
> gak...@marvell.com; t...@redhat.com
> Cc: Chautru, Nicolas <nicolas.chau...@intel.com>; Zhang, Qi Z
> <qi.z.zh...@intel.com>
> Subject: Re: [PATCH v1 1/1] baseband/acc: fix check after deref and dead code
>
>
>
> On 11/4/22 04:52, Hernan Vargas wrote:
> > Fix potential issue of dereferencing a pointer before null check.
> > Remove null check for value that could never be null.
> >
> > Coverity issue: 381646, 381631
> > Fixes: 989dec301a9 ("baseband/acc100: add ring companion address")
> >
> > Signed-off-by: Hernan Vargas <hernan.var...@intel.com>
> > ---
> > drivers/baseband/acc/rte_acc100_pmd.c | 4 ----
> > 1 file changed, 4 deletions(-)
> >
> > diff --git a/drivers/baseband/acc/rte_acc100_pmd.c
> > b/drivers/baseband/acc/rte_acc100_pmd.c
> > index 96daef87bc..30a718916d 100644
> > --- a/drivers/baseband/acc/rte_acc100_pmd.c
> > +++ b/drivers/baseband/acc/rte_acc100_pmd.c
> > @@ -4122,15 +4122,11 @@ acc100_dequeue_ldpc_enc(struct
> rte_bbdev_queue_data *q_data,
> > struct rte_bbdev_enc_op *op;
> > union acc_dma_desc *desc;
> >
> > - if (q == NULL)
> > - return 0;
>
> Can we be sure it can never be NULL?
>
> static inline uint16_t
> rte_bbdev_dequeue_ldpc_enc_ops(uint16_t dev_id, uint16_t queue_id,
> struct rte_bbdev_enc_op **ops, uint16_t num_ops) {
> struct rte_bbdev *dev = &rte_bbdev_devices[dev_id];
> struct rte_bbdev_queue_data *q_data = &dev->data-
> >queues[queue_id];
> return dev->dequeue_ldpc_enc_ops(q_data, ops, num_ops); }
>
> If the application passes an invalid queue_id or dev_id you can easily get
> garbage.
>
> It may be worth adding some checks in all the helpers, to be sure dev_id is
> valid, and same for queue_id. We do that in Vhost library to improve
> robustness.
>
> I know there is this comment:
> "
> * This function does not provide any error notification to avoid the
> * corresponding overhead.
> "
>
> But to me this is not a good justification, the overhead would be minimal.
>
Thanks.
The rational is that this function needs to be very lightweight since this is a
called in loop and hence this is was captured
explicitly in bbdev.
More generally I don’t believe that a change to bbdev would be relevant in that
ticket, ok to move that discussion for later on in any case?
This ticket is purely about a Coverity fix for the ACC100 PMD. Note that we
don’t check for q null during dequeue in most baseband PMD (including both
intel and non-intel ones), this one was not required either, only historical.
Does that sound fair in the context of that Coverity fix?
Thanks
Nic
> Regards,
> Maxime
>
> > #ifdef RTE_LIBRTE_BBDEV_DEBUG
> > if (unlikely(ops == 0))
> > return 0;
> > #endif
> > desc = q->ring_addr + (q->sw_ring_tail & q->sw_ring_wrap_mask);
> > - if (unlikely(desc == NULL))
> > - return 0;
> > op = desc->req.op_addr;
> > if (unlikely(ops == NULL || op == NULL))
> > return 0;
