Re: [PATCH v4 01/10] libata: fix ata_host_alloc_pinfo()

Damien Le Moal <Damien.LeMoal@xxxxxxx> · Mon, 9 Aug 2021 09:07:32 +0000

On 2021/08/09 15:09, Hannes Reinecke wrote:
> On 8/7/21 6:18 AM, Damien Le Moal wrote:
>> Avoid static checkers warnings about a potential NULL pointer
>> dereference for the port info variable pi. To do so, test that at least
>> one port info is available on entry to ata_host_alloc_pinfo() and start
>> the ata port initialization for loop with pi initialized to a non-NULL
>> pointer. Within the for loop, get the next port info (if it is not NULL)
>> after initializing the ata port using the previous port info.
>>
>> Reported-by: kernel test robot <lkp@xxxxxxxxx>
>> Signed-off-by: Damien Le Moal <damien.lemoal@xxxxxxx>
>> ---
>>   drivers/ata/libata-core.c | 16 +++++++++++-----
>>   1 file changed, 11 insertions(+), 5 deletions(-)
>>
>> diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c
>> index 61c762961ca8..b17e161c07e2 100644
>> --- a/drivers/ata/libata-core.c
>> +++ b/drivers/ata/libata-core.c
>> @@ -5441,16 +5441,17 @@ struct ata_host *ata_host_alloc_pinfo(struct device *dev,
>>   	struct ata_host *host;
>>   	int i, j;
>>   
>> +	/* We must have at least one port info */
>> +	if (!ppi[0])
>> +		return NULL;
>> +
>>   	host = ata_host_alloc(dev, n_ports);
>>   	if (!host)
>>   		return NULL;
>>   
>> -	for (i = 0, j = 0, pi = NULL; i < host->n_ports; i++) {
>> +	for (i = 0, j = 0, pi = ppi[0]; i < host->n_ports; i++) {
>>   		struct ata_port *ap = host->ports[i];
>>   
>> -		if (ppi[j])
>> -			pi = ppi[j++];
>> -
>>   		ap->pio_mask = pi->pio_mask;
>>   		ap->mwdma_mask = pi->mwdma_mask;
>>   		ap->udma_mask = pi->udma_mask;
>> @@ -5458,8 +5459,13 @@ struct ata_host *ata_host_alloc_pinfo(struct device *dev,
>>   		ap->link.flags |= pi->link_flags;
>>   		ap->ops = pi->port_ops;
>>   
>> -		if (!host->ops && (pi->port_ops != &ata_dummy_port_ops))
>> +		if (!host->ops && pi->port_ops != &ata_dummy_port_ops)
>>   			host->ops = pi->port_ops;
>> +
>> +		if (ppi[j + 1]) {
>> +			j++;
>> +			pi = ppi[j];
>> +		}
>>   	}
>>   
>>   	return host;
>>
> This requires a comment as to why this is necessary.

You lost me... About what exactly ? If it is about how ppi must be used to
initialize pi, the function kdoc comment does explain it.

Note that the last hunk is wrong: there is a potential out of bound array
reference. The condition should be:

		if (j < nr_ports - 1 && ppi[j + 1]) {

Will send an update with that.

> 
> Cheers,
> 
> Hannes
> 

-- 
Damien Le Moal
Western Digital Research