Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp3258177pxb; Mon, 1 Mar 2021 05:51:08 -0800 (PST) X-Google-Smtp-Source: ABdhPJyc5VIhJYBdr3s+qp1+WbL/Wm2Qc0tWBTpmPvrA8tRYakb+BfrBf2NklwYBEWQCbVxcweRe X-Received: by 2002:aa7:c95a:: with SMTP id h26mr16605505edt.166.1614606668506; Mon, 01 Mar 2021 05:51:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1614606668; cv=none; d=google.com; s=arc-20160816; b=XMfqASDVjsPa1TZoan/xvlpcsWWG7bZhPhOIHuz9hjhXOTm8F0YZKRbKCJjbPMhBcR yTY+OGVNGG0kdusp9rIsqL7W7v6Ij5jI41DHDZrAtw5JhAYHRK+KT4DgF7z2uojzwRB4 WSUJrb+n/4zoIsBHnFw1WOFmA3gfdySMAMIKv8VvO0ysPokZw9rg+D7+DmoaOYPuukn5 gd8dp4GBgxJdtKY97TWQ4rVobED37Wqf+lVy6zHLC5bhsTE78ppKMke12o64NeAFpk24 Aghm8S5M+q9zUb7ekGkv1HEnrNAyz79zgoI8pDVPLUd4v8jIfq2T4F/GvVkTxhQt8NKx MHMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=3AiRtyjlQ9H1d4qqwhlnedJw0eeCaWbUP2szZD4nDgI=; b=Ib4odTdztKjFm6vNF2WglMVBmBcU8o7ea22b/ipchSaUF2mLQLp+dN5da7jlhxnNr+ FrReY00Qu5dRXx0q3pc1Z8kzd4D7MDkEWSFHOzHpZTHYNwyqcgmCaQ66HeWVDSvdLpTe +ubgw7y/XmLr9PDa4Bj3qA/TzSHbQW4Dcg8Gziai/OEvWqailozIYWk8TnIc5H2m7Db5 FAa8Vosz9nN6OfRHItYYagiB5FpolNTEDli3sw1UivrZqswq1OidFfxOMYhsIgJaXpBH 9LMgYAJH/HAU54w4VUC7ykTiRppBiDHqtgWhaiW82s15IJvFmo6xBBMvq/utYImqBk0y hRGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=pu8QHjba; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id a20si11447096ejg.492.2021.03.01.05.50.45; Mon, 01 Mar 2021 05:51:08 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=pu8QHjba; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235909AbhCANsB (ORCPT + 99 others); Mon, 1 Mar 2021 08:48:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58614 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235905AbhCANr7 (ORCPT ); Mon, 1 Mar 2021 08:47:59 -0500 Received: from mail-pg1-x530.google.com (mail-pg1-x530.google.com [IPv6:2607:f8b0:4864:20::530]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BC28AC061756; Mon, 1 Mar 2021 05:47:19 -0800 (PST) Received: by mail-pg1-x530.google.com with SMTP id n10so11586424pgl.10; Mon, 01 Mar 2021 05:47:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=3AiRtyjlQ9H1d4qqwhlnedJw0eeCaWbUP2szZD4nDgI=; b=pu8QHjbaK6DWB8LoTGmA5eDmJON7k4B+9cDg2psmuOAADCSH/p1VO+iKMJT4Cwqmqn i+WiuBRAC1dFzzT1kSq7XXb82RrCLSGdwebFZm/J/0WdDpsQErdDSmYklqyVJr+1unC9 WwCRwBkky8JR4keLgJA1JU+x6w/V77XCbY3h9wpAeiid5qcz5Tn+UH7jpygRlljCqQet LTMlCJn0Cbtb+f2K44puRAsSeAHa6Cf3PXwakxJz+zWO45JTCO/Ywms1Fd0B1gswS3kr hz2k1CiqaZW641IU7At4A/nEaCfyS/cZF8FKxMMhAsVIKEG4P+cXey5F4DQRWzSCiPZE RoIQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=3AiRtyjlQ9H1d4qqwhlnedJw0eeCaWbUP2szZD4nDgI=; b=RVKb4bP+rWSjRkijUgrEEJBYwN1S/VmRWvpaFonDiFDp3i9GIt7W+54pNZu0aRRkax bq18SSUBTtSzA1OA5opLdobFRu4fWPk+fCHWVfRaiMfQsJA3cXliAOGpxcdfUgYGOP0f h1EDGU0KGwlXRnLBVuerFskB7UuJw66KmDHJ+ofNMdSgE4kUhEVJktDuy4ujVuyHuHCB zftMW+f7sEQFp3n2izmQl7uoluS+o0bdXl2RnOiItVM+W+Vq5e1ow+xQLDE+nw+0CW/h yfesVD3rxxi+lMkhCp9ya/QvZTFA+VCEfnykmx5FSVV1F7k2x6vw4+p9PL44hX/exQt8 8sLg== X-Gm-Message-State: AOAM530WipjuAGCjhnQbtGODPB1bFdzatFoqQNLaIf70Ccj7trlBthqi YltuPIXmt8z87q6DuiUDJOFAtGg86mjkReAgGb8= X-Received: by 2002:a62:8811:0:b029:1ee:b016:85a2 with SMTP id l17-20020a6288110000b02901eeb01685a2mr3282483pfd.40.1614606439212; Mon, 01 Mar 2021 05:47:19 -0800 (PST) MIME-Version: 1.0 References: <20210301072842.7410-1-dinghao.liu@zju.edu.cn> <44c09a14.a0cbd.177ed8446ea.Coremail.dinghao.liu@zju.edu.cn> In-Reply-To: <44c09a14.a0cbd.177ed8446ea.Coremail.dinghao.liu@zju.edu.cn> From: Andy Shevchenko Date: Mon, 1 Mar 2021 15:47:03 +0200 Message-ID: Subject: Re: Re: [PATCH] sata_dwc_460ex: Fix missing check in sata_dwc_isr To: Dinghao Liu Cc: Kangjie Lu , Jens Axboe , linux-ide@vger.kernel.org, Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Mar 1, 2021 at 1:20 PM wrote: > > > On Mon, Mar 1, 2021 at 9:44 AM Dinghao Liu wrote: > > > > > > ata_qc_from_tag() may return a null pointer and further lead to > > > null-pointer-dereference. Add a return value check to avoid such case. > > > > Can you elaborate more on this? Is it a real case? > > I have a hardware, how can I reproduce this? > > > > In the branch 'if (intpr & SATA_DWC_INTPR_NEWFP)', we call ata_qc_from_tag() > and access qc->ap->link.active_tag immediately. If ata_qc_from_tag() returns > a null pointer, accessing qc->ap->link.active_tag may crash the system. Yes, I can see that. My question is how to get into the case when this will be true. > This issue is reported by my static analysis tool, so I don't have the > vulnerable input currently. Should we blindly follow everything that some (non-ideal) tool reports? I don't think so. For all my experiments with that hardware, I haven't heard about the issue with NULL pointers. Useless checks make code harder to read and CPU to waste cycles. It might be maintainers of this driver consider otherwise, so not my call. -- With Best Regards, Andy Shevchenko