From 225abca1b0e70b8ba4e02e4c4e1e7c2939ec50d3 Mon Sep 17 00:00:00 2001
From: Darek Stojaczyk <dariusz.stojaczyk@intel.com>
Date: Fri, 25 Jan 2019 12:55:37 +0100
Subject: [PATCH] vhost: assert to_scsi_dev and to_blk_dev returns

Those cases should never occur. Klocwork pointed out
possible dereference based on the returns later in
the functions.

Change-Id: I282a56f3f415f85c38e9c451cbb10bc80fc6176b
Signed-off-by: Tomasz Zawadzki <tomasz.zawadzki@intel.com>
Signed-off-by: Darek Stojaczyk <dariusz.stojaczyk@intel.com>
Reviewed-on: https://review.gerrithub.io/c/441546
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Ben Walker <benjamin.walker@intel.com>
---
 lib/vhost/vhost_blk.c  |  3 +++
 lib/vhost/vhost_scsi.c | 16 +++++++---------
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/lib/vhost/vhost_blk.c b/lib/vhost/vhost_blk.c
index f615564e2..421baeed4 100644
--- a/lib/vhost/vhost_blk.c
+++ b/lib/vhost/vhost_blk.c
@@ -569,6 +569,8 @@ _spdk_vhost_session_bdev_remove_cb(struct spdk_vhost_dev *vdev, struct spdk_vhos
 		/* All sessions have been notified, time to close the bdev */
 		struct spdk_vhost_blk_dev *bvdev = to_blk_dev(vdev);
 
+		assert(bvdev != NULL);
+
 		spdk_bdev_close(bvdev->bdev_desc);
 		bvdev->bdev_desc = NULL;
 		bvdev->bdev = NULL;
@@ -680,6 +682,7 @@ spdk_vhost_blk_start_cb(struct spdk_vhost_dev *vdev,
 	}
 
 	bvdev = to_blk_dev(vdev);
+	assert(bvdev != NULL);
 	bvsession->bvdev = bvdev;
 
 	/* validate all I/O queues are in a contiguous index range */
diff --git a/lib/vhost/vhost_scsi.c b/lib/vhost/vhost_scsi.c
index c4756cf0a..26e816510 100644
--- a/lib/vhost/vhost_scsi.c
+++ b/lib/vhost/vhost_scsi.c
@@ -1220,6 +1220,7 @@ spdk_vhost_scsi_start_cb(struct spdk_vhost_dev *vdev,
 	int rc;
 
 	svsession = to_scsi_session(vsession);
+	assert(svsession != NULL);
 	svdev = svsession->svdev;
 
 	/* validate all I/O queues are in a contiguous index range */
@@ -1273,6 +1274,7 @@ spdk_vhost_scsi_start(struct spdk_vhost_session *vsession)
 	}
 
 	svdev = to_scsi_dev(vsession->vdev);
+	assert(svdev != NULL);
 	svsession->svdev = svdev;
 
 	if (svdev->vdev.active_session_num == 0) {
@@ -1336,11 +1338,7 @@ spdk_vhost_scsi_stop_cb(struct spdk_vhost_dev *vdev,
 	struct spdk_vhost_scsi_session *svsession;
 
 	svsession = to_scsi_session(vsession);
-	if (svsession == NULL) {
-		SPDK_ERRLOG("Trying to stop non-scsi controller as a scsi one.\n");
-		goto err;
-	}
-
+	assert(svsession != NULL);
 	svsession->destroy_ctx.event_ctx = event_ctx;
 	spdk_poller_unregister(&svsession->requestq_poller);
 	spdk_poller_unregister(&svsession->mgmt_poller);
@@ -1348,10 +1346,6 @@ spdk_vhost_scsi_stop_cb(struct spdk_vhost_dev *vdev,
 					svsession, 1000);
 
 	return 0;
-
-err:
-	spdk_vhost_session_event_done(event_ctx, -1);
-	return -1;
 }
 
 static int
@@ -1361,6 +1355,10 @@ spdk_vhost_scsi_stop(struct spdk_vhost_session *vsession)
 	int rc;
 
 	svsession = to_scsi_session(vsession);
+	if (svsession == NULL) {
+		SPDK_ERRLOG("Trying to stop non-scsi session as a scsi one.\n");
+		return -1;
+	}
 	rc = spdk_vhost_session_send_event(vsession, spdk_vhost_scsi_stop_cb,
 					   3, "stop session");
 	if (rc != 0) {