Linux-Next Archive on lore.kernel.org
 help / color / Atom feed
* Coverity: calibrate_8976(): Memory - illegal accesses
@ 2019-10-28 23:03 coverity-bot
  2019-10-28 23:44 ` Gustavo A. R. Silva
  0 siblings, 1 reply; 5+ messages in thread
From: coverity-bot @ 2019-10-28 23:03 UTC (permalink / raw)
  To: AngeloGioacchino Del Regno
  Cc: Amit Kucheria, Daniel Lezcano, Gustavo A. R. Silva, linux-next

Hello!

This is an experimental automated report about issues detected by Coverity
from a scan of next-20191025 as part of the linux-next weekly scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan

You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by recent commits:

95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")

Coverity reported the following:

*** CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
/drivers/thermal/qcom/tsens-v1.c: 245 in calibrate_8976()
239     	int mode = 0, tmp = 0;
240     	u32 *qfprom_cdata;
241
242     	qfprom_cdata = (u32 *)qfprom_read(priv->dev, "calib");
243     	if (IS_ERR(qfprom_cdata)) {
244     		kfree(qfprom_cdata);
vvv     CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
vvv     Passing freed pointer "qfprom_cdata" as an argument to "PTR_ERR".
245     		return PTR_ERR(qfprom_cdata);
246     	}
247
248     	mode = (qfprom_cdata[4] & MSM8976_CAL_SEL_MASK);
249     	dev_dbg(priv->dev, "calibration mode is %d\n", mode);
250

If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include:

Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1487355 ("Memory - illegal accesses")
Fixes: 95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")


Thanks for your attention!

-- 
Coverity-bot

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Coverity: calibrate_8976(): Memory - illegal accesses
  2019-10-28 23:03 Coverity: calibrate_8976(): Memory - illegal accesses coverity-bot
@ 2019-10-28 23:44 ` Gustavo A. R. Silva
  2019-10-29 15:59   ` Kees Cook
  0 siblings, 1 reply; 5+ messages in thread
From: Gustavo A. R. Silva @ 2019-10-28 23:44 UTC (permalink / raw)
  To: coverity-bot, AngeloGioacchino Del Regno
  Cc: Amit Kucheria, Daniel Lezcano, linux-next

Hi,

This one has been addressed already:

https://lore.kernel.org/lkml/CAK7fi1a8CiX=HVqhZSmQJdcjF1X_kdHFDwJhEpYJUcdPTcbMQA@mail.gmail.com/

Thanks
--
Gustavo

On 10/28/19 18:03, coverity-bot wrote:
> Hello!
> 
> This is an experimental automated report about issues detected by Coverity
> from a scan of next-20191025 as part of the linux-next weekly scan project:
> https://scan.coverity.com/projects/linux-next-weekly-scan
> 
> You're getting this email because you were associated with the identified
> lines of code (noted below) that were touched by recent commits:
> 
> 95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")
> 
> Coverity reported the following:
> 
> *** CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
> /drivers/thermal/qcom/tsens-v1.c: 245 in calibrate_8976()
> 239     	int mode = 0, tmp = 0;
> 240     	u32 *qfprom_cdata;
> 241
> 242     	qfprom_cdata = (u32 *)qfprom_read(priv->dev, "calib");
> 243     	if (IS_ERR(qfprom_cdata)) {
> 244     		kfree(qfprom_cdata);
> vvv     CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
> vvv     Passing freed pointer "qfprom_cdata" as an argument to "PTR_ERR".
> 245     		return PTR_ERR(qfprom_cdata);
> 246     	}
> 247
> 248     	mode = (qfprom_cdata[4] & MSM8976_CAL_SEL_MASK);
> 249     	dev_dbg(priv->dev, "calibration mode is %d\n", mode);
> 250
> 
> If this is a false positive, please let us know so we can mark it as
> such, or teach the Coverity rules to be smarter. If not, please make
> sure fixes get into linux-next. :) For patches fixing this, please
> include:
> 
> Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> Addresses-Coverity-ID: 1487355 ("Memory - illegal accesses")
> Fixes: 95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")
> 
> 
> Thanks for your attention!
> 

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Coverity: calibrate_8976(): Memory - illegal accesses
  2019-10-28 23:44 ` Gustavo A. R. Silva
@ 2019-10-29 15:59   ` Kees Cook
  2019-10-29 16:07     ` Amit Kucheria
  0 siblings, 1 reply; 5+ messages in thread
From: Kees Cook @ 2019-10-29 15:59 UTC (permalink / raw)
  To: Gustavo A. R. Silva, Colin King
  Cc: coverity-bot, AngeloGioacchino Del Regno, Amit Kucheria,
	Daniel Lezcano, Linux-Next

On Mon, Oct 28, 2019 at 5:08 PM Gustavo A. R. Silva
<gustavo@embeddedor.com> wrote:
>
> Hi,
>
> This one has been addressed already:
>
> https://lore.kernel.org/lkml/CAK7fi1a8CiX=HVqhZSmQJdcjF1X_kdHFDwJhEpYJUcdPTcbMQA@mail.gmail.com/
>

Ah-ha, excellent. Colin, do you want me to CC you on these automatic
reports too?

-Kees

> Thanks
> --
> Gustavo
>
> On 10/28/19 18:03, coverity-bot wrote:
> > Hello!
> >
> > This is an experimental automated report about issues detected by Coverity
> > from a scan of next-20191025 as part of the linux-next weekly scan project:
> > https://scan.coverity.com/projects/linux-next-weekly-scan
> >
> > You're getting this email because you were associated with the identified
> > lines of code (noted below) that were touched by recent commits:
> >
> > 95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")
> >
> > Coverity reported the following:
> >
> > *** CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
> > /drivers/thermal/qcom/tsens-v1.c: 245 in calibrate_8976()
> > 239           int mode = 0, tmp = 0;
> > 240           u32 *qfprom_cdata;
> > 241
> > 242           qfprom_cdata = (u32 *)qfprom_read(priv->dev, "calib");
> > 243           if (IS_ERR(qfprom_cdata)) {
> > 244                   kfree(qfprom_cdata);
> > vvv     CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
> > vvv     Passing freed pointer "qfprom_cdata" as an argument to "PTR_ERR".
> > 245                   return PTR_ERR(qfprom_cdata);
> > 246           }
> > 247
> > 248           mode = (qfprom_cdata[4] & MSM8976_CAL_SEL_MASK);
> > 249           dev_dbg(priv->dev, "calibration mode is %d\n", mode);
> > 250
> >
> > If this is a false positive, please let us know so we can mark it as
> > such, or teach the Coverity rules to be smarter. If not, please make
> > sure fixes get into linux-next. :) For patches fixing this, please
> > include:
> >
> > Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> > Addresses-Coverity-ID: 1487355 ("Memory - illegal accesses")
> > Fixes: 95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")
> >
> >
> > Thanks for your attention!
> >



-- 
Kees Cook

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Coverity: calibrate_8976(): Memory - illegal accesses
  2019-10-29 15:59   ` Kees Cook
@ 2019-10-29 16:07     ` Amit Kucheria
  2019-10-29 16:17       ` Kees Cook
  0 siblings, 1 reply; 5+ messages in thread
From: Amit Kucheria @ 2019-10-29 16:07 UTC (permalink / raw)
  To: Kees Cook
  Cc: Gustavo A. R. Silva, Colin King, AngeloGioacchino Del Regno,
	Daniel Lezcano, Linux-Next

On Tue, Oct 29, 2019 at 9:30 PM Kees Cook <keescook@chromium.org> wrote:
>
> On Mon, Oct 28, 2019 at 5:08 PM Gustavo A. R. Silva
> <gustavo@embeddedor.com> wrote:
> >
> > Hi,
> >
> > This one has been addressed already:
> >
> > https://lore.kernel.org/lkml/CAK7fi1a8CiX=HVqhZSmQJdcjF1X_kdHFDwJhEpYJUcdPTcbMQA@mail.gmail.com/
> >
>
> Ah-ha, excellent. Colin, do you want me to CC you on these automatic
> reports too?
>

Hi Kees,

Is coverity being run just on linux-next or on mainline too? I've
noticed it found at least one error that has existed for a long-time
only when that code was moved around.

Regards,
Amit

> > On 10/28/19 18:03, coverity-bot wrote:
> > > Hello!
> > >
> > > This is an experimental automated report about issues detected by Coverity
> > > from a scan of next-20191025 as part of the linux-next weekly scan project:
> > > https://scan.coverity.com/projects/linux-next-weekly-scan
> > >
> > > You're getting this email because you were associated with the identified
> > > lines of code (noted below) that were touched by recent commits:
> > >
> > > 95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")
> > >
> > > Coverity reported the following:
> > >
> > > *** CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
> > > /drivers/thermal/qcom/tsens-v1.c: 245 in calibrate_8976()
> > > 239           int mode = 0, tmp = 0;
> > > 240           u32 *qfprom_cdata;
> > > 241
> > > 242           qfprom_cdata = (u32 *)qfprom_read(priv->dev, "calib");
> > > 243           if (IS_ERR(qfprom_cdata)) {
> > > 244                   kfree(qfprom_cdata);
> > > vvv     CID 1487355:  Memory - illegal accesses  (USE_AFTER_FREE)
> > > vvv     Passing freed pointer "qfprom_cdata" as an argument to "PTR_ERR".
> > > 245                   return PTR_ERR(qfprom_cdata);
> > > 246           }
> > > 247
> > > 248           mode = (qfprom_cdata[4] & MSM8976_CAL_SEL_MASK);
> > > 249           dev_dbg(priv->dev, "calibration mode is %d\n", mode);
> > > 250
> > >
> > > If this is a false positive, please let us know so we can mark it as
> > > such, or teach the Coverity rules to be smarter. If not, please make
> > > sure fixes get into linux-next. :) For patches fixing this, please
> > > include:
> > >
> > > Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
> > > Addresses-Coverity-ID: 1487355 ("Memory - illegal accesses")
> > > Fixes: 95ededc17e4e ("thermal: qcom: tsens-v1: Add support for MSM8956 and MSM8976")
> > >
> > >
> > > Thanks for your attention!
> > >
>
>
>
> --
> Kees Cook

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: Coverity: calibrate_8976(): Memory - illegal accesses
  2019-10-29 16:07     ` Amit Kucheria
@ 2019-10-29 16:17       ` Kees Cook
  0 siblings, 0 replies; 5+ messages in thread
From: Kees Cook @ 2019-10-29 16:17 UTC (permalink / raw)
  To: Amit Kucheria
  Cc: Gustavo A. R. Silva, Colin King, AngeloGioacchino Del Regno,
	Daniel Lezcano, Linux-Next

On Tue, Oct 29, 2019 at 09:37:57PM +0530, Amit Kucheria wrote:
> On Tue, Oct 29, 2019 at 9:30 PM Kees Cook <keescook@chromium.org> wrote:
> >
> > On Mon, Oct 28, 2019 at 5:08 PM Gustavo A. R. Silva
> > <gustavo@embeddedor.com> wrote:
> > >
> > > Hi,
> > >
> > > This one has been addressed already:
> > >
> > > https://lore.kernel.org/lkml/CAK7fi1a8CiX=HVqhZSmQJdcjF1X_kdHFDwJhEpYJUcdPTcbMQA@mail.gmail.com/
> > >
> >
> > Ah-ha, excellent. Colin, do you want me to CC you on these automatic
> > reports too?
> >
> 
> Hi Kees,
> 
> Is coverity being run just on linux-next or on mainline too? I've
> noticed it found at least one error that has existed for a long-time
> only when that code was moved around.

There is another public Coverity scan that runs the -rcX releases. Dave
Jones tends to operate that one, and I haven't attached any tooling to
that one. I wanted to see how noisy running against linux-next was
first...

-- 
Kees Cook

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, back to index

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-28 23:03 Coverity: calibrate_8976(): Memory - illegal accesses coverity-bot
2019-10-28 23:44 ` Gustavo A. R. Silva
2019-10-29 15:59   ` Kees Cook
2019-10-29 16:07     ` Amit Kucheria
2019-10-29 16:17       ` Kees Cook

Linux-Next Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-next/0 linux-next/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-next linux-next/ https://lore.kernel.org/linux-next \
		linux-next@vger.kernel.org
	public-inbox-index linux-next

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-next


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git