Linux-Next Archive on
 help / color / Atom feed
From: coverity-bot <>
To: Marc Kleine-Budde <>
Cc: "Gustavo A. R. Silva" <>,
Subject: Coverity: mcp251xfd_dump_rx_ring(): Memory - illegal accesses
Date: Wed, 31 Mar 2021 14:59:44 -0700
Message-ID: <202103311459.93EB7DEBDC@keescook> (raw)


This is an experimental semi-automated report about issues detected by
Coverity from a scan of next-20210331 as part of the linux-next scan project:

You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by commits:

    e0ab3dd5f98f ("can: mcp251xfd: add dev coredump support")

Coverity reported the following:

*** CID 1503585:  Memory - illegal accesses  (OVERRUN)
/drivers/net/can/spi/mcp251xfd/mcp251xfd-dump.c: 190 in mcp251xfd_dump_rx_ring()
184     static void mcp251xfd_dump_rx_ring(const struct mcp251xfd_priv *priv,
185     				   struct mcp251xfd_dump_iter *iter)
186     {
187     	struct mcp251xfd_rx_ring *rx_ring;
188     	unsigned int i;
vvv     CID 1503585:  Memory - illegal accesses  (OVERRUN)
vvv     Overrunning array of 1 8-byte elements at element index 1 (byte offset 15) by dereferencing pointer "priv->rx + i".
190     	mcp251xfd_for_each_rx_ring(priv, rx_ring, i)
191     		mcp251xfd_dump_rx_ring_one(priv, iter, rx_ring);
192     }
194     static void mcp251xfd_dump_tx_ring(const struct mcp251xfd_priv *priv,
195     				   struct mcp251xfd_dump_iter *iter)

If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include these lines (but double-check the "Fixes" first):

Reported-by: coverity-bot <>
Addresses-Coverity-ID: 1503585 ("Memory - illegal accesses")
Fixes: e0ab3dd5f98f ("can: mcp251xfd: add dev coredump support")

Thanks for your attention!


             reply index

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-03-31 21:59 coverity-bot [this message]
2021-04-01  7:49 ` Marc Kleine-Budde
2021-04-01 20:37   ` Kees Cook

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202103311459.93EB7DEBDC@keescook \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Next Archive on

Archives are clonable:
	git clone --mirror linux-next/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-next linux-next/ \
	public-inbox-index linux-next

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone