From: Bjorn Helgaas <helgaas@kernel.org>
To: Thierry Reding <thierry.reding@gmail.com>,
Jonathan Hunter <jonathanh@nvidia.com>,
Vidya Sagar <vidyas@nvidia.com>,
Om Prakash Singh <omp@nvidia.com>
Cc: linux-pci@vger.kernel.org
Subject: Re: New Defects reported by Coverity Scan for Linux
Date: Mon, 21 Jun 2021 08:05:26 -0500 [thread overview]
Message-ID: <20210621130526.GA3289008@bjorn-Precision-5520> (raw)
In-Reply-To: <20210621124420.GA3287195@bjorn-Precision-5520>
[+cc Om, just noticed your series of pcie-tegra194 updates]
On Mon, Jun 21, 2021 at 07:44:26AM -0500, Bjorn Helgaas wrote:
> FYI. Looks like we rely directy on the result of a read from the
> device to index an array, probably not a great idea.
>
> On Mon, Jun 21, 2021 at 07:45:30AM +0000, scan-admin@coverity.com wrote:
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to Linux found with Coverity Scan.
> >
> > 7 new defect(s) introduced to Linux found with Coverity Scan.
> > 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
>
> > ** CID 1475616: Memory - illegal accesses (OVERRUN)
> > /drivers/pci/controller/dwc/pcie-tegra194.c: 994 in tegra_pcie_dw_start_link()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1475616: Memory - illegal accesses (OVERRUN)
> > /drivers/pci/controller/dwc/pcie-tegra194.c: 994 in tegra_pcie_dw_start_link()
> > 988 retry = false;
> > 989 goto retry_link;
> > 990 }
> > 991
> > 992 speed = dw_pcie_readw_dbi(pci, pcie->pcie_cap_base + PCI_EXP_LNKSTA) &
> > 993 PCI_EXP_LNKSTA_CLS;
> > >>> CID 1475616: Memory - illegal accesses (OVERRUN)
> > >>> Overrunning array "pcie_gen_freq" of 4 4-byte elements at element index 4294967295 (byte offset 17179869183) using index "speed - 1U" (which evaluates to 4294967295).
> > 994 clk_set_rate(pcie->core_clk, pcie_gen_freq[speed - 1]);
> > 995
> > 996 tegra_pcie_enable_interrupts(pp);
> > 997
> > 998 return 0;
> > 999 }
> >
> > ** CID 1475402: Memory - illegal accesses (OVERRUN)
> > /drivers/pci/controller/dwc/pcie-tegra194.c: 457 in tegra_pcie_ep_irq_thread()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1475402: Memory - illegal accesses (OVERRUN)
> > /drivers/pci/controller/dwc/pcie-tegra194.c: 457 in tegra_pcie_ep_irq_thread()
> > 451 struct tegra_pcie_dw *pcie = arg;
> > 452 struct dw_pcie *pci = &pcie->pci;
> > 453 u32 val, speed;
> > 454
> > 455 speed = dw_pcie_readw_dbi(pci, pcie->pcie_cap_base + PCI_EXP_LNKSTA) &
> > 456 PCI_EXP_LNKSTA_CLS;
> > >>> CID 1475402: Memory - illegal accesses (OVERRUN)
> > >>> Overrunning array "pcie_gen_freq" of 4 4-byte elements at element index 4294967295 (byte offset 17179869183) using index "speed - 1U" (which evaluates to 4294967295).
> > 457 clk_set_rate(pcie->core_clk, pcie_gen_freq[speed - 1]);
> > 458
> > 459 /* If EP doesn't advertise L1SS, just return */
> > 460 val = dw_pcie_readl_dbi(pci, pcie->cfg_link_cap_l1sub);
> > 461 if (!(val & (PCI_L1SS_CAP_ASPM_L1_1 | PCI_L1SS_CAP_ASPM_L1_2)))
> > 462 return IRQ_HANDLED;
next prev parent reply other threads:[~2021-06-21 13:05 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <60d0439a1c15c_16db9f2ab48dcf79b875634@prd-scan-dashboard-0.mail>
2021-06-21 12:44 ` New Defects reported by Coverity Scan for Linux Bjorn Helgaas
2021-06-21 13:05 ` Bjorn Helgaas [this message]
2021-06-21 14:14 ` Om Prakash Singh
[not found] <6020c2368a549_2dfbcf2b02da5acf501000c7@prd-scan-dashboard-0.mail>
2021-02-08 16:26 ` Bjorn Helgaas
2021-02-08 22:19 ` Krzysztof Wilczyński
2020-11-10 17:16 Bjorn Helgaas
2020-11-10 23:36 ` Gustavo Pimentel
2020-11-11 15:34 ` Rob Herring
2020-11-11 21:06 ` Bjorn Helgaas
2020-11-11 22:10 ` Rob Herring
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210621130526.GA3289008@bjorn-Precision-5520 \
--to=helgaas@kernel.org \
--cc=jonathanh@nvidia.com \
--cc=linux-pci@vger.kernel.org \
--cc=omp@nvidia.com \
--cc=thierry.reding@gmail.com \
--cc=vidyas@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).