Re: New Defects reported by Coverity Scan for Linux

[Om Prakash Singh <omp@xxxxxxxxxx>]

Thanks Bjorn for sharing the result.

We will work on the issue

Thanks,
Om


On 6/21/2021 6:35 PM, Bjorn Helgaas wrote:
> External email: Use caution opening links or attachments
>
>
> [+cc Om, just noticed your series of pcie-tegra194 updates]
>
> On Mon, Jun 21, 2021 at 07:44:26AM -0500, Bjorn Helgaas wrote:
> > FYI.  Looks like we rely directy on the result of a read from the
> > device to index an array, probably not a great idea.
> >
> > On Mon, Jun 21, 2021 at 07:45:30AM +0000, scan-admin@xxxxxxxxxxxx wrote:
> > > Hi,
> > >
> > > Please find the latest report on new defect(s) introduced to Linux found with Coverity Scan.
> > >
> > > 7 new defect(s) introduced to Linux found with Coverity Scan.
> > > 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
> >
> >
> > > ** CID 1475616:  Memory - illegal accesses  (OVERRUN)
> > > /drivers/pci/controller/dwc/pcie-tegra194.c: 994 in tegra_pcie_dw_start_link()
> > >
> > >
> > > ________________________________________________________________________________________________________
> > > *** CID 1475616:  Memory - illegal accesses  (OVERRUN)
> > > /drivers/pci/controller/dwc/pcie-tegra194.c: 994 in tegra_pcie_dw_start_link()
> > > 988                 retry = false;
> > > 989                 goto retry_link;
> > > 990         }
> > > 991
> > > 992         speed = dw_pcie_readw_dbi(pci, pcie->pcie_cap_base + PCI_EXP_LNKSTA) &
> > > 993                 PCI_EXP_LNKSTA_CLS;
> > > > > >      CID 1475616:  Memory - illegal accesses  (OVERRUN)
> > > > > >      Overrunning array "pcie_gen_freq" of 4 4-byte elements at element index 4294967295 (byte offset 17179869183) using index "speed - 1U" (which evaluates to 4294967295).
> > > 994         clk_set_rate(pcie->core_clk, pcie_gen_freq[speed - 1]);
> > > 995
> > > 996         tegra_pcie_enable_interrupts(pp);
> > > 997
> > > 998         return 0;
> > > 999     }
> > >
> > > ** CID 1475402:  Memory - illegal accesses  (OVERRUN)
> > > /drivers/pci/controller/dwc/pcie-tegra194.c: 457 in tegra_pcie_ep_irq_thread()
> > >
> > >
> > > ________________________________________________________________________________________________________
> > > *** CID 1475402:  Memory - illegal accesses  (OVERRUN)
> > > /drivers/pci/controller/dwc/pcie-tegra194.c: 457 in tegra_pcie_ep_irq_thread()
> > > 451         struct tegra_pcie_dw *pcie = arg;
> > > 452         struct dw_pcie *pci = &pcie->pci;
> > > 453         u32 val, speed;
> > > 454
> > > 455         speed = dw_pcie_readw_dbi(pci, pcie->pcie_cap_base + PCI_EXP_LNKSTA) &
> > > 456                 PCI_EXP_LNKSTA_CLS;
> > > > > >      CID 1475402:  Memory - illegal accesses  (OVERRUN)
> > > > > >      Overrunning array "pcie_gen_freq" of 4 4-byte elements at element index 4294967295 (byte offset 17179869183) using index "speed - 1U" (which evaluates to 4294967295).
> > > 457         clk_set_rate(pcie->core_clk, pcie_gen_freq[speed - 1]);
> > > 458
> > > 459         /* If EP doesn't advertise L1SS, just return */
> > > 460         val = dw_pcie_readl_dbi(pci, pcie->cfg_link_cap_l1sub);
> > > 461         if (!(val & (PCI_L1SS_CAP_ASPM_L1_1 | PCI_L1SS_CAP_ASPM_L1_2)))
> > > 462                 return IRQ_HANDLED;