From: coverity-bot <keescook@chromium.org>
To: Charles McLachlan <cmclachlan@solarflare.com>
Cc: Jesper Dangaard Brouer <brouer@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
"Gustavo A. R. Silva" <gustavo@embeddedor.com>,
linux-next@vger.kernel.org
Subject: Coverity: efx_probe_interrupts(): OVERRUN
Date: Mon, 11 Nov 2019 17:35:31 -0800 [thread overview]
Message-ID: <201911111735.76A768883@keescook> (raw)
Hello!
This is an experimental automated report about issues detected by Coverity
from a scan of next-20191108 as part of the linux-next weekly scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan
You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by recent commits:
3990a8fffbda ("sfc: allocate channels for XDP tx queues")
Coverity reported the following:
*** CID 1487845: (OVERRUN)
/drivers/net/ethernet/sfc/efx.c: 1570 in efx_probe_interrupts()
1564
1565 rc = efx_allocate_msix_channels(efx, efx->max_channels,
1566 extra_channels, parallelism);
1567 if (rc >= 0) {
1568 n_channels = rc;
1569 for (i = 0; i < n_channels; i++)
vvv CID 1487845: (OVERRUN)
vvv Overrunning array "xentries" of 32 8-byte elements at element index 2047 (byte offset 16383) using index "i" (which evaluates to 2047).
1570 xentries[i].entry = i;
1571 rc = pci_enable_msix_range(efx->pci_dev, xentries, 1,
1572 n_channels);
1573 }
1574 if (rc < 0) {
1575 /* Fall back to single channel MSI */
/drivers/net/ethernet/sfc/efx.c: 1571 in efx_probe_interrupts()
1565 rc = efx_allocate_msix_channels(efx, efx->max_channels,
1566 extra_channels, parallelism);
1567 if (rc >= 0) {
1568 n_channels = rc;
1569 for (i = 0; i < n_channels; i++)
1570 xentries[i].entry = i;
vvv CID 1487845: (OVERRUN)
vvv Overrunning array "xentries" of 32 8-byte elements by passing it to a function which accesses it at element index 2047 (byte offset 16383) using argument "n_channels" (which evaluates to 2048).
1571 rc = pci_enable_msix_range(efx->pci_dev, xentries, 1,
1572 n_channels);
1573 }
1574 if (rc < 0) {
1575 /* Fall back to single channel MSI */
1576 netif_err(efx, drv, efx->net_dev,
If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include these lines (but double-check the "Fixes" first):
Reported-by: coverity-bot <keescook+coverity-bot@chromium.org>
Addresses-Coverity-ID: 1487845 ("OVERRUN")
Fixes: 3990a8fffbda ("sfc: allocate channels for XDP tx queues")
Thanks for your attention!
--
Coverity-bot
reply other threads:[~2019-11-12 1:35 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201911111735.76A768883@keescook \
--to=keescook@chromium.org \
--cc=brouer@redhat.com \
--cc=cmclachlan@solarflare.com \
--cc=davem@davemloft.net \
--cc=gustavo@embeddedor.com \
--cc=linux-next@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox