New Defects reported by Coverity Scan for NetBSD-amd64-kernel

To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
From: scan-admin%coverity.com@localhost
Date: Tue, 18 Feb 2014 14:01:41 -0800
Hi,


Please find the latest report on new defect(s) introduced to 
NetBSD-amd64-kernel found with Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1175827:  Operands don't affect result  (CONSTANT_EXPRESSION_RESULT)
/sys/external/bsd/compiler_rt/dist/lib/modti3.c: 29 in __modti3()

** CID 1175828:  Operands don't affect result  (CONSTANT_EXPRESSION_RESULT)
/sys/external/bsd/compiler_rt/dist/lib/popcountti2.c: 34 in __popcountti2()

** CID 1018042:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/sys/external/bsd/compiler_rt/dist/lib/udivmoddi4.c: 67 in __udivmoddi4()
/sys/external/bsd/compiler_rt/dist/lib/udivmoddi4.c: 66 in __udivmoddi4()

** CID 1175829:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/sys/external/bsd/compiler_rt/dist/lib/udivmodti4.c: 69 in __udivmodti4()
/sys/external/bsd/compiler_rt/dist/lib/udivmodti4.c: 68 in __udivmodti4()

** CID 1175830:  Out-of-bounds write  (OVERRUN)
/sys/compat/linux32/common/linux32_exec_elf32.c: 211 in linux32_elf32_copyargs()


________________________________________________________________________________________________________
*** CID 1175827:  Operands don't affect result  (CONSTANT_EXPRESSION_RESULT)
/sys/external/bsd/compiler_rt/dist/lib/modti3.c: 29 in __modti3()
23     ti_int
24     __modti3(ti_int a, ti_int b)
25     {
26         const int bits_in_tword_m1 = (int)(sizeof(ti_int) * CHAR_BIT) - 1;
27         ti_int s = b >> bits_in_tword_m1;  /* s = b < 0 ? -1 : 0 */
28         b = (b ^ s) - s;                   /* negate if s == -1 */
>>>     CID 1175827:  Operands don't affect result  (CONSTANT_EXPRESSION_RESULT)
>>>     "a >> 127 /* bits_in_tword_m1 */" is 0 regardless of the values of its 
>>> operands. This occurs as the operand of assignment.
29         s = a >> bits_in_tword_m1;         /* s = a < 0 ? -1 : 0 */
30         a = (a ^ s) - s;                   /* negate if s == -1 */
31         ti_int r;
32         __udivmodti4(a, b, (tu_int*)&r);
33         return (r ^ s) - s;                /* negate if s == -1 */
34     }
35     

________________________________________________________________________________________________________
*** CID 1175828:  Operands don't affect result  (CONSTANT_EXPRESSION_RESULT)
/sys/external/bsd/compiler_rt/dist/lib/popcountti2.c: 34 in __popcountti2()
28         x3 = ((x3 >> 2) & (((tu_int)0x3333333333333333uLL << 64) | 
0x3333333333333333uLL))
29            + (x3 & (((tu_int)0x3333333333333333uLL << 64) | 
0x3333333333333333uLL));
30         /* Every 4 bits holds the sum of every 4-set of bits (3 significant 
bits) (32) */
31         x3 = (x3 + (x3 >> 4))
32            & (((tu_int)0x0F0F0F0F0F0F0F0FuLL << 64) | 0x0F0F0F0F0F0F0F0FuLL);
33         /* Every 8 bits holds the sum of every 8-set of bits (4 significant 
bits) (16) */
>>>     CID 1175828:  Operands don't affect result  (CONSTANT_EXPRESSION_RESULT)
>>>     "x3 >> 64" is 0 regardless of the values of its operands. This occurs 
>>> as a value.
34         du_int x2 = (du_int)(x3 + (x3 >> 64));
35         /* Every 8 bits holds the sum of every 8-set of bits (5 significant 
bits) (8) */
36         su_int x = (su_int)(x2 + (x2 >> 32));
37         /* Every 8 bits holds the sum of every 8-set of bits (6 significant 
bits) (4) */
38         x = x + (x >> 16);
39         /* Every 8 bits holds the sum of every 8-set of bits (7 significant 
bits) (2) */

________________________________________________________________________________________________________
*** CID 1018042:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/sys/external/bsd/compiler_rt/dist/lib/udivmoddi4.c: 67 in __udivmoddi4()
61                 /* K X
62                  * ---
63                  * 0 0
64                  */ 
65                 if (rem)
66                     *rem = n.s.high % d.s.low;
>>>     CID 1018042:  Division or modulo by zero  (DIVIDE_BY_ZERO)
>>>     In expression "n.s.high / d.s.low", division by expression "d.s.low" 
>>> which may be zero has undefined behavior.
67                 return n.s.high / d.s.low;
68             }
69             /* d.s.high != 0 */
70             if (n.s.low == 0)
71             {
72                 /* K 0
/sys/external/bsd/compiler_rt/dist/lib/udivmoddi4.c: 66 in __udivmoddi4()
60             {
61                 /* K X
62                  * ---
63                  * 0 0
64                  */ 
65                 if (rem)
>>>     CID 1018042:  Division or modulo by zero  (DIVIDE_BY_ZERO)
>>>     In expression "n.s.high % d.s.low" modulo by expression "d.s.low" which 
>>> may be zero has undefined behavior.
66                     *rem = n.s.high % d.s.low;
67                 return n.s.high / d.s.low;
68             }
69             /* d.s.high != 0 */
70             if (n.s.low == 0)
71             {

________________________________________________________________________________________________________
*** CID 1175829:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/sys/external/bsd/compiler_rt/dist/lib/udivmodti4.c: 69 in __udivmodti4()
63                 /* K X
64                  * ---
65                  * 0 0
66                  */
67                 if (rem)
68                     *rem = n.s.high % d.s.low;
>>>     CID 1175829:  Division or modulo by zero  (DIVIDE_BY_ZERO)
>>>     In expression "n.s.high / d.s.low", division by expression "d.s.low" 
>>> which may be zero has undefined behavior.
69                 return n.s.high / d.s.low;
70             }
71             /* d.s.high != 0 */
72             if (n.s.low == 0)
73             {
74                 /* K 0
/sys/external/bsd/compiler_rt/dist/lib/udivmodti4.c: 68 in __udivmodti4()
62             {
63                 /* K X
64                  * ---
65                  * 0 0
66                  */
67                 if (rem)
>>>     CID 1175829:  Division or modulo by zero  (DIVIDE_BY_ZERO)
>>>     In expression "n.s.high % d.s.low" modulo by expression "d.s.low" which 
>>> may be zero has undefined behavior.
68                     *rem = n.s.high % d.s.low;
69                 return n.s.high / d.s.low;
70             }
71             /* d.s.high != 0 */
72             if (n.s.low == 0)
73             {

________________________________________________________________________________________________________
*** CID 1175830:  Out-of-bounds write  (OVERRUN)
/sys/compat/linux32/common/linux32_exec_elf32.c: 211 in linux32_elf32_copyargs()
205     
206             a->a_type = LINUX_AT_PLATFORM;
207             a->a_v = NETBSD32PTR32I(&esdp->hw_platform[0]);
208             a++;
209     #endif
210     
>>>     CID 1175830:  Out-of-bounds write  (OVERRUN)
>>>     Overrunning array of 14 8-byte elements at element index 14 (byte 
>>> offset 112) by dereferencing pointer "a".
211             a->a_type = AT_NULL;
212             a->a_v = 0;
213             a++;
214     
215             randbytes[0] = cprng_strong32();
216             randbytes[1] = cprng_strong32();


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/1447?tab=Overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py
Prev by Date: New Defects reported by Coverity Scan for NetBSD-i386-kernel
Next by Date: New Defects reported by Coverity Scan for NetBSD
Previous by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Next by Thread: New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Indexes:
Home | Main Index | Thread Index | Old Index