Coverity-updates archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
New Defects reported by Coverity Scan for NetBSD-amd64-kernel
Hi,
Please find the latest report on new defect(s) introduced to NetBSD-amd64-kernel found with Coverity Scan.
3 new defect(s) introduced to NetBSD-amd64-kernel found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1325753: Control flow issues (UNREACHABLE)
/sys/kern/kern_time.c: 322 in sys_clock_nanosleep()
________________________________________________________________________________________________________
*** CID 1325753: Control flow issues (UNREACHABLE)
/sys/kern/kern_time.c: 322 in sys_clock_nanosleep()
316 SCARG(uap, rmtp) ? &rmt : NULL);
317 if (SCARG(uap, rmtp) == NULL || (error != 0 && error != EINTR))
318 goto out;
319 return error;
320
321 if ((error1 = copyout(&rmt, SCARG(uap, rmtp), sizeof(rmt))) != 0)
>>> CID 1325753: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "error = error1;".
322 error = error1;
323 out:
324 *retval = error;
325 return 0;
326 }
327
** CID 1325752: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/sys/dev/acpi/acpi_mcfg.c: 186 in acpimcfg_parse_callback()
________________________________________________________________________________________________________
*** CID 1325752: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/sys/dev/acpi/acpi_mcfg.c: 186 in acpimcfg_parse_callback()
180 "Address=0x%016" PRIx64 ", Length=0x%016" PRIx64 "\n",
181 mr->hid, res->Type, type, mapaddr, mapsize);
182
183 if (mr->address < mapaddr || mr->address >= mapaddr + mapsize)
184 return_ACPI_STATUS(AE_OK);
185
>>> CID 1325752: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "(mr->bus_end - mr->bus_start + 1) * 1048576" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "__uint64_t" (64 bits, unsigned).
186 size = (mr->bus_end - mr->bus_start + 1) * ACPIMCFG_SIZE_PER_BUS;
187
188 /* full map */
189 if (mr->address + size <= mapaddr + mapsize) {
190 mr->found = true;
191 return_ACPI_STATUS(AE_CTRL_TERMINATE);
** CID 1325751: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/sys/arch/x86/acpi/acpi_machdep.c: 355 in acpi_md_mcfg_validate()
________________________________________________________________________________________________________
*** CID 1325751: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/sys/arch/x86/acpi/acpi_machdep.c: 355 in acpi_md_mcfg_validate()
349 int i, n;
350
351 bim = lookup_bootinfo(BTINFO_MEMMAP);
352 if (bim == NULL)
353 return false;
354
>>> CID 1325751: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "(*bus_end - bus_start + 1) * 1048576" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "__uint64_t" (64 bits, unsigned).
355 size = (*bus_end - bus_start + 1) * ACPIMCFG_SIZE_PER_BUS;
356 for (i = 0; i < bim->num; i++) {
357 mapaddr = bim->entry[i].addr;
358 mapsize = bim->entry[i].size;
359 type = bim->entry[i].type;
360
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/netbsd-amd64-kernel?tab=overview
To manage Coverity Scan email notifications for "coverity-updates%netbsd.org@localhost", click https://scan.coverity.com/subscriptions/edit?email=coverity-updates%40netbsd.org&token=487286ca1a9a4f4bd485d16f66b5e782
Home |
Main Index |
Thread Index |
Old Index