Fwd: New Defects reported by Coverity Scan for Das U-Boot
Tom Rini
trini at konsulko.com
Fri Jun 26 23:53:59 CEST 2026
On Fri, Jun 26, 2026 at 08:28:34PM +0200, Quentin Schulz wrote:
> Hi Tom,
>
> On 6/23/26 12:43 AM, Tom Rini wrote:
> > Hey all,
> >
> > Coverity is back up finally and so here's the result of changes for the
> > last three RCs.
> >
> > ---------- Forwarded message ---------
> > From: <scan-admin at coverity.com>
> > Date: Mon, Jun 22, 2026 at 4:40 PM
> > Subject: New Defects reported by Coverity Scan for Das U-Boot
> > To: <tom.rini at gmail.com>
> >
> >
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to *Das U-Boot*
> > found with Coverity Scan.
> >
> > - *New Defects Found:* 1
> > - 4 defect(s), reported by Coverity Scan earlier, were marked fixed in
> > the recent build analyzed by Coverity Scan.
> > - *Defects Shown:* Showing 1 of 1 defect(s)
> >
> > Defect Details
> >
> > ** CID 646439: Integer handling issues (INTEGER_OVERFLOW)
> > /test/cmd/part.c: 53 in setup_gpt_partitions()
> >
> >
> > _____________________________________________________________________________________________
> > *** CID 646439: Integer handling issues (INTEGER_OVERFLOW)
> > /test/cmd/part.c: 53 in setup_gpt_partitions()
> > 47 snprintf(dev_str, sizeof(dev_str), "%u", mmc_dev_num);
> > 48
> > 49 ret = blk_get_device_by_str("mmc", dev_str, &mmc_dev_desc);
> > 50 if (ret == -ENODEV)
> > 51 return -EAGAIN;
> > 52
> > > > > CID 646439: Integer handling issues (INTEGER_OVERFLOW)
> > > > > Expression "_val2", where "ret" is known to be equal to -22, overflows the type of "_val2", which is type "unsigned int".
> > 53 ut_asserteq(mmc_dev_num, ret);
> > 54
>
> Does Coverity complain if we do:
>
> ut_assert(ret >= 0);
> ut_asserteq(mmc_dev_num, ret);
>
> ?
I wish it was easier to test questions like that.
> We also use the same ut_asserteq() check in many oher places with the return
> value of blk_get_device_by_str() so I'm surprised it doesn't complain about
> those and why.
Looking at open issues on test/lib/lmb.c, which has a "ut_assert(ret >= 0)"
in it, and is happy with it, yes, we should be able to make changes as
you suggest I believe.
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20260626/31c3c4a7/attachment.sig>
More information about the U-Boot
mailing list