Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
3 new defect(s) introduced to coreboot found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s)
** CID 1501510: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/commonlib/bsd/include/commonlib/bsd/mem_chip_info.h: 104 in mem_chip_info_total_density_bytes()
________________________________________________________________________________________________________ *** CID 1501510: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/commonlib/bsd/include/commonlib/bsd/mem_chip_info.h: 104 in mem_chip_info_total_density_bytes() 98 { 99 uint64_t bytes = 0; 100 int i; 101 102 for (i = 0; i < info->num_entries; i++) { 103 const struct mem_chip_entry *e = &info->entries[i];
CID 1501510: Integer handling issues (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "e->density_mbits * (e->channel_io_width / e->io_width)" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
104 bytes += e->density_mbits * (e->channel_io_width / e->io_width) * (MiB / 8); 105 } 106 107 return bytes; 108 } 109
** CID 1501509: (CONSTANT_EXPRESSION_RESULT) /src/soc/amd/cezanne/fsp_m_params.c: 160 in platform_fsp_memory_init_params_cb() /src/soc/amd/morgana/fsp_m_params.c: 162 in platform_fsp_memory_init_params_cb() /src/soc/amd/mendocino/fsp_m_params.c: 161 in platform_fsp_memory_init_params_cb() /src/soc/amd/glinda/fsp_m_params.c: 162 in platform_fsp_memory_init_params_cb()
________________________________________________________________________________________________________ *** CID 1501509: (CONSTANT_EXPRESSION_RESULT) /src/soc/amd/cezanne/fsp_m_params.c: 160 in platform_fsp_memory_init_params_cb() 154 /* devicetree config is const, use local copy */ 155 static struct usb_phy_config lcl_usb_phy; 156 lcl_usb_phy = config->usb_phy; 157 lcl_usb_phy.Version_Major = FSP_USB_STRUCT_MAJOR_VERSION; 158 lcl_usb_phy.Version_Minor = FSP_USB_STRUCT_MINOR_VERSION; 159 lcl_usb_phy.TableLength = sizeof(struct usb_phy_config);
CID 1501509: (CONSTANT_EXPRESSION_RESULT) "(uintptr_t)&lcl_usb_phy <= 4294967295UL /* (uint32_t)4294967295U */" is always true regardless of the values of its operands. This occurs as the logical operand of "if".
160 if ((uintptr_t)&lcl_usb_phy <= UINT32_MAX) { 161 mcfg->usb_phy_ptr = (uint32_t)(uintptr_t)&lcl_usb_phy; 162 } else { 163 printk(BIOS_ERR, "USB PHY config struct above 4GB; can't pass USB PHY " 164 "configuration to 32 bit FSP.\n"); 165 mcfg->usb_phy_ptr = 0; /src/soc/amd/morgana/fsp_m_params.c: 162 in platform_fsp_memory_init_params_cb() 156 /* devicetree config is const, use local copy */ 157 static struct usb_phy_config lcl_usb_phy; 158 lcl_usb_phy = config->usb_phy; 159 lcl_usb_phy.Version_Major = FSP_USB_STRUCT_MAJOR_VERSION; 160 lcl_usb_phy.Version_Minor = FSP_USB_STRUCT_MINOR_VERSION; 161 lcl_usb_phy.TableLength = sizeof(struct usb_phy_config);
CID 1501509: (CONSTANT_EXPRESSION_RESULT) "(uintptr_t)&lcl_usb_phy <= 4294967295UL /* (uint32_t)4294967295U */" is always true regardless of the values of its operands. This occurs as the logical operand of "if".
162 if ((uintptr_t)&lcl_usb_phy <= UINT32_MAX) { 163 mcfg->usb_phy_ptr = (uint32_t)(uintptr_t)&lcl_usb_phy; 164 } else { 165 printk(BIOS_ERR, "USB PHY config struct above 4GB; can't pass USB PHY " 166 "configuration to 32 bit FSP.\n"); 167 mcfg->usb_phy_ptr = 0; /src/soc/amd/mendocino/fsp_m_params.c: 161 in platform_fsp_memory_init_params_cb() 155 /* devicetree config is const, use local copy */ 156 static struct usb_phy_config lcl_usb_phy; 157 lcl_usb_phy = config->usb_phy; 158 lcl_usb_phy.Version_Major = FSP_USB_STRUCT_MAJOR_VERSION; 159 lcl_usb_phy.Version_Minor = FSP_USB_STRUCT_MINOR_VERSION; 160 lcl_usb_phy.TableLength = sizeof(struct usb_phy_config);
CID 1501509: (CONSTANT_EXPRESSION_RESULT) "(uintptr_t)&lcl_usb_phy <= 4294967295UL /* (uint32_t)4294967295U */" is always true regardless of the values of its operands. This occurs as the logical operand of "if".
161 if ((uintptr_t)&lcl_usb_phy <= UINT32_MAX) { 162 mcfg->usb_phy_ptr = (uint32_t)(uintptr_t)&lcl_usb_phy; 163 } else { 164 printk(BIOS_ERR, "USB PHY config struct above 4GB; can't pass USB PHY " 165 "configuration to 32 bit FSP.\n"); 166 mcfg->usb_phy_ptr = 0; /src/soc/amd/glinda/fsp_m_params.c: 162 in platform_fsp_memory_init_params_cb() 156 /* devicetree config is const, use local copy */ 157 static struct usb_phy_config lcl_usb_phy; 158 lcl_usb_phy = config->usb_phy; 159 lcl_usb_phy.Version_Major = FSP_USB_STRUCT_MAJOR_VERSION; 160 lcl_usb_phy.Version_Minor = FSP_USB_STRUCT_MINOR_VERSION; 161 lcl_usb_phy.TableLength = sizeof(struct usb_phy_config);
CID 1501509: (CONSTANT_EXPRESSION_RESULT) "(uintptr_t)&lcl_usb_phy <= 4294967295UL /* (uint32_t)4294967295U */" is always true regardless of the values of its operands. This occurs as the logical operand of "if".
162 if ((uintptr_t)&lcl_usb_phy <= UINT32_MAX) { 163 mcfg->usb_phy_ptr = (uint32_t)(uintptr_t)&lcl_usb_phy; 164 } else { 165 printk(BIOS_ERR, "USB PHY config struct above 4GB; can't pass USB PHY " 166 "configuration to 32 bit FSP.\n"); 167 mcfg->usb_phy_ptr = 0;
** CID 1501508: Null pointer dereferences (FORWARD_NULL) /src/drivers/intel/fsp2_0/memory_init.c: 61 in do_fsp_post_memory_init()
________________________________________________________________________________________________________ *** CID 1501508: Null pointer dereferences (FORWARD_NULL) /src/drivers/intel/fsp2_0/memory_init.c: 61 in do_fsp_post_memory_init() 55 /* ramstage uses the FSP-M version when updating the MRC cache */ 56 if (CONFIG(CACHE_MRC_SETTINGS) && !s3wake) { 57 fsp_version_cbmem = cbmem_add(CBMEM_ID_FSPM_VERSION, 58 sizeof(fsp_version)); 59 if (!fsp_version_cbmem) 60 printk(BIOS_ERR, "Failed to add FSP-M version to cbmem.\n");
CID 1501508: Null pointer dereferences (FORWARD_NULL) Dereferencing null pointer "fsp_version_cbmem".
61 *fsp_version_cbmem = fsp_version; 62 } 63 64 /* Create romstage handof information */ 65 romstage_handoff_init(s3wake); 66 }
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...