[coreboot] New Defects reported by Coverity Scan for coreboot
scan-admin at coverity.com
scan-admin at coverity.com
Tue Feb 6 17:06:12 CET 2018
Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
7 new defect(s) introduced to coreboot found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)
** CID 1385770: Memory - corruptions (OVERRUN)
/3rdparty/arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c: 629 in rockchip_soc_cores_pwr_dm_on()
________________________________________________________________________________________________________
*** CID 1385770: Memory - corruptions (OVERRUN)
/3rdparty/arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c: 629 in rockchip_soc_cores_pwr_dm_on()
623 int rockchip_soc_cores_pwr_dm_on(unsigned long mpidr, uint64_t entrypoint)
624 {
625 uint32_t cpu_id = plat_core_pos_by_mpidr(mpidr);
626
627 assert(cpu_id < PLATFORM_CORE_COUNT);
628 assert(cpuson_flags[cpu_id] == 0);
>>> CID 1385770: Memory - corruptions (OVERRUN)
>>> Overrunning array "cpuson_flags" of 6 4-byte elements at element index 4294967295 (byte offset 17179869180) using index "cpu_id" (which evaluates to 4294967295).
629 cpuson_flags[cpu_id] = PMU_CPU_HOTPLUG;
630 cpuson_entry_point[cpu_id] = entrypoint;
631 dsb();
632
633 cpus_power_domain_on(cpu_id);
634
** CID 1385769: Memory - corruptions (OVERRUN)
/3rdparty/arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c: 630 in rockchip_soc_cores_pwr_dm_on()
________________________________________________________________________________________________________
*** CID 1385769: Memory - corruptions (OVERRUN)
/3rdparty/arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c: 630 in rockchip_soc_cores_pwr_dm_on()
624 {
625 uint32_t cpu_id = plat_core_pos_by_mpidr(mpidr);
626
627 assert(cpu_id < PLATFORM_CORE_COUNT);
628 assert(cpuson_flags[cpu_id] == 0);
629 cpuson_flags[cpu_id] = PMU_CPU_HOTPLUG;
>>> CID 1385769: Memory - corruptions (OVERRUN)
>>> Overrunning array "cpuson_entry_point" of 6 8-byte elements at element index 4294967295 (byte offset 34359738360) using index "cpu_id" (which evaluates to 4294967295).
630 cpuson_entry_point[cpu_id] = entrypoint;
631 dsb();
632
633 cpus_power_domain_on(cpu_id);
634
635 return PSCI_E_SUCCESS;
** CID 1385768: Code maintainability issues (UNUSED_VALUE)
/3rdparty/arm-trusted-firmware/drivers/arm/gic/v3/arm_gicv3_common.c: 40 in arm_gicv3_distif_pre_save()
________________________________________________________________________________________________________
*** CID 1385768: Code maintainability issues (UNUSED_VALUE)
/3rdparty/arm-trusted-firmware/drivers/arm/gic/v3/arm_gicv3_common.c: 40 in arm_gicv3_distif_pre_save()
34 /*
35 * The GICR_WAKER.Sleep bit should be set only when both
36 * GICR_WAKER.ChildrenAsleep and GICR_WAKER.ProcessorSleep are set on
37 * all the Redistributors.
38 */
39 for (unsigned int i = 0; i < gicv3_driver_data->rdistif_num; i++) {
>>> CID 1385768: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "gicv3_driver_data->rdistif_base_addrs[i]" to "gicr_base" here, but that stored value is overwritten before it can be used.
40 gicr_base = gicv3_driver_data->rdistif_base_addrs[i];
41 assert(gicr_base);
42 assert(gicr_read_waker(gicr_base) & WAKER_CA_BIT);
43 assert(gicr_read_waker(gicr_base) & WAKER_PS_BIT);
44 }
45
** CID 1385767: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1385767: Memory - corruptions (OVERRUN)
/3rdparty/arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c: 633 in rockchip_soc_cores_pwr_dm_on()
627 assert(cpu_id < PLATFORM_CORE_COUNT);
628 assert(cpuson_flags[cpu_id] == 0);
629 cpuson_flags[cpu_id] = PMU_CPU_HOTPLUG;
630 cpuson_entry_point[cpu_id] = entrypoint;
631 dsb();
632
>>> CID 1385767: Memory - corruptions (OVERRUN)
>>> Overrunning callee's array of size 6 by passing argument "cpu_id" (which evaluates to 4294967295) in call to "cpus_power_domain_on".
633 cpus_power_domain_on(cpu_id);
634
635 return PSCI_E_SUCCESS;
636 }
637
638 int rockchip_soc_cores_pwr_dm_off(void)
** CID 1385766: Memory - corruptions (NEGATIVE_RETURNS)
/3rdparty/arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c: 629 in rockchip_soc_cores_pwr_dm_on()
________________________________________________________________________________________________________
*** CID 1385766: Memory - corruptions (NEGATIVE_RETURNS)
/3rdparty/arm-trusted-firmware/plat/rockchip/rk3399/drivers/pmu/pmu.c: 629 in rockchip_soc_cores_pwr_dm_on()
623 int rockchip_soc_cores_pwr_dm_on(unsigned long mpidr, uint64_t entrypoint)
624 {
625 uint32_t cpu_id = plat_core_pos_by_mpidr(mpidr);
626
627 assert(cpu_id < PLATFORM_CORE_COUNT);
628 assert(cpuson_flags[cpu_id] == 0);
>>> CID 1385766: Memory - corruptions (NEGATIVE_RETURNS)
>>> Using variable "cpu_id" as an index to array "cpuson_flags".
629 cpuson_flags[cpu_id] = PMU_CPU_HOTPLUG;
630 cpuson_entry_point[cpu_id] = entrypoint;
631 dsb();
632
633 cpus_power_domain_on(cpu_id);
634
** CID 1353332: Memory - illegal accesses (OVERRUN)
/3rdparty/arm-trusted-firmware/lib/psci/psci_on.c: 63 in psci_cpu_on_start()
________________________________________________________________________________________________________
*** CID 1353332: Memory - illegal accesses (OVERRUN)
/3rdparty/arm-trusted-firmware/lib/psci/psci_on.c: 63 in psci_cpu_on_start()
57 * CPU_ON platform hooks have been implemented.
58 */
59 assert(psci_plat_pm_ops->pwr_domain_on &&
60 psci_plat_pm_ops->pwr_domain_on_finish);
61
62 /* Protect against multiple CPUs trying to turn ON the same target CPU */
>>> CID 1353332: Memory - illegal accesses (OVERRUN)
>>> Overrunning array "psci_cpu_pd_nodes" of 6 16-byte elements at element index 4294967295 (byte offset 68719476720) using index "target_idx" (which evaluates to 4294967295).
63 psci_spin_lock_cpu(target_idx);
64
65 /*
66 * Generic management: Ensure that the cpu is off to be
67 * turned on.
68 * Perform cache maintanence ahead of reading the target CPU state to
** CID 1353164: Memory - illegal accesses (NEGATIVE_RETURNS)
/3rdparty/arm-trusted-firmware/lib/psci/psci_on.c: 63 in psci_cpu_on_start()
________________________________________________________________________________________________________
*** CID 1353164: Memory - illegal accesses (NEGATIVE_RETURNS)
/3rdparty/arm-trusted-firmware/lib/psci/psci_on.c: 63 in psci_cpu_on_start()
57 * CPU_ON platform hooks have been implemented.
58 */
59 assert(psci_plat_pm_ops->pwr_domain_on &&
60 psci_plat_pm_ops->pwr_domain_on_finish);
61
62 /* Protect against multiple CPUs trying to turn ON the same target CPU */
>>> CID 1353164: Memory - illegal accesses (NEGATIVE_RETURNS)
>>> Using variable "target_idx" as an index to array "psci_cpu_pd_nodes".
63 psci_spin_lock_cpu(target_idx);
64
65 /*
66 * Generic management: Ensure that the cpu is off to be
67 * turned on.
68 * Perform cache maintanence ahead of reading the target CPU state to
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvQ-3D-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5aZhpYGdUWB40xw1v51kaBmTK-2Bi7fkxZjxuAQ-2BCuuA9vh6EL12sNpNhiwfYUmy7tnzwiEtTi-2BzyYH5RBRzGmxqQXELAVBLbXh3VmGDZhOp-2F8QcGNdclL9EXdcjCFUfr6XqM3Ufw4MornAx6Z5h0EetYx0bL5g09DH-2FRwjuZH9LuqAl6r852WaABxWEp6P7PZRU-3D
More information about the coreboot
mailing list