[U-Boot] [PATCH 00/10] Various coverity fixes
This series aims to fix or suppress various Coverity warnings reported on recent patches.
Simon Glass (10): test: pwm: Add a check that dev is not NULL edid: Use sizeof() in cea_is_hdmi_vsdb_present() fdtgrep: Deal with NULL data passed to check_type_include() fdt: Add a check to do_fdt() for coverity fdt: Add a check to fdt_print() for coverity test: wdt: Add a check that dev is not NULL test: bus: Add a check that dev is not NULL dm: core: Supress dead-code warning in __of_get_next_child() board_f: Use IS_ENABLED instead of #ifdef in initf_bootstage() rkcommon.c: Drop pointless assignment
cmd/fdt.c | 4 ++-- common/board_f.c | 7 ++----- common/edid.c | 4 ++-- drivers/core/of_access.c | 6 ++++++ test/dm/bus.c | 3 +++ test/dm/pwm.c | 1 + test/dm/wdt.c | 1 + tools/fdtgrep.c | 25 ++++++++++++++----------- tools/rkcommon.c | 3 ++- 9 files changed, 33 insertions(+), 21 deletions(-)
We know that uclass_get_device() does not return NULL for dev when it succeeds but coverity does not. Add an extra check to hopefully keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 161690) Fixes: 43b4156 (dm: sandbox: pwm: Add a basic pwm test) ---
test/dm/pwm.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/test/dm/pwm.c b/test/dm/pwm.c index f1e38c77dd..6b2dedf6cc 100644 --- a/test/dm/pwm.c +++ b/test/dm/pwm.c @@ -18,6 +18,7 @@ static int dm_test_pwm_base(struct unit_test_state *uts) struct udevice *dev;
ut_assertok(uclass_get_device(UCLASS_PWM, 0, &dev)); + ut_assertnonnull(dev); ut_assertok(pwm_set_config(dev, 0, 100, 50)); ut_assertok(pwm_set_enable(dev, 0, true)); ut_assertok(pwm_set_enable(dev, 1, true));
On Wed, Jun 07, 2017 at 10:28:38AM -0600, Simon Glass wrote:
We know that uclass_get_device() does not return NULL for dev when it succeeds but coverity does not. Add an extra check to hopefully keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 161690) Fixes: 43b4156 (dm: sandbox: pwm: Add a basic pwm test)
Reviewed-by: Tom Rini trini@konsulko.com
We should not use an open-coded value here. Use sizeof() instead.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163252) Fixes: 43c6bdd0 (edid: Add HDMI flag to timing info) ---
common/edid.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/common/edid.c b/common/edid.c index 19410aa4fc..94b33aee18 100644 --- a/common/edid.c +++ b/common/edid.c @@ -148,8 +148,8 @@ static bool cea_is_hdmi_vsdb_present(struct edid_cea861_info *info) /* check for end of data block */ end = info->dtd_offset; if (end == 0) - end = 127; - if (end < 4 || end > 127) + end = sizeof(info->data); + if (end < 4 || end > sizeof(info->data)) return false; end -= 4;
On Wed, Jun 07, 2017 at 10:28:39AM -0600, Simon Glass wrote:
We should not use an open-coded value here. Use sizeof() instead.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163252) Fixes: 43c6bdd0 (edid: Add HDMI flag to timing info)
Reviewed-by: Tom Rini trini@konsulko.com
Since the parameter can be NULL we must be careful not to dereference it in this case.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163250) Fixes: 1043d0a0 (fdt: Add fdtgrep tool) ---
tools/fdtgrep.c | 25 ++++++++++++++----------- 1 file changed, 14 insertions(+), 11 deletions(-)
diff --git a/tools/fdtgrep.c b/tools/fdtgrep.c index e373c43e36..f51f5f15f5 100644 --- a/tools/fdtgrep.c +++ b/tools/fdtgrep.c @@ -522,18 +522,21 @@ static int check_type_include(void *priv, int type, const char *data, int size) * return 1 at the first match. For exclusive conditions, we must * check that there are no matches. */ - for (val = disp->value_head; val; val = val->next) { - if (!(type & val->type)) - continue; - match = fdt_stringlist_contains(data, size, val->string); - debug(" - val->type=%x, str='%s', match=%d\n", - val->type, val->string, match); - if (match && val->include) { - debug(" - match inc %s\n", val->string); - return 1; + if (data) { + for (val = disp->value_head; val; val = val->next) { + if (!(type & val->type)) + continue; + match = fdt_stringlist_contains(data, size, + val->string); + debug(" - val->type=%x, str='%s', match=%d\n", + val->type, val->string, match); + if (match && val->include) { + debug(" - match inc %s\n", val->string); + return 1; + } + if (match) + none_match &= ~val->type; } - if (match) - none_match &= ~val->type; }
/*
On Wed, Jun 07, 2017 at 10:28:40AM -0600, Simon Glass wrote:
Since the parameter can be NULL we must be careful not to dereference it in this case.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163250) Fixes: 1043d0a0 (fdt: Add fdtgrep tool)
Reviewed-by: Tom Rini trini@konsulko.com
We know that fdt_getprop() does not return NULL when len is > 0 but coverity does not. Add an extra check to keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163249) Fixes: bc80295b (fdt: Add get commands to fdt) ---
cmd/fdt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cmd/fdt.c b/cmd/fdt.c index a21415dab4..3e889fc3bb 100644 --- a/cmd/fdt.c +++ b/cmd/fdt.c @@ -371,7 +371,7 @@ static int do_fdt(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) /* no property value */ setenv(var, ""); return 0; - } else if (len > 0) { + } else if (nodep && len > 0) { if (subcmd[0] == 'v') { int ret;
On Wed, Jun 07, 2017 at 10:28:41AM -0600, Simon Glass wrote:
We know that fdt_getprop() does not return NULL when len is > 0 but coverity does not. Add an extra check to keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163249) Fixes: bc80295b (fdt: Add get commands to fdt)
Reviewed-by: Tom Rini trini@konsulko.com
We know that fdt_getprop() does not return NULL when len is > 0 but coverity does not. Add an extra check to keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163248) ---
cmd/fdt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/cmd/fdt.c b/cmd/fdt.c index 3e889fc3bb..5d80eb2d00 100644 --- a/cmd/fdt.c +++ b/cmd/fdt.c @@ -962,7 +962,7 @@ static int fdt_print(const char *pathp, char *prop, int depth) /* no property value */ printf("%s %s\n", pathp, prop); return 0; - } else if (len > 0) { + } else if (nodep && len > 0) { printf("%s = ", prop); print_data (nodep, len); printf("\n");
On Wed, Jun 07, 2017 at 10:28:42AM -0600, Simon Glass wrote:
We know that fdt_getprop() does not return NULL when len is > 0 but coverity does not. Add an extra check to keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163248)
Reviewed-by: Tom Rini trini@konsulko.com
We know that uclass_get_device() does not return NULL for dev when it succeeds but coverity does not. Add an extra check to hopefully keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163247) Fixes: 0753bc2 (dm: Simple Watchdog uclass) ---
test/dm/wdt.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/test/dm/wdt.c b/test/dm/wdt.c index 2ecfceaaff..01165022c1 100644 --- a/test/dm/wdt.c +++ b/test/dm/wdt.c @@ -20,6 +20,7 @@ static int dm_test_wdt_base(struct unit_test_state *uts) const u64 timeout = 42;
ut_assertok(uclass_get_device(UCLASS_WDT, 0, &dev)); + ut_assertnonnull(dev); ut_asserteq(0, state->wdt.counter); ut_asserteq(false, state->wdt.running);
On Wed, Jun 07, 2017 at 10:28:43AM -0600, Simon Glass wrote:
We know that uclass_get_device() does not return NULL for dev when it succeeds but coverity does not. Add an extra check to hopefully keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163247) Fixes: 0753bc2 (dm: Simple Watchdog uclass)
Reviewed-by: Tom Rini trini@konsulko.com
We know that uclass_get_device() and device_find_child_by_of_offset() do not return NULL for dev when they succeeds but coverity does not. Add an extra check to hopefully keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163246) Fixes: 0753bc2 (dm: Simple Watchdog uclass) ---
test/dm/bus.c | 3 +++ 1 file changed, 3 insertions(+)
diff --git a/test/dm/bus.c b/test/dm/bus.c index 8ba75d4b7d..7006d4163d 100644 --- a/test/dm/bus.c +++ b/test/dm/bus.c @@ -171,13 +171,16 @@ static int dm_test_bus_children_of_offset(struct unit_test_state *uts) int node;
ut_assertok(uclass_get_device(UCLASS_TEST_BUS, 0, &bus)); + ut_assertnonnull(bus);
/* Find a valid child */ node = fdt_path_offset(blob, "/some-bus/c-test@1"); ut_assert(node > 0); ut_assertok(device_find_child_by_of_offset(bus, node, &dev)); + ut_assertnonnull(dev); ut_assert(!(dev->flags & DM_FLAG_ACTIVATED)); ut_assertok(device_get_child_by_of_offset(bus, node, &dev)); + ut_assertnonnull(dev); ut_assert(dev->flags & DM_FLAG_ACTIVATED);
return 0;
On Wed, Jun 07, 2017 at 10:28:44AM -0600, Simon Glass wrote:
We know that uclass_get_device() and device_find_child_by_of_offset() do not return NULL for dev when they succeeds but coverity does not. Add an extra check to hopefully keep it happy.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163246) Fixes: 0753bc2 (dm: Simple Watchdog uclass)
Reviewed-by: Tom Rini trini@konsulko.com
Suppress a warning on next = next->sibling.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163245) Fixes 644ec0a (dm: core: Add livetree access functions) ---
drivers/core/of_access.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/drivers/core/of_access.c b/drivers/core/of_access.c index 94ef3cc251..93a6560496 100644 --- a/drivers/core/of_access.c +++ b/drivers/core/of_access.c @@ -244,6 +244,12 @@ static struct device_node *__of_get_next_child(const struct device_node *node, return NULL;
next = prev ? prev->sibling : node->child; + /* + * coverity[dead_error_line : FALSE] + * Dead code here since our current implementation of of_node_get() + * always returns NULL (Coverity CID 163245). But we leave it as is + * since we may want to implement get/put later. + */ for (; next; next = next->sibling) if (of_node_get(next)) break;
On Wed, Jun 07, 2017 at 10:28:45AM -0600, Simon Glass wrote:
Suppress a warning on next = next->sibling.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163245) Fixes 644ec0a (dm: core: Add livetree access functions)
Reviewed-by: Tom Rini trini@konsulko.com
The current implementation makes it look like the 'if (from_spl)' part is dead code because these features are not enabled for sandbox. We could enable it for sandbox_spl, but this is not done yet (it requires sharing memory between SPL and U-Boot proper which is in fact supported).
It is probably nicer to avoid #ifdef anyway. Change it.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163244) Fixes: 824bb1b (bootstage: Support SPL) ---
common/board_f.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/common/board_f.c b/common/board_f.c index 46e52849fb..d8d15ad115 100644 --- a/common/board_f.c +++ b/common/board_f.c @@ -707,11 +707,8 @@ static int jump_to_copy(void) /* Record the board_init_f() bootstage (after arch_cpu_init()) */ static int initf_bootstage(void) { -#if defined(CONFIG_SPL_BOOTSTAGE) && defined(CONFIG_BOOTSTAGE_STASH) - bool from_spl = true; -#else - bool from_spl = false; -#endif + bool from_spl = IS_ENABLED(CONFIG_SPL_BOOTSTAGE) && + IS_ENABLED(CONFIG_BOOTSTAGE_STASH); int ret;
ret = bootstage_init(!from_spl);
On Wed, Jun 07, 2017 at 10:28:46AM -0600, Simon Glass wrote:
The current implementation makes it look like the 'if (from_spl)' part is dead code because these features are not enabled for sandbox. We could enable it for sandbox_spl, but this is not done yet (it requires sharing memory between SPL and U-Boot proper which is in fact supported).
It is probably nicer to avoid #ifdef anyway. Change it.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 163244) Fixes: 824bb1b (bootstage: Support SPL)
Reviewed-by: Tom Rini trini@konsulko.com
Assigning a variable to itself is not necessary. Drop this and also add a check for malloc() failure.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 161418) Fixes: 111bcc4 (rockchip: mkimage: pad the header to 8-bytes (using a 'nop') for RK3399) ---
tools/rkcommon.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tools/rkcommon.c b/tools/rkcommon.c index 8283a740c1..de196b92af 100644 --- a/tools/rkcommon.c +++ b/tools/rkcommon.c @@ -259,8 +259,9 @@ int rkcommon_vrec_header(struct image_tool_params *params,
/* Allocate, clear and install the header */ tparams->hdr = malloc(tparams->header_size); + if (!tparams->hdr) + return -ENOMEM; memset(tparams->hdr, 0, tparams->header_size); - tparams->header_size = tparams->header_size;
/* * If someone passed in 0 for the alignment, we'd better handle
On Wed, Jun 07, 2017 at 10:28:47AM -0600, Simon Glass wrote:
Assigning a variable to itself is not necessary. Drop this and also add a check for malloc() failure.
Signed-off-by: Simon Glass sjg@chromium.org Reported-by: Coverity (CID: 161418) Fixes: 111bcc4 (rockchip: mkimage: pad the header to 8-bytes (using a 'nop') for RK3399)
Reviewed-by: Tom Rini trini@konsulko.com
On Wed, Jun 07, 2017 at 10:28:37AM -0600, Simon Glass wrote:
This series aims to fix or suppress various Coverity warnings reported on recent patches.
Simon Glass (10): test: pwm: Add a check that dev is not NULL edid: Use sizeof() in cea_is_hdmi_vsdb_present() fdtgrep: Deal with NULL data passed to check_type_include() fdt: Add a check to do_fdt() for coverity fdt: Add a check to fdt_print() for coverity test: wdt: Add a check that dev is not NULL test: bus: Add a check that dev is not NULL dm: core: Supress dead-code warning in __of_get_next_child() board_f: Use IS_ENABLED instead of #ifdef in initf_bootstage() rkcommon.c: Drop pointless assignment
Thanks for taking care of these!
Hi Tom,
On 7 June 2017 at 15:58, Tom Rini trini@konsulko.com wrote:
On Wed, Jun 07, 2017 at 10:28:37AM -0600, Simon Glass wrote:
This series aims to fix or suppress various Coverity warnings reported on recent patches.
Simon Glass (10): test: pwm: Add a check that dev is not NULL edid: Use sizeof() in cea_is_hdmi_vsdb_present() fdtgrep: Deal with NULL data passed to check_type_include() fdt: Add a check to do_fdt() for coverity fdt: Add a check to fdt_print() for coverity test: wdt: Add a check that dev is not NULL test: bus: Add a check that dev is not NULL dm: core: Supress dead-code warning in __of_get_next_child() board_f: Use IS_ENABLED instead of #ifdef in initf_bootstage() rkcommon.c: Drop pointless assignment
Thanks for taking care of these!
:-) Hopefully these do actually fix the problems.
Regards, Simon
participants (2)
-
Simon Glass -
Tom Rini