On 11.10.2025 21:06, Tom Rini wrote: > I think unfortunately the report email for when I merged in -next was > lost somewhere / wasn't sent. I may be able to get the details out the > dashboard. > > ---------- Forwarded message --------- > From: <[email protected]> > Date: Fri, Oct 10, 2025 at 7:08 PM > Subject: New Defects reported by Coverity Scan for Das U-Boot > To: <[email protected]> > > > Hi, > > Please find the latest report on new defect(s) introduced to *Das U-Boot* > found with Coverity Scan. > > - *New Defects Found:* 1 > - *Defects Shown:* Showing 1 of 1 defect(s) > > Defect Details > > ** CID 537478: Integer handling issues (OVERFLOW_BEFORE_WIDEN) > /drivers/spi/spi-mem.c: 528 in spi_mem_calc_op_duration() > > > _____________________________________________________________________________________________ > *** CID 537478: Integer handling issues (OVERFLOW_BEFORE_WIDEN) > /drivers/spi/spi-mem.c: 528 in spi_mem_calc_op_duration() > 522 ncycles += ((op->addr.nbytes * 8) / op->addr.buswidth) / > (op->addr.dtr ? 2 : 1); > 523 > 524 /* Dummy bytes are optional for some SPI flash memory > operations */ > 525 if (op->dummy.nbytes) > 526 ncycles += ((op->dummy.nbytes * 8) / > op->dummy.buswidth) / > (op->dummy.dtr ? 2 : 1); > 527 >>>> CID 537478: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>>> Potentially overflowing expression "op->data.nbytes * 8U" with type >>>> "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, >>>> and then used in a context that expects an expression of type "u64" (64 >>>> bits, unsigned). > 528 ncycles += ((op->data.nbytes * 8) / op->data.buswidth) / > (op->data.dtr ? 2 : 1);
op->data.nbytes comes from file drivers/mtd/nand/spi/core.c, function spinand_select_op_variant(). According to the code the max value of op->data.nbytes is nanddev_per_page_oobsize(nand) + nanddev_page_size(nand) thus it's slightly more than 4Kb (I never seen flashes with page size large than 4Kb). According to this estimation the overflow will never happen. If it make sense, I can try to do something with it Regards, Mikhail Kshevetskiy > 529 > 530 return ncycles; > 531 } > 532 EXPORT_SYMBOL_GPL(spi_mem_calc_op_duration); > 533 > > View Defects in Coverity Scan > <https://scan.coverity.com/projects/das-u-boot?tab=overview> > > Best regards, > > The Coverity Scan Admin Team > > ----- End forwarded message ----- >
