New defect(s) Reported-by: Coverity Scan
Showing 20 of 50 defect(s)
** CID 1193744: Control flow issues (MISSING_RESTORE)
/sys/dev/ae/if_ae.c: 401 in ae_attach()
________________________________________________________________________________________________________
*** CID 1193744: Control flow issues (MISSING_RESTORE)
/sys/dev/ae/if_ae.c: 401 in ae_attach()
395 }
396
397 fail:
398 if (error != 0)
399 ae_detach(dev);
400
>>> CID 1193744: Control flow issues (MISSING_RESTORE)
>>> Value of non-local "sc->spec_irq" that was verified to be "NULL" is not restored as it was along other paths.
401 return (error);
402 }
403
404 #define AE_SYSCTL(stx, parent, name, desc, ptr) \
405 SYSCTL_ADD_UINT(ctx, parent, OID_AUTO, name, CTLFLAG_RD, ptr, 0, desc)
406
** CID 1368363: Error handling issues (CHECKED_RETURN)
/lib/libc/x86/sys/__vdso_gettc.c: 207 in __vdso_init_hpet()
________________________________________________________________________________________________________
*** CID 1368363: Error handling issues (CHECKED_RETURN)
/lib/libc/x86/sys/__vdso_gettc.c: 207 in __vdso_init_hpet()
201 * Explicitely check for the capability mode to avoid
202 * triggering trap_enocap on the device open by absolute path.
203 */
204 if ((cap_getmode(&mode) == 0 && mode != 0) ||
205 (fd = _open(devname, O_RDONLY)) == -1) {
206 /* Prevent the caller from re-entering. */
>>> CID 1368363: Error handling issues (CHECKED_RETURN)
>>> Calling "atomic_cmpset_int" without checking return value (as is done elsewhere 8 out of 9 times).
207 atomic_cmpset_rel_ptr((volatile uintptr_t *)&hpet_dev_map[u],
208 (uintptr_t)old_map, (uintptr_t)MAP_FAILED);
209 return;
210 }
211
212 new_map = mmap(NULL, PAGE_SIZE, PROT_READ, MAP_SHARED, fd, 0);
** CID 1393342: Resource leaks (RESOURCE_LEAK)
/usr.sbin/pmc/cmd_pmc_filter.cc: 298 in pmc_filter_handler(unsigned int *, int, unsigned int *, int, char *, char *, char *, bool, bool, int, int)()
________________________________________________________________________________________________________
*** CID 1393342: Resource leaks (RESOURCE_LEAK)
/usr.sbin/pmc/cmd_pmc_filter.cc: 298 in pmc_filter_handler(unsigned int *, int, unsigned int *, int, char *, char *, char *, bool, bool, int, int)()
292 continue;
293 if (threadcount &&
294 pmc_find_name(tidmap, ev.pl_u.pl_cc.pl_tid, threadlist, threadcount) == exclusive)
295 continue;
296 pmc_log_event(outfd, &ev, json);
297 }
>>> CID 1393342: Resource leaks (RESOURCE_LEAK)
>>> Variable "ps" going out of scope leaks the storage it points to.
298 }
299
300 int
301 cmd_pmc_filter(int argc, char **argv)
302 {
303 char *lwps, *pids, *events, *processes, *threads;
** CID 1393343: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/file-attribute-access.c: 58 in atfu_stat_success_body()
________________________________________________________________________________________________________
*** CID 1393343: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/file-attribute-access.c: 58 in atfu_stat_success_body()
52 "stat(2) call");
53 }
54
55 ATF_TC_BODY(stat_success, tc)
56 {
57 /* File needs to exist to call stat(2) */
>>> CID 1393343: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, mode)" leaks it.
58 ATF_REQUIRE(open(path, O_CREAT, mode) != -1);
59 FILE *pipefd = setup(fds, auclass);
60 ATF_REQUIRE_EQ(0, stat(path, &statbuff));
61 check_audit(fds, successreg, pipefd);
62 }
63
** CID 1393344: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 168 in atfu_openat_read_write_trunc_success_body()
________________________________________________________________________________________________________
*** CID 1393344: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 168 in atfu_openat_read_write_trunc_success_body()
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
163 OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw")
164 OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT
165 | O_TRUNC, "fw")
166 OPEN_AT_TC_DEFINE(read_write, "read,write", O_RDWR, "fr")
167 OPEN_AT_TC_DEFINE(read_write_creat, "read,write,creat", O_RDWR | O_CREAT, "fw")
>>> CID 1393344: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
168 OPEN_AT_TC_DEFINE(read_write_trunc, "read,write,trunc", O_RDWR | O_TRUNC, "fr")
169 OPEN_AT_TC_DEFINE(read_write_creat_trunc, "read,write,creat,trunc", O_RDWR |
170 O_CREAT | O_TRUNC, "fw")
171
172
173 ATF_TP_ADD_TCS(tp)
** CID 1393345: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 156 in atfu_open_read_success_body()
________________________________________________________________________________________________________
*** CID 1393345: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 156 in atfu_open_read_success_body()
150
151
152 /*
153 * Each of the 12 OPEN_AT_TC_DEFINE statement is a group of 4 test-cases
154 * corresponding to separate audit events for open(2) and openat(2)
155 */
>>> CID 1393345: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
156 OPEN_AT_TC_DEFINE(read, "read", O_RDONLY, "fr")
157 OPEN_AT_TC_DEFINE(read_creat, "read,creat", O_RDONLY | O_CREAT, "fr")
158 OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr")
159 OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT
160 | O_TRUNC, "fr")
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
** CID 1393346: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/file-attribute-access.c: 152 in atfu_fstat_success_body()
________________________________________________________________________________________________________
*** CID 1393346: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/file-attribute-access.c: 152 in atfu_fstat_success_body()
146 FILE *pipefd = setup(fds, auclass);
147 ATF_REQUIRE_EQ(0, fstat(filedesc, &statbuff));
148
149 snprintf(extregex, sizeof(extregex),
150 "fstat.*%jd.*return,success", (intmax_t)statbuff.st_ino);
151 check_audit(fds, extregex, pipefd);
>>> CID 1393346: Resource leaks (RESOURCE_LEAK)
>>> Handle variable "filedesc" going out of scope leaks the handle.
152 }
153
154 ATF_TC_CLEANUP(fstat_success, tc)
155 {
156 cleanup();
157 }
** CID 1393347: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 157 in atfu_open_read_creat_success_body()
________________________________________________________________________________________________________
*** CID 1393347: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 157 in atfu_open_read_creat_success_body()
151
152 /*
153 * Each of the 12 OPEN_AT_TC_DEFINE statement is a group of 4 test-cases
154 * corresponding to separate audit events for open(2) and openat(2)
155 */
156 OPEN_AT_TC_DEFINE(read, "read", O_RDONLY, "fr")
>>> CID 1393347: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
157 OPEN_AT_TC_DEFINE(read_creat, "read,creat", O_RDONLY | O_CREAT, "fr")
158 OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr")
159 OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT
160 | O_TRUNC, "fr")
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
** CID 1393348: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 157 in atfu_openat_read_creat_success_body()
________________________________________________________________________________________________________
*** CID 1393348: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 157 in atfu_openat_read_creat_success_body()
151
152 /*
153 * Each of the 12 OPEN_AT_TC_DEFINE statement is a group of 4 test-cases
154 * corresponding to separate audit events for open(2) and openat(2)
155 */
156 OPEN_AT_TC_DEFINE(read, "read", O_RDONLY, "fr")
>>> CID 1393348: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
157 OPEN_AT_TC_DEFINE(read_creat, "read,creat", O_RDONLY | O_CREAT, "fr")
158 OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr")
159 OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT
160 | O_TRUNC, "fr")
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
** CID 1393349: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 161 in atfu_openat_write_success_body()
________________________________________________________________________________________________________
*** CID 1393349: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 161 in atfu_openat_write_success_body()
155 */
156 OPEN_AT_TC_DEFINE(read, "read", O_RDONLY, "fr")
157 OPEN_AT_TC_DEFINE(read_creat, "read,creat", O_RDONLY | O_CREAT, "fr")
158 OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr")
159 OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT
160 | O_TRUNC, "fr")
>>> CID 1393349: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
163 OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw")
164 OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT
165 | O_TRUNC, "fw")
166 OPEN_AT_TC_DEFINE(read_write, "read,write", O_RDWR, "fr")
** CID 1393350: Null pointer dereferences (NULL_RETURNS)
/usr.sbin/bhyve/pci_virtio_scsi.c: 391 in pci_vtscsi_tmf_handle()
________________________________________________________________________________________________________
*** CID 1393350: Null pointer dereferences (NULL_RETURNS)
/usr.sbin/bhyve/pci_virtio_scsi.c: 391 in pci_vtscsi_tmf_handle()
385 union ctl_io *io;
386 int err;
387
388 io = ctl_scsi_alloc_io(sc->vss_iid);
389 ctl_scsi_zero_io(io);
390
>>> CID 1393350: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a null pointer "io".
391 io->io_hdr.io_type = CTL_IO_TASK;
392 io->io_hdr.nexus.targ_port = tmf->lun[1];
393 io->io_hdr.nexus.targ_lun = pci_vtscsi_get_lun(tmf->lun);
394 io->taskio.tag_type = CTL_TAG_SIMPLE;
395 io->taskio.tag_num = (uint32_t)tmf->id;
396
** CID 1393351: Error handling issues (CHECKED_RETURN)
/usr.bin/diff/pr.c: 61 in start_pr()
________________________________________________________________________________________________________
*** CID 1393351: Error handling issues (CHECKED_RETURN)
/usr.bin/diff/pr.c: 61 in start_pr()
55 pr = xcalloc(1, sizeof(*pr));
56
57 xasprintf(&header, "%s %s %s", diffargs, file1, file2);
58 signal(SIGPIPE, SIG_IGN);
59 fflush(stdout);
60 rewind(stdout);
>>> CID 1393351: Error handling issues (CHECKED_RETURN)
>>> Calling "pipe" without checking return value (as is done elsewhere 148 out of 162 times).
61 pipe(pfd);
62 switch ((pid = pdfork(&pr_pd, PD_CLOEXEC))) {
63 case -1:
64 status |= 2;
65 free(header);
66 err(2, "No more processes");
** CID 1393352: (RESOURCE_LEAK)
/usr.bin/diff/diffreg.c: 404 in diffreg()
/usr.bin/diff/diffreg.c: 404 in diffreg()
________________________________________________________________________________________________________
*** CID 1393352: (RESOURCE_LEAK)
/usr.bin/diff/diffreg.c: 404 in diffreg()
398 }
399 if (f1 != NULL)
400 fclose(f1);
401 if (f2 != NULL)
402 fclose(f2);
403
>>> CID 1393352: (RESOURCE_LEAK)
>>> Variable "pr" going out of scope leaks the storage it points to.
404 return (rval);
405 }
406
407 /*
408 * Check to see if the given files differ.
409 * Returns 0 if they are the same, 1 if different, and -1 on error.
/usr.bin/diff/diffreg.c: 404 in diffreg()
398 }
399 if (f1 != NULL)
400 fclose(f1);
401 if (f2 != NULL)
402 fclose(f2);
403
>>> CID 1393352: (RESOURCE_LEAK)
>>> Variable "pr" going out of scope leaks the storage it points to.
404 return (rval);
405 }
406
407 /*
408 * Check to see if the given files differ.
409 * Returns 0 if they are the same, 1 if different, and -1 on error.
** CID 1393353: Error handling issues (NEGATIVE_RETURNS)
/tests/sys/audit/file-attribute-access.c: 172 in atfu_fstat_failure_body()
________________________________________________________________________________________________________
*** CID 1393353: Error handling issues (NEGATIVE_RETURNS)
/tests/sys/audit/file-attribute-access.c: 172 in atfu_fstat_failure_body()
166
167 ATF_TC_BODY(fstat_failure, tc)
168 {
169 FILE *pipefd = setup(fds, auclass);
170 const char *regex = "fstat.*return,failure : Bad file descriptor";
171 /* Failure reason: bad file descriptor */
>>> CID 1393353: Error handling issues (NEGATIVE_RETURNS)
>>> A negative constant "-1" is passed as an argument to a parameter that cannot be negative.
172 ATF_REQUIRE_EQ(-1, fstat(-1, &statbuff));
173 check_audit(fds, regex, pipefd);
174 }
175
176 ATF_TC_CLEANUP(fstat_failure, tc)
177 {
** CID 1393354: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 164 in atfu_open_write_creat_trunc_success_body()
________________________________________________________________________________________________________
*** CID 1393354: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 164 in atfu_open_write_creat_trunc_success_body()
158 OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr")
159 OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT
160 | O_TRUNC, "fr")
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
163 OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw")
>>> CID 1393354: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
164 OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT
165 | O_TRUNC, "fw")
166 OPEN_AT_TC_DEFINE(read_write, "read,write", O_RDWR, "fr")
167 OPEN_AT_TC_DEFINE(read_write_creat, "read,write,creat", O_RDWR | O_CREAT, "fw")
168 OPEN_AT_TC_DEFINE(read_write_trunc, "read,write,trunc", O_RDWR | O_TRUNC, "fr")
169 OPEN_AT_TC_DEFINE(read_write_creat_trunc, "read,write,creat,trunc", O_RDWR |
** CID 1393355: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 163 in atfu_open_write_trunc_success_body()
________________________________________________________________________________________________________
*** CID 1393355: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 163 in atfu_open_write_trunc_success_body()
157 OPEN_AT_TC_DEFINE(read_creat, "read,creat", O_RDONLY | O_CREAT, "fr")
158 OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr")
159 OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT
160 | O_TRUNC, "fr")
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
>>> CID 1393355: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
163 OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw")
164 OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT
165 | O_TRUNC, "fw")
166 OPEN_AT_TC_DEFINE(read_write, "read,write", O_RDWR, "fr")
167 OPEN_AT_TC_DEFINE(read_write_creat, "read,write,creat", O_RDWR | O_CREAT, "fw")
168 OPEN_AT_TC_DEFINE(read_write_trunc, "read,write,trunc", O_RDWR | O_TRUNC, "fr")
** CID 1393356: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 167 in atfu_open_read_write_creat_success_body()
________________________________________________________________________________________________________
*** CID 1393356: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 167 in atfu_open_read_write_creat_success_body()
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
163 OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw")
164 OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT
165 | O_TRUNC, "fw")
166 OPEN_AT_TC_DEFINE(read_write, "read,write", O_RDWR, "fr")
>>> CID 1393356: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
167 OPEN_AT_TC_DEFINE(read_write_creat, "read,write,creat", O_RDWR | O_CREAT, "fw")
168 OPEN_AT_TC_DEFINE(read_write_trunc, "read,write,trunc", O_RDWR | O_TRUNC, "fr")
169 OPEN_AT_TC_DEFINE(read_write_creat_trunc, "read,write,creat,trunc", O_RDWR |
170 O_CREAT | O_TRUNC, "fw")
171
172
** CID 1393357: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 159 in atfu_openat_read_creat_trunc_success_body()
________________________________________________________________________________________________________
*** CID 1393357: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 159 in atfu_openat_read_creat_trunc_success_body()
153 * Each of the 12 OPEN_AT_TC_DEFINE statement is a group of 4 test-cases
154 * corresponding to separate audit events for open(2) and openat(2)
155 */
156 OPEN_AT_TC_DEFINE(read, "read", O_RDONLY, "fr")
157 OPEN_AT_TC_DEFINE(read_creat, "read,creat", O_RDONLY | O_CREAT, "fr")
158 OPEN_AT_TC_DEFINE(read_trunc, "read,trunc", O_RDONLY | O_TRUNC, "fr")
>>> CID 1393357: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
159 OPEN_AT_TC_DEFINE(read_creat_trunc, "read,creat,trunc", O_RDONLY | O_CREAT
160 | O_TRUNC, "fr")
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
163 OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw")
164 OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT
** CID 1393358: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 167 in atfu_openat_read_write_creat_success_body()
________________________________________________________________________________________________________
*** CID 1393358: Resource leaks (RESOURCE_LEAK)
/tests/sys/audit/open.c: 167 in atfu_openat_read_write_creat_success_body()
161 OPEN_AT_TC_DEFINE(write, "write", O_WRONLY, "fw")
162 OPEN_AT_TC_DEFINE(write_creat, "write,creat", O_WRONLY | O_CREAT, "fw")
163 OPEN_AT_TC_DEFINE(write_trunc, "write,trunc", O_WRONLY | O_TRUNC, "fw")
164 OPEN_AT_TC_DEFINE(write_creat_trunc, "write,creat,trunc", O_WRONLY | O_CREAT
165 | O_TRUNC, "fw")
166 OPEN_AT_TC_DEFINE(read_write, "read,write", O_RDWR, "fr")
>>> CID 1393358: Resource leaks (RESOURCE_LEAK)
>>> Failing to save or close handle opened by "open(path, 512, o_mode)" leaks it.
167 OPEN_AT_TC_DEFINE(read_write_creat, "read,write,creat", O_RDWR | O_CREAT, "fw")
168 OPEN_AT_TC_DEFINE(read_write_trunc, "read,write,trunc", O_RDWR | O_TRUNC, "fr")
169 OPEN_AT_TC_DEFINE(read_write_creat_trunc, "read,write,creat,trunc", O_RDWR |
170 O_CREAT | O_TRUNC, "fw")
171
172
** CID 1393359: Integer handling issues (NEGATIVE_RETURNS)
________________________________________________________________________________________________________
*** CID 1393359: Integer handling issues (NEGATIVE_RETURNS)
/usr.sbin/bhyve/pci_virtio_scsi.c: 554 in pci_vtscsi_controlq_notify()
548
549 sc = vsc;
550
551 while (vq_has_descs(vq)) {
552 n = vq_getchain(vq, &idx, iov, VTSCSI_MAXSEG, NULL);
553 bufsize = iov_to_buf(iov, n, &buf);
>>> CID 1393359: Integer handling issues (NEGATIVE_RETURNS)
>>> "bufsize" is passed to a parameter that cannot be negative.
554 iolen = pci_vtscsi_control_handle(sc, buf, bufsize);
555 buf_to_iov(buf + bufsize - iolen, iolen, iov, n, iolen);
556
557 /*
558 * Release this chain and handle more
559 */