Warnings thrown by Coverity static analyses

[albert-github]

Doxygen uses spdlib and recently updated the version of spdlib. The used version of spdlib again has fmtlib 10.2.1 bundled into it . Coverity scan throws a number of warnings about this version:

New defect(s) Reported-by: Coverity Scan
Showing 20 of 24 defect(s)

** CID 434544:  Memory - corruptions  (OVERRUN)

________________________________________________________________________________________________________
*** CID 434544:  Memory - corruptions  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1278 in fmt::v10::detail::dragonbox::to_decimal<float>(T1)()
1272     
1273       const bool include_left_endpoint = (significand % 2 == 0);
1274       const bool include_right_endpoint = include_left_endpoint;
1275     
1276       // Compute k and beta.
1277       const int minus_k = floor_log10_pow2(exponent) - float_info<T>::kappa;
>>>     CID 434544:  Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 78 by passing argument "-minus_k" (which evaluates to 790) in call to "get_cached_power".
1278       const cache_entry_type cache = cache_accessor<T>::get_cached_power(-minus_k);
1279       const int beta = exponent + floor_log2_pow10(-minus_k);
1280     
1281       // Compute zi and deltai.
1282       // 10^kappa <= deltai < 10^(kappa + 1)
1283       const uint32_t deltai = cache_accessor<T>::compute_delta(cache, beta);

** CID 434540:  Error handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2164 in fmt::v10::detail::find<(bool)0, char, const char *>(T3, T3, T2, T3 &)()

________________________________________________________________________________________________________
*** CID 434540:  Error handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2164 in fmt::v10::detail::find<(bool)0, char, const char *>(T3, T3, T2, T3 &)()
2158       return false;
2159     }
2160     
2161     template <>
2162     inline auto find<false, char>(const char* first, const char* last, char value,
2163                                   const char*& out) -> bool {
>>>     CID 434540:  Error handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(last - first)" is passed to a parameter that cannot be negative. [Note: The source code implementation of the function has been overridden by a builtin model.]
2164       out = static_cast<const char*>(
2165           std::memchr(first, value, to_unsigned(last - first)));
2166       return out != nullptr;
2167     }
2168     
2169     // Parses the range [begin, end) as an unsigned integer. This function assumes

** CID 434539:  Integer handling issues  (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 434539:  Integer handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2235 in fmt::v10::detail::do_parse_arg_id<char, fmt::v10::detail::parse_replacement_field<char, fmt::v10::detail::vformat_to<char>(fmt::v10::detail::buffer<T1> &, fmt::v10::basic_string_view<T1>, fmt::v10::detail::vformat_args<T1>::type, fmt::v10::detail::locale_ref)::format_handler &>(const T1 *, const T1 *, T2 &&)::id_adapter &>(const T1 *, const T1 *, T2 &&)()
2229         return begin;
2230       }
2231       auto it = begin;
2232       do {
2233         ++it;
2234       } while (it != end && (is_name_start(*it) || ('0' <= *it && *it <= '9')));
>>>     CID 434539:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - begin)" is passed to a parameter that cannot be negative.
2235       handler.on_name({begin, to_unsigned(it - begin)});
2236       return it;
2237     }
2238     
2239     template <typename Char, typename Handler>
2240     FMT_CONSTEXPR FMT_INLINE auto parse_arg_id(const Char* begin, const Char* end,

** CID 434538:  Integer handling issues  (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 434538:  Integer handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2792 in fmt::v10::detail::bigint::operator [](int) const()
2786       using double_bigit = uint64_t;
2787       enum { bigits_capacity = 32 };
2788       basic_memory_buffer<bigit, bigits_capacity> bigits_;
2789       int exp_;
2790     
2791       FMT_CONSTEXPR20 auto operator[](int index) const -> bigit {
>>>     CID 434538:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(index)" is passed to a parameter that cannot be negative.
2792         return bigits_[to_unsigned(index)];
2793       }
2794       FMT_CONSTEXPR20 auto operator[](int index) -> bigit& {
2795         return bigits_[to_unsigned(index)];
2796       }
2797     

** CID 434537:  Memory - illegal accesses  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 289 in fmt::v10::detail::dragonbox::cache_accessor<float>::get_cached_power(int)()

________________________________________________________________________________________________________
*** CID 434537:  Memory - illegal accesses  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 289 in fmt::v10::detail::dragonbox::cache_accessor<float>::get_cached_power(int)()
283             0xa18f07d736b90be6, 0xc9f2c9cd04674edf, 0xfc6f7c4045812297,
284             0x9dc5ada82b70b59e, 0xc5371912364ce306, 0xf684df56c3e01bc7,
285             0x9a130b963a6c115d, 0xc097ce7bc90715b4, 0xf0bdc21abb48db21,
286             0x96769950b50d88f5, 0xbc143fa4e250eb32, 0xeb194f8e1ae525fe,
287             0x92efd1b8d0cf37bf, 0xb7abc627050305ae, 0xe596b7b0c643c71a,
288             0x8f7e32ce7bea5c70, 0xb35dbf821ae4f38c, 0xe0352f62a19e306f};
>>>     CID 434537:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array "pow10_significands" of 78 8-byte elements at element index 78 (byte offset 631) using index "k - -31" (which evaluates to 78).
289         return pow10_significands[k - float_info<float>::min_k];
290       }
291     
292       struct compute_mul_result {
293         carrier_uint result;
294         bool is_integer;

** CID 434535:  Error handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 592 in fmt::v10::detail::fill_n<char, int>(T1 *, T2, char)()

________________________________________________________________________________________________________
*** CID 434535:  Error handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 592 in fmt::v10::detail::fill_n<char, int>(T1 *, T2, char)()
586     }
587     template <typename T, typename Size>
588     FMT_CONSTEXPR20 auto fill_n(T* out, Size count, char value) -> T* {
589       if (is_constant_evaluated()) {
590         return fill_n<T*, Size, T>(out, count, value);
591       }
>>>     CID 434535:  Error handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(count)" is passed to a parameter that cannot be negative.
592       std::memset(out, value, to_unsigned(count));
593       return out + count;
594     }
595     
596     #ifdef __cpp_char8_t
597     using char8_type = char8_t;

** CID 434533:    (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 434533:    (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2594 in fmt::v10::detail::write_significand<fmt::v10::appender, char, unsigned int, fmt::v10::detail::digit_grouping<char>>(T1, T3, int, int, T2, const T4 &)()
2588         return write_significand(out, significand, significand_size, integral_size,
2589                                  decimal_point);
2590       }
2591       auto buffer = basic_memory_buffer<Char>();
2592       write_significand(buffer_appender<Char>(buffer), significand,
2593                         significand_size, integral_size, decimal_point);
>>>     CID 434533:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(integral_size)" is passed to a parameter that cannot be negative.
2594       grouping.apply(
2595           out, basic_string_view<Char>(buffer.data(), to_unsigned(integral_size)));
2596       return detail::copy_str_noinline<Char>(buffer.data() + integral_size,
2597                                              buffer.end(), out);
2598     }
2599     
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2594 in fmt::v10::detail::write_significand<fmt::v10::appender, char, const char *, fmt::v10::detail::digit_grouping<char>>(T1, T3, int, int, T2, const T4 &)()
2588         return write_significand(out, significand, significand_size, integral_size,
2589                                  decimal_point);
2590       }
2591       auto buffer = basic_memory_buffer<Char>();
2592       write_significand(buffer_appender<Char>(buffer), significand,
2593                         significand_size, integral_size, decimal_point);
>>>     CID 434533:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(integral_size)" is passed to a parameter that cannot be negative.
2594       grouping.apply(
2595           out, basic_string_view<Char>(buffer.data(), to_unsigned(integral_size)));
2596       return detail::copy_str_noinline<Char>(buffer.data() + integral_size,
2597                                              buffer.end(), out);
2598     }
2599     
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2594 in fmt::v10::detail::write_significand<fmt::v10::appender, char, unsigned long, fmt::v10::detail::digit_grouping<char>>(T1, T3, int, int, T2, const T4 &)()
2588         return write_significand(out, significand, significand_size, integral_size,
2589                                  decimal_point);
2590       }
2591       auto buffer = basic_memory_buffer<Char>();
2592       write_significand(buffer_appender<Char>(buffer), significand,
2593                         significand_size, integral_size, decimal_point);
>>>     CID 434533:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(integral_size)" is passed to a parameter that cannot be negative.
2594       grouping.apply(
2595           out, basic_string_view<Char>(buffer.data(), to_unsigned(integral_size)));
2596       return detail::copy_str_noinline<Char>(buffer.data() + integral_size,
2597                                              buffer.end(), out);
2598     }
2599     

** CID 434530:    (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()

________________________________________________________________________________________________________
*** CID 434530:    (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()
1054     
1055         recovered_cache += middle_low.high();
1056     
1057         uint64_t high_to_middle = recovered_cache.high() << (64 - alpha);
1058         uint64_t middle_to_low = recovered_cache.low() << (64 - alpha);
1059     
>>>     CID 434530:    (BAD_SHIFT)
>>>     In expression "middle_low.low() >> alpha", right shifting by more than 63 bits has undefined behavior.  The shift amount, "alpha", is at least 64.
1060         recovered_cache =
1061             uint128_fallback{(recovered_cache.low() >> alpha) | high_to_middle,
1062                              ((middle_low.low() >> alpha) | middle_to_low)};
1063         FMT_ASSERT(recovered_cache.low() + 1 != 0, "");
1064         return {recovered_cache.high(), recovered_cache.low() + 1};
1065     #endif
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()
1054     
1055         recovered_cache += middle_low.high();
1056     
1057         uint64_t high_to_middle = recovered_cache.high() << (64 - alpha);
1058         uint64_t middle_to_low = recovered_cache.low() << (64 - alpha);
1059     
>>>     CID 434530:    (BAD_SHIFT)
>>>     In expression "recovered_cache.low() >> alpha", right shifting by more than 63 bits has undefined behavior.  The shift amount, "alpha", is at least 64.
1060         recovered_cache =
1061             uint128_fallback{(recovered_cache.low() >> alpha) | high_to_middle,
1062                              ((middle_low.low() >> alpha) | middle_to_low)};
1063         FMT_ASSERT(recovered_cache.low() + 1 != 0, "");
1064         return {recovered_cache.high(), recovered_cache.low() + 1};
1065     #endif

** CID 434528:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1097 in fmt::v10::detail::dragonbox::cache_accessor<double>::compute_mul_parity(unsigned long, const fmt::v10::detail::uint128_fallback &, int)()

________________________________________________________________________________________________________
*** CID 434528:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1097 in fmt::v10::detail::dragonbox::cache_accessor<double>::compute_mul_parity(unsigned long, const fmt::v10::detail::uint128_fallback &, int)()
1091                                      int beta) noexcept
1092           -> compute_mul_parity_result {
1093         FMT_ASSERT(beta >= 1, "");
1094         FMT_ASSERT(beta < 64, "");
1095     
1096         auto r = umul192_lower128(two_f, cache);
>>>     CID 434528:  Integer handling issues  (BAD_SHIFT)
>>>     In expression "r.high() << beta", left shifting by more than 63 bits has undefined behavior.  The shift amount, "beta", is at least 64.
1097         return {((r.high() >> (64 - beta)) & 1) != 0,
1098                 ((r.high() << beta) | (r.low() >> (64 - beta))) == 0};
1099       }
1100     
1101       static auto compute_left_endpoint_for_shorter_interval_case(
1102           const cache_entry_type& cache, int beta) noexcept -> carrier_uint {

** CID 434524:  Integer handling issues  (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 434524:  Integer handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 4374 in fmt::v10::detail::vformat_to<char>(fmt::v10::detail::buffer<T1> &, fmt::v10::basic_string_view<T1>, fmt::v10::detail::vformat_args<T1>::type, fmt::v10::detail::locale_ref)::format_handler::on_text(const char *, const char *)()
4368         format_handler(buffer_appender<Char> p_out, basic_string_view<Char> str,
4369                        basic_format_args<buffer_context<Char>> p_args,
4370                        locale_ref p_loc)
4371             : parse_context(str), context(p_out, p_args, p_loc) {}
4372     
4373         void on_text(const Char* begin, const Char* end) {
>>>     CID 434524:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(end - begin)" is passed to a parameter that cannot be negative.
4374           auto text = basic_string_view<Char>(begin, to_unsigned(end - begin));
4375           context.advance_to(write<Char>(context.out(), text));
4376         }
4377     
4378         FMT_CONSTEXPR auto on_arg_id() -> int {
4379           return parse_context.next_arg_id();

** CID 434520:  Memory - corruptions  (OVERRUN)

________________________________________________________________________________________________________
*** CID 434520:  Memory - corruptions  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1205 in fmt::v10::detail::dragonbox::shorter_interval_case<float>(int)()
1199       // Compute k and beta
1200       const int minus_k = floor_log10_pow2_minus_log10_4_over_3(exponent);
1201       const int beta = exponent + floor_log2_pow10(-minus_k);
1202     
1203       // Compute xi and zi
1204       using cache_entry_type = typename cache_accessor<T>::cache_entry_type;
>>>     CID 434520:  Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 78 by passing argument "-minus_k" (which evaluates to 899) in call to "get_cached_power".
1205       const cache_entry_type cache = cache_accessor<T>::get_cached_power(-minus_k);
1206     
1207       auto xi = cache_accessor<T>::compute_left_endpoint_for_shorter_interval_case(
1208           cache, beta);
1209       auto zi = cache_accessor<T>::compute_right_endpoint_for_shorter_interval_case(
1210           cache, beta);

** CID 434519:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2902 in fmt::v10::detail::bigint::operator <<=(int)()

________________________________________________________________________________________________________
*** CID 434519:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2902 in fmt::v10::detail::bigint::operator <<=(int)()
2896         exp_ += shift / bigit_bits;
2897         shift %= bigit_bits;
2898         if (shift == 0) return *this;
2899         bigit carry = 0;
2900         for (size_t i = 0, n = bigits_.size(); i < n; ++i) {
2901           bigit c = bigits_[i] >> (bigit_bits - shift);
>>>     CID 434519:  Integer handling issues  (BAD_SHIFT)
>>>     In expression "this->bigits_[i] << shift", shifting by a negative amount has undefined behavior.  The shift amount, "shift", is no more than -1.
2902           bigits_[i] = (bigits_[i] << shift) + carry;
2903           carry = c;
2904         }
2905         if (carry != 0) bigits_.push_back(carry);
2906         return *this;
2907       }

** CID 434518:  Integer handling issues  (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 434518:  Integer handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2795 in fmt::v10::detail::bigint::operator [](int)()
2789       int exp_;
2790     
2791       FMT_CONSTEXPR20 auto operator[](int index) const -> bigit {
2792         return bigits_[to_unsigned(index)];
2793       }
2794       FMT_CONSTEXPR20 auto operator[](int index) -> bigit& {
>>>     CID 434518:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(index)" is passed to a parameter that cannot be negative.
2795         return bigits_[to_unsigned(index)];
2796       }
2797     
2798       static constexpr const int bigit_bits = num_bits<bigit>();
2799     
2800       friend struct formatter<bigint>;

** CID 432785:    (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 432785:    (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 672 in fmt::v10::detail::for_each_codepoint<fmt::v10::detail::utf8_to_utf16::utf8_to_utf16(fmt::v10::basic_string_view<char>)::[lambda(unsigned int, fmt::v10::basic_string_view<char>) (instance 1)]>(fmt::v10::basic_string_view<char>, T1)::[lambda(const char *, const char *) (instance 1)]::operator ()(const char *, const char *) const()
666     template <typename F>
667     FMT_CONSTEXPR void for_each_codepoint(string_view s, F f) {
668       auto decode = [f](const char* buf_ptr, const char* ptr) {
669         auto cp = uint32_t();
670         auto error = 0;
671         auto end = utf8_decode(buf_ptr, &cp, &error);
>>>     CID 432785:    (NEGATIVE_RETURNS)
>>>     "error ? 1UL : fmt::v10::detail::to_unsigned(end - buf_ptr)" is passed to a parameter that cannot be negative.
672         bool result = f(error ? invalid_code_point : cp,
673                         string_view(ptr, error ? 1 : to_unsigned(end - buf_ptr)));
674         return result ? (error ? buf_ptr + 1 : end) : nullptr;
675       };
676       auto p = s.data();
677       const size_t block_size = 4;  // utf8_decode always reads blocks of 4 chars.
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 672 in fmt::v10::detail::for_each_codepoint<fmt::v10::detail::find_escape(const char *, const char *)::[lambda(unsigned int, fmt::v10::basic_string_view<char>) (instance 1)]>(fmt::v10::basic_string_view<char>, T1)::[lambda(const char *, const char *) (instance 1)]::operator ()(const char *, const char *) const()
666     template <typename F>
667     FMT_CONSTEXPR void for_each_codepoint(string_view s, F f) {
668       auto decode = [f](const char* buf_ptr, const char* ptr) {
669         auto cp = uint32_t();
670         auto error = 0;
671         auto end = utf8_decode(buf_ptr, &cp, &error);
>>>     CID 432785:    (NEGATIVE_RETURNS)
>>>     "error ? 1UL : fmt::v10::detail::to_unsigned(end - buf_ptr)" is passed to a parameter that cannot be negative.
672         bool result = f(error ? invalid_code_point : cp,
673                         string_view(ptr, error ? 1 : to_unsigned(end - buf_ptr)));
674         return result ? (error ? buf_ptr + 1 : end) : nullptr;
675       };
676       auto p = s.data();
677       const size_t block_size = 4;  // utf8_decode always reads blocks of 4 chars.
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 672 in fmt::v10::detail::for_each_codepoint<fmt::v10::detail::code_point_index(fmt::v10::basic_string_view<char>, unsigned long)::[lambda(unsigned int, fmt::v10::basic_string_view<char>) (instance 1)]>(fmt::v10::basic_string_view<char>, T1)::[lambda(const char *, const char *) (instance 1)]::operator ()(const char *, const char *) const()
666     template <typename F>
667     FMT_CONSTEXPR void for_each_codepoint(string_view s, F f) {
668       auto decode = [f](const char* buf_ptr, const char* ptr) {
669         auto cp = uint32_t();
670         auto error = 0;
671         auto end = utf8_decode(buf_ptr, &cp, &error);
>>>     CID 432785:    (NEGATIVE_RETURNS)
>>>     "error ? 1UL : fmt::v10::detail::to_unsigned(end - buf_ptr)" is passed to a parameter that cannot be negative.
672         bool result = f(error ? invalid_code_point : cp,
673                         string_view(ptr, error ? 1 : to_unsigned(end - buf_ptr)));
674         return result ? (error ? buf_ptr + 1 : end) : nullptr;
675       };
676       auto p = s.data();
677       const size_t block_size = 4;  // utf8_decode always reads blocks of 4 chars.
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 672 in fmt::v10::detail::for_each_codepoint<fmt::v10::detail::compute_width(fmt::v10::basic_string_view<char>)::count_code_points>(fmt::v10::basic_string_view<char>, T1)::[lambda(const char *, const char *) (instance 1)]::operator ()(const char *, const char *) const()
666     template <typename F>
667     FMT_CONSTEXPR void for_each_codepoint(string_view s, F f) {
668       auto decode = [f](const char* buf_ptr, const char* ptr) {
669         auto cp = uint32_t();
670         auto error = 0;
671         auto end = utf8_decode(buf_ptr, &cp, &error);
>>>     CID 432785:    (NEGATIVE_RETURNS)
>>>     "error ? 1UL : fmt::v10::detail::to_unsigned(end - buf_ptr)" is passed to a parameter that cannot be negative.
672         bool result = f(error ? invalid_code_point : cp,
673                         string_view(ptr, error ? 1 : to_unsigned(end - buf_ptr)));
674         return result ? (error ? buf_ptr + 1 : end) : nullptr;
675       };
676       auto p = s.data();
677       const size_t block_size = 4;  // utf8_decode always reads blocks of 4 chars.

** CID 432681:  Integer handling issues  (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 432681:  Integer handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 704 in fmt::v10::basic_format_parse_context<char>::advance_to(const char *)()
698         Returns an iterator past the end of the format string range being parsed.
699        */
700       constexpr auto end() const noexcept -> iterator { return format_str_.end(); }
701     
702       /** Advances the begin iterator to ``it``. */
703       FMT_CONSTEXPR void advance_to(iterator it) {
>>>     CID 432681:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - this->begin())" is passed to a parameter that cannot be negative.
704         format_str_.remove_prefix(detail::to_unsigned(it - begin()));
705       }
706     
707       /**
708         Reports an error if using the manual argument indexing; otherwise returns
709         the next argument index and switches to the automatic indexing.

** CID 432542:  Integer handling issues  (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 432542:  Integer handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1813 in fmt::v10::detail::find_escape(const char *, const char *)()
1807     }
1808     
1809     inline auto find_escape(const char* begin, const char* end)
1810         -> find_escape_result<char> {
1811       if (!is_utf8()) return find_escape<char>(begin, end);
1812       auto result = find_escape_result<char>{end, nullptr, 0};
>>>     CID 432542:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(end - begin)" is passed to a parameter that cannot be negative.
1813       for_each_codepoint(string_view(begin, to_unsigned(end - begin)),
1814                          [&](uint32_t cp, string_view sv) {
1815                            if (needs_escape(cp)) {
1816                              result = {sv.begin(), sv.end(), cp};
1817                              return false;
1818                            }

** CID 432501:    (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 432501:    (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)4, char, fmt::v10::appender, unsigned int>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)4, char, fmt::v10::appender, unsigned __int128>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)1, char, fmt::v10::appender, unsigned int>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)1, char, fmt::v10::appender, unsigned __int128>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)1, char, fmt::v10::appender, unsigned long>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)3, char, fmt::v10::appender, unsigned long>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)3, char, fmt::v10::appender, unsigned int>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)3, char, fmt::v10::appender, unsigned __int128>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 1357 in fmt::v10::detail::format_uint<(unsigned int)4, char, fmt::v10::appender, unsigned long>(T3, T4, int, bool)()
1351       return end;
1352     }
1353     
1354     template <unsigned BASE_BITS, typename Char, typename It, typename UInt>
1355     FMT_CONSTEXPR inline auto format_uint(It out, UInt value, int num_digits,
1356                                           bool upper = false) -> It {
>>>     CID 432501:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(num_digits)" is passed to a parameter that cannot be negative.
1357       if (auto ptr = to_pointer<Char>(out, to_unsigned(num_digits))) {
1358         format_uint<BASE_BITS>(ptr, value, num_digits, upper);
1359         return out;
1360       }
1361       // Buffer should be large enough to hold all digits (digits / BASE_BITS + 1).
1362       char buffer[num_bits<UInt>() / BASE_BITS + 1] = {};

** CID 432379:  Integer handling issues  (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 432379:  Integer handling issues  (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2475 in fmt::v10::detail::parse_format_specs<char>(const T1 *, const T1 *, fmt::v10::detail::dynamic_format_specs<T1> &, fmt::v10::basic_format_parse_context<T1> &, fmt::v10::detail::type)()
2469           if (*begin == '{') {
2470             throw_format_error("invalid fill character '{'");
2471             return begin;
2472           }
2473           auto align = parse_align(to_ascii(*fill_end));
2474           enter_state(state::align, align != align::none);
>>>     CID 432379:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(fill_end - begin)" is passed to a parameter that cannot be negative.
2475           specs.fill = {begin, to_unsigned(fill_end - begin)};
2476           specs.align = align;
2477           begin = fill_end + 1;
2478         }
2479         }
2480         if (begin == end) return begin;

** CID 432239:    (NEGATIVE_RETURNS)

________________________________________________________________________________________________________
*** CID 432239:    (NEGATIVE_RETURNS)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2235 in fmt::v10::detail::do_parse_arg_id<char, fmt::v10::detail::dynamic_spec_id_handler<char> &>(const T1 *, const T1 *, T2 &&)()
2229         return begin;
2230       }
2231       auto it = begin;
2232       do {
2233         ++it;
2234       } while (it != end && (is_name_start(*it) || ('0' <= *it && *it <= '9')));
>>>     CID 432239:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - begin)" is passed to a parameter that cannot be negative.
2235       handler.on_name({begin, to_unsigned(it - begin)});
2236       return it;
2237     }
2238     
2239     template <typename Char, typename Handler>
2240     FMT_CONSTEXPR FMT_INLINE auto parse_arg_id(const Char* begin, const Char* end,
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2235 in fmt::v10::detail::do_parse_arg_id<char, fmt::v10::detail::parse_replacement_field<char, fmt::v10::detail::format_string_checker<char, fmt::v10::basic_string_view<char>, char [3]> &>(const T1 *, const T1 *, T2 &&)::id_adapter &>(const T1 *, const T1 *, T2 &&)()
2229         return begin;
2230       }
2231       auto it = begin;
2232       do {
2233         ++it;
2234       } while (it != end && (is_name_start(*it) || ('0' <= *it && *it <= '9')));
>>>     CID 432239:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - begin)" is passed to a parameter that cannot be negative.
2235       handler.on_name({begin, to_unsigned(it - begin)});
2236       return it;
2237     }
2238     
2239     template <typename Char, typename Handler>
2240     FMT_CONSTEXPR FMT_INLINE auto parse_arg_id(const Char* begin, const Char* end,
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2235 in fmt::v10::detail::do_parse_arg_id<char, fmt::v10::detail::parse_replacement_field<char, fmt::v10::detail::format_string_checker<char, int> &>(const T1 *, const T1 *, T2 &&)::id_adapter &>(const T1 *, const T1 *, T2 &&)()
2229         return begin;
2230       }
2231       auto it = begin;
2232       do {
2233         ++it;
2234       } while (it != end && (is_name_start(*it) || ('0' <= *it && *it <= '9')));
>>>     CID 432239:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - begin)" is passed to a parameter that cannot be negative.
2235       handler.on_name({begin, to_unsigned(it - begin)});
2236       return it;
2237     }
2238     
2239     template <typename Char, typename Handler>
2240     FMT_CONSTEXPR FMT_INLINE auto parse_arg_id(const Char* begin, const Char* end,
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2235 in fmt::v10::detail::do_parse_arg_id<char, fmt::v10::detail::parse_replacement_field<char, fmt::v10::detail::format_string_checker<char> &>(const T1 *, const T1 *, T2 &&)::id_adapter &>(const T1 *, const T1 *, T2 &&)()
2229         return begin;
2230       }
2231       auto it = begin;
2232       do {
2233         ++it;
2234       } while (it != end && (is_name_start(*it) || ('0' <= *it && *it <= '9')));
>>>     CID 432239:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - begin)" is passed to a parameter that cannot be negative.
2235       handler.on_name({begin, to_unsigned(it - begin)});
2236       return it;
2237     }
2238     
2239     template <typename Char, typename Handler>
2240     FMT_CONSTEXPR FMT_INLINE auto parse_arg_id(const Char* begin, const Char* end,
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2235 in fmt::v10::detail::do_parse_arg_id<char, fmt::v10::detail::parse_replacement_field<char, fmt::v10::detail::format_string_checker<char, const char *, const char *, int> &>(const T1 *, const T1 *, T2 &&)::id_adapter &>(const T1 *, const T1 *, T2 &&)()
2229         return begin;
2230       }
2231       auto it = begin;
2232       do {
2233         ++it;
2234       } while (it != end && (is_name_start(*it) || ('0' <= *it && *it <= '9')));
>>>     CID 432239:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - begin)" is passed to a parameter that cannot be negative.
2235       handler.on_name({begin, to_unsigned(it - begin)});
2236       return it;
2237     }
2238     
2239     template <typename Char, typename Handler>
2240     FMT_CONSTEXPR FMT_INLINE auto parse_arg_id(const Char* begin, const Char* end,
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/core.h: 2235 in fmt::v10::detail::do_parse_arg_id<char, fmt::v10::detail::parse_replacement_field<char, fmt::v10::detail::format_string_checker<char, char [7], int> &>(const T1 *, const T1 *, T2 &&)::id_adapter &>(const T1 *, const T1 *, T2 &&)()
2229         return begin;
2230       }
2231       auto it = begin;
2232       do {
2233         ++it;
2234       } while (it != end && (is_name_start(*it) || ('0' <= *it && *it <= '9')));
>>>     CID 432239:    (NEGATIVE_RETURNS)
>>>     "fmt::v10::detail::to_unsigned(it - begin)" is passed to a parameter that cannot be negative.
2235       handler.on_name({begin, to_unsigned(it - begin)});
2236       return it;
2237     }
2238     
2239     template <typename Char, typename Handler>
2240     FMT_CONSTEXPR FMT_INLINE auto parse_arg_id(const Char* begin, const Char* end,

** CID 419897:    (UNCAUGHT_EXCEPT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()

________________________________________________________________________________________________________
*** CID 419897:    (UNCAUGHT_EXCEPT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()
37     }
38     
39     FMT_FUNC void throw_format_error(const char* message) {
40       FMT_THROW(format_error(message));
41     }
42     
>>>     CID 419897:    (UNCAUGHT_EXCEPT)
>>>     An exception of type "fmt::v10::format_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
43     FMT_FUNC void format_error_code(detail::buffer<char>& out, int error_code,
44                                     string_view message) noexcept {
45       // Report error code making sure that the output fits into
46       // inline_buffer_size to avoid dynamic memory allocation and potential
47       // bad_alloc.
48       out.try_resize(0);
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()
37     }
38     
39     FMT_FUNC void throw_format_error(const char* message) {
40       FMT_THROW(format_error(message));
41     }
42     
>>>     CID 419897:    (UNCAUGHT_EXCEPT)
>>>     An exception of type "fmt::v10::format_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
43     FMT_FUNC void format_error_code(detail::buffer<char>& out, int error_code,
44                                     string_view message) noexcept {
45       // Report error code making sure that the output fits into
46       // inline_buffer_size to avoid dynamic memory allocation and potential
47       // bad_alloc.
48       out.try_resize(0);

I think these warnings should be evaluated and probably be fixed.

[jk-jeon]

For the very first one it says -minus_k evaluates to 790, but how? What is the potential input that can make that happen? According to my computation, exponent must be one of -2620, -2619, and -2618 in order for this to happen, but that is just impossible for T = float. Some of the warnings, e.g., those about bit-shifts, are directly contradicting to FMT_ASSERT's right above the flagged lines. Is there a way to let it to produce more detailed reasonings about its conclusions? Otherwise, these warnings don't seem to be very credible to me.

[albert-github]

Thanks for the quick assessment.

The information is from: https://scan.coverity.com/projects/2860

Regarding the first message ( CID 434544) the only little information I further see is:

4. assignment: Assigning: minus_k = fmt::v10::detail::dragonbox::floor_log10_pow2(exponent) - 1. The value of minus_k is now between -790 and 787 (inclusive).

There is some extra information:

259  static auto get_cached_power(int k) noexcept -> uint64_t {
260    FMT_ASSERT(k >= float_info<float>::min_k && k <= float_info<float>::max_k,
261               "k is out of range");
262    static constexpr const uint64_t pow10_significands[] = {
263        0x81ceb32c4b43fcf5, 0xa2425ff75e14fc32, 0xcad2f7f5359a3b3f,
264        0xfd87b5f28300ca0e, 0x9e74d1b791e07e49, 0xc612062576589ddb,
265        0xf79687aed3eec552, 0x9abe14cd44753b53, 0xc16d9a0095928a28,
266        0xf1c90080baf72cb2, 0x971da05074da7bef, 0xbce5086492111aeb,
267        0xec1e4a7db69561a6, 0x9392ee8e921d5d08, 0xb877aa3236a4b44a,
268        0xe69594bec44de15c, 0x901d7cf73ab0acda, 0xb424dc35095cd810,
269        0xe12e13424bb40e14, 0x8cbccc096f5088cc, 0xafebff0bcb24aaff,
270        0xdbe6fecebdedd5bf, 0x89705f4136b4a598, 0xabcc77118461cefd,
271        0xd6bf94d5e57a42bd, 0x8637bd05af6c69b6, 0xa7c5ac471b478424,
272        0xd1b71758e219652c, 0x83126e978d4fdf3c, 0xa3d70a3d70a3d70b,
273        0xcccccccccccccccd, 0x8000000000000000, 0xa000000000000000,
274        0xc800000000000000, 0xfa00000000000000, 0x9c40000000000000,
275        0xc350000000000000, 0xf424000000000000, 0x9896800000000000,
276        0xbebc200000000000, 0xee6b280000000000, 0x9502f90000000000,
277        0xba43b74000000000, 0xe8d4a51000000000, 0x9184e72a00000000,
278        0xb5e620f480000000, 0xe35fa931a0000000, 0x8e1bc9bf04000000,
279        0xb1a2bc2ec5000000, 0xde0b6b3a76400000, 0x8ac7230489e80000,
280        0xad78ebc5ac620000, 0xd8d726b7177a8000, 0x878678326eac9000,
281        0xa968163f0a57b400, 0xd3c21bcecceda100, 0x84595161401484a0,
282        0xa56fa5b99019a5c8, 0xcecb8f27f4200f3a, 0x813f3978f8940985,
283        0xa18f07d736b90be6, 0xc9f2c9cd04674edf, 0xfc6f7c4045812297,
284        0x9dc5ada82b70b59e, 0xc5371912364ce306, 0xf684df56c3e01bc7,
285        0x9a130b963a6c115d, 0xc097ce7bc90715b4, 0xf0bdc21abb48db21,
286        0x96769950b50d88f5, 0xbc143fa4e250eb32, 0xeb194f8e1ae525fe,
287        0x92efd1b8d0cf37bf, 0xb7abc627050305ae, 0xe596b7b0c643c71a,
288        0x8f7e32ce7bea5c70, 0xb35dbf821ae4f38c, 0xe0352f62a19e306f};
1. index_parm: Indexing array pow10_significands of size 78 with k plus an offset.
289    return pow10_significands[k - float_info<float>::min_k];
290  }

I´ve not checked he path through ch the static analyzer comes to this conclusion. I´ll have a look at it next week.

Regarding the second problem (CID 534540) I see some extra information:

1. negative_return_fn: Function fmt::v10::detail::to_unsigned(last - first) returns a negative number

391FMT_CONSTEXPR auto to_unsigned(Int value) ->
392    typename std::make_unsigned<Int>::type {
1. var_tested_neg: Variable value is negative.
393  FMT_ASSERT(std::is_unsigned<Int>::value || value >= 0, "negative value");
2. return_negative_variable: Explicitly returning negative variable value.
394  return static_cast<typename std::make_unsigned<Int>::type>(value);
395}

[vitaut]

All of NEGATIVE_RETURNS look like false positives because the return type of to_unsigned is unsigned:

https://github.com/fmtlib/fmt/blob/18a9676d958a861a24fbebbaceb1c6863394ab3c/include/fmt/base.h#L433

You might want to report an issue to Coverity since it's clearly broken on their part, e.g.

"fmt::v10::detail::to_unsigned(last - first)" is passed to a parameter that cannot be negative.

is obviously nonsensical since an unsigned value cannot be negative.

Filtering those out this leaves 7 reports which I haven't looked at yet:

** CID 434544:  Memory - corruptions  (OVERRUN)

________________________________________________________________________________________________________
*** CID 434544:  Memory - corruptions  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1278 in fmt::v10::detail::dragonbox::to_decimal<float>(T1)()
1272     
1273       const bool include_left_endpoint = (significand % 2 == 0);
1274       const bool include_right_endpoint = include_left_endpoint;
1275     
1276       // Compute k and beta.
1277       const int minus_k = floor_log10_pow2(exponent) - float_info<T>::kappa;
>>>     CID 434544:  Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 78 by passing argument "-minus_k" (which evaluates to 790) in call to "get_cached_power".
1278       const cache_entry_type cache = cache_accessor<T>::get_cached_power(-minus_k);
1279       const int beta = exponent + floor_log2_pow10(-minus_k);
1280     
1281       // Compute zi and deltai.
1282       // 10^kappa <= deltai < 10^(kappa + 1)
1283       const uint32_t deltai = cache_accessor<T>::compute_delta(cache, beta);

** CID 434537:  Memory - illegal accesses  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 289 in fmt::v10::detail::dragonbox::cache_accessor<float>::get_cached_power(int)()

________________________________________________________________________________________________________
*** CID 434537:  Memory - illegal accesses  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 289 in fmt::v10::detail::dragonbox::cache_accessor<float>::get_cached_power(int)()
283             0xa18f07d736b90be6, 0xc9f2c9cd04674edf, 0xfc6f7c4045812297,
284             0x9dc5ada82b70b59e, 0xc5371912364ce306, 0xf684df56c3e01bc7,
285             0x9a130b963a6c115d, 0xc097ce7bc90715b4, 0xf0bdc21abb48db21,
286             0x96769950b50d88f5, 0xbc143fa4e250eb32, 0xeb194f8e1ae525fe,
287             0x92efd1b8d0cf37bf, 0xb7abc627050305ae, 0xe596b7b0c643c71a,
288             0x8f7e32ce7bea5c70, 0xb35dbf821ae4f38c, 0xe0352f62a19e306f};
>>>     CID 434537:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array "pow10_significands" of 78 8-byte elements at element index 78 (byte offset 631) using index "k - -31" (which evaluates to 78).
289         return pow10_significands[k - float_info<float>::min_k];
290       }
291     
292       struct compute_mul_result {
293         carrier_uint result;
294         bool is_integer;

** CID 434530:    (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()

________________________________________________________________________________________________________
*** CID 434530:    (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()
1054     
1055         recovered_cache += middle_low.high();
1056     
1057         uint64_t high_to_middle = recovered_cache.high() << (64 - alpha);
1058         uint64_t middle_to_low = recovered_cache.low() << (64 - alpha);
1059     
>>>     CID 434530:    (BAD_SHIFT)
>>>     In expression "middle_low.low() >> alpha", right shifting by more than 63 bits has undefined behavior.  The shift amount, "alpha", is at least 64.
1060         recovered_cache =
1061             uint128_fallback{(recovered_cache.low() >> alpha) | high_to_middle,
1062                              ((middle_low.low() >> alpha) | middle_to_low)};
1063         FMT_ASSERT(recovered_cache.low() + 1 != 0, "");
1064         return {recovered_cache.high(), recovered_cache.low() + 1};
1065     #endif
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1060 in fmt::v10::detail::dragonbox::cache_accessor<double>::get_cached_power(int)()
1054     
1055         recovered_cache += middle_low.high();
1056     
1057         uint64_t high_to_middle = recovered_cache.high() << (64 - alpha);
1058         uint64_t middle_to_low = recovered_cache.low() << (64 - alpha);
1059     
>>>     CID 434530:    (BAD_SHIFT)
>>>     In expression "recovered_cache.low() >> alpha", right shifting by more than 63 bits has undefined behavior.  The shift amount, "alpha", is at least 64.
1060         recovered_cache =
1061             uint128_fallback{(recovered_cache.low() >> alpha) | high_to_middle,
1062                              ((middle_low.low() >> alpha) | middle_to_low)};
1063         FMT_ASSERT(recovered_cache.low() + 1 != 0, "");
1064         return {recovered_cache.high(), recovered_cache.low() + 1};
1065     #endif

** CID 434528:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1097 in fmt::v10::detail::dragonbox::cache_accessor<double>::compute_mul_parity(unsigned long, const fmt::v10::detail::uint128_fallback &, int)()

________________________________________________________________________________________________________
*** CID 434528:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1097 in fmt::v10::detail::dragonbox::cache_accessor<double>::compute_mul_parity(unsigned long, const fmt::v10::detail::uint128_fallback &, int)()
1091                                      int beta) noexcept
1092           -> compute_mul_parity_result {
1093         FMT_ASSERT(beta >= 1, "");
1094         FMT_ASSERT(beta < 64, "");
1095     
1096         auto r = umul192_lower128(two_f, cache);
>>>     CID 434528:  Integer handling issues  (BAD_SHIFT)
>>>     In expression "r.high() << beta", left shifting by more than 63 bits has undefined behavior.  The shift amount, "beta", is at least 64.
1097         return {((r.high() >> (64 - beta)) & 1) != 0,
1098                 ((r.high() << beta) | (r.low() >> (64 - beta))) == 0};
1099       }
1100     
1101       static auto compute_left_endpoint_for_shorter_interval_case(
1102           const cache_entry_type& cache, int beta) noexcept -> carrier_uint {

** CID 434520:  Memory - corruptions  (OVERRUN)

________________________________________________________________________________________________________
*** CID 434520:  Memory - corruptions  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1205 in fmt::v10::detail::dragonbox::shorter_interval_case<float>(int)()
1199       // Compute k and beta
1200       const int minus_k = floor_log10_pow2_minus_log10_4_over_3(exponent);
1201       const int beta = exponent + floor_log2_pow10(-minus_k);
1202     
1203       // Compute xi and zi
1204       using cache_entry_type = typename cache_accessor<T>::cache_entry_type;
>>>     CID 434520:  Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 78 by passing argument "-minus_k" (which evaluates to 899) in call to "get_cached_power".
1205       const cache_entry_type cache = cache_accessor<T>::get_cached_power(-minus_k);
1206     
1207       auto xi = cache_accessor<T>::compute_left_endpoint_for_shorter_interval_case(
1208           cache, beta);
1209       auto zi = cache_accessor<T>::compute_right_endpoint_for_shorter_interval_case(
1210           cache, beta);

** CID 434519:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2902 in fmt::v10::detail::bigint::operator <<=(int)()

________________________________________________________________________________________________________
*** CID 434519:  Integer handling issues  (BAD_SHIFT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format.h: 2902 in fmt::v10::detail::bigint::operator <<=(int)()
2896         exp_ += shift / bigit_bits;
2897         shift %= bigit_bits;
2898         if (shift == 0) return *this;
2899         bigit carry = 0;
2900         for (size_t i = 0, n = bigits_.size(); i < n; ++i) {
2901           bigit c = bigits_[i] >> (bigit_bits - shift);
>>>     CID 434519:  Integer handling issues  (BAD_SHIFT)
>>>     In expression "this->bigits_[i] << shift", shifting by a negative amount has undefined behavior.  The shift amount, "shift", is no more than -1.
2902           bigits_[i] = (bigits_[i] << shift) + carry;
2903           carry = c;
2904         }
2905         if (carry != 0) bigits_.push_back(carry);
2906         return *this;
2907       }

** CID 419897:    (UNCAUGHT_EXCEPT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()

________________________________________________________________________________________________________
*** CID 419897:    (UNCAUGHT_EXCEPT)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()
37     }
38     
39     FMT_FUNC void throw_format_error(const char* message) {
40       FMT_THROW(format_error(message));
41     }
42     
>>>     CID 419897:    (UNCAUGHT_EXCEPT)
>>>     An exception of type "fmt::v10::format_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
43     FMT_FUNC void format_error_code(detail::buffer<char>& out, int error_code,
44                                     string_view message) noexcept {
45       // Report error code making sure that the output fits into
46       // inline_buffer_size to avoid dynamic memory allocation and potential
47       // bad_alloc.
48       out.try_resize(0);
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 43 in fmt::v10::detail::format_error_code(fmt::v10::detail::buffer<char> &, int, fmt::v10::basic_string_view<char>)()
37     }
38     
39     FMT_FUNC void throw_format_error(const char* message) {
40       FMT_THROW(format_error(message));
41     }
42     
>>>     CID 419897:    (UNCAUGHT_EXCEPT)
>>>     An exception of type "fmt::v10::format_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
43     FMT_FUNC void format_error_code(detail::buffer<char>& out, int error_code,
44                                     string_view message) noexcept {
45       // Report error code making sure that the output fits into
46       // inline_buffer_size to avoid dynamic memory allocation and potential
47       // bad_alloc.
48       out.try_resize(0);

[vitaut]

UNCAUGHT_EXCEPT is also a false positive - try_resize doesn't throw when the argument is zero.

[vitaut]

BAD_SHIFT are also false positive that contradict the asserts. This leaves the following 3 reports:

** CID 434544:  Memory - corruptions  (OVERRUN)

________________________________________________________________________________________________________
*** CID 434544:  Memory - corruptions  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1278 in fmt::v10::detail::dragonbox::to_decimal<float>(T1)()
1272     
1273       const bool include_left_endpoint = (significand % 2 == 0);
1274       const bool include_right_endpoint = include_left_endpoint;
1275     
1276       // Compute k and beta.
1277       const int minus_k = floor_log10_pow2(exponent) - float_info<T>::kappa;
>>>     CID 434544:  Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 78 by passing argument "-minus_k" (which evaluates to 790) in call to "get_cached_power".
1278       const cache_entry_type cache = cache_accessor<T>::get_cached_power(-minus_k);
1279       const int beta = exponent + floor_log2_pow10(-minus_k);
1280     
1281       // Compute zi and deltai.
1282       // 10^kappa <= deltai < 10^(kappa + 1)
1283       const uint32_t deltai = cache_accessor<T>::compute_delta(cache, beta);

** CID 434537:  Memory - illegal accesses  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 289 in fmt::v10::detail::dragonbox::cache_accessor<float>::get_cached_power(int)()

________________________________________________________________________________________________________
*** CID 434537:  Memory - illegal accesses  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 289 in fmt::v10::detail::dragonbox::cache_accessor<float>::get_cached_power(int)()
283             0xa18f07d736b90be6, 0xc9f2c9cd04674edf, 0xfc6f7c4045812297,
284             0x9dc5ada82b70b59e, 0xc5371912364ce306, 0xf684df56c3e01bc7,
285             0x9a130b963a6c115d, 0xc097ce7bc90715b4, 0xf0bdc21abb48db21,
286             0x96769950b50d88f5, 0xbc143fa4e250eb32, 0xeb194f8e1ae525fe,
287             0x92efd1b8d0cf37bf, 0xb7abc627050305ae, 0xe596b7b0c643c71a,
288             0x8f7e32ce7bea5c70, 0xb35dbf821ae4f38c, 0xe0352f62a19e306f};
>>>     CID 434537:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array "pow10_significands" of 78 8-byte elements at element index 78 (byte offset 631) using index "k - -31" (which evaluates to 78).
289         return pow10_significands[k - float_info<float>::min_k];
290       }
291     
292       struct compute_mul_result {
293         carrier_uint result;
294         bool is_integer;

** CID 434520:  Memory - corruptions  (OVERRUN)

________________________________________________________________________________________________________
*** CID 434520:  Memory - corruptions  (OVERRUN)
/home/runner/work/doxygen/doxygen/deps/spdlog/include/spdlog/fmt/bundled/format-inl.h: 1205 in fmt::v10::detail::dragonbox::shorter_interval_case<float>(int)()
1199       // Compute k and beta
1200       const int minus_k = floor_log10_pow2_minus_log10_4_over_3(exponent);
1201       const int beta = exponent + floor_log2_pow10(-minus_k);
1202     
1203       // Compute xi and zi
1204       using cache_entry_type = typename cache_accessor<T>::cache_entry_type;
>>>     CID 434520:  Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 78 by passing argument "-minus_k" (which evaluates to 899) in call to "get_cached_power".
1205       const cache_entry_type cache = cache_accessor<T>::get_cached_power(-minus_k);
1206     
1207       auto xi = cache_accessor<T>::compute_left_endpoint_for_shorter_interval_case(
1208           cache, beta);
1209       auto zi = cache_accessor<T>::compute_right_endpoint_for_shorter_interval_case(
1210           cache, beta);