| Message ID | 20170314113941.15362-1-pbonzini@redhat.com |
|---|---|
| State | New |
| Headers | show |
Paolo Bonzini <pbonzini@redhat.com> writes: > When more complexity was added to facilitate inlining, Coverity > lost the ability to use the address_space_rw model for > address_space_read/write. Got the commit hash of the change? > This causes false positive defects when Coverity sees > a length-8 write in address_space_read and a length-4 > (e.g. int*) buffer to read into. As long as the size of > the buffer is okay, this is a false positive. > > Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> > --- > scripts/coverity-model.c | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) > > diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c > index ee5bf9d..2e30150 100644 > --- a/scripts/coverity-model.c > +++ b/scripts/coverity-model.c > @@ -79,6 +79,25 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, > return result; > } > > +MemTxResult address_space_read(AddressSpace *as, hwaddr addr, > + MemTxAttrs attrs, > + uint8_t *buf, int len) > +{ > + MemTxResult result; > + __bufwrite(buf, len); > + return result; > +} > + > +MemTxResult address_space_write(AddressSpace *as, hwaddr addr, > + MemTxAttrs attrs, > + const uint8_t *buf, int len) > +{ > + MemTxResult result; > + __bufread(buf, len); > + return result; > +} > + > + > /* Tainting */ > > typedef struct {} name2keysym_t; Preferably with the commit hash of the change that necessitates this update mentioned in the commit message: Reviewed-by: Markus Armbruster <armbru@redhat.com> I can stick this in a miscellaneous pull request due later today.
On 15/03/2017 08:56, Markus Armbruster wrote: > Paolo Bonzini <pbonzini@redhat.com> writes: > >> When more complexity was added to facilitate inlining, Coverity >> lost the ability to use the address_space_rw model for >> address_space_read/write. > > Got the commit hash of the change? > >> This causes false positive defects when Coverity sees >> a length-8 write in address_space_read and a length-4 >> (e.g. int*) buffer to read into. As long as the size of >> the buffer is okay, this is a false positive. >> >> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> >> --- >> scripts/coverity-model.c | 19 +++++++++++++++++++ >> 1 file changed, 19 insertions(+) >> >> diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c >> index ee5bf9d..2e30150 100644 >> --- a/scripts/coverity-model.c >> +++ b/scripts/coverity-model.c >> @@ -79,6 +79,25 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, >> return result; >> } >> >> +MemTxResult address_space_read(AddressSpace *as, hwaddr addr, >> + MemTxAttrs attrs, >> + uint8_t *buf, int len) >> +{ >> + MemTxResult result; >> + __bufwrite(buf, len); >> + return result; >> +} >> + >> +MemTxResult address_space_write(AddressSpace *as, hwaddr addr, >> + MemTxAttrs attrs, >> + const uint8_t *buf, int len) >> +{ >> + MemTxResult result; >> + __bufread(buf, len); >> + return result; >> +} >> + >> + >> /* Tainting */ >> >> typedef struct {} name2keysym_t; > > Preferably with the commit hash of the change that necessitates this > update mentioned in the commit message: > Reviewed-by: Markus Armbruster <armbru@redhat.com> > > I can stick this in a miscellaneous pull request due later today. Commit eb7eeb8 ("memory: split address_space_read and address_space_write", 2015-12-17). On the other hand, the model for address_space_rw is not needed anymore, so I'll send v2. Paolo
diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c index ee5bf9d..2e30150 100644 --- a/scripts/coverity-model.c +++ b/scripts/coverity-model.c @@ -79,6 +79,25 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, return result; } +MemTxResult address_space_read(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs, + uint8_t *buf, int len) +{ + MemTxResult result; + __bufwrite(buf, len); + return result; +} + +MemTxResult address_space_write(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs, + const uint8_t *buf, int len) +{ + MemTxResult result; + __bufread(buf, len); + return result; +} + + /* Tainting */ typedef struct {} name2keysym_t;
When more complexity was added to facilitate inlining, Coverity lost the ability to use the address_space_rw model for address_space_read/write. This causes false positive defects when Coverity sees a length-8 write in address_space_read and a length-4 (e.g. int*) buffer to read into. As long as the size of the buffer is okay, this is a false positive. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> --- scripts/coverity-model.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+)