[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 8/8] coverity-model: write models fully for non-array allocation f
|
From: |
Paolo Bonzini |
|
Subject: |
[PULL 8/8] coverity-model: write models fully for non-array allocation functions |
|
Date: |
Mon, 2 Aug 2021 18:15:42 +0200 |
Coverity seems to have issues figuring out the properties of g_malloc0
and other non *_n functions. While this was "fixed" by removing the
custom second argument to __coverity_mark_as_afm_allocated__, inline
the code from the array-based allocation functions to avoid future
issues.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
scripts/coverity-scan/model.c | 57 +++++++++++++++++++++++++++++++----
1 file changed, 51 insertions(+), 6 deletions(-)
diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c
index 028f13e9e3..9d4fba53d9 100644
--- a/scripts/coverity-scan/model.c
+++ b/scripts/coverity-scan/model.c
@@ -269,32 +269,77 @@ void *g_try_realloc_n(void *ptr, size_t nmemb, size_t
size)
void *g_malloc(size_t size)
{
- return g_malloc_n(1, size);
+ void *ptr;
+
+ __coverity_negative_sink__(size);
+ ptr = __coverity_alloc__(size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
+ __coverity_mark_as_uninitialized_buffer__(ptr);
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
+ return ptr;
}
void *g_malloc0(size_t size)
{
- return g_malloc0_n(1, size);
+ void *ptr;
+
+ __coverity_negative_sink__(size);
+ ptr = __coverity_alloc__(size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
+ __coverity_writeall0__(ptr);
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
+ return ptr;
}
void *g_realloc(void *ptr, size_t size)
{
- return g_realloc_n(ptr, 1, size);
+ __coverity_negative_sink__(size);
+ __coverity_escape__(ptr);
+ ptr = __coverity_alloc__(size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
+ /*
+ * Memory beyond the old size isn't actually initialized. Can't
+ * model that. See Coverity's realloc() model
+ */
+ __coverity_writeall__(ptr);
+ __coverity_mark_as_afm_allocated__(ptr, AFM_free);
+ return ptr;
}
void *g_try_malloc(size_t size)
{
- return g_try_malloc_n(1, size);
+ int nomem;
+
+ if (nomem) {
+ return NULL;
+ }
+ return g_malloc(size);
}
void *g_try_malloc0(size_t size)
{
- return g_try_malloc0_n(1, size);
+ int nomem;
+
+ if (nomem) {
+ return NULL;
+ }
+ return g_malloc0(size);
}
void *g_try_realloc(void *ptr, size_t size)
{
- return g_try_realloc_n(ptr, 1, size);
+ int nomem;
+
+ if (nomem) {
+ return NULL;
+ }
+ return g_realloc(ptr, size);
}
/* Other glib functions */
--
2.31.1
- [PULL 0/8] vl.c, coverity patches for QEMU 6.1-rc2, Paolo Bonzini, 2021/08/02
- [PULL 4/8] coverity-model: make g_free a synonym of free, Paolo Bonzini, 2021/08/02
- [PULL 3/8] coverity-model: update address_space_read/write models, Paolo Bonzini, 2021/08/02
- [PULL 5/8] coverity-model: remove model for more allocation functions, Paolo Bonzini, 2021/08/02
- [PULL 7/8] coverity-model: constrain g_malloc/g_malloc0/g_realloc as never returning NULL, Paolo Bonzini, 2021/08/02
- [PULL 6/8] coverity-model: clean up the models for array allocation functions, Paolo Bonzini, 2021/08/02
- [PULL 2/8] vl: stop recording -smp in QemuOpts, Paolo Bonzini, 2021/08/02
- [PULL 1/8] vl: introduce machine_merge_property, Paolo Bonzini, 2021/08/02
- [PULL 8/8] coverity-model: write models fully for non-array allocation functions,
Paolo Bonzini <=
- Re: [PULL 0/8] vl.c, coverity patches for QEMU 6.1-rc2, Peter Maydell, 2021/08/02