qemu-trivial
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-trivial] [Qemu-devel] [PATCH] qom: suppress conscan warning of


From: Markus Armbruster
Subject: Re: [Qemu-trivial] [Qemu-devel] [PATCH] qom: suppress conscan warning of returning null point
Date: Mon, 22 Sep 2014 08:35:18 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

Paolo Bonzini <address@hidden> writes:

> Il 20/09/2014 02:11, Amos Kong ha scritto:
>> Conscan complains about g_malloc0() and malloc() return null.

s/Conscan/Coverity/, both here and in subject.

>> 
>>   Error: NULL_RETURNS (CWE-476):
>>   qemu-kvm/qom/object.c:239: returned_null: Function
>> "g_malloc0(gsize)" returns null.
>>   qemu-kvm/qom/object.c:239: var_assigned: Assigning: "ti->class" =
>> null return value from "g_malloc0(gsize)".
>>   qemu-kvm/qom/object.c:249: dereference: Dereferencing a null
>> pointer "ti->class".
>> 
>> But if the passed size parameter is >= 1, then we can always get an
>> effective pointer, the warning disappears.
>
> The model should handle it:
>
> void *
> g_malloc0(size_t n_bytes)
> {
>     void *mem;
>     __coverity_negative_sink__(n_bytes);
>     mem = calloc(1, n_bytes == 0 ? 1 : n_bytes);
>     if (!mem) __coverity_panic__();
>     return mem;
> }
>
> So this patch means your coverity runs are misconfigured.

Yes.  I'm not sure we want the assertions anyway.

I use the following options with cov-analyze:

    -co BAD_FREE:allow_first_field:true
    -co DEADCODE:no_dead_default:true
    --security
    --concurrency
    --user-model-file scripts/coverity-model.xmldb
    --derived-model-file ~/work/glib/glib-2.38.2.xmldb

where glib-2.38.2.xmldb is produced by "cov-collect-models --dir cov -of
glib-2.32.4.xmldb" after a full Coverity scan of glib.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]