[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-trivial] [Qemu-devel] [PATCH] qom: suppress conscan warning of
From: |
Markus Armbruster |
Subject: |
Re: [Qemu-trivial] [Qemu-devel] [PATCH] qom: suppress conscan warning of returning null point |
Date: |
Mon, 22 Sep 2014 08:35:18 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) |
Paolo Bonzini <address@hidden> writes:
> Il 20/09/2014 02:11, Amos Kong ha scritto:
>> Conscan complains about g_malloc0() and malloc() return null.
s/Conscan/Coverity/, both here and in subject.
>>
>> Error: NULL_RETURNS (CWE-476):
>> qemu-kvm/qom/object.c:239: returned_null: Function
>> "g_malloc0(gsize)" returns null.
>> qemu-kvm/qom/object.c:239: var_assigned: Assigning: "ti->class" =
>> null return value from "g_malloc0(gsize)".
>> qemu-kvm/qom/object.c:249: dereference: Dereferencing a null
>> pointer "ti->class".
>>
>> But if the passed size parameter is >= 1, then we can always get an
>> effective pointer, the warning disappears.
>
> The model should handle it:
>
> void *
> g_malloc0(size_t n_bytes)
> {
> void *mem;
> __coverity_negative_sink__(n_bytes);
> mem = calloc(1, n_bytes == 0 ? 1 : n_bytes);
> if (!mem) __coverity_panic__();
> return mem;
> }
>
> So this patch means your coverity runs are misconfigured.
Yes. I'm not sure we want the assertions anyway.
I use the following options with cov-analyze:
-co BAD_FREE:allow_first_field:true
-co DEADCODE:no_dead_default:true
--security
--concurrency
--user-model-file scripts/coverity-model.xmldb
--derived-model-file ~/work/glib/glib-2.38.2.xmldb
where glib-2.38.2.xmldb is produced by "cov-collect-models --dir cov -of
glib-2.32.4.xmldb" after a full Coverity scan of glib.