[v1] coverity-model: model address_space_read/write

[Qemu-devel] [PATCH] coverity-model: model address_space_read/write

Paolo Bonzini posted 1 patch 7 years, 1 month ago

Diff against v2
Download mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20170314113941.15362-1-pbonzini@redhat.com

Test checkpatch passed

Test docker passed

There is a newer version of this series

scripts/coverity-model.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)

Expand all Fold all

[Qemu-devel] [PATCH] coverity-model: model address_space_read/write

Posted by Paolo Bonzini 7 years, 1 month ago

When more complexity was added to facilitate inlining, Coverity
lost the ability to use the address_space_rw model for
address_space_read/write.

This causes false positive defects when Coverity sees
a length-8 write in address_space_read and a length-4
(e.g. int*) buffer to read into.  As long as the size of
the buffer is okay, this is a false positive.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
 scripts/coverity-model.c | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c
index ee5bf9d..2e30150 100644
--- a/scripts/coverity-model.c
+++ b/scripts/coverity-model.c
@@ -79,6 +79,25 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs,
     return result;
 }
 
+MemTxResult address_space_read(AddressSpace *as, hwaddr addr,
+                               MemTxAttrs attrs,
+                               uint8_t *buf, int len)
+{
+    MemTxResult result;
+    __bufwrite(buf, len);
+    return result;
+}
+
+MemTxResult address_space_write(AddressSpace *as, hwaddr addr,
+                                MemTxAttrs attrs,
+                                const uint8_t *buf, int len)
+{
+    MemTxResult result;
+    __bufread(buf, len);
+    return result;
+}
+
+
 /* Tainting */
 
 typedef struct {} name2keysym_t;
-- 
2.9.3