From nobody Fri May 10 18:25:36 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1627712945249598.7905391317765; Fri, 30 Jul 2021 23:29:05 -0700 (PDT) Received: from localhost ([::1]:55536 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m9iUZ-0007aA-MX for importer@patchew.org; Sat, 31 Jul 2021 02:29:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49594) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m9iTL-00051F-9h for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:47 -0400 Received: from mail-ed1-x530.google.com ([2a00:1450:4864:20::530]:44679) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m9iTJ-0001FD-Eo for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:46 -0400 Received: by mail-ed1-x530.google.com with SMTP id j2so16371851edp.11 for ; Fri, 30 Jul 2021 23:27:44 -0700 (PDT) Received: from avogadro.redhat.com ([2001:b07:6468:f312:63a7:c72e:ea0e:6045]) by smtp.gmail.com with ESMTPSA id b25sm1766116edv.9.2021.07.30.23.27.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Jul 2021 23:27:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=wTjOAVjdtymwz9rd5aA6ONu5k4R7mM2ueQUxv/s95TM=; b=uJfDd8Y/RphhArgS+rYjdYl88K8WXDeMo23L79/pD4cxY+PQIwOUb/UvbLDUanqK2L I0PdoK11b0oDcbGMFJ66DmWWwK9peHRqkiG38LhTjPxgMIqQ5Pxyhi2bGadYWX9mpbs3 x+JqhARgL6MNZpeLp8ugxscgVlI+5aeBSIRvU6AjTjJZv7bUSkFPyKPQrlH8fsZ6YPZq zGRZ7D54lbXI1g66oJGZpFY38MgWF+Wx9TVaTJWOF7/Q5yVXkNhdkujvAzLv8tvrxf+Q rlYQBqdCKcDK7BBTB/78qn6EZA4D2NqU8Bl8p4B6Bo3WSD3Mkh/qzTX6XgG6OrBbM/x1 Cgeg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=wTjOAVjdtymwz9rd5aA6ONu5k4R7mM2ueQUxv/s95TM=; b=loj4rq1iqceuYNJsTe73PwL9CLfvgern60//GyzmH3zUkTX/sL1PPswsUuLwAJZP8P yKrC+KK2j5t4DN3tTzSpOdn5HKYFVfB82CSxHDFpv8OkeqbQc4d5W8T37jGYZAZXo6Ci IW4aoFpZoo36cZlz81bP+Jgl/Llxq8KSC13dzrFLqBcywqtAEqz6Na5lA3pM6OzEkno2 X5r6oEbBF8WvOasiTg0QKl++cO9SDqxvUSQm+e/kNL2dGM1f9Y1JeTsgcv5HYY6kj1M+ TxX6zKS6kAsbgWFQR6kTGvBnY/BSm/2sBOoEN2d66Udw649d3MGtt8uOTMH0YZ7iVOrz Dq9A== X-Gm-Message-State: AOAM531qOaITzeb8YzG7A3WGJjbLkoDQx1DjB7y5i4orCrB4Qa9jGtTm XynUlL9m2bsDk6HCGmhxwOjL7SPbN2bnNg== X-Google-Smtp-Source: ABdhPJziW7afJIUccC7cLZYSWLezLhpzqyNIzzTmSSOuuv6FRrAj4HwBXOR89qe9moX7Go6fpBKJ1Q== X-Received: by 2002:a05:6402:6cb:: with SMTP id n11mr7637562edy.112.1627712863639; Fri, 30 Jul 2021 23:27:43 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PATCH 1/6] coverity-model: update address_space_read/write models Date: Sat, 31 Jul 2021 08:27:36 +0200 Message-Id: <20210731062741.301102-2-pbonzini@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210731062741.301102-1-pbonzini@redhat.com> References: <20210731062741.301102-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::530; envelope-from=paolo.bonzini@gmail.com; helo=mail-ed1-x530.google.com X-Spam_score_int: -14 X-Spam_score: -1.5 X-Spam_bar: - X-Spam_report: (-1.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1627712946834100002 Content-Type: text/plain; charset="utf-8" Use void * for consistency with the actual function; provide a model for MemoryRegionCache functions and for address_space_rw. These let Coverity understand the bounds of the data that various functions read and write even at very high levels of inlining (e.g. pci_dma_read). Signed-off-by: Paolo Bonzini Reviewed-by: Peter Maydell --- scripts/coverity-scan/model.c | 48 ++++++++++++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 3 deletions(-) diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c index 2c0346ff25..e1bdf0ad84 100644 --- a/scripts/coverity-scan/model.c +++ b/scripts/coverity-scan/model.c @@ -45,9 +45,10 @@ typedef struct va_list_str *va_list; /* exec.c */ =20 typedef struct AddressSpace AddressSpace; +typedef struct MemoryRegionCache MemoryRegionCache; typedef uint64_t hwaddr; typedef uint32_t MemTxResult; -typedef uint64_t MemTxAttrs; +typedef struct MemTxAttrs {} MemTxAttrs; =20 static void __bufwrite(uint8_t *buf, ssize_t len) { @@ -67,9 +68,40 @@ static void __bufread(uint8_t *buf, ssize_t len) int last =3D buf[len-1]; } =20 +MemTxResult address_space_read_cached(MemoryRegionCache *cache, hwaddr add= r, + MemTxAttrs attrs, + void *buf, int len) +{ + MemTxResult result; + // TODO: investigate impact of treating reads as producing + // tainted data, with __coverity_tainted_data_argument__(buf). + __bufwrite(buf, len); + return result; +} + +MemTxResult address_space_write_cached(MemoryRegionCache *cache, hwaddr ad= dr, + MemTxAttrs attrs, + const void *buf, int len) +{ + MemTxResult result; + __bufread(buf, len); + return result; +} + +MemTxResult address_space_rw_cached(MemoryRegionCache *cache, hwaddr addr, + MemTxAttrs attrs, + void *buf, int len, bool is_write) +{ + if (is_write) { + return address_space_write_cached(cache, addr, attrs, buf, len); + } else { + return address_space_read_cached(cache, addr, attrs, buf, len); + } +} + MemTxResult address_space_read(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, - uint8_t *buf, int len) + void *buf, int len) { MemTxResult result; // TODO: investigate impact of treating reads as producing @@ -80,13 +112,23 @@ MemTxResult address_space_read(AddressSpace *as, hwadd= r addr, =20 MemTxResult address_space_write(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, - const uint8_t *buf, int len) + const void *buf, int len) { MemTxResult result; __bufread(buf, len); return result; } =20 +MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs, + void *buf, int len, bool is_write) +{ + if (is_write) { + return address_space_write(as, addr, attrs, buf, len); + } else { + return address_space_read(as, addr, attrs, buf, len); + } +} =20 /* Tainting */ =20 --=20 2.31.1 From nobody Fri May 10 18:25:36 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 162771294696231.237449718591847; Fri, 30 Jul 2021 23:29:06 -0700 (PDT) Received: from localhost ([::1]:55802 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m9iUb-0007kk-Mo for importer@patchew.org; Sat, 31 Jul 2021 02:29:05 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49622) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m9iTM-00051X-9R for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:48 -0400 Received: from mail-ed1-x52f.google.com ([2a00:1450:4864:20::52f]:40790) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m9iTK-0001FI-B8 for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:48 -0400 Received: by mail-ed1-x52f.google.com with SMTP id d6so8787075edt.7 for ; Fri, 30 Jul 2021 23:27:45 -0700 (PDT) Received: from avogadro.redhat.com ([2001:b07:6468:f312:63a7:c72e:ea0e:6045]) by smtp.gmail.com with ESMTPSA id b25sm1766116edv.9.2021.07.30.23.27.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Jul 2021 23:27:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=fm2UD8Zyz4671JlxJea8LEur7xOb1KFIH/B40VUSEow=; b=aWCm7adFNNHfSQ9oTePm+q0AyY2onCDj/EmcvF14CjA759G+2XOgmL7TD9jl/7fOGf KangiSHW1H267l5y+WaFspFZh72VPXT9pcUtp4HYMX4hU9cO50yCfr5xWVKRM9V+DyLz uByU1qlnl88v8hI58e9PvA52DCCw364kdGj+Qlp0g4z77pbrbY7DUZU0omIMkGEd2hkR ZHaE6wOmeJFR8x/U6lxCBJJPt2zR+2Zhw+qMpVoPKBDC7CUJWRA53NIqbsNcUDR7GzW7 Ty8AwyyS847axDRcXb4pHFlZErEUDQBW23ISbKQ0ySJYUOtdom3iQtU3ItBOBAzvdDyJ 3JlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=fm2UD8Zyz4671JlxJea8LEur7xOb1KFIH/B40VUSEow=; b=X4q/6GK0//tvTIKy71e5ir6e1gVBZcMC4GIPntifWMcu6SfGSewBIycBbV6/THb7Rf obNhYaUBR/C24Oa+bTTNUk0IyXY4DVYSGGUdfC0BAOLow51PCjDuXvFQNlGZB9+7aXMp I3xQrmbQ/7iEwIp3VXkuvVy8tRPUJSmU+gcAlSWdnt0sQ3wSBiRJnqOMoJK3iRfdY7tm MqhS3+EtYxAgJyIsOWJSpwi6Sw+lffQSFTAp65Y5CvmGXtaPUh/1HkUjJOepp0JtIdxH Z4SMBEl5FoybFgGCsFZ4PilfOayuQiKbMbq1CSgnJtMNjtI1wBbN+YpYVQgeEiP/Z5Nz pv4A== X-Gm-Message-State: AOAM5327krZy+GydKKLNDpWo4Kjsh/7Ip1qQRC0MOUab3/AXIdyXLHw1 eaaMxgdoPLzoX73xeOyiahqu63lMhxoE7A== X-Google-Smtp-Source: ABdhPJwbiBCQrR/FdUpzaCft2xqqxZe7mvvbhRSPVbL9Qizu+ntdKLE8Dohh9xOCufVhSIY6Z0VxJg== X-Received: by 2002:a05:6402:2788:: with SMTP id b8mr7634655ede.244.1627712864412; Fri, 30 Jul 2021 23:27:44 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PATCH 2/6] coverity-model: make g_free a synonym of free Date: Sat, 31 Jul 2021 08:27:37 +0200 Message-Id: <20210731062741.301102-3-pbonzini@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210731062741.301102-1-pbonzini@redhat.com> References: <20210731062741.301102-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::52f; envelope-from=paolo.bonzini@gmail.com; helo=mail-ed1-x52f.google.com X-Spam_score_int: -14 X-Spam_score: -1.5 X-Spam_bar: - X-Spam_report: (-1.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1627712948364100005 Content-Type: text/plain; charset="utf-8" Recently, Coverity has started complaining about using g_free() to free memory areas allocated by GLib functions not included in model.c, such as g_strfreev. This unfortunately goes against the GLib documentation, which suggests that g_malloc() should be matched with g_free() and plain malloc() with free(); since GLib 2.46 however g_malloc() is hardcoded to always use the system malloc implementation, and g_free is just "free" plus a tracepoint. Therefore, this should not cause any problem in practice. Signed-off-by: Paolo Bonzini Reviewed-by: Peter Maydell --- scripts/coverity-scan/model.c | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c index e1bdf0ad84..8e64a84c5a 100644 --- a/scripts/coverity-scan/model.c +++ b/scripts/coverity-scan/model.c @@ -186,7 +186,7 @@ void *g_malloc_n(size_t nmemb, size_t size) sz =3D nmemb * size; ptr =3D __coverity_alloc__(sz); __coverity_mark_as_uninitialized_buffer__(ptr); - __coverity_mark_as_afm_allocated__(ptr, "g_free"); + __coverity_mark_as_afm_allocated__(ptr, AFM_free); return ptr; } =20 @@ -200,7 +200,7 @@ void *g_malloc0_n(size_t nmemb, size_t size) sz =3D nmemb * size; ptr =3D __coverity_alloc__(sz); __coverity_writeall0__(ptr); - __coverity_mark_as_afm_allocated__(ptr, "g_free"); + __coverity_mark_as_afm_allocated__(ptr, AFM_free); return ptr; } =20 @@ -218,14 +218,14 @@ void *g_realloc_n(void *ptr, size_t nmemb, size_t siz= e) * model that. See Coverity's realloc() model */ __coverity_writeall__(ptr); - __coverity_mark_as_afm_allocated__(ptr, "g_free"); + __coverity_mark_as_afm_allocated__(ptr, AFM_free); return ptr; } =20 void g_free(void *ptr) { __coverity_free__(ptr); - __coverity_mark_as_afm_freed__(ptr, "g_free"); + __coverity_mark_as_afm_freed__(ptr, AFM_free); } =20 /* @@ -328,7 +328,7 @@ char *g_strdup(const char *s) __coverity_string_null_sink__(s); __coverity_string_size_sink__(s); dup =3D __coverity_alloc_nosize__(); - __coverity_mark_as_afm_allocated__(dup, "g_free"); + __coverity_mark_as_afm_allocated__(dup, AFM_free); for (i =3D 0; (dup[i] =3D s[i]); i++) ; return dup; } @@ -362,7 +362,7 @@ char *g_strdup_printf(const char *format, ...) =20 s =3D __coverity_alloc_nosize__(); __coverity_writeall__(s); - __coverity_mark_as_afm_allocated__(s, "g_free"); + __coverity_mark_as_afm_allocated__(s, AFM_free); return s; } =20 @@ -375,11 +375,10 @@ char *g_strdup_vprintf(const char *format, va_list ap) __coverity_string_size_sink__(format); =20 ch =3D *format; - ch =3D *(char *)ap; =20 s =3D __coverity_alloc_nosize__(); __coverity_writeall__(s); - __coverity_mark_as_afm_allocated__(s, "g_free"); + __coverity_mark_as_afm_allocated__(s, AFM_free); =20 return len; } @@ -395,7 +394,7 @@ char *g_strconcat(const char *s, ...) =20 s =3D __coverity_alloc_nosize__(); __coverity_writeall__(s); - __coverity_mark_as_afm_allocated__(s, "g_free"); + __coverity_mark_as_afm_allocated__(s, AFM_free); return s; } =20 --=20 2.31.1 From nobody Fri May 10 18:25:36 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1627712947704254.8522138458302; Fri, 30 Jul 2021 23:29:07 -0700 (PDT) Received: from localhost ([::1]:55922 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m9iUc-0007pT-JW for importer@patchew.org; Sat, 31 Jul 2021 02:29:06 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49628) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m9iTM-00051m-Fm for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:48 -0400 Received: from mail-ed1-x535.google.com ([2a00:1450:4864:20::535]:45600) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m9iTK-0001Fv-GP for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:48 -0400 Received: by mail-ed1-x535.google.com with SMTP id x14so16394678edr.12 for ; Fri, 30 Jul 2021 23:27:46 -0700 (PDT) Received: from avogadro.redhat.com ([2001:b07:6468:f312:63a7:c72e:ea0e:6045]) by smtp.gmail.com with ESMTPSA id b25sm1766116edv.9.2021.07.30.23.27.44 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Jul 2021 23:27:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=C6DiBC7Mzk28ej4iKDpfbNsQyeV69GCYbRHuydqtOrc=; b=DxzvepY+Y9yZSpeTgNMc3CBL8eJ1rmVhPCc2xeeCbB1q4kFSf8Bo28SrnwMiVVdKD9 ilkAX2IVPbBhWUwKoPVAtbScOubnvGhav0YXRPdXSIyTTnOIA901ylMq4u4FQ0wzpx3I tiHdU6r4udtct35FQBkiq2l6cIOvRjdvEyA1U+khZR/Q5lKZpvEJ5KrefjqP5SJJ+lVz 53BcjpHga9AqqAqy8Jj+80CYloCZNX/fU3YF1r+stBx21K2uaw6p+ENdoF4/CasUX/cu OnV1RIgVFPPtnmmmsF6InpDnfLD0NWqR8+bu/JrUwNW9S5Ln6ES0eFaTAuHjDNHzszh0 0EQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=C6DiBC7Mzk28ej4iKDpfbNsQyeV69GCYbRHuydqtOrc=; b=ZNsLGOKHI+xOWIS4eOg2mG5nj2pOd2RaOYlamP/LYG7YKeCqkwuU6KfVziF1AqI/Sk TdHWSD6l8JhaJpm8RIhjRmsgYM4KJ0qXgOAcbKDKv5wMZY8wEDmSYlU6/XqLsjjP03xx CEEefK6al49g4IgdANSXuQOYVpwXkZLNX78baof+4DAYDoc8SQco8hcOx9xKDZLm0uCG AkHkFjltARabtCiSReTGB10/inivZFLtHwa/DSqiRzf3d66T3p1Py2/S3brRmqv7o6k7 1rJuJNf5s0FnpUcOp1Ngl8Dthof3VRrqv8gr27sb3pylicZ/n9ImD9WCbed5owLR/pJk /dXQ== X-Gm-Message-State: AOAM533WiRHIe8fxsYFpK3hwQlIXk+guK+ak9bswv4kTBG34YTQltxpq HK+F/IwJZ6Z34olFIwlfLJs8ki7aLcyfIA== X-Google-Smtp-Source: ABdhPJzySwEpj71I238h5XU0ButTYnQQM053plZpl1XRxjh0H2xuf1ecQxdVR4nktXifkewAnDEUyw== X-Received: by 2002:a05:6402:7d3:: with SMTP id u19mr7839803edy.188.1627712865166; Fri, 30 Jul 2021 23:27:45 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PATCH 3/6] coverity-model: remove model for more allocation functions Date: Sat, 31 Jul 2021 08:27:38 +0200 Message-Id: <20210731062741.301102-4-pbonzini@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210731062741.301102-1-pbonzini@redhat.com> References: <20210731062741.301102-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::535; envelope-from=paolo.bonzini@gmail.com; helo=mail-ed1-x535.google.com X-Spam_score_int: 4 X-Spam_score: 0.4 X-Spam_bar: / X-Spam_report: (0.4 / 5.0 requ) DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1627713849566100001 Content-Type: text/plain; charset="utf-8" These models are not needed anymore now that Coverity does not check anymore that the result is used with "g_free". Coverity understands GCC attributes and uses them to detect leaks. Signed-off-by: Paolo Bonzini Reviewed-by: Peter Maydell --- scripts/coverity-scan/model.c | 105 +--------------------------------- 1 file changed, 1 insertion(+), 104 deletions(-) diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c index 8e64a84c5a..1a5f39d2ae 100644 --- a/scripts/coverity-scan/model.c +++ b/scripts/coverity-scan/model.c @@ -263,7 +263,7 @@ void *g_try_realloc_n(void *ptr, size_t nmemb, size_t s= ize) return g_realloc_n(ptr, nmemb, size); } =20 -/* Trivially derive the g_FOO() from the g_FOO_n() */ +/* Derive the g_FOO() from the g_FOO_n() */ =20 void *g_malloc(size_t size) { @@ -295,109 +295,6 @@ void *g_try_realloc(void *ptr, size_t size) return g_try_realloc_n(ptr, 1, size); } =20 -/* Other memory allocation functions */ - -void *g_memdup(const void *ptr, unsigned size) -{ - unsigned char *dup; - unsigned i; - - if (!ptr) { - return NULL; - } - - dup =3D g_malloc(size); - for (i =3D 0; i < size; i++) - dup[i] =3D ((unsigned char *)ptr)[i]; - return dup; -} - -/* - * GLib string allocation functions - */ - -char *g_strdup(const char *s) -{ - char *dup; - size_t i; - - if (!s) { - return NULL; - } - - __coverity_string_null_sink__(s); - __coverity_string_size_sink__(s); - dup =3D __coverity_alloc_nosize__(); - __coverity_mark_as_afm_allocated__(dup, AFM_free); - for (i =3D 0; (dup[i] =3D s[i]); i++) ; - return dup; -} - -char *g_strndup(const char *s, size_t n) -{ - char *dup; - size_t i; - - __coverity_negative_sink__(n); - - if (!s) { - return NULL; - } - - dup =3D g_malloc(n + 1); - for (i =3D 0; i < n && (dup[i] =3D s[i]); i++) ; - dup[i] =3D 0; - return dup; -} - -char *g_strdup_printf(const char *format, ...) -{ - char ch, *s; - size_t len; - - __coverity_string_null_sink__(format); - __coverity_string_size_sink__(format); - - ch =3D *format; - - s =3D __coverity_alloc_nosize__(); - __coverity_writeall__(s); - __coverity_mark_as_afm_allocated__(s, AFM_free); - return s; -} - -char *g_strdup_vprintf(const char *format, va_list ap) -{ - char ch, *s; - size_t len; - - __coverity_string_null_sink__(format); - __coverity_string_size_sink__(format); - - ch =3D *format; - - s =3D __coverity_alloc_nosize__(); - __coverity_writeall__(s); - __coverity_mark_as_afm_allocated__(s, AFM_free); - - return len; -} - -char *g_strconcat(const char *s, ...) -{ - char *s; - - /* - * Can't model: last argument must be null, the others - * null-terminated strings - */ - - s =3D __coverity_alloc_nosize__(); - __coverity_writeall__(s); - __coverity_mark_as_afm_allocated__(s, AFM_free); - return s; -} - /* Other glib functions */ =20 typedef struct pollfd GPollFD; --=20 2.31.1 From nobody Fri May 10 18:25:36 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1627713064016181.55467195941856; Fri, 30 Jul 2021 23:31:04 -0700 (PDT) Received: from localhost ([::1]:34364 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m9iWV-0003s9-0u for importer@patchew.org; Sat, 31 Jul 2021 02:31:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49638) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m9iTN-000538-0M for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:49 -0400 Received: from mail-ej1-x631.google.com ([2a00:1450:4864:20::631]:43635) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m9iTL-0001GZ-Bi for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:48 -0400 Received: by mail-ej1-x631.google.com with SMTP id hw6so6970706ejc.10 for ; Fri, 30 Jul 2021 23:27:46 -0700 (PDT) Received: from avogadro.redhat.com ([2001:b07:6468:f312:63a7:c72e:ea0e:6045]) by smtp.gmail.com with ESMTPSA id b25sm1766116edv.9.2021.07.30.23.27.45 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Jul 2021 23:27:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=0w/cTVHey5w4upyorSaSfdFgQW9Muy6hj86ofEeuDqQ=; b=t4TKSLmPd926Yl+5Mbtvq+YoN90n0oEYRfOhI5ZNkkLoaW+NfjXKBGKjFN1fsdQEE6 jdpgpdjAP0uug2wWvHyExmJyLkguGJe1q8IZOOEiYiOdRNddpVCZp4o7k7j+BRDccX6J arlyRogGRagDvrI/mNtvGNb6q5mqNaxojBdy9BqRdldStTqywfC0fR5D0Ue6d0jXLORp tzfcueUYxtzJzP3pyY76pvN5Zt9w0ZiLK9SvpT39cYl4puVYgGdIG8fHq38L9J12P+TB kElaqBZZiTm3nB14TF0Q5ONaKi0U2U9y05AdbH4Wh0sIJZhkg2UMcwtfJxLugOhhWfL3 LxvQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=0w/cTVHey5w4upyorSaSfdFgQW9Muy6hj86ofEeuDqQ=; b=WRuVIiEv4Ae+LVB1Dph3PP5qqJg0lS/ItfKmy6rGVwlutHivpbOxfhrqh9yThaZ9Bv qppZRuR5Ymcax2p4Z8CIVZdFBwCYLPwG4fOV041Uy63tSSIUdmnZF5JUJfbeAe/I9MS8 VUv+IaakNSDzfXVT+zPQrS3n77ub4OKJHbAEHEFkvua5supk/vU666uaMLB3CZIoRxCl du5JvNzSLG3xPRsIDHk+3JBGAURmSvJsPNHBFBvgE5AM2kBqUvDcy+hIIpuWqqaGlaMg ZiThTxzpBSfLChsHro6uOIhO7DznJmYOSIUtY0aQk4M+c+gNTTFcoUyxU1Vvwx7G9pya RZNw== X-Gm-Message-State: AOAM532y6Goy5dp3MsCOIScJxsZvCiGT6DwkcGfBOECUhHVnZvZ36m+n fd3PjK1MPDR3r8vPBTmCuBeidAbfxhcAfg== X-Google-Smtp-Source: ABdhPJyvdxWSrom7kQkHaXN/hjlXeSQj1P15/sSEYHrrx1SFeOAm/bH4LEQmZkAzvTlyprdW0ha34Q== X-Received: by 2002:a17:907:1b29:: with SMTP id mp41mr6274853ejc.459.1627712865934; Fri, 30 Jul 2021 23:27:45 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PATCH 4/6] coverity-model: clean up the models for array allocation functions Date: Sat, 31 Jul 2021 08:27:39 +0200 Message-Id: <20210731062741.301102-5-pbonzini@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210731062741.301102-1-pbonzini@redhat.com> References: <20210731062741.301102-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::631; envelope-from=paolo.bonzini@gmail.com; helo=mail-ej1-x631.google.com X-Spam_score_int: -14 X-Spam_score: -1.5 X-Spam_bar: - X-Spam_report: (-1.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1627713064777100001 Content-Type: text/plain; charset="utf-8" sz is only used in one place, so replace it with nmemb * size in that one place. Signed-off-by: Paolo Bonzini Reviewed-by: Peter Maydell --- scripts/coverity-scan/model.c | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c index 1a5f39d2ae..2d384bdd79 100644 --- a/scripts/coverity-scan/model.c +++ b/scripts/coverity-scan/model.c @@ -178,13 +178,11 @@ uint8_t replay_get_byte(void) =20 void *g_malloc_n(size_t nmemb, size_t size) { - size_t sz; void *ptr; =20 __coverity_negative_sink__(nmemb); __coverity_negative_sink__(size); - sz =3D nmemb * size; - ptr =3D __coverity_alloc__(sz); + ptr =3D __coverity_alloc__(nmemb * size); __coverity_mark_as_uninitialized_buffer__(ptr); __coverity_mark_as_afm_allocated__(ptr, AFM_free); return ptr; @@ -192,13 +190,11 @@ void *g_malloc_n(size_t nmemb, size_t size) =20 void *g_malloc0_n(size_t nmemb, size_t size) { - size_t sz; void *ptr; =20 __coverity_negative_sink__(nmemb); __coverity_negative_sink__(size); - sz =3D nmemb * size; - ptr =3D __coverity_alloc__(sz); + ptr =3D __coverity_alloc__(nmemb * size); __coverity_writeall0__(ptr); __coverity_mark_as_afm_allocated__(ptr, AFM_free); return ptr; @@ -206,13 +202,10 @@ void *g_malloc0_n(size_t nmemb, size_t size) =20 void *g_realloc_n(void *ptr, size_t nmemb, size_t size) { - size_t sz; - __coverity_negative_sink__(nmemb); __coverity_negative_sink__(size); - sz =3D nmemb * size; __coverity_escape__(ptr); - ptr =3D __coverity_alloc__(sz); + ptr =3D __coverity_alloc__(nmemb * size); /* * Memory beyond the old size isn't actually initialized. Can't * model that. See Coverity's realloc() model --=20 2.31.1 From nobody Fri May 10 18:25:36 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 162771306924822.93863972975339; Fri, 30 Jul 2021 23:31:09 -0700 (PDT) Received: from localhost ([::1]:34654 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m9iWa-00044H-5r for importer@patchew.org; Sat, 31 Jul 2021 02:31:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49650) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m9iTP-0005BZ-Qs for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:51 -0400 Received: from mail-ed1-x52a.google.com ([2a00:1450:4864:20::52a]:34347) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m9iTM-0001Ht-0E for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:51 -0400 Received: by mail-ed1-x52a.google.com with SMTP id v20so2399023eda.1 for ; Fri, 30 Jul 2021 23:27:47 -0700 (PDT) Received: from avogadro.redhat.com ([2001:b07:6468:f312:63a7:c72e:ea0e:6045]) by smtp.gmail.com with ESMTPSA id b25sm1766116edv.9.2021.07.30.23.27.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Jul 2021 23:27:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=KB5cV0NikdfkiBGJyhuIIvWdyJWHTJa73ThUZLg8tio=; b=Y7I+0QnVPkmknxFVdPIFcPf93SllDI7mdllk22cI7Ifd7YI8Xohkb1eOxXh9Y5XaOt 1y8jhjFviV2e2qT/2+2w7y2OnohzZ8dNSVAl/oRw8AMiobh+jT33/YbcaMG9pkD77dQX oiEbdgJPwj8C3Rhc4czItqhcOMDKxxCRMbvOOOvdTlw6Fd2KcEW/kOwviaCQd7PjhZFP NM/DdZkY4ylomOpxDSWOLqhk7uluK6NT4DMUD9uFq/e7feNIx84FWF5Sfu4fkFC2Ktbs bkTBimHxzuYf/RcKAQBaKvDz1xuGMzvuVi4QkD5r/O0HGdCe4+ZcLCADjUE7Tzm8hkrq EMsA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=KB5cV0NikdfkiBGJyhuIIvWdyJWHTJa73ThUZLg8tio=; b=Svnkj136cAKOZlykuB9ErFg4Dn/wCySQ9QbgDzzCoYf1F4o1jiAT2oiv+sQ2O7If3u aEGfErL9EINxgq+apCmmETncopaMaEv4qEBuxgEDMp87WPzg7L2p0neFsfyQLzdc7a7G 0eYs9WXkuoaMawkSgmlNNo5BySza0ZB7qWQv2kDIlrJiTOebhkebjSt5Wg7DGYJx61FN ZaAeRWvikIzN8p3qON/cIW60RlAaoG09CcgTq19Ku0XYrhMSO2JGNCEW+WH/trLv5hiG xRSftJASY5G6kT+IqxTBN7vi8LVr76zSqZyzvsdbu4OpGIEqEAaRUNQYnU8DKoW+nBYh lgTg== X-Gm-Message-State: AOAM530KM/yQT6yXP98mMHhF7PW57kCjSqojT2yYOlP6LYoYi0RERHCk 13sVN8B8MRRZ27e7PLbnDIkoPSFfxMgWtw== X-Google-Smtp-Source: ABdhPJyf44RC0IAsj1PZNY3s4b0lGtAiJ9IMczpEhfwXOTzxQLtolzXYo6GXvCGT3z1Tnpx8ZJvpew== X-Received: by 2002:a50:f1d8:: with SMTP id y24mr7520047edl.275.1627712866717; Fri, 30 Jul 2021 23:27:46 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PATCH 5/6] coverity-model: constrain g_malloc/g_malloc0/g_realloc as never returning NULL Date: Sat, 31 Jul 2021 08:27:40 +0200 Message-Id: <20210731062741.301102-6-pbonzini@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210731062741.301102-1-pbonzini@redhat.com> References: <20210731062741.301102-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::52a; envelope-from=paolo.bonzini@gmail.com; helo=mail-ed1-x52a.google.com X-Spam_score_int: -14 X-Spam_score: -1.5 X-Spam_bar: - X-Spam_report: (-1.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1627713070967100001 Content-Type: text/plain; charset="utf-8" g_malloc/g_malloc0/g_realloc only return NULL if the size is 0; we do not n= eed to cover that in the model, and so far have expected __coverity_alloc__ to model a non-NULL return value. But that apparently does not work anymore, so add some extra conditionals that invoke __coverity_panic__ for NULL pointers. Signed-off-by: Paolo Bonzini Reviewed-by: Peter Maydell --- scripts/coverity-scan/model.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c index 2d384bdd79..028f13e9e3 100644 --- a/scripts/coverity-scan/model.c +++ b/scripts/coverity-scan/model.c @@ -183,6 +183,9 @@ void *g_malloc_n(size_t nmemb, size_t size) __coverity_negative_sink__(nmemb); __coverity_negative_sink__(size); ptr =3D __coverity_alloc__(nmemb * size); + if (!ptr) { + __coverity_panic__(); + } __coverity_mark_as_uninitialized_buffer__(ptr); __coverity_mark_as_afm_allocated__(ptr, AFM_free); return ptr; @@ -195,6 +198,9 @@ void *g_malloc0_n(size_t nmemb, size_t size) __coverity_negative_sink__(nmemb); __coverity_negative_sink__(size); ptr =3D __coverity_alloc__(nmemb * size); + if (!ptr) { + __coverity_panic__(); + } __coverity_writeall0__(ptr); __coverity_mark_as_afm_allocated__(ptr, AFM_free); return ptr; @@ -206,6 +212,9 @@ void *g_realloc_n(void *ptr, size_t nmemb, size_t size) __coverity_negative_sink__(size); __coverity_escape__(ptr); ptr =3D __coverity_alloc__(nmemb * size); + if (!ptr) { + __coverity_panic__(); + } /* * Memory beyond the old size isn't actually initialized. Can't * model that. See Coverity's realloc() model --=20 2.31.1 From nobody Fri May 10 18:25:36 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1627713188765550.4600007739856; Fri, 30 Jul 2021 23:33:08 -0700 (PDT) Received: from localhost ([::1]:37982 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1m9iYV-0006S2-Pa for importer@patchew.org; Sat, 31 Jul 2021 02:33:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:49648) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1m9iTO-00056p-7P for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:50 -0400 Received: from mail-ej1-x62e.google.com ([2a00:1450:4864:20::62e]:35589) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1m9iTM-0001I7-Py for qemu-devel@nongnu.org; Sat, 31 Jul 2021 02:27:49 -0400 Received: by mail-ej1-x62e.google.com with SMTP id o5so20910373ejy.2 for ; Fri, 30 Jul 2021 23:27:48 -0700 (PDT) Received: from avogadro.redhat.com ([2001:b07:6468:f312:63a7:c72e:ea0e:6045]) by smtp.gmail.com with ESMTPSA id b25sm1766116edv.9.2021.07.30.23.27.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 30 Jul 2021 23:27:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=sender:from:to:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=302wxsTGGjRjbdAcJ8/o1znsZMnOFR8XXZjoCZCtdac=; b=HJQrxrbto/SGg587KewyUS8n7vzc1iGhHtJD3ubokGObUUWiCVEcesYAD9rsagXFyw vrTVp0mLU9d6ec0xjg+8i0N9rYJpuCLDUCb5lhdhLPK3NBk5gAKtEt/q13/lgS9LPRVP 5FZMu282Zn132Z7rIXXxA8uvs+6yn9Irg7t7+AkcIN5mN6urozXPKsuQ2AhvUB2sjTce A0nA+cWch41BFiwfAw5M86yNJ74sDSInD9LT778e2ILosfbAD2e/ra3S1CZXHSjiD2hN 9yiJFyo1w23/MFiO3n+0SutYuD+my/KZD7mR2BzliSweoo/2u/T5rS1W83RklCd7wxBb B6WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:from:to:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; bh=302wxsTGGjRjbdAcJ8/o1znsZMnOFR8XXZjoCZCtdac=; b=s1FKZKyhH3InEaPVVdfEZMPrmyYYj4VRsU8jPZMSRuCIYgRCUM8CSdR+v+i+NNq6u8 +3rRHlh9njL+F7Ai7ObCw9twMbPOAbqokzz5Y8qh09GOpyKVVjjKc4rTPq5WZaPlTMxm rqe8KRuACmb3lBAzEbHG7csX8HeQ1abdQ6TeZU8rE9LC65ZLZwg4sTBFRqsvpRR8R9lS LLIwGeKzSBDx+r4V3UhbZrp6ISBuHhXRKWp/TsBDaA1i9cW+1WcXL2JongxwrzzAdSTu OlXYtm9KJ4PfkUSJo1FjiWW5YtPjWPtIedmcpsc5VavYNeXbHw6Ccn5nJxBXR/YoAUUN 3rSg== X-Gm-Message-State: AOAM531pth9xTR0F6XbHNOUX+JUp/vrcxe3NH0s+a1GKtt9qaO/9TuSO LUUgjFVzP+u+WvzuHMJSxaS9aB/2U5LMZw== X-Google-Smtp-Source: ABdhPJzPhJgUHeoBLB46/FHOuzIrTACM/WPv82LD2kQd0arleBpHHBdvh0p0MhiOjrLOkbBB7jMFew== X-Received: by 2002:a17:906:1355:: with SMTP id x21mr6345483ejb.490.1627712867472; Fri, 30 Jul 2021 23:27:47 -0700 (PDT) From: Paolo Bonzini To: qemu-devel@nongnu.org Subject: [PATCH 6/6] coverity-model: write models fully for non-array allocation functions Date: Sat, 31 Jul 2021 08:27:41 +0200 Message-Id: <20210731062741.301102-7-pbonzini@redhat.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210731062741.301102-1-pbonzini@redhat.com> References: <20210731062741.301102-1-pbonzini@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2a00:1450:4864:20::62e; envelope-from=paolo.bonzini@gmail.com; helo=mail-ej1-x62e.google.com X-Spam_score_int: -14 X-Spam_score: -1.5 X-Spam_bar: - X-Spam_report: (-1.5 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.248, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1627713190792100001 Content-Type: text/plain; charset="utf-8" Coverity seems to have issues figuring out the properties of g_malloc0 and other non *_n functions. While this was "fixed" by removing the custom second argument to __coverity_mark_as_afm_allocated__, inline the code from the array-based allocation functions to avoid future issues. Signed-off-by: Paolo Bonzini Reviewed-by: Peter Maydell --- scripts/coverity-scan/model.c | 57 +++++++++++++++++++++++++++++++---- 1 file changed, 51 insertions(+), 6 deletions(-) diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c index 028f13e9e3..9d4fba53d9 100644 --- a/scripts/coverity-scan/model.c +++ b/scripts/coverity-scan/model.c @@ -269,32 +269,77 @@ void *g_try_realloc_n(void *ptr, size_t nmemb, size_t= size) =20 void *g_malloc(size_t size) { - return g_malloc_n(1, size); + void *ptr; + + __coverity_negative_sink__(size); + ptr =3D __coverity_alloc__(size); + if (!ptr) { + __coverity_panic__(); + } + __coverity_mark_as_uninitialized_buffer__(ptr); + __coverity_mark_as_afm_allocated__(ptr, AFM_free); + return ptr; } =20 void *g_malloc0(size_t size) { - return g_malloc0_n(1, size); + void *ptr; + + __coverity_negative_sink__(size); + ptr =3D __coverity_alloc__(size); + if (!ptr) { + __coverity_panic__(); + } + __coverity_writeall0__(ptr); + __coverity_mark_as_afm_allocated__(ptr, AFM_free); + return ptr; } =20 void *g_realloc(void *ptr, size_t size) { - return g_realloc_n(ptr, 1, size); + __coverity_negative_sink__(size); + __coverity_escape__(ptr); + ptr =3D __coverity_alloc__(size); + if (!ptr) { + __coverity_panic__(); + } + /* + * Memory beyond the old size isn't actually initialized. Can't + * model that. See Coverity's realloc() model + */ + __coverity_writeall__(ptr); + __coverity_mark_as_afm_allocated__(ptr, AFM_free); + return ptr; } =20 void *g_try_malloc(size_t size) { - return g_try_malloc_n(1, size); + int nomem; + + if (nomem) { + return NULL; + } + return g_malloc(size); } =20 void *g_try_malloc0(size_t size) { - return g_try_malloc0_n(1, size); + int nomem; + + if (nomem) { + return NULL; + } + return g_malloc0(size); } =20 void *g_try_realloc(void *ptr, size_t size) { - return g_try_realloc_n(ptr, 1, size); + int nomem; + + if (nomem) { + return NULL; + } + return g_realloc(ptr, size); } =20 /* Other glib functions */ --=20 2.31.1