[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] qemu-coroutine-sleep: Silence Coverity warning
|
From: |
Peter Maydell |
|
Subject: |
Re: [PATCH] qemu-coroutine-sleep: Silence Coverity warning |
|
Date: |
Tue, 12 Nov 2019 10:50:55 +0000 |
On Tue, 12 Nov 2019 at 10:08, Vladimir Sementsov-Ogievskiy
<address@hidden> wrote:
>
> 11.11.2019 23:35, Eric Blake wrote:
> > Coverity warns that we store the address of a stack variable through a
> > pointer passed in by the caller, which would let the caller trivially
> > trigger use-after-free if that stored value is still present when we
> > finish execution. However, the way coroutines work is that after our
> > call to qemu_coroutine_yield(), control is temporarily continued in
> > the caller prior to our function concluding, and in order to resume
> > our coroutine, the caller must poll until the variable has been set to
> > NULL. Thus, we can add an assert that we do not leak stack storage to
> > the caller on function exit.
> >
> > Fixes: Coverity CID 1406474
>
> Hmm, I doubt that it will fix it.. Do Coverity pay attention to assertions?
Yes, it knows that an assertion means that the condition must
be true.
thanks
-- PMM