[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-trivial] [Qemu-devel] [PATCH v2] scripts: add sample model fil
From: |
Eric Blake |
Subject: |
Re: [Qemu-trivial] [Qemu-devel] [PATCH v2] scripts: add sample model file for Coverity Scan |
Date: |
Wed, 19 Mar 2014 11:32:39 -0600 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 |
On 03/19/2014 10:52 AM, Paolo Bonzini wrote:
> This is the model file that is being used for the QEMU project's scans
> on scan.coverity.com. It fixed about 30 false positives (10% of the
> total) and exposed about 60 new memory leaks.
>
> The file is not automatically used; changes to it must be propagated
> to the website manually by an admin (right now Markus, Peter and me
> are admins).
>
> Signed-off-by: Paolo Bonzini <address@hidden>
>
> Signed-off-by: Paolo Bonzini <address@hidden>
Double S-o-B looks odd.
> + *
> + * Copyright (C) 2014 Red Hat, Inc.
> + *
> + * Authors:
> + * Markus Armbruster <address@hidden>
> + * Paolo Bonzini <address@hidden>
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or, at
> your
> + * option, any later version. See the COPYING file in the top-level
> directory.
Aren't the license and authors blurbs usually in the other order?
> +
> +#define NULL (void *)0
Missing ()
> +#define assert(x) if (!(x)) __coverity_panic__();
Will this break any 'if () assert(); else {}' blocks? Obviously, such
blocks already violate coding convention, but you might as well make
this definition safe to use for older code.
> +
> +static void __write(uint8_t *buf, int len)
Will the fact that you used 'int len' instead of 'size_t' bite us on 32-
vs. 64-bit? Same for __read.
> +void *
> +g_malloc0 (size_t n_bytes)
> +{
> + void *mem;
> + __coverity_negative_sink__((ssize_t) n_bytes);
> + mem = calloc(1, n_bytes == 0 ? 1 : n_bytes);
> + if (!mem) __coverity_panic__ ();
Is it worth being consistent on spacing before (?
> +void g_free (void *mem)
> +{
> + if (mem) {
> + free(mem);
> + }
Doesn't coverity already know that free(NULL) is a no-op, without you
having to repeat it?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
Re: [Qemu-trivial] [Qemu-devel] [PATCH v2] scripts: add sample model file for Coverity Scan, Markus Armbruster, 2014/03/20