[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 9d7a4c: coverity: Improve model for GLib memo
From: |
GitHub |
Subject: |
[Qemu-commits] [qemu/qemu] 9d7a4c: coverity: Improve model for GLib memory allocation |
Date: |
Thu, 05 Feb 2015 09:30:10 -0800 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 9d7a4c6690ef9962a3b20034f65008f1ea15c1d6
https://github.com/qemu/qemu/commit/9d7a4c6690ef9962a3b20034f65008f1ea15c1d6
Author: Markus Armbruster <address@hidden>
Date: 2015-02-05 (Thu, 05 Feb 2015)
Changed paths:
M scripts/coverity-model.c
Log Message:
-----------
coverity: Improve model for GLib memory allocation
In current versions of GLib, g_new() may expand into g_malloc_n().
When it does, Coverity can't see the memory allocation, because we
don't model g_malloc_n(). Similarly for g_new0(), g_renew(),
g_try_new(), g_try_new0(), g_try_renew().
Model g_malloc_n(), g_malloc0_n(), g_realloc_n(). Model
g_try_malloc_n(), g_try_malloc0_n(), g_try_realloc_n() by adding
indeterminate out of memory conditions on top.
To avoid undue duplication, replace the existing models for g_malloc()
& friends by trivial wrappers around g_malloc_n() & friends.
In a local scan, this flags four additional RESOURCE_LEAKs and one
NULL_RETURNS.
The NULL_RETURNS is a false positive: Coverity can now see that
g_try_malloc(l1_sz * sizeof(uint64_t)) in
qcow2_check_metadata_overlap() may return NULL, but is too stupid to
recognize that a loop executing l1_sz times won't be entered then.
Three out of the four RESOURCE_LEAKs appear genuine. The false
positive is in ppce500_prep_device_tree(): the pointer dies, but a
pointer to a struct member escapes, and we get the pointer back for
freeing with container_of(). Too funky for Coverity.
Signed-off-by: Markus Armbruster <address@hidden>
Acked-by: Paolo Bonzini <address@hidden>
Commit: e4b77daa5724a9dd41aaa44d2dea4b8e92351081
https://github.com/qemu/qemu/commit/e4b77daa5724a9dd41aaa44d2dea4b8e92351081
Author: Markus Armbruster <address@hidden>
Date: 2015-02-05 (Thu, 05 Feb 2015)
Changed paths:
M scripts/coverity-model.c
Log Message:
-----------
coverity: Model GLib string allocation partially
Without a model, Coverity can't know that the result of g_strdup()
needs to be fed to g_free().
One way to get such a model is to scan GLib, build a derived model
file with cov-collect-models, and use that when scanning QEMU.
Unfortunately, the Coverity Scan service we use doesn't support that.
Thus, we're stuck with the other way: write a user model. Doing that
for all of GLib is hardly practical. I'm doing it for the "String
Utility Functions" we actually use that return dynamically allocated
strings.
In a local scan, this flags 20 additional RESOURCE_LEAKs. The ones I
checked look genuine.
It also loses a NULL_RETURNS about ppce500_init() using
qemu_find_file() without error checking. I don't understand why.
Signed-off-by: Markus Armbruster <address@hidden>
Acked-by: Paolo Bonzini <address@hidden>
Commit: 7ad4c7200111d20eb97eed4f46b6026e3f0b0eef
https://github.com/qemu/qemu/commit/7ad4c7200111d20eb97eed4f46b6026e3f0b0eef
Author: Markus Armbruster <address@hidden>
Date: 2015-02-05 (Thu, 05 Feb 2015)
Changed paths:
M scripts/coverity-model.c
Log Message:
-----------
coverity: Model g_free() isn't necessarily free()
Memory allocated with GLib needs to be freed with GLib. Freeing it
with free() instead of g_free() is a common error. Harmless when
g_free() is a trivial wrapper around free(), which is commonly the
case. But model the difference anyway.
In a local scan, this flags four ALLOC_FREE_MISMATCH. Requires
--enable ALLOC_FREE_MISMATCH, because the checker is still preview.
Signed-off-by: Markus Armbruster <address@hidden>
Acked-by: Paolo Bonzini <address@hidden>
Commit: 8c413e7902ef0c19ced516f575db989ccc3785f8
https://github.com/qemu/qemu/commit/8c413e7902ef0c19ced516f575db989ccc3785f8
Author: Markus Armbruster <address@hidden>
Date: 2015-02-05 (Thu, 05 Feb 2015)
Changed paths:
M MAINTAINERS
Log Message:
-----------
MAINTAINERS: Add myself as Coverity model maintainer
Suggested-by: Paolo Bonzini <address@hidden>
Signed-off-by: Markus Armbruster <address@hidden>
Commit: 651621b780515f35711c5d7305310ab1d241c7e2
https://github.com/qemu/qemu/commit/651621b780515f35711c5d7305310ab1d241c7e2
Author: Peter Maydell <address@hidden>
Date: 2015-02-05 (Thu, 05 Feb 2015)
Changed paths:
M MAINTAINERS
M scripts/coverity-model.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/armbru/tags/pull-cov-model-2015-02-05'
into staging
coverity: Improve and extend model
# gpg: Signature made Thu 05 Feb 2015 16:20:49 GMT using RSA key ID EB918653
# gpg: Good signature from "Markus Armbruster <address@hidden>"
# gpg: aka "Markus Armbruster <address@hidden>"
* remotes/armbru/tags/pull-cov-model-2015-02-05:
MAINTAINERS: Add myself as Coverity model maintainer
coverity: Model g_free() isn't necessarily free()
coverity: Model GLib string allocation partially
coverity: Improve model for GLib memory allocation
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/cd07b19307bd...651621b78051
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 9d7a4c: coverity: Improve model for GLib memory allocation,
GitHub <=