qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Can we make better use of Coverity?


From: Paolo Bonzini
Subject: Re: [Qemu-devel] Can we make better use of Coverity?
Date: Wed, 21 Jan 2015 17:22:36 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0


On 21/01/2015 17:05, Markus Armbruster wrote:
>>> >> What do you mean by "a GLib model"?  scripts/coverity-model.c?
>> >
>> > Yes.  It models g_malloc0 in a way that avoids a lot of false positives,
>> > but still is able to flag leaks.
> Understood.  It's hugely better than nothing,

Yes, I think between false positives and false negatives it affected
over 100 defects.

> but it still can't make
> Coverity see many relevant facts like GLib functions returning newly
> allocated storage.  For that, you have to throw in a derived model, like
> I do.  Unfortunately, the Scan service seems unable to do that.

Right.  You can also model the functions manually, like we do for
g_io_channel_unix_new:

typedef struct _GIOChannel GIOChannel;
GIOChannel *g_io_channel_unix_new(int fd)
{
    GIOChannel *c = g_malloc0(sizeof(GIOChannel));
    __coverity_escape__(fd);
    return c;
}

(This was done because of false positives when Coverity thought that fd
would leak at end of scope).

If you know some offenders which did cause us to leak memory in the
past, please do submit a patch to scripts/coverity-model.c.

BTW, thanks for starting this thread.  We already have like 6 new users
who will be able to see the defects and fix them!  That alone is very
much worthy!

Paolo



reply via email to

[Prev in Thread] Current Thread [Next in Thread]