[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.15 5/5] tools/xenstored: Silence coverity when using xs_state_* structures

To: Julien Grall <julien@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Jürgen Groß <jgross@xxxxxxxx>
Date: Fri, 26 Feb 2021 10:15:05 +0100
Cc: raphning@xxxxxxxxxxxx, iwj@xxxxxxxxxxxxxx, Julien Grall <jgrall@xxxxxxxxxx>, Wei Liu <wl@xxxxxxx>, "Manthey, Norbert" <nmanthey@xxxxxxxxx>
Delivery-date: Fri, 26 Feb 2021 09:15:09 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 26.02.21 09:57, Julien Grall wrote:

Hi Juergen,

On 26/02/2021 07:10, Jürgen Groß wrote:
On 25.02.21 18:41, Julien Grall wrote:
From: Julien Grall <jgrall@xxxxxxxxxx>

Coverity will report unitialized values for every use of xs_state_*
structures in the save part. This can be prevented by using the [0]
rather than [] to define variable length array.

Coverity-ID: 1472398
Coverity-ID: 1472397
Coverity-ID: 1472396
Coverity-ID: 1472395
Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
Sorry, but Coverity is clearly wrong here.
I saw what Andrew wrote but neither of you really provided enoughinformation to infer the same. Care to provide more details?
Should we really modify our code to work around bugs in external
static code analyzers?
I don't think it is OK to have 866 issues (and counting) and keepignoring them because Coverity may be wrong. We should fix them one wayor another. If this means telling Coverity they are reporting falsepositive, then fine.
But for that, I first needs a bit more details why they are clearly wrong.


Lets put it this way: why is a[0] not critical, but a[] is?

Semantically there is no difference, so Coverity MUST be wrong in
some way (either a[] is really not critical, or a[0] should be
critical).

Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: application/pgp-keys

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

References:
- [PATCH for-4.15 0/5] xenstore: Address coverity issues in the LiveUpdate code
  - From: Julien Grall
- [PATCH for-4.15 5/5] tools/xenstored: Silence coverity when using xs_state_* structures
  - From: Julien Grall
- Re: [PATCH for-4.15 5/5] tools/xenstored: Silence coverity when using xs_state_* structures
  - From: Jürgen Groß
- Re: [PATCH for-4.15 5/5] tools/xenstored: Silence coverity when using xs_state_* structures
  - From: Julien Grall

Prev by Date: Re: [PATCH for-4.15 1/3] hvmloader: do not include inttypes.h
Next by Date: [linux-linus test] 159685: regressions - FAIL
Previous by thread: Re: [PATCH for-4.15 5/5] tools/xenstored: Silence coverity when using xs_state_* structures
Next by thread: [PATCH for-4.15 0/5] xenstore: Address coverity issues in the LiveUpdate code
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.