On 03/19/2014 10:52 AM, Paolo Bonzini wrote: > This is the model file that is being used for the QEMU project's scans > on scan.coverity.com. It fixed about 30 false positives (10% of the > total) and exposed about 60 new memory leaks. > > The file is not automatically used; changes to it must be propagated > to the website manually by an admin (right now Markus, Peter and me > are admins). > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> > > Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
Double S-o-B looks odd.
> + *
> + * Copyright (C) 2014 Red Hat, Inc.
> + *
> + * Authors:
> + * Markus Armbruster <arm...@redhat.com>
> + * Paolo Bonzini <pbonz...@redhat.com>
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or, at
> your
> + * option, any later version. See the COPYING file in the top-level
> directory.
Aren't the license and authors blurbs usually in the other order?
> +
> +#define NULL (void *)0
Missing ()
> +#define assert(x) if (!(x)) __coverity_panic__();
Will this break any 'if () assert(); else {}' blocks? Obviously, such
blocks already violate coding convention, but you might as well make
this definition safe to use for older code.
> +
> +static void __write(uint8_t *buf, int len)
Will the fact that you used 'int len' instead of 'size_t' bite us on 32-
vs. 64-bit? Same for __read.
> +void *
> +g_malloc0 (size_t n_bytes)
> +{
> + void *mem;
> + __coverity_negative_sink__((ssize_t) n_bytes);
> + mem = calloc(1, n_bytes == 0 ? 1 : n_bytes);
> + if (!mem) __coverity_panic__ ();
Is it worth being consistent on spacing before (?
> +void g_free (void *mem)
> +{
> + if (mem) {
> + free(mem);
> + }
Doesn't coverity already know that free(NULL) is a no-op, without you
having to repeat it?
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
