Am 13.07.2019 um 21:42 schrieb Paolo Bonzini: > On 13/07/19 19:46, Stefan Weil wrote: >> LGTM reports 16 errors, 81 warnings and 119 recommendations: >> https://lgtm.com/projects/g/qemu/qemu/alerts/?mode=list. >> >> Some of them are already known (wrong format strings), others look like >> real errors: >> >> - several multiplication results which don't work as they should in >> contrib/vhost-user-gpu, block/* (m->nb_clusters * s->cluster_size only >> 32 bit!), target/i386/translate.c and other files > m->nb_clusters here is limited by s->l2_slice_size (see for example > handle_alloc) so I wouldn't be surprised if this is a false positive. I > couldn't find this particular multiplication in Coverity, but it has > about 250 issues marked as intentional or false positive so there's > probably a lot of overlap with what LGTM found. > > Paolo
>From other projects I know that there is a certain overlap between the results from Coverity Scan an LGTM, but it is good to have both analyzers, and the results from LGTM are typically quite reliable. Even if we know that there is no multiplication overflow, the code could be modified. Either the assigned value should use the same data type as the factors (possible when there is never an overflow, avoids a size extension), or the multiplication could use the larger data type by adding a type cast to one of the factors (then an overflow cannot happen, static code analysers and human reviewers have an easier job, but the multiplication costs more time). Stefan
