I believe the ARM ones are bogus (although some could be clearer and
simulataneously clear some of the warnings):
Error: DEADCODE: *** IFDEF dependent
hw/arm_gic.c:409:
dead_error_condition: On this path, the condition "irq < 16" cannot be true.
*** ifdef'd - only true if NVIC defined
hw/arm_gic.c:407:
between: After this line, the value of "irq" is between 32 and 95.
hw/arm_gic.c:406:
assignment: Assigning: "irq" = "(offset - 256U) * 8U + 32U".
hw/arm_gic.c:407:
new_values: Noticing condition "irq >= 96".
hw/arm_gic.c:391:
new_values: Noticing condition "offset < 256U".
hw/arm_gic.c:410:
dead_error_line: Execution cannot reach this statement "value = 255U;".
Error: DEADCODE: *** IFDEF dependent on NVIC
hw/arm_gic.c:434:
dead_error_condition: On this path, the condition "irq < 16" cannot be true.
hw/arm_gic.c:432:
between: After this line, the value of "irq" is between 32 and 95.
hw/arm_gic.c:431:
assignment: Assigning: "irq" = "(offset - 384U) * 8U + 32U".
hw/arm_gic.c:432:
new_values: Noticing condition "irq >= 96".
hw/arm_gic.c:391:
new_values: Noticing condition "offset < 256U".
hw/arm_gic.c:435:
dead_error_line: Execution cannot reach this statement "value = 0U;".
Error: DEADCODE: *** IFDEF dependent on NVIC
hw/arm_gic.c:451:
dead_error_condition: On this path, the condition "irq < 16" cannot be true.
hw/arm_gic.c:449:
between: After this line, the value of "irq" is between 32 and 95.
hw/arm_gic.c:448:
assignment: Assigning: "irq" = "(offset - 512U) * 8U + 32U".
hw/arm_gic.c:449:
new_values: Noticing condition "irq >= 96".
hw/arm_gic.c:391:
new_values: Noticing condition "offset < 256U".
hw/arm_gic.c:452:
dead_error_line: Execution cannot reach this statement "irq = 0;".
Error: DEADCODE: *** IFDEF depedent on NVIC
hw/arm_gic.c:480:
dead_error_condition: On this path, the condition "irq < 32" cannot be true.
hw/arm_gic.c:478:
between: After this line, the value of "irq" is between 32 and 95.
hw/arm_gic.c:477:
assignment: Assigning: "irq" = "offset - 1024U + 32U".
hw/arm_gic.c:478:
new_values: Noticing condition "irq >= 96".
hw/arm_gic.c:472:
new_values: Noticing condition "offset < 1024U".
hw/arm_gic.c:481:
dead_error_line: Execution cannot reach this statement "s->priority1[irq][cpu]
= va...".
Error: DEADCODE: *** Set in ifdef 0'd path
arm-dis.c:4012:
dead_error_condition: On this path, the condition "is_data" cannot be true.
arm-dis.c:3874:
const: After this line, the value of "is_data" is equal to 0.
arm-dis.c:3874:
assignment: Assigning: "is_data" = "0".
arm-dis.c:4014:
dead_error_begin: Execution cannot reach this statement "int i;".
Error: NEGATIVE_RETURNS: *** I think the -1 value triggers the increment on
line 9957 so it isn't -ve as an index
target-arm/translate.c:9873:
var_tested_neg: Assigning: "lj" = a negative value.
target-arm/translate.c:9961:
negative_returns: Using variable "lj" as an index to array "gen_opc_pc".
Error: OVERRUN_STATIC: *** Safe because irq%8 always =0 and GIC_NIRQ divisible
by 8 (but would be better to do irq+8 > GIC_NIRQ
hw/arm_gic.c:274:
assignment: Assigning: "irq" = "(offset - 256U) * 8U".
hw/arm_gic.c:277:
assignment: Assigning: "irq" = "irq += 0".
hw/arm_gic.c:282:
overrun-local: Overrunning static array "s->irq_state", with 96 elements, at
position 96 with index variable "irq + i".
Error: OVERRUN_STATIC:
hw/arm_gic.c:235: *** Don't think so, at that point we know array value !=1023
and array value == irq, so irq can't be 1023
overrun-local: Overrunning static array "s->last_active", with 96 elements, at
position 1023 with index variable "irq".
Error: OVERRUN_STATIC:
hw/arm_gic.c:235:*** Don't think so, at that point we know array value !=1023
and array value == irq, so irq can't be 1023
overrun-local: Overrunning static array "s->last_active", with 96 elements, at
position 1023 with index variable "irq".
Error: OVERRUN_STATIC:
hw/arm_gic.c:461: *** Safe because irq%8=0, and GIC_NIRQ divisibly by 8 (again
safer to do irq+8 > GIC_NIRQ)
assignment: Assigning: "irq" = "(offset - 640U) * 8U + 0U".
hw/arm_gic.c:469:
overrun-local: Overrunning static array "s->irq_state", with 96 elements, at
position 96 with index variable "irq + i".
Error: OVERRUN_STATIC:
hw/arm_gic.c:235: *** Same as case above???
overrun-local: Overrunning static array "s->last_active", with 96 elements, at
position 1023 with index variable "irq".
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/887883
Title:
Coverity scan revealed defects
Status in QEMU:
New
Bug description:
Coverity scan detected some issues such as RESOURCE_LEAK and
REVERSE_INULL etc on qemu-1.0rc1:
Analysis summary report:
------------------------
Files analyzed : 830
Total LoC input to cov-analyze : 576549
Functions analyzed : 20721
Paths analyzed : 858376
New defects found : 428 Total
2 ARRAY_VS_SINGLETON
9 CHECKED_RETURN
19 CONSTANT_EXPRESSION_RESULT
60 DEADCODE
43 FORWARD_NULL
14 INFINITE_LOOP
36 MISSING_BREAK
3 MISSING_LOCK
47 NEGATIVE_RETURNS
1 NO_EFFECT
11 NULL_RETURNS
51 OVERRUN_STATIC
1 RESOURCE_LEAK
79 REVERSE_INULL
20 SIGN_EXTENSION
7 SIZEOF_MISMATCH
15 UNINIT
5 UNREACHABLE
2 UNUSED_VALUE
3 USE_AFTER_FREE
For details, please see attachment.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/887883/+subscriptions
