[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH for-4.15 5/5] tools/xenstored: Silence coverity when using xs_state_* structures



On 26.02.21 09:57, Julien Grall wrote:
Hi Juergen,

On 26/02/2021 07:10, Jürgen Groß wrote:
On 25.02.21 18:41, Julien Grall wrote:
From: Julien Grall <jgrall@xxxxxxxxxx>

Coverity will report unitialized values for every use of xs_state_*
structures in the save part. This can be prevented by using the [0]
rather than [] to define variable length array.

Coverity-ID: 1472398
Coverity-ID: 1472397
Coverity-ID: 1472396
Coverity-ID: 1472395
Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>

Sorry, but Coverity is clearly wrong here.
I saw what Andrew wrote but neither of you really provided enough information to infer the same. Care to provide more details?


Should we really modify our code to work around bugs in external
static code analyzers?

I don't think it is OK to have 866 issues (and counting) and keep ignoring them because Coverity may be wrong. We should fix them one way or another. If this means telling Coverity they are reporting false positive, then fine.

But for that, I first needs a bit more details why they are clearly wrong.

Lets put it this way: why is a[0] not critical, but a[] is?

Semantically there is no difference, so Coverity MUST be wrong in
some way (either a[] is really not critical, or a[0] should be
critical).

Juergen

Attachment: OpenPGP_0xB0DE9DD628BF132F.asc
Description: application/pgp-keys

Attachment: OpenPGP_signature
Description: OpenPGP digital signature


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.