diff options
Diffstat (limited to 'results/classifier/118/review/887883')
| -rw-r--r-- | results/classifier/118/review/887883 | 238 |
1 files changed, 238 insertions, 0 deletions
diff --git a/results/classifier/118/review/887883 b/results/classifier/118/review/887883 new file mode 100644 index 000000000..b007b9c77 --- /dev/null +++ b/results/classifier/118/review/887883 @@ -0,0 +1,238 @@ +user-level: 0.904 +virtual: 0.832 +semantic: 0.829 +register: 0.824 +graphic: 0.823 +debug: 0.821 +permissions: 0.814 +assembly: 0.812 +architecture: 0.809 +socket: 0.806 +files: 0.802 +device: 0.801 +kernel: 0.799 +performance: 0.791 +arm: 0.787 +hypervisor: 0.782 +PID: 0.771 +mistranslation: 0.769 +network: 0.767 +peripherals: 0.751 +VMM: 0.741 +TCG: 0.734 +boot: 0.728 +vnc: 0.715 +i386: 0.696 +KVM: 0.688 +ppc: 0.675 +risc-v: 0.671 +x86: 0.655 +-------------------- +arm: 0.580 +debug: 0.096 +files: 0.063 +user-level: 0.045 +virtual: 0.034 +architecture: 0.022 +kernel: 0.020 +hypervisor: 0.019 +VMM: 0.018 +TCG: 0.014 +KVM: 0.010 +device: 0.010 +semantic: 0.009 +register: 0.009 +PID: 0.008 +performance: 0.007 +assembly: 0.006 +vnc: 0.005 +risc-v: 0.004 +peripherals: 0.004 +network: 0.004 +boot: 0.004 +socket: 0.003 +x86: 0.002 +graphic: 0.001 +mistranslation: 0.001 +i386: 0.001 +ppc: 0.001 +permissions: 0.001 + +Coverity scan revealed defects + +Coverity scan detected some issues such as RESOURCE_LEAK and REVERSE_INULL etc on qemu-1.0rc1: + +Analysis summary report: +------------------------ +Files analyzed : 830 +Total LoC input to cov-analyze : 576549 +Functions analyzed : 20721 +Paths analyzed : 858376 +New defects found : 428 Total + 2 ARRAY_VS_SINGLETON + 9 CHECKED_RETURN + 19 CONSTANT_EXPRESSION_RESULT + 60 DEADCODE + 43 FORWARD_NULL + 14 INFINITE_LOOP + 36 MISSING_BREAK + 3 MISSING_LOCK + 47 NEGATIVE_RETURNS + 1 NO_EFFECT + 11 NULL_RETURNS + 51 OVERRUN_STATIC + 1 RESOURCE_LEAK + 79 REVERSE_INULL + 20 SIGN_EXTENSION + 7 SIZEOF_MISMATCH + 15 UNINIT + 5 UNREACHABLE + 2 UNUSED_VALUE + 3 USE_AFTER_FREE + +For details, please see attachment. + + + +This is latest result on qemu-1.0-rc3, and I notice that 'RESOURCE_LEAK' is 10 now: + +Analysis summary report: +------------------------ +Files analyzed : 825 +Total LoC input to cov-analyze : 576887 +Functions analyzed : 20639 +Paths analyzed : 896645 +Defect occurrences found : 432 Total + 2 ARRAY_VS_SINGLETON + 4 ATOMICITY + 10 CHECKED_RETURN + 17 CONSTANT_EXPRESSION_RESULT + 62 DEADCODE + 42 FORWARD_NULL + 10 INFINITE_LOOP + 34 MISSING_BREAK + 1 MISSING_LOCK + 44 NEGATIVE_RETURNS + 10 NULL_RETURNS + 46 OVERRUN_STATIC + 10 RESOURCE_LEAK + 78 REVERSE_INULL + 1 REVERSE_NEGATIVE + 18 SIGN_EXTENSION + 7 SIZEOF_MISMATCH + 26 UNINIT + 5 UNREACHABLE + 2 UNUSED_VALUE + 3 USE_AFTER_FREE + +For details, please see attachment. + + + +I believe the ARM ones are bogus (although some could be clearer and simulataneously clear some of the warnings): + +Error: DEADCODE: *** IFDEF dependent +hw/arm_gic.c:409: +dead_error_condition: On this path, the condition "irq < 16" cannot be true. + *** ifdef'd - only true if NVIC defined +hw/arm_gic.c:407: +between: After this line, the value of "irq" is between 32 and 95. +hw/arm_gic.c:406: +assignment: Assigning: "irq" = "(offset - 256U) * 8U + 32U". +hw/arm_gic.c:407: +new_values: Noticing condition "irq >= 96". +hw/arm_gic.c:391: +new_values: Noticing condition "offset < 256U". +hw/arm_gic.c:410: +dead_error_line: Execution cannot reach this statement "value = 255U;". + +Error: DEADCODE: *** IFDEF dependent on NVIC +hw/arm_gic.c:434: +dead_error_condition: On this path, the condition "irq < 16" cannot be true. +hw/arm_gic.c:432: +between: After this line, the value of "irq" is between 32 and 95. +hw/arm_gic.c:431: +assignment: Assigning: "irq" = "(offset - 384U) * 8U + 32U". +hw/arm_gic.c:432: +new_values: Noticing condition "irq >= 96". +hw/arm_gic.c:391: +new_values: Noticing condition "offset < 256U". +hw/arm_gic.c:435: +dead_error_line: Execution cannot reach this statement "value = 0U;". + +Error: DEADCODE: *** IFDEF dependent on NVIC +hw/arm_gic.c:451: +dead_error_condition: On this path, the condition "irq < 16" cannot be true. +hw/arm_gic.c:449: +between: After this line, the value of "irq" is between 32 and 95. +hw/arm_gic.c:448: +assignment: Assigning: "irq" = "(offset - 512U) * 8U + 32U". +hw/arm_gic.c:449: +new_values: Noticing condition "irq >= 96". +hw/arm_gic.c:391: +new_values: Noticing condition "offset < 256U". +hw/arm_gic.c:452: +dead_error_line: Execution cannot reach this statement "irq = 0;". + +Error: DEADCODE: *** IFDEF depedent on NVIC +hw/arm_gic.c:480: +dead_error_condition: On this path, the condition "irq < 32" cannot be true. +hw/arm_gic.c:478: +between: After this line, the value of "irq" is between 32 and 95. +hw/arm_gic.c:477: +assignment: Assigning: "irq" = "offset - 1024U + 32U". +hw/arm_gic.c:478: +new_values: Noticing condition "irq >= 96". +hw/arm_gic.c:472: +new_values: Noticing condition "offset < 1024U". +hw/arm_gic.c:481: +dead_error_line: Execution cannot reach this statement "s->priority1[irq][cpu] = va...". + +Error: DEADCODE: *** Set in ifdef 0'd path +arm-dis.c:4012: +dead_error_condition: On this path, the condition "is_data" cannot be true. +arm-dis.c:3874: +const: After this line, the value of "is_data" is equal to 0. +arm-dis.c:3874: +assignment: Assigning: "is_data" = "0". +arm-dis.c:4014: +dead_error_begin: Execution cannot reach this statement "int i;". + +Error: NEGATIVE_RETURNS: *** I think the -1 value triggers the increment on line 9957 so it isn't -ve as an index +target-arm/translate.c:9873: +var_tested_neg: Assigning: "lj" = a negative value. +target-arm/translate.c:9961: +negative_returns: Using variable "lj" as an index to array "gen_opc_pc". + +Error: OVERRUN_STATIC: *** Safe because irq%8 always =0 and GIC_NIRQ divisible by 8 (but would be better to do irq+8 > GIC_NIRQ +hw/arm_gic.c:274: +assignment: Assigning: "irq" = "(offset - 256U) * 8U". +hw/arm_gic.c:277: +assignment: Assigning: "irq" = "irq += 0". +hw/arm_gic.c:282: +overrun-local: Overrunning static array "s->irq_state", with 96 elements, at position 96 with index variable "irq + i". + +Error: OVERRUN_STATIC: +hw/arm_gic.c:235: *** Don't think so, at that point we know array value !=1023 and array value == irq, so irq can't be 1023 +overrun-local: Overrunning static array "s->last_active", with 96 elements, at position 1023 with index variable "irq". + +Error: OVERRUN_STATIC: +hw/arm_gic.c:235:*** Don't think so, at that point we know array value !=1023 and array value == irq, so irq can't be 1023 +overrun-local: Overrunning static array "s->last_active", with 96 elements, at position 1023 with index variable "irq". + +Error: OVERRUN_STATIC: +hw/arm_gic.c:461: *** Safe because irq%8=0, and GIC_NIRQ divisibly by 8 (again safer to do irq+8 > GIC_NIRQ) +assignment: Assigning: "irq" = "(offset - 640U) * 8U + 0U". +hw/arm_gic.c:469: +overrun-local: Overrunning static array "s->irq_state", with 96 elements, at position 96 with index variable "irq + i". + +Error: OVERRUN_STATIC: +hw/arm_gic.c:235: *** Same as case above??? +overrun-local: Overrunning static array "s->last_active", with 96 elements, at position 1023 with index variable "irq". + + + +AFAIK a lot of issues reported by coverity have been addressed in the recent versions of QEMU ... is there still anything left here that needs special attention? + +[Expired for QEMU because there has been no activity for 60 days.] + |