From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1NAprO-0000Z8-OV for qemu-devel@nongnu.org; Wed, 18 Nov 2009 14:06:34 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1NAprJ-0000WN-Vx for qemu-devel@nongnu.org; Wed, 18 Nov 2009 14:06:34 -0500 Received: from [199.232.76.173] (port=50806 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1NAprJ-0000WH-M9 for qemu-devel@nongnu.org; Wed, 18 Nov 2009 14:06:29 -0500 Received: from moutng.kundenserver.de ([212.227.17.9]:52895) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1NAprJ-0006gD-1T for qemu-devel@nongnu.org; Wed, 18 Nov 2009 14:06:29 -0500 Message-ID: <4B0445B1.1080207@mail.berlios.de> Date: Wed, 18 Nov 2009 20:06:25 +0100 From: Stefan Weil MIME-Version: 1.0 Subject: Re: [Qemu-devel] Fwd: qemu code review References: <4B03DD07.7090300@redhat.com> In-Reply-To: <4B03DD07.7090300@redhat.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Kevin Wolf Cc: "qemu-devel@nongnu.org" Kevin Wolf schrieb: > Hi all, > > as Steve suggests, I'm forwarding the list of issues he found to the > mailing list. I've already looked at a few points in the block code and > sent patches. If everyone picks up one point, we should get through the > list quickly. Who volunteers for the TCG ones? ;-) > > Kevin > > -------- Original-Nachricht -------- > Betreff: [virt-devel] qemu code review > Datum: Tue, 17 Nov 2009 14:05:33 -0500 > Von: Steve Grubb > > Hello, > > I took a few hours to run qemu through an analysis tool. Below are the > results > of checking everything. I don't interact with the qemu community and > thought > someone here might want to take these finding upstream. The review was > against > 0.11.0-11 in rawhide. > > Thanks, > -Steve > > ----------------------------- > > ... > In hw/e1000.c at line 89, vlan is declared to be 4 bytes. At line 382 is an > attempt to do a memmove over it with a size of 12. > Obviously this was intentional. Would replacing memmove(tp->vlan, tp->data, 12); by memmove(tp->data - 4, tp->data, 12); be better and satisfy the analysis tool? Or even better (hopefully the compiler will combine both statements) memmove(tp->vlan, tp->data, 4); memmove(tp->data, tp->data + 4, 8); > In hw/sb16.c at line 898 is an "if" statement with 0 and'ed. If this was > intentional, there should be a comment or the code in the if statement > deleted. > > ...