From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: George Dunlap <george.dunlap@eu.citrix.com>,
Xen-devel <xen-devel@lists.xen.org>
Subject: Re: [PATCH] xen/x86: Fix errors arising from c/s dab76ff
Date: Fri, 12 Feb 2016 15:23:54 +0000 [thread overview]
Message-ID: <56BDF90A.1040500@citrix.com> (raw)
In-Reply-To: <56BE049C02000078000D1771@prv-mh.provo.novell.com>
On 12/02/16 15:13, Jan Beulich wrote:
>>>> On 12.02.16 at 15:59, <andrew.cooper3@citrix.com> wrote:
>> Coverity correctly identifies that the changes in mtrr_attrib_to_str()
>> introduce dead code. strings[] is a 2d array, rather than an array of
>> strings, which means that strings[x] will never be a NULL pointer.
>>
>> Adjust the check to compenstate, by looking for a NUL in strings[x][0]
>> instead.
>>
>> Curiously, Coverity did not notice the same error with memory_type_to_str().
> I agree up to here.
>
>> There was also a further error; the strings were not NULL terminated, which
>> made the return type of memory_type_to_str() erronious.
> What's erroneous here? I don't think there's any requirement
> for a function returning char * to always return NUL-terminated
> strings.
The name of the function very clearly indicates that it is returning a
string.
>
>> Bump the 2D array to 3 characters, so the strings retain their NUL
>> characters,
> I.e. I don't agree with this part of the change, even if the addition
> of these few bytes doesn't make a whole lot of a difference. They
> end up being "dead data" now, and if Coverity is smart it should
> even be able to notice.
It will produce something wrong if someone introduces a new path doing
something like printk("%s", memory_type_to_str()). 8 extra bytes is a
very small price to pay to make this work properly.
The alternative, const char (*memory_type_to_str(unsigned int x))[2] is
unrecognisable to most C programmers, and can't be used with printk().
~Andrew
>
>> and introduce an ASSERT() as requested on one thread of the original patch.
> Whereas this part is again appreciated.
>
> Jan
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-02-12 15:23 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-12 14:59 [PATCH] xen/x86: Fix errors arising from c/s dab76ff Andrew Cooper
2016-02-12 15:13 ` Jan Beulich
2016-02-12 15:23 ` Andrew Cooper [this message]
2016-02-15 15:15 ` George Dunlap
2016-02-15 16:52 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56BDF90A.1040500@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=JBeulich@suse.com \
--cc=george.dunlap@eu.citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.