From: Richard Henderson <richard.henderson@linaro.org>
To: anjo@rev.ng, Paolo Bonzini <pbonzini@redhat.com>,
Peter Maydell <peter.maydell@linaro.org>
Cc: "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>
Subject: Re: Help finding Coverity defects for generated Hexagon code
Date: Tue, 23 May 2023 08:31:50 -0700 [thread overview]
Message-ID: <57f69ad1-2546-535b-75fe-f5e3d858504b@linaro.org> (raw)
In-Reply-To: <5de92654-52e3-6042-de5e-b2334b737c13@rev.ng>
On 5/23/23 06:29, Anton Johansson via wrote:
>
> On 5/23/23 12:29, Paolo Bonzini wrote:
>> On Tue, May 23, 2023 at 11:18 AM Peter Maydell <peter.maydell@linaro.org> wrote:
>>> On Mon, 22 May 2023 at 21:24, Anton Johansson <anjo@rev.ng> wrote:
>>>> Hi,
>>>>
>>>> coverity recently reported some defects in code generated by idef-parser
>>>> (email attached). These defects are expected and we plan to emit a
>>>> /* coverity[event_tag] */ comment to disable the specific event triggered.
>>> We don't mark coverity false positives with comments in the
>>> source. For the free online scanner, we just mark them as
>>> false positives in the GUI (with an explanation of why they're
>>> false positives).
>> They aren't visible in the GUI because the whole "hexagon generated
>> files" component is marked as not-analyzed; which apparently means it
>> _is_ analyzed and visible in the emails but not in the GUI.
>
> Ah right...
>
>> The event tag for this error should be "dead_error_condition". In
>> theory, the hexagon generated files could be a good exception to the
>> rules that we don't mark false positives in the source, but finding
>> the right line to add the tag can be messy.
> If we decide to mark these in source, my plan was to simply emit
>
> if (qemu_tmp_2 >= 64) {
> /* coverity[dead_error_condition] */
> tcg_gen_movi_i64(tmp_5, 0);
> } else {
> tcg_gen_shli_i64(tmp_5, tmp_4, qemu_tmp_2);
> }
>
> for all of these safety checks around shifts/extracts where the defect could
> trigger. Maybe this is overreaching as we would also mark similar branches in
> other instructions that are alive, but if we knew they were dead at translation
> time we could simply not emit them to begin with.
It would be simpler to do better constant propagation and folding in the generator than to
do the markup. All of the cases for which it warns are really quite trivial.
r~
next prev parent reply other threads:[~2023-05-23 15:32 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <6467d9133bd9f_57b172b16e2c9d98835043@prd-scan-dashboard-0.mail>
2023-05-22 20:24 ` Help finding Coverity defects for generated Hexagon code Anton Johansson via
2023-05-23 9:17 ` Peter Maydell
2023-05-23 10:29 ` Paolo Bonzini
2023-05-23 13:29 ` Anton Johansson via
2023-05-23 15:31 ` Richard Henderson [this message]
2023-05-23 17:56 ` Brian Cain
2023-06-02 13:18 ` Anton Johansson via
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57f69ad1-2546-535b-75fe-f5e3d858504b@linaro.org \
--to=richard.henderson@linaro.org \
--cc=anjo@rev.ng \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).