From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Peter Maydell" <peter.maydell@linaro.org>,
"Ilya Maximets" <i.maximets@ovn.org>,
"David Hildenbrand" <david@redhat.com>,
"Stefan Hajnoczi" <stefanha@redhat.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Peter Xu" <peterx@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>
Subject: [PULL v3 15/62] memory: initialize 'fv' in MemoryRegionCache to make Coverity happy
Date: Sun, 22 Oct 2023 05:22:49 -0400 [thread overview]
Message-ID: <b15c18c51910ec5ef8c506f641f487507e42c79b.1697966402.git.mst@redhat.com> (raw)
In-Reply-To: <cover.1697966402.git.mst@redhat.com>
From: Ilya Maximets <i.maximets@ovn.org>
Coverity scan reports multiple false-positive "defects" for the
following series of actions in virtio.c:
MemoryRegionCache indirect_desc_cache;
address_space_cache_init_empty(&indirect_desc_cache);
address_space_cache_destroy(&indirect_desc_cache);
For some reason it's unable to recognize the dependency between 'mrs.mr'
and 'fv' and insists that '!mrs.mr' check in address_space_cache_destroy
may take a 'false' branch, even though it is explicitly initialized to
NULL in the address_space_cache_init_empty():
*** CID 1522371: Memory - illegal accesses (UNINIT)
/qemu/hw/virtio/virtio.c: 1627 in virtqueue_split_pop()
1621 }
1622
1623 vq->inuse++;
1624
1625 trace_virtqueue_pop(vq, elem, elem->in_num, elem->out_num);
1626 done:
>>> CID 1522371: Memory - illegal accesses (UNINIT)
>>> Using uninitialized value "indirect_desc_cache.fv" when
>>> calling "address_space_cache_destroy".
1627 address_space_cache_destroy(&indirect_desc_cache);
1628
1629 return elem;
1630
1631 err_undo_map:
1632 virtqueue_undo_map_desc(out_num, in_num, iov);
** CID 1522370: Memory - illegal accesses (UNINIT)
Instead of trying to silence these false positive reports in 4
different places, initializing 'fv' as well, as this doesn't result
in any noticeable performance impact.
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Message-Id: <20231009104322.3085887-1-i.maximets@ovn.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Reviewed-by: David Hildenbrand <david@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
---
include/exec/memory.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/exec/memory.h b/include/exec/memory.h
index 653a32ea10..9087d02769 100644
--- a/include/exec/memory.h
+++ b/include/exec/memory.h
@@ -2793,6 +2793,8 @@ int64_t address_space_cache_init(MemoryRegionCache *cache,
static inline void address_space_cache_init_empty(MemoryRegionCache *cache)
{
cache->mrs.mr = NULL;
+ /* There is no real need to initialize fv, but it makes Coverity happy. */
+ cache->fv = NULL;
}
/**
--
MST
next prev parent reply other threads:[~2023-10-22 9:27 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-22 9:21 [PULL v3 00/62] virtio,pc,pci: features, cleanups Michael S. Tsirkin
2023-10-22 9:21 ` [PULL v3 01/62] vdpa: Use iovec for vhost_vdpa_net_cvq_add() Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 02/62] vdpa: Avoid using vhost_vdpa_net_load_*() outside vhost_vdpa_net_load() Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 03/62] vdpa: Check device ack in vhost_vdpa_net_load_rx_mode() Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 04/62] vdpa: Move vhost_svq_poll() to the caller of vhost_vdpa_net_cvq_add() Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 05/62] vdpa: Introduce cursors to vhost_vdpa_net_loadx() Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 06/62] vhost: Expose vhost_svq_available_slots() Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 07/62] vdpa: Send cvq state load commands in parallel Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 08/62] vhost-user: strip superfluous whitespace Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 09/62] vhost-user: tighten "reply_supported" scope in "set_vring_addr" Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 10/62] vhost-user: factor out "vhost_user_write_sync" Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 11/62] vhost-user: flatten "enforce_reply" into "vhost_user_write_sync" Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 12/62] vhost-user: hoist "write_sync", "get_features", "get_u64" Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 13/62] vhost-user: allow "vhost_set_vring" to wait for a reply Michael S. Tsirkin
2023-10-22 9:22 ` [PULL v3 14/62] vhost-user: call VHOST_USER_SET_VRING_ENABLE synchronously Michael S. Tsirkin
2023-10-22 9:22 ` Michael S. Tsirkin [this message]
2023-10-22 9:22 ` [PULL v3 16/62] vhost-user: do not send RESET_OWNER on device reset Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 17/62] vhost-backend: remove vhost_kernel_reset_device() Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 18/62] virtio: call ->vhost_reset_device() during reset Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 19/62] hw/i386/acpi-build: Remove build-time assertion on PIIX/ICH9 reset registers being identical Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 20/62] timer/i8254: Fix one shot PIT mode Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 21/62] hw/display: fix memleak from virtio_add_resource Michael S. Tsirkin
2023-10-24 6:19 ` Michael Tokarev
2023-10-22 9:23 ` [PULL v3 22/62] hw/i386/pc: Merge two if statements into one Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 23/62] hw/i386/pc_piix: Allow for setting properties before realizing PIIX3 south bridge Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 24/62] hw/i386/pc_piix: Assign PIIX3's ISA interrupts before its realize() Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 25/62] hw/isa/piix3: Resolve redundant PIIX_NUM_PIC_IRQS Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 26/62] hw/i386/pc_piix: Wire PIIX3's ISA interrupts by new "isa-irqs" property Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 27/62] hw/i386/pc_piix: Remove redundant "piix3" variable Michael S. Tsirkin
2023-10-22 9:23 ` [PULL v3 28/62] hw/isa/piix3: Rename "pic" attribute to "isa_irqs_in" Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 29/62] hw/i386/pc_q35: Wire ICH9 LPC function's interrupts before its realize() Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 30/62] hw/isa/piix3: Wire PIC IRQs to ISA bus in host device Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 31/62] hw/i386/pc: Wire RTC ISA IRQs in south bridges Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 32/62] hw/isa/piix3: Create IDE controller in host device Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 33/62] hw/isa/piix3: Create USB " Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 34/62] hw/isa/piix3: Create power management " Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 35/62] hw/isa/piix3: Drop the "3" from PIIX base class name Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 36/62] hw/isa/piix4: Remove unused inbound ISA interrupt lines Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 37/62] hw/isa/piix4: Rename "isa" attribute to "isa_irqs_in" Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 38/62] hw/isa/piix4: Rename reset control operations to match PIIX3 Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 39/62] hw/isa/piix4: Reuse struct PIIXState from PIIX3 Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 40/62] hw/isa/piix3: Merge hw/isa/piix4.c Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 41/62] hw/isa/piix: Allow for optional PIC creation in PIIX3 Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 42/62] hw/isa/piix: Allow for optional PIT " Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 43/62] hw/isa/piix: Harmonize names of reset control memory regions Michael S. Tsirkin
2023-10-22 9:24 ` [PULL v3 44/62] hw/isa/piix: Share PIIX3's base class with PIIX4 Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 45/62] hw/isa/piix: Reuse PIIX3 base class' realize method in PIIX4 Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 46/62] hw/isa/piix: Rename functions to be shared for PCI interrupt triggering Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 47/62] hw/isa/piix: Reuse PIIX3's PCI interrupt triggering in PIIX4 Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 48/62] hw/isa/piix: Resolve duplicate code regarding PCI interrupt wiring Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 49/62] hw/isa/piix: Implement multi-process QEMU support also for PIIX4 Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 50/62] hw/i386/pc_piix: Make PIIX4 south bridge usable in PC machine Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 51/62] vhost-user-common: send get_inflight_fd once Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 52/62] vhost: move and rename the conn retry times Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 53/62] vhost-user-scsi: support reconnect to backend Michael S. Tsirkin
2023-10-22 9:25 ` [PULL v3 54/62] vhost-user-scsi: start vhost when guest kicks Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 55/62] vhost-user: fix lost reconnect Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 56/62] hw/i386/cxl: ensure maxram is greater than ram size for calculating cxl range Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 57/62] tests/acpi: Allow update of DSDT.cxl Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 58/62] hw/cxl: Add QTG _DSM support for ACPI0017 device Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 59/62] tests/acpi: Update DSDT.cxl with QTG DSM Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 60/62] vhost-user: Fix protocol feature bit conflict Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 61/62] MAINTAINERS: Add include/hw/intc/i8259.h to the PC chip section Michael S. Tsirkin
2023-10-22 9:26 ` [PULL v3 62/62] intel-iommu: Report interrupt remapping faults, fix return value Michael S. Tsirkin
2023-10-24 1:15 ` [PULL v3 00/62] virtio,pc,pci: features, cleanups Stefan Hajnoczi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b15c18c51910ec5ef8c506f641f487507e42c79b.1697966402.git.mst@redhat.com \
--to=mst@redhat.com \
--cc=david@redhat.com \
--cc=i.maximets@ovn.org \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=peterx@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).