From 717ea844a7640cf0c9d7713ce2f00ee091d4a01f Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Fri, 4 May 2018 07:42:41 +0200 Subject: [PATCH 1/3] Revert "Makefile: add target to print generated files" This reverts commit 9578f8cc3e8bd71de8e3f543dc7b95644d64824e. The patch snuck in by accident without having been posted to qemu-devel. It's entirely redundant: existing target print-% already serves the purpose. Cc: Michael S. Tsirkin Signed-off-by: Markus Armbruster Message-Id: <20180504054241.6833-1-armbru@redhat.com> Reviewed-by: Eric Blake --- Makefile | 3 --- 1 file changed, 3 deletions(-) diff --git a/Makefile b/Makefile index 6c6664d9a3..355b44ff37 100644 --- a/Makefile +++ b/Makefile @@ -1055,9 +1055,6 @@ endif include $(SRC_PATH)/tests/docker/Makefile.include include $(SRC_PATH)/tests/vm/Makefile.include -printgen: - @echo $(GENERATED_FILES) - .PHONY: help help: @echo 'Generic targets:' From 04a0afe52852e6b6d6f81230b6d7acd25dac88dd Mon Sep 17 00:00:00 2001 From: Paolo Bonzini Date: Mon, 14 May 2018 16:12:18 +0200 Subject: [PATCH 2/3] coverity-model: replay data is considered trusted Replay data is not considered a possible attack vector; add a model that does not use getc so that "tainted data" warnings are suppressed. Signed-off-by: Paolo Bonzini Message-Id: <20180514141218.28438-1-pbonzini@redhat.com> Reviewed-by: Markus Armbruster [Whitespace tweaked] Signed-off-by: Markus Armbruster --- scripts/coverity-model.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c index c702804f41..48b112393b 100644 --- a/scripts/coverity-model.c +++ b/scripts/coverity-model.c @@ -103,6 +103,18 @@ static int get_keysym(const name2keysym_t *table, } } +/* Replay data is considered trusted. */ +uint8_t replay_get_byte(void) +{ + uint8_t byte = 0; + if (replay_file) { + uint8_t c; + byte = c; + } + return byte; +} + + /* * GLib memory allocation functions. * From 719a30776b94d3da8c613e5047414f483d40256d Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Fri, 8 Jun 2018 19:02:31 +0200 Subject: [PATCH 3/3] Purge uses of banned g_assert_FOO() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We banned use of certain g_assert_FOO() functions outside tests, and made checkpatch.pl flag them (commit 6e9389563e5). We neglected to purge existing uses. Do that now. Signed-off-by: Markus Armbruster Message-Id: <20180608170231.27912-1-armbru@redhat.com> Reviewed-by: Eric Blake Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: John Snow --- hw/ide/ahci.c | 2 +- hw/ppc/spapr_ovec.c | 12 ++++++------ hw/usb/dev-smartcard-reader.c | 2 +- qom/object.c | 10 +++++----- util/qht.c | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c index f7852be842..2ec24cad9f 100644 --- a/hw/ide/ahci.c +++ b/hw/ide/ahci.c @@ -440,7 +440,7 @@ static uint64_t ahci_mem_read(void *opaque, hwaddr addr, unsigned size) if (ofst + size <= 4) { val = lo >> (ofst * 8); } else { - g_assert_cmpint(size, >, 1); + g_assert(size > 1); /* If the 64bit read is unaligned, we will produce undefined * results. AHCI does not support unaligned 64bit reads. */ diff --git a/hw/ppc/spapr_ovec.c b/hw/ppc/spapr_ovec.c index 41df4c35ba..318bf33de4 100644 --- a/hw/ppc/spapr_ovec.c +++ b/hw/ppc/spapr_ovec.c @@ -113,7 +113,7 @@ void spapr_ovec_cleanup(sPAPROptionVector *ov) void spapr_ovec_set(sPAPROptionVector *ov, long bitnr) { g_assert(ov); - g_assert_cmpint(bitnr, <, OV_MAXBITS); + g_assert(bitnr < OV_MAXBITS); set_bit(bitnr, ov->bitmap); } @@ -121,7 +121,7 @@ void spapr_ovec_set(sPAPROptionVector *ov, long bitnr) void spapr_ovec_clear(sPAPROptionVector *ov, long bitnr) { g_assert(ov); - g_assert_cmpint(bitnr, <, OV_MAXBITS); + g_assert(bitnr < OV_MAXBITS); clear_bit(bitnr, ov->bitmap); } @@ -129,7 +129,7 @@ void spapr_ovec_clear(sPAPROptionVector *ov, long bitnr) bool spapr_ovec_test(sPAPROptionVector *ov, long bitnr) { g_assert(ov); - g_assert_cmpint(bitnr, <, OV_MAXBITS); + g_assert(bitnr < OV_MAXBITS); return test_bit(bitnr, ov->bitmap) ? true : false; } @@ -186,7 +186,7 @@ sPAPROptionVector *spapr_ovec_parse_vector(target_ulong table_addr, int vector) int i; g_assert(table_addr); - g_assert_cmpint(vector, >=, 1); /* vector numbering starts at 1 */ + g_assert(vector >= 1); /* vector numbering starts at 1 */ addr = vector_addr(table_addr, vector); if (!addr) { @@ -195,7 +195,7 @@ sPAPROptionVector *spapr_ovec_parse_vector(target_ulong table_addr, int vector) } vector_len = ldub_phys(&address_space_memory, addr++) + 1; - g_assert_cmpint(vector_len, <=, OV_MAXBYTES); + g_assert(vector_len <= OV_MAXBYTES); ov = spapr_ovec_new(); for (i = 0; i < vector_len; i++) { @@ -225,7 +225,7 @@ int spapr_ovec_populate_dt(void *fdt, int fdt_offset, * encoding/sizing expected in ibm,client-architecture-support */ vec_len = (lastbit == OV_MAXBITS) ? 1 : lastbit / BITS_PER_BYTE + 1; - g_assert_cmpint(vec_len, <=, OV_MAXBYTES); + g_assert(vec_len <= OV_MAXBYTES); /* guest expects vector len encoded as vec_len - 1, since the length byte * is assumed and not included, and the first byte of the vector * is assumed as well diff --git a/hw/usb/dev-smartcard-reader.c b/hw/usb/dev-smartcard-reader.c index f7c91230d5..fa546fb3ce 100644 --- a/hw/usb/dev-smartcard-reader.c +++ b/hw/usb/dev-smartcard-reader.c @@ -786,7 +786,7 @@ static void ccid_write_data_block(USBCCIDState *s, uint8_t slot, uint8_t seq, DPRINTF(s, D_VERBOSE, "error %d\n", p->b.bError); } if (len) { - g_assert_nonnull(data); + assert(data); memcpy(p->abData, data, len); } ccid_reset_error_status(s); diff --git a/qom/object.c b/qom/object.c index e6462f289c..4609e34a6a 100644 --- a/qom/object.c +++ b/qom/object.c @@ -295,7 +295,7 @@ static void type_initialize(TypeImpl *ti) GSList *e; int i; - g_assert_cmpint(parent->class_size, <=, ti->class_size); + g_assert(parent->class_size <= ti->class_size); memcpy(ti->class, parent->class, parent->class_size); ti->class->interfaces = NULL; ti->class->properties = g_hash_table_new_full( @@ -372,9 +372,9 @@ static void object_initialize_with_type(void *data, size_t size, TypeImpl *type) g_assert(type != NULL); type_initialize(type); - g_assert_cmpint(type->instance_size, >=, sizeof(Object)); + g_assert(type->instance_size >= sizeof(Object)); g_assert(type->abstract == false); - g_assert_cmpint(size, >=, type->instance_size); + g_assert(size >= type->instance_size); memset(obj, 0, type->instance_size); obj->class = type->class; @@ -475,7 +475,7 @@ static void object_finalize(void *data) object_property_del_all(obj); object_deinit(obj, ti); - g_assert_cmpint(obj->ref, ==, 0); + g_assert(obj->ref == 0); if (obj->free) { obj->free(obj); } @@ -917,7 +917,7 @@ void object_unref(Object *obj) if (!obj) { return; } - g_assert_cmpint(obj->ref, >, 0); + g_assert(obj->ref > 0); /* parent always holds a reference to its children */ if (atomic_fetch_dec(&obj->ref) == 1) { diff --git a/util/qht.c b/util/qht.c index ff4d2e6974..55b0738cd1 100644 --- a/util/qht.c +++ b/util/qht.c @@ -759,7 +759,7 @@ static void qht_do_resize_reset(struct qht *ht, struct qht_map *new, bool reset) return; } - g_assert_cmpuint(new->n_buckets, !=, old->n_buckets); + g_assert(new->n_buckets != old->n_buckets); qht_map_iter__all_locked(ht, old, qht_map_copy, new); qht_map_debug__all_locked(new);