On 08/04/2011 11:14 AM, Alex Jia wrote:
Also, how does checking for a non-zero union value prevent a null
dereference?
To be honest, I'm not sure this, however, it's okay for ccc-analyzer if
I add these judgements,
Is ccc-analyzer different from clang? If so, how can I set it up, to
reproduce the problem you saw?
I previously saw a false positive in one of these functions
(qemudDomainGetMemoryParameters) when using Coverity, but that was fixed
by commit f768b4c3, but Coverity was silent for the other 4 functions
you touched. I'm now trying to do a clang run to see if that differs
from Coverity. The Coverity false positive was that our logic confused
the static analyzers:
type var; // uninit
if (flags & _CONFIG)
var = something
if (flags & _LIVE)
do something else
if (flags & _CONFIG)
use var
this pattern was enough to make the analyzers think that var could be
used uninitialized, or initialized to NULL, in a setting where it must
not be NULL; but once you see that it is merely a case of the analyzer
getting it wrong (var is _only_ used under the same conditions where it
was previously assigned earlier on), the solution is to add sa_assert()
hints to the analyzers.
NACK to this patch; we need to get to the real root of why the analyzers
are complaining, and fix the real bug if there is one (but I didn't see
one in my manual inspection), or more likely add sa_assert() hints to
silence the analyzer.
--
Eric Blake eblake@xxxxxxxxxx +1-801-349-2682
Libvirt virtualization library http://libvirt.org
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list