summaryrefslogtreecommitdiffstats
path: root/scripts/coverity-scan
diff options
context:
space:
mode:
authorPaolo Bonzini2021-07-28 19:12:22 +0200
committerPaolo Bonzini2021-07-30 12:04:01 +0200
commit0da41187dfda6abecbcbc237471254ab614e063d (patch)
treed9648798887bc8da0021e2c49e27fd726ac15f72 /scripts/coverity-scan
parentcoverity-model: clean up the models for array allocation functions (diff)
downloadqemu-0da41187dfda6abecbcbc237471254ab614e063d.tar.gz
qemu-0da41187dfda6abecbcbc237471254ab614e063d.tar.xz
qemu-0da41187dfda6abecbcbc237471254ab614e063d.zip
coverity-model: constrain g_malloc/g_malloc0/g_realloc as never returning NULL
g_malloc/g_malloc0/g_realloc only return NULL if the size is 0; we do not need to cover that in the model, and so far have expected __coverity_alloc__ to model a non-NULL return value. But that apparently does not work anymore, so add some extra conditionals that invoke __coverity_panic__ for NULL pointers. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'scripts/coverity-scan')
-rw-r--r--scripts/coverity-scan/model.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/scripts/coverity-scan/model.c b/scripts/coverity-scan/model.c
index 2d384bdd79..028f13e9e3 100644
--- a/scripts/coverity-scan/model.c
+++ b/scripts/coverity-scan/model.c
@@ -183,6 +183,9 @@ void *g_malloc_n(size_t nmemb, size_t size)
__coverity_negative_sink__(nmemb);
__coverity_negative_sink__(size);
ptr = __coverity_alloc__(nmemb * size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
__coverity_mark_as_uninitialized_buffer__(ptr);
__coverity_mark_as_afm_allocated__(ptr, AFM_free);
return ptr;
@@ -195,6 +198,9 @@ void *g_malloc0_n(size_t nmemb, size_t size)
__coverity_negative_sink__(nmemb);
__coverity_negative_sink__(size);
ptr = __coverity_alloc__(nmemb * size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
__coverity_writeall0__(ptr);
__coverity_mark_as_afm_allocated__(ptr, AFM_free);
return ptr;
@@ -206,6 +212,9 @@ void *g_realloc_n(void *ptr, size_t nmemb, size_t size)
__coverity_negative_sink__(size);
__coverity_escape__(ptr);
ptr = __coverity_alloc__(nmemb * size);
+ if (!ptr) {
+ __coverity_panic__();
+ }
/*
* Memory beyond the old size isn't actually initialized. Can't
* model that. See Coverity's realloc() model