[Swan-dev] Coverity Scan doesn't seem to understand passert
Andrew Cagney
andrew.cagney at gmail.com
Fri Aug 20 20:54:59 UTC 2021
On Fri, 20 Aug 2021 at 11:01, D. Hugh Redelmeier <hugh at mimosa.com> wrote:
> passert never returns if the test is false.
> Coverity Scan doesn't seem to know this.
> This leads to false positives in its reports.
>
Based on other code I've tweaked, I'm pretty sure that coverity grok's
passert() being no-return.
>
> For example, consider these lines from
> programs/pluto/ikev1_spdb_struct.c:
>
> 2478 passert(ty < ipsec_attr_val_descs_roof);
> 2479 vdesc = ipsec_attr_val_descs[ty];
> In the latest Coverity Scan run, CID 1496140 claims that the subscript
> can be out of bounds because ty might be greater or equal to
> ipsec_attr_val_descs_roof. Even though the passert says that it
> cannot be.
>
I don't believe this to be new (I remember looking at this a while ago).
For whatever reason, coverity isn't buying into:
const unsigned int ipsec_attr_val_descs_roof = elemsof(
ipsec_attr_val_descs);
being constant and an upper bound.
> This property of passert is indicated by NEVER_RETURNS on the
> declaration of llog_passert.
>
> NEVER_RETURNS expands to
> __attribute__ ((noreturn))
> if, and only if, GCC_LINT is defined.
>
> Does Coverity Scan know that GCC_LINT should be defined?
> Or is it baffled by the layers of macro expansion?
>
> Where is Coverity Scan configured? Does it just read the makefiles?
>
> With a normal build, -DGCC_LINT appears on cc commands. Here's where
> GCC_LINT appears in our tree:
>
> CROSSCOMPILE.sh:21:export USERCOMPILE="-Wl,-elf2flt
> -DCOMPILER_HAS_NO_PRINTF_LIKE -O3 -g ${PORTDEFINE} -I$PREFIX/arm-elf/inc
> -L$PREFIX/lib/gcc-lib -DGCC_LINT -Dlinux -D__linux__"
> include/lswcdefs.h:38:#ifdef GCC_LINT
> mk/config.mk:799:ifeq ($(origin GCC_LINT),undefined)
> mk/config.mk:800:GCC_LINT = -DGCC_LINT
> mk/config.mk:802:USERLAND_CFLAGS += $(GCC_LINT)
> packaging/suse/libreswan.spec:70: USERCOMPILE='-g $(RPM_OPT_FLAGS)
> -DGCC_LINT' \
> packaging/suse/sles10.spec:70: USERCOMPILE='-g $(RPM_OPT_FLAGS)
> -DGCC_LINT' \
> testing/guestbin/makeallways:14: for f4 in "-DGCC_LINT" ; do #
> GCC_LINT is mandatory
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20210820/75a9566a/attachment-0001.html>
More information about the Swan-dev
mailing list