If the is_write argument is true, address_space_rw writes to memory and thus reads from the buffer. The opposite holds if is_write is false. Fix the model.
Cc: Markus Armbruster <arm...@redhat.com> Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> --- scripts/coverity-model.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c index 224d2d1..617f67d 100644 --- a/scripts/coverity-model.c +++ b/scripts/coverity-model.c @@ -49,7 +49,7 @@ typedef uint64_t hwaddr; typedef uint32_t MemTxResult; typedef uint64_t MemTxAttrs; -static void __write(uint8_t *buf, ssize_t len) +static void __bufwrite(uint8_t *buf, ssize_t len) { int first, last; __coverity_negative_sink__(len); @@ -59,7 +59,7 @@ static void __write(uint8_t *buf, ssize_t len) __coverity_writeall__(buf); } -static void __read(uint8_t *buf, ssize_t len) +static void __bufread(uint8_t *buf, ssize_t len) { __coverity_negative_sink__(len); if (len == 0) return; @@ -74,7 +74,7 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, // TODO: investigate impact of treating reads as producing // tainted data, with __coverity_tainted_data_argument__(buf). - if (is_write) __write(buf, len); else __read(buf, len); + if (is_write) __bufread(buf, len); else __bufwrite(buf, len); return result; } -- 2.3.5