If the is_write argument is true, address_space_rw writes to memory
and thus reads from the buffer.  The opposite holds if is_write is
false.  Fix the model.

Cc: Markus Armbruster <arm...@redhat.com>
Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
---
 scripts/coverity-model.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c
index 224d2d1..617f67d 100644
--- a/scripts/coverity-model.c
+++ b/scripts/coverity-model.c
@@ -49,7 +49,7 @@ typedef uint64_t hwaddr;
 typedef uint32_t MemTxResult;
 typedef uint64_t MemTxAttrs;
 
-static void __write(uint8_t *buf, ssize_t len)
+static void __bufwrite(uint8_t *buf, ssize_t len)
 {
     int first, last;
     __coverity_negative_sink__(len);
@@ -59,7 +59,7 @@ static void __write(uint8_t *buf, ssize_t len)
     __coverity_writeall__(buf);
 }
 
-static void __read(uint8_t *buf, ssize_t len)
+static void __bufread(uint8_t *buf, ssize_t len)
 {
     __coverity_negative_sink__(len);
     if (len == 0) return;
@@ -74,7 +74,7 @@ MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, 
MemTxAttrs attrs,
 
     // TODO: investigate impact of treating reads as producing
     // tainted data, with __coverity_tainted_data_argument__(buf).
-    if (is_write) __write(buf, len); else __read(buf, len);
+    if (is_write) __bufread(buf, len); else __bufwrite(buf, len);
 
     return result;
 }
-- 
2.3.5


Reply via email to