Commit eb7eeb8 ("memory: split address_space_read and address_space_write", 2015-12-17) made address_space_rw dispatch to one of address_space_read or address_space_write, rather than vice versa.
For callers of address_space_read and address_space_write this causes false positive defects when Coverity sees a length-8 write in address_space_read and a length-4 (e.g. int*) buffer to read into. As long as the size of the buffer is okay, this is a false positive. Reflect the code change into the model. Signed-off-by: Paolo Bonzini <pbonz...@redhat.com> --- scripts/coverity-model.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c index ee5bf9d..c702804 100644 --- a/scripts/coverity-model.c +++ b/scripts/coverity-model.c @@ -67,18 +67,27 @@ static void __bufread(uint8_t *buf, ssize_t len) int last = buf[len-1]; } -MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs, - uint8_t *buf, int len, bool is_write) +MemTxResult address_space_read(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs, + uint8_t *buf, int len) { MemTxResult result; - // TODO: investigate impact of treating reads as producing // tainted data, with __coverity_tainted_data_argument__(buf). - if (is_write) __bufread(buf, len); else __bufwrite(buf, len); + __bufwrite(buf, len); + return result; +} +MemTxResult address_space_write(AddressSpace *as, hwaddr addr, + MemTxAttrs attrs, + const uint8_t *buf, int len) +{ + MemTxResult result; + __bufread(buf, len); return result; } + /* Tainting */ typedef struct {} name2keysym_t; -- 2.9.3