From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on dcvr.yhbt.net X-Spam-Level: X-Spam-ASN: AS3215 2.6.0.0/16 X-Spam-Status: No, score=-3.8 required=3.0 tests=AWL,BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE shortcircuit=no autolearn=ham autolearn_force=no version=3.4.2 Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by dcvr.yhbt.net (Postfix) with ESMTP id 266FD1F4CE for ; Wed, 6 Apr 2022 20:12:37 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233857AbiDFUOU (ORCPT ); Wed, 6 Apr 2022 16:14:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40640 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234569AbiDFUMr (ORCPT ); Wed, 6 Apr 2022 16:12:47 -0400 Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5AA6C23ACA9 for ; Wed, 6 Apr 2022 10:55:19 -0700 (PDT) Received: from cwcc.thunk.org (pool-108-7-220-252.bstnma.fios.verizon.net [108.7.220.252]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 236HtFQd007933 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 6 Apr 2022 13:55:15 -0400 Received: by cwcc.thunk.org (Postfix, from userid 15806) id 096B315C3EC0; Wed, 6 Apr 2022 13:55:15 -0400 (EDT) Date: Wed, 6 Apr 2022 13:55:15 -0400 From: "Theodore Ts'o" To: Johannes Schindelin Cc: Markus Vervier , git@vger.kernel.org Subject: Re: Covierty Integration / Improvement Message-ID: References: <10fd679a-eb94-5380-2070-699f1b56a7b1@x41-dsec.de> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: git@vger.kernel.org On Wed, Apr 06, 2022 at 05:08:37PM +0200, Johannes Schindelin wrote: > I have fixed Git for Windows' Coverity build and started to sift through > the 154 new defects reported as of v2.36.0-rc0. > > Sadly, there is now a new class of overwhelming false positives: Coverity > claims that "strbuf_addstr does not [NUL-]terminate", which is of course > false. It should be possible to suppress this by uploading a Coverity model file. See[1] for more details: [1] https://community.synopsys.com/s/article/practical-example-of-coverity-function-model I've suppressed a similar issue by using the attribute __nonstring, but I don't think that will work for git, because strbuf->buf really *is* a NUL-terminated string, where as in ext4 we have some fields which are designed to be NUL padded, but it is *not* guaranteed to be NUL-terminated: #ifndef __nonstring #ifdef __has_attribute #if __has_attribute(__nonstring__) #define __nonstring __attribute__((__nonstring__)) #else #define __nonstring #endif /* __has_attribute(__nonstring__) */ #else # define __nonstring #endif /* __has_attribute */ #endif /* __nonstring */ struct ext2_super_block { ... /*068*/ __u8 s_uuid[16] __nonstring; /* 128-bit uuid for volume */ /*078*/ __u8 s_volume_name[EXT2_LABEL_LEN] __nonstring; /* volume name */ ... }; (This is needed to suppress warnings by Clang as well.) Using __nonstring will result in attempts to use s_volume_name in "C" string context to give a warning, which is why this isn't right for strbuf->buf. Cheers, - Ted