coverity-model: model address_space_read/write

Commit eb7eeb8 ("memory: split address_space_read and address_space_write", 2015-12-17) made address_space_rw dispatch to one of address_space_read or address_space_write, rather than vice versa. For callers of address_space_read and address_space_write this causes false positive defects when Coverity sees a length-8 write in address_space_read and a length-4 (e.g. int*) buffer to read into. As long as the size of the buffer is okay, this is a false positive. Reflect the code change into the model. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> Message-Id: <20170315081641.20588-1-pbonzini@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
qemu · Mar 15, 2017 · 4d0e723 · 4d0e723
1 parent 157db29
commit 4d0e723
Showing 1 changed file with 13 additions and 4 deletions.
diff --git a/scripts/coverity-model.c b/scripts/coverity-model.c
@@ -67,18 +67,27 @@ static void __bufread(uint8_t *buf, ssize_t len)
     int last = buf[len-1];
 }
 
-MemTxResult address_space_rw(AddressSpace *as, hwaddr addr, MemTxAttrs attrs,
-                             uint8_t *buf, int len, bool is_write)
+MemTxResult address_space_read(AddressSpace *as, hwaddr addr,
+                               MemTxAttrs attrs,
+                               uint8_t *buf, int len)
 {
     MemTxResult result;
-
     // TODO: investigate impact of treating reads as producing
     // tainted data, with __coverity_tainted_data_argument__(buf).
-    if (is_write) __bufread(buf, len); else __bufwrite(buf, len);
+    __bufwrite(buf, len);
+    return result;
+}
 
+MemTxResult address_space_write(AddressSpace *as, hwaddr addr,
+                                MemTxAttrs attrs,
+                                const uint8_t *buf, int len)
+{
+    MemTxResult result;
+    __bufread(buf, len);
     return result;
 }
 
+
 /* Tainting */
 
 typedef struct {} name2keysym_t;