This is the mail archive of the cygwin-developers mailing list for the Cygwin project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Coverity: Update to version 7.6.0

On 30/04/15 08:52, Corinna Vinschen wrote:
On Apr 30 00:01, David Stacey wrote:
On 29/04/2015 19:13, Corinna Vinschen wrote:
On Apr 29 18:58, David Stacey wrote:
If there are no objections, I'd like to update our weekly Coverity scan to
use Coverity Analysis 7.6.0 (presently we're using 7.5.0). There should be
fewer false positives this week, but there might be some new coding defects
picked up also.
No worries here.  Just go ahead.
Thanks. I'm running the analysis now using the same source code as last
week. So any differences we see in the analysis results will be down to
changes between Coverity Analysis 7.5.0 and 7.6.0. Results should be
available on the Coverity Scan website in a couple of hours.
I'll take a look at any new warnings tomorrow evening. If you have time to
take a look during the day then please let me know the numeric ID of any
issues you fix (or mark them as 'fix submitted') so we don't duplicate
Thanks.  I had a quick look and CID 109854 is certainly a false positive
because it counts wrongly in the wide character case:

   CHAR fmtbuf[10], *fmt = fmtbuf;

It knows wchar_t is 2 bytes at this point.  Three time ++ means, 14
bytes left.

   STRCPY (fmt, CQ(".*u"));

At this point, Coverity looks at the expression L".*u" and counts 4 bytes
per wide char in the string expression, which isn't true for us.  The
string takes 8 bytes only.

Sorry for the delay in replying. Yes, your analysis of CID 109854 is quite correct. The wide string literal is an array of const wchar_t [1]. Coverity should know that this is 2 bytes per character, but seems to count 4 when it sees the 'L' encoding prefix. I've marked this as a false positive in Coverity.

The other two new warnings look genuine enough, although both are in newlib. I've taken the liberty of reporting CID 109855 to the newlib list [2] - let's hope they're friendly to newbies. If this is accepted then I'll send a patch for CID 109856 as well.


[1] - - section 2.13.4, paragraph 1.
[2] -

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]