[Spice-devel] spice coverity scans

[Christophe Fergeau]

Hey,

I've given a look at a run of the Coverity scanner on the spice code base,
and there were a few warnings that seemed legit in areas of the code I
don't know at all, I thought I'd raise these issues on the mailing list for
some feedback.

First one is in common/quic.c:find_model_params
We're doing
    *nbuckets = 0;
(ie we dereference nbuckets), and then

    do { /* other buckets */
        if (nbuckets) {         /* bucket start */
            bstart = bend + 1;
        } else {
            bstart = 0;
        }

nbuckets is checked for NULL-ness, and finally the end of the loop is

        (*nbuckets)++;
    } while (bend < *levels - 1);

and these are the only 3 uses of nbuckets in this function. My feeling is
that the if (nbuckets) {} should be if (*nbuckets) {}, but I have no idea
(?)

Another issue that was raised is in canvas_base.c:canvas_get_mask. When
SW_CANVAS_IMAGE_CACHE is defined, we unconditionnally do
cache_me = 0;
and then we've got
#if defined(SW_CANVAS_CACHE) || defined(SW_CANVAS_IMAGE_CACHE)
    if (cache_me) {
        canvas->bits_cache->ops->put(canvas->bits_cache,
image->descriptor.id,
    }

This bit of code is dead code in the SW_CANVAS_IMAGE_CACHE case. Since
there is more code in this #if block, this isn't necessarily a bug, but I
though I'd brought this up in case someone knows this code better.

I fixed a few other warnings for which I'll send patches. Then there were
plenty of warnings in the generated marshallers code, or in the various
_tmpl files. Some looked like some false positives, others were confusing.
Another pair of eyes looking at these would probably be helpful :)

Christophe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/spice-devel/attachments/20110824/6c2ca134/attachment.pgp>