From: "Michael D Kinney" <michael.d.kinney@intel.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
"Kinney, Michael D" <michael.d.kinney@intel.com>
Cc: "Wu, Hao A" <hao.a.wu@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>,
"Gao, Liming" <liming.gao@intel.com>,
"Wang, Jian J" <jian.j.wang@intel.com>
Subject: Re: [PATCH v1] MdeModulePkg/DxeCore: Please static checker for false report
Date: Mon, 22 Apr 2019 21:53:00 +0000 [thread overview]
Message-ID: <E92EE9817A31E24EB0585FDF735412F5B9C9C640@ORSMSX113.amr.corp.intel.com> (raw)
In-Reply-To: <CAKv+Gu9CJ5oVQhGCezVdp0gextgYV-UOrUsibez76UfS2Y6AEg@mail.gmail.com>
Ard,
This seems to be a common limitation seen in some
static analyzers. We have not found a workaround
that does not involve code changes to quiet the
false positives.
For this specific case, I think the code change I
suggest is correct.
Best regards,
Mike
> -----Original Message-----
> From: Ard Biesheuvel [mailto:ard.biesheuvel@linaro.org]
> Sent: Monday, April 22, 2019 2:26 PM
> To: Kinney, Michael D <michael.d.kinney@intel.com>
> Cc: Wu, Hao A <hao.a.wu@intel.com>;
> devel@edk2.groups.io; Gao, Liming
> <liming.gao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>
> Subject: Re: [PATCH v1] MdeModulePkg/DxeCore: Please
> static checker for false report
>
> On Mon, 22 Apr 2019 at 16:41, Kinney, Michael D
> <michael.d.kinney@intel.com> wrote:
> >
> > Hi Hao,
> >
> > I think a cleaner fix to this issues is replace both
> > ASSERT() statements with the following:
> >
> > if (EFI_ERROR (Status) || Entry->Emulator ==
> NULL) {
> > FreePool (Entry);
> > continue;
> > }
> >
> > We do not expect the emulator protocol to disappear
> between
> > finding the handle and looking up the protocol
> instance,
> > but if it does, the handle can be skipped without
> ASSERT().
> >
> > There are several examples of this style in
> DriverSupport.c.
> >
> > If we want to avoid the extra Allocate/Free in this
> error
> > condition, then a local variable can be added to get
> the
> > emulator protocol instance and only allocate an
> > EMULATOR_ENTRY if the emulator instance is
> successfully
> > found.
> >
>
> Is there any way we can #define the OUT modifier to
> something the
> static analyzer understands? (Which static analyzer is
> this btw?)
>
> Surely, we are not the only project dealing with
> pointers that are
> initialized by reference. Adding code to please the
> tools should
> really be the last resort imo.
next prev parent reply other threads:[~2019-04-22 21:53 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-22 7:24 [PATCH v1] MdeModulePkg/DxeCore: Please static checker for false report Wu, Hao A
2019-04-22 14:40 ` Michael D Kinney
2019-04-22 21:25 ` Ard Biesheuvel
2019-04-22 21:53 ` Michael D Kinney [this message]
2019-04-22 22:02 ` [edk2-devel] " Ard Biesheuvel
2019-04-22 23:14 ` Andrew Fish
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E92EE9817A31E24EB0585FDF735412F5B9C9C640@ORSMSX113.amr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox