On 26.02.21 09:57, Julien Grall wrote:
Hi Juergen,On 26/02/2021 07:10, Jürgen Groß wrote:I saw what Andrew wrote but neither of you really provided enough information to infer the same. Care to provide more details?On 25.02.21 18:41, Julien Grall wrote:From: Julien Grall <[email protected]> Coverity will report unitialized values for every use of xs_state_* structures in the save part. This can be prevented by using the [0] rather than [] to define variable length array. Coverity-ID: 1472398 Coverity-ID: 1472397 Coverity-ID: 1472396 Coverity-ID: 1472395 Signed-off-by: Julien Grall <[email protected]>Sorry, but Coverity is clearly wrong here.Should we really modify our code to work around bugs in external static code analyzers?I don't think it is OK to have 866 issues (and counting) and keep ignoring them because Coverity may be wrong. We should fix them one way or another. If this means telling Coverity they are reporting false positive, then fine.But for that, I first needs a bit more details why they are clearly wrong.
Lets put it this way: why is a[0] not critical, but a[] is? Semantically there is no difference, so Coverity MUST be wrong in some way (either a[] is really not critical, or a[0] should be critical). Juergen
OpenPGP_0xB0DE9DD628BF132F.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
