Wireshark-dev: Re: [Wireshark-dev] New GCC, new option required?
From: Kaul <[email protected]>
Date: Thu, 14 Jul 2011 13:40:09 +0300
- I've also tried to provide fixes for some (until I got both tired and unable to fix those that result from the ASN.1 definitions) in https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5858.
- CLANG static analyzer was also quite helpful in finding issues. It just takes hours to compile wireshark with it.
- First time I've heard of ptvcursors. Nice.

Y.


On Thu, Jul 14, 2011 at 5:51 AM, Bill Meier <[email protected]> wrote:
On 7/13/2011 7:38 PM, Guy Harris wrote:

Haven't you (and maybe others) been fixing the same issues already,
as  a result of Coverity warnings about the same thing?

And how many of those are

static void
dissect_whatever(...)
{

               ...

       proto_tree_add_item(tree, hf_foo, tvb, offset, len_foo, encoding);
       offset += len_foo;
       proto_tree_add_item(tree, hf_bar, tvb, offset, len_bar, encoding);
       offset += len_bar;
}

and how many of those ultimately represent dissectors that should be
converted to use ptvcursors, in which case the "offset +=" stuff will
disappear into the ptvcursor code and not get whined about by dataflow
analyzers?

I'd have to go back and look but I guess that some of the "Coverity [unused]" defects for the dissectors were related to the pattern as shown above:
{
   ...
   offset += ...;
}



However, ISTR that many more were related to the following pattern:
{
       ...
       foo = proto_tree_add_item(...);
       offset += ...;
       foo = proto_tree_add_item(...);
       ...
}

Others were real bugs (such doing 'foo=proto_item_add_subtree()' and then failing to use the returned value in following 'proto_tree_add_item()' calls.

At some point I stopped fixing "Coverity [unused]" even though ISTR that were (at least a few) more "unused" defects yet to be fixed.

Some time later I started working on the GCC 4.6 "set-but-unused" warnings.

I now see (after doing a little research) that it appears that the "unused" defects found by Coverity were only a subset of the "unused-but-set" cases found by GCC 4.6.

I don't know what the pattern is for things not found by Coverity but I do note that many cases like the following weren't found by Coverity:

{
   ...
   int foo;
   ...
   foo = ...;
   ...
}


In any case: Since much of the "Coverity [unused"" dissector cases have already been fixed, much of the remaining (non-generated) dissector "set-but-not-used" cases seem to be for stuff not found by "Coverity [unused]".

(See SVN #37716 for many examples of this type of fix).



___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <[email protected]>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
           mailto:[email protected]wireshark.org?subject=unsubscribe