From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yw1-f179.google.com (mail-yw1-f179.google.com [209.85.128.179]) by sourceware.org (Postfix) with ESMTPS id E4E1F3858D32 for ; Fri, 10 Nov 2023 17:44:44 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E4E1F3858D32 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=rtems.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org E4E1F3858D32 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=209.85.128.179 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699638286; cv=none; b=bw5f5chhL/USW5JmCwLQ6Wwin64S0Gf6JX/1Cea4MSYosVHr35U4FeZT9ZjWjOHCvaSUQ1QKvUFbdPopxw+zWAe2GwQ27kMCywUFDLhJHCpAuVvoDAMAuRSpcykxlpAocEefbJLSbKF6H4ZEIPK1fsMo3PMm3JKEeJ2R7SgIfy0= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699638286; c=relaxed/simple; bh=huYqid7OcCslqo0rtMCkvPnA74fRzFywG2t+dCooJGc=; h=MIME-Version:From:Date:Message-ID:Subject:To; b=QPi4PYTxTI66k02tjaDH4xIBho1oAsieGol3TfPQlyPK2WS+aKyI48XnxYJQoOk04XqkXcNgyOLM8IC8HQezlGEg4jlgke2NW7mywprZZnJJ8kSdcMYkgWYDzYJ147gJYS0VUubrdrRcjb/DUnpziLEyzFQ6mrmEb/hjunVJEfw= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-yw1-f179.google.com with SMTP id 00721157ae682-5afbdbf3a19so26820197b3.2 for ; Fri, 10 Nov 2023 09:44:44 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699638284; x=1700243084; h=to:subject:message-id:date:from:reply-to:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vvPOE4BrvVDoiqAKmJ6zpvtIWk+4oQIafkbcX3mNwI0=; b=wbJIaBCs+GcrmreZOgNbIZqFBU6rhe3kR5IrWW2WlpZAUxxqVkdtp/XmVE0/N4/l28 rTBLp3mVb6Pzcjtc5mKmWyV0YGl5YcfQGqsOJKuRL133q/JINVOItzt/bxC9npLVBP28 jhqhdKxUG9LVzl5dPiijD22IC1c7W1E5pkBBZT0NMQXoHNoeqNPTI4578+zihZCft6+A Q3kSKOi9n0ml8WZsB3YbfivB3q5COSPRipFsT6ZTZvWAwvvcKArlsJi3I1+OWceeRiWR ldV2SMMve4eEjt1HxSuKdIrVqMw24v2f3ROIKR1fgRFpDLDHvqncYJ1XGLVEmkEqdivb ArDQ== X-Gm-Message-State: AOJu0Yz8yhZLn9eAMKzRw+oNMHukGW9fSUsKellbFlLBgf9DaMIXTg/d 6h4dJe6k/r1MV+ZMdu5B9l4LZ30g2Jc= X-Google-Smtp-Source: AGHT+IFZGRz5jEf8WZkPkP4utD/4acyUwfp/cp5/J46gdXqHLgmcVzS3MgEo/97jLFiqppEExsNZgg== X-Received: by 2002:a0d:db83:0:b0:5a7:af97:c787 with SMTP id d125-20020a0ddb83000000b005a7af97c787mr8875554ywe.11.1699638283942; Fri, 10 Nov 2023 09:44:43 -0800 (PST) Received: from mail-yw1-f175.google.com (mail-yw1-f175.google.com. [209.85.128.175]) by smtp.gmail.com with ESMTPSA id x185-20020a0dd5c2000000b005a8a78fa9d2sm8847705ywd.17.2023.11.10.09.44.43 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 10 Nov 2023 09:44:43 -0800 (PST) Received: by mail-yw1-f175.google.com with SMTP id 00721157ae682-5afbdbf3a19so26820057b3.2 for ; Fri, 10 Nov 2023 09:44:43 -0800 (PST) X-Received: by 2002:a81:4849:0:b0:5b3:5732:bc59 with SMTP id v70-20020a814849000000b005b35732bc59mr9351869ywa.18.1699638283544; Fri, 10 Nov 2023 09:44:43 -0800 (PST) MIME-Version: 1.0 References: <654dcb688da84_69bd52d4ed1e699a037313@prd-scan-dashboard-0.mail> In-Reply-To: Reply-To: joel@rtems.org From: Joel Sherrill Date: Fri, 10 Nov 2023 11:44:31 -0600 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Coverity Scan: Analysis completed for RTEMS-Newlib To: newlib@sourceware.org Content-Type: multipart/alternative; boundary="0000000000002332d10609cfe03c" X-Spam-Status: No, score=-3031.1 required=5.0 tests=BAYES_00,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,HTML_MESSAGE,HTML_OBFUSCATE_05_10,KAM_DMARC_STATUS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: --0000000000002332d10609cfe03c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, Nov 10, 2023 at 9:32=E2=80=AFAM Corinna Vinschen wrote: > On Nov 10 08:50, Joel Sherrill wrote: > > Hmmmm.. an email just before the one I forwarded shows 6 new defects we= re > > added in the last commits. They appear to be the same issue I just > > forwarded but in different scanf variants. > > > > CID 423229 (#1 of 1): Uninitialized scalar variable (UNINIT)2. > > uninit_use_in_call: Using uninitialized value f._flags2 when calling > > __ssvfiscanf_r. [show details > > < > https://scan3.scan.coverity.com/eventId=3D13202494-1&modelId=3D13202494-0= &fileInstanceId=3D104130545&filePath=3D%2Fhome%2Fjoel%2Frtems-cron-coverity= %2Fsourceware-mirror-newlib-cygwin%2Fnewlib%2Flibc%2Fstdio%2Fvfscanf.c&file= Start=3D400&fileEnd=3D1980 > > > > ] > > Looks like a false positive. > > The ORIENT macro will set or reset the value of the _flags2 __SWID bit > if the _flags __SORD bit isn't set. It never is set at the start, so > the _flags2 __SWID bit is always set. And only then, the ORIENT macro > will check the value. > Thanks. I will mark them as false positive. What about the issue in the printf variants? Looks like similar code. Are they also false positives? This is from asiprintf.c 37 f._flags =3D __SWR | __SSTR | __SMBF; 1. assign_zero: Assigning: f._p =3D NULL. 38 f._bf._base =3D f._p =3D NULL; 39 f._bf._size =3D f._w =3D 0; 40 f._file =3D -1; /* No file. */ 41 va_start (ap, fmt); CID 387497 (#2 of 2): Explicit null dereferenced (FORWARD_NULL)2. var_deref_model: Passing &f to _svfiprintf_r, which dereferences null f._p. [show details ] 42 ret =3D _svfiprintf_r (ptr, &f, fmt, ap); > > > Corinna > > --0000000000002332d10609cfe03c--