From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=38187 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PmYKo-0007m7-V8 for qemu-devel@nongnu.org; Mon, 07 Feb 2011 16:09:24 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PmWEh-0002E8-3q for qemu-devel@nongnu.org; Mon, 07 Feb 2011 13:54:56 -0500 Received: from mx1.redhat.com ([209.132.183.28]:43095) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PmWEg-0002Dy-TG for qemu-devel@nongnu.org; Mon, 07 Feb 2011 13:54:55 -0500 Date: Mon, 7 Feb 2011 16:54:37 -0200 From: Luiz Capitulino Subject: Re: [Qemu-devel] [PING 0.14] Missing patches (mostly fixes) Message-ID: <20110207165437.5e7e3b44@doriath> In-Reply-To: <4D4C3927.6090400@mail.berlios.de> References: <4D412CF0.30706@redhat.com> <4D49B04F.80201@mail.berlios.de> <4D4BF160.9040500@codemonkey.ws> <4D4C34E6.7070008@mail.berlios.de> <4D4C35B2.9010801@codemonkey.ws> <4D4C3927.6090400@mail.berlios.de> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Stefan Weil Cc: Kevin Wolf , Anthony Liguori , "Michael S. Tsirkin" , Markus Armbruster , Riku Voipio , qemu-devel , Alexander Graf , Blue Swirl , Gerd Hoffmann , Paolo Bonzini On Fri, 04 Feb 2011 18:36:39 +0100 Stefan Weil wrote: > Am 04.02.2011 18:21, schrieb Anthony Liguori: > > On 02/04/2011 11:18 AM, Stefan Weil wrote: > >> Am 04.02.2011 16:27, schrieb Markus Armbruster: > >>> Anthony Liguori writes: > >>> > >>>> On 02/02/2011 01:28 PM, Stefan Weil wrote: > >>> [...] > >>>>> [PATCH 1/3] tests: Fix two memory leaks > >>>>> (http://patchwork.ozlabs.org/patch/79945/) > >>> > >>>>> [PATCH 2/3] check-qdict: Fix possible crash > >>>>> (http://patchwork.ozlabs.org/patch/79946/) > >>>> > >>>> Luiz > >>> > >>> I wouldn't bother with the second one for 0.14. Yes, we're reading > >>> lines from a file with %s, but it's a fixed file with known > >>> contents, no > >>> long lines, and we're reading it in a test program only developers ever > >>> use. > >>> > >>> As to the first one, Luiz has never touched that file. Neither have I, > >>> and it's not obvious to me why it should go into 0.14. > >>> > >>> [...] > >> > >> Even if the current code does not result in a real bug at the moment, > >> it should get fixed: > >> > >> * Using tools like cppcheck (or others) to find bugs is good, > >> because it finds bugs which are important. > >> Sorting out "unimportant" bugs from the results wastes time > >> which could be invested better, and this waste of time lasts > >> forever until the "unimportant" bug will be fixed. The sooner > >> you fix it, the better it is. > > > > No, this is not a good use of time. I've said multiple times in the > > past, I'm not interested in implementing work arounds for false > > positives in static analysis tools. > > > > We have enough real problems to fix, we don't need to waste cycles on > > psuedo problems. > > > > Regards, > > > > Anthony Liguori > > Hi Anthony, > > please accept that even if you said something multiple times, > other people might have a different point of view. > QEMU is team work, isn't it? > > Both positives are correct, there was no false positive: > > Reading strings from external files into limited memory > without limiting their length is bad. This wasn't denied, what Markus said is that this is test code and thus it isn't high priority for the (now released) 0.14 release. > Even if it works with > some input data, this kind of programming will be copied > by novice programmers and used with data which is critical. OMG, are they copying code from qemu?! > > In the second case, it might be a philosophical question > whether resources like memory or files should be released > explicitly. I tend to say yes, other people say no because the > OS will release them automatically when the program terminates. > But there is no doubt that the tool which says there is a leak > is right. > > Regards, > Stefan Weil > >