New Defects reported by Coverity Scan for ceph

2015-09-28 Thread scan-admin

Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 20 of 38 defect(s)


** CID 717233:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, 
client_t)()

** CID 1238869:  Value not atomically updated  (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()

** CID 1238870:  Unchecked return value  (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()

** CID 1238871:  Dereference after null check  (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, 
std::tr1::shared_ptr &, bool)()
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, 
std::tr1::shared_ptr &, bool)()

** CID 1238872:  Unchecked return value  (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in 
do_import_rados(std::basic_string, 
std::allocator>)()

** CID 1238873:  Unchecked return value  (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const 
std::basic_string, std::allocator>&)()

** CID 1238874:  Missing unlock  (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned 
long, int)()

** CID 1238875:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7737 in ()

** CID 1238876:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7735 in ()

** CID 1238877:  Missing unlock  (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()

** CID 1238878:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7734 in ()

** CID 1238879:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238880:  Thread deadlock  (ORDER_REVERSAL)



** CID 1238881:  Thread deadlock  (ORDER_REVERSAL)



** CID 1238882:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238883:  Improper use of negative value  (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()

** CID 1238884:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7733 in ()

** CID 1238885:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238886:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238887:  Thread deadlock  (ORDER_REVERSAL)




*** CID 717233:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, 
client_t)()
243 suppress(0), state(0),
244 client_follows(0), client_xattr_version(0),
245 client_inline_version(0),
246 item_session_caps(this), item_snaprealm_caps(this), 
item_revoking_caps(this) {
247 g_num_cap++;
248 g_num_capa++;
>>> CID 717233:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "num_revoke_warnings" is not initialized in 
>>> this constructor nor in any functions that it calls.
249   }
250   ~Capability() {
251 g_num_cap--;
252 g_num_caps++;
253   }
254 


*** CID 1238869:  Value not atomically updated  (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050   rwlock.unlock();
3051   rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869:  Value not atomically updated  (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If 
>>> the data that "op" depends on was changed by another thread, this use might 
>>> be incorrect.
3055   _finish_pool_op(op);
3056 }
3057   } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059   }
3060   rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050   rwlock.unlock();
3051   rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869:  Value not atomically updated  (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If 
>>> the data that "op" depends on was changed by another thread, this use might 
>>> be incorrect.
3055   _finish_pool_op(op);
3056 }
3057   } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059   }
3060   rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050   rwlock.unlock();
3051   rwlock.get_write();

New Defects reported by Coverity Scan for ceph

2015-09-28 Thread scan-admin

Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)


** CID 1019567:  Thread deadlock  (ORDER_REVERSAL)


** CID 1231681:  Thread deadlock  (ORDER_REVERSAL)


** CID 1231682:  Thread deadlock  (ORDER_REVERSAL)


** CID 1231683:  Thread deadlock  (ORDER_REVERSAL)


** CID 1231684:  Thread deadlock  (ORDER_REVERSAL)



** CID 1231685:  Use after free  (USE_AFTER_FREE)




*** CID 1019567:  Thread deadlock  (ORDER_REVERSAL)
/osd/OSD.cc: 3689 in OSD::handle_osd_ping(MOSDPing *)()
3683  << ", " << debug_heartbeat_drops_remaining[from]
3684  << " remaining to drop" << dendl;
3685  break;
3686}
3687   }
3688 
>>> CID 1019567:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "is_healthy" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 7 / 14).
3689   if (!cct->get_heartbeat_map()->is_healthy()) {
3690dout(10) << "internal heartbeat not healthy, dropping ping 
request" << dendl;
3691break;
3692   }
3693 
3694   Message *r = new MOSDPing(monc->get_fsid(),


*** CID 1231681:  Thread deadlock  (ORDER_REVERSAL)
/librados/RadosClient.cc: 111 in librados::RadosClient::lookup_pool(const char 
*)()
105   int r = wait_for_osdmap();
106   if (r < 0) {
107 lock.Unlock();
108 return r;
109   }
110   int64_t ret = osdmap.lookup_pg_pool_name(name);
>>> CID 1231681:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "get_write" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 7 / 14).
111   pool_cache_rwl.get_write();
112   lock.Unlock();
113   if (ret < 0) {
114 pool_cache_rwl.unlock();
115 return -ENOENT;
116   }


*** CID 1231682:  Thread deadlock  (ORDER_REVERSAL)
/osd/OSD.cc: 2369 in OSD::shutdown()()
2363   service.start_shutdown();
2364 
2365   clear_waiting_sessions();
2366 
2367   // Shutdown PGs
2368   {
>>> CID 1231682:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "RLocker" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 7 / 14).
2369 RWLock::RLocker l(pg_map_lock);
2370 for (ceph::unordered_map::iterator p = pg_map.begin();
2371 p != pg_map.end();
2372 ++p) {
2373   dout(20) << " kicking pg " << p->first << dendl;
2374   p->second->lock();


*** CID 1231683:  Thread deadlock  (ORDER_REVERSAL)
/client/Client.cc: 372 in Client::init()()
366   client_lock.Unlock();
367   objecter->init_unlocked();
368   client_lock.Lock();
369 
370   objecter->init_locked();
371 
>>> CID 1231683:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "set_want_keys" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 7 / 14).
372   monclient->set_want_keys(CEPH_ENTITY_TYPE_MDS | CEPH_ENTITY_TYPE_OSD);
373   monclient->sub_want("mdsmap", 0, 0);
374   monclient->sub_want("osdmap", 0, CEPH_SUBSCRIBE_ONETIME);
375   monclient->renew_subs();
376 
377   // logger


*** CID 1231684:  Thread deadlock  (ORDER_REVERSAL)
/osd/OSD.h: 2237 in OSD::RepScrubWQ::_process(MOSDRepScrub *, 
ThreadPool::TPHandle &)()
2231   ThreadPool::TPHandle &handle) {
2232   osd->osd_lock.Lock();
2233   if (osd->is_stopping()) {
2234osd->osd_lock.Unlock();
2235return;
2236   }
>>> CID 1231684:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "_have_pg" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 7 / 14).
2237   if (osd->_have_pg(msg->pgid)) {
2238PG *pg = osd->_lookup_lock_pg(msg->pgid);
2239osd->osd_lock.Unlock();
2240pg->replica_scrub(msg, handle);
2241msg->put();
2242pg->unlock();
/osd/OSD.h: 2238 in OSD::RepScrubWQ::_process(MOSDRepScrub *, 
ThreadPool::TPHandle &)()
2232   osd->osd_lock.Lock();
2233   if (osd->is_stopping()) {
2234osd->osd_lock.Unlock();
2235return;
2236   }
2237   if (osd->_have_pg(msg->pgid)) {
>>> CID 1231684:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "_lookup_lock_pg" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 7 / 14).
2238PG *pg = osd->_lookup_lock_pg(msg->pgid)

New Defects reported by Coverity Scan for ceph

2015-09-28 Thread scan-admin

Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1230671:  Missing unlock  (LOCK)
/msg/SimpleMessenger.cc: 258 in SimpleMessenger::reaper()()



*** CID 1230671:  Missing unlock  (LOCK)
/msg/SimpleMessenger.cc: 258 in SimpleMessenger::reaper()()
252   ::close(p->sd);
253 ldout(cct,10) << "reaper reaped pipe " << p << " " << 
p->get_peer_addr() << dendl;
254 p->put();
255 ldout(cct,10) << "reaper deleted pipe " << p << dendl;
256   }
257   ldout(cct,10) << "reaper done" << dendl;
>>> CID 1230671:  Missing unlock  (LOCK)
>>> Returning without unlocking "this->lock._m".
258 }
259 
260 void SimpleMessenger::queue_reap(Pipe *pipe)
261 {
262   ldout(cct,10) << "queue_reap " << pipe << dendl;
263   lock.Lock();



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2015-09-28 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

14 new defect(s) introduced to ceph found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 14 of 14 defect(s)


** CID 1296388:  Uninitialized members  (UNINIT_CTOR)
/librbd/RebuildObjectMapRequest.cc: 35 in 
librbdC_VerifyObject::C_VerifyObject(librbd::AsyncObjectThrottle 
&, librbd::ImageCtx *, unsigned long, unsigned long)()



*** CID 1296388:  Uninitialized members  (UNINIT_CTOR)
/librbd/RebuildObjectMapRequest.cc: 35 in 
librbdC_VerifyObject::C_VerifyObject(librbd::AsyncObjectThrottle 
&, librbd::ImageCtx *, unsigned long, unsigned long)()
29 : C_AsyncObjectThrottle(throttle), m_image_ctx(*image_ctx),
30   m_snap_id(snap_id), m_object_no(object_no),
31   m_oid(m_image_ctx.get_object_name(m_object_no))
32   {
33 m_io_ctx.dup(m_image_ctx.md_ctx);
34 m_io_ctx.snap_set_read(CEPH_SNAPDIR);
>>> CID 1296388:  Uninitialized members  (UNINIT_CTOR)
>>> Non-static class member "m_snap_list_ret" is not initialized in this 
>>> constructor nor in any functions that it calls.
35   }
36 
37   virtual void complete(int r) {
38 if (should_complete(r)) {
39   ldout(m_image_ctx.cct, 20) << m_oid << " C_VerifyObject completed "
40  << dendl;

** CID 1296387:(UNCAUGHT_EXCEPT)
/test/system/rados_watch_notify.cc: 59 in main()
/test/system/rados_watch_notify.cc: 59 in main()
/test/system/rados_watch_notify.cc: 59 in main()
/test/system/rados_watch_notify.cc: 59 in main()



*** CID 1296387:(UNCAUGHT_EXCEPT)
/test/system/rados_watch_notify.cc: 59 in main()
53 
54 const char *get_id_str()
55 {
56   return "main";
57 }
58 
>>> CID 1296387:(UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61   std::string pool = "foo." + stringify(getpid());
62   CrossProcessSem *setup_sem = NULL;
63   RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64   CrossProcessSem *watch_sem = NULL;
/test/system/rados_watch_notify.cc: 59 in main()
53 
54 const char *get_id_str()
55 {
56   return "main";
57 }
58 
>>> CID 1296387:(UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61   std::string pool = "foo." + stringify(getpid());
62   CrossProcessSem *setup_sem = NULL;
63   RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64   CrossProcessSem *watch_sem = NULL;
/test/system/rados_watch_notify.cc: 59 in main()
53 
54 const char *get_id_str()
55 {
56   return "main";
57 }
58 
>>> CID 1296387:(UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61   std::string pool = "foo." + stringify(getpid());
62   CrossProcessSem *setup_sem = NULL;
63   RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64   CrossProcessSem *watch_sem = NULL;
/test/system/rados_watch_notify.cc: 59 in main()
53 
54 const char *get_id_str()
55 {
56   return "main";
57 }
58 
>>> CID 1296387:(UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61   std::string pool = "foo." + stringify(getpid());
62   CrossProcessSem *setup_sem = NULL;
63   RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64   CrossProcessSem *watch_sem = NULL;

** CID 1296386:(UNCAUGHT_EXCEPT)
/test/system/rados_open_pools_parallel.cc: 98 in main()
/test/system/rados_open_pools_parallel.cc: 98 in main()



*** CID 1296386:(UNCAUGHT_EXCEPT)
/test/system/rados_open_pools_parallel.cc: 98 in main()
92 
93 const char *get_id_str()
94 {
95   return "main";
96 }
97 
>>> CID 1296386:(UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
98 int main(int argc, const char **argv)
99 {
100   // first test: create a pool, shut down

New Defects reported by Coverity Scan for ceph

2015-09-28 Thread scan-admin

Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1243158:  Resource leak  (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1370 in 
LibRBD_ListChildrenTiered_Test::TestBody()()



*** CID 1243158:  Resource leak  (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1370 in 
LibRBD_ListChildrenTiered_Test::TestBody()()
1364 
1365   int features = RBD_FEATURE_LAYERING;
1366   rbd_image_t parent;
1367   int order = 0;
1368 
1369   // make a parent to clone from
>>> CID 1243158:  Resource leak  (RESOURCE_LEAK)
>>> Variable "ioctx2" going out of scope leaks the storage it points to.
1370   ASSERT_EQ(0, create_image_full(ioctx1, "parent", 4<<20, &order,
1371 false, features));
1372   ASSERT_EQ(0, rbd_open(ioctx1, "parent", &parent, NULL));
1373   // create a snapshot, reopen as the parent we're interested in
1374   ASSERT_EQ(0, rbd_snap_create(parent, "parent_snap"));
1375   ASSERT_EQ(0, rbd_snap_set(parent, "parent_snap"));



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2015-09-28 Thread scan-admin

Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1241497:  Thread deadlock  (ORDER_REVERSAL)




*** CID 1241497:  Thread deadlock  (ORDER_REVERSAL)
/osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)()
308 return;
309   }
310 
311   int max = 10 - pr->uncommitted;
312   while (pr->num > 0 && max > 0) {
313 object_t oid = file_object_t(pr->ino, pr->first);
>>> CID 1241497:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 15 / 30).
314 const OSDMap *osdmap = objecter->get_osdmap_read();
315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout);
316 objecter->put_osdmap_read();
317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags,
318  NULL, new C_PurgeRange(this, pr));
319 pr->uncommitted++;



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2015-01-20 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

3 new defect(s) introduced to ceph found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1265561:  Resource leak  (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()

** CID 1265562:  Resource leak  (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()

** CID 1265563:  Resource leak  (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()



*** CID 1265561:  Resource leak  (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
2056 pc.fail();
2057 if (pd > 2)
2058   unlink(path);
2059   } else
2060 pc.finish();
2061 
>>> CID 1265561:  Resource leak  (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
2062   return r;
2063 }
2064 
2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp,
2066   const char *destname)
2067 {


*** CID 1265562:  Resource leak  (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
2056 pc.fail();
2057 if (pd > 2)
2058   unlink(path);
2059   } else
2060 pc.finish();
2061 
>>> CID 1265562:  Resource leak  (RESOURCE_LEAK)
>>> Handle variable "sd" going out of scope leaks the handle.
2062   return r;
2063 }
2064 
2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp,
2066   const char *destname)
2067 {


*** CID 1265563:  Resource leak  (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
2056 pc.fail();
2057 if (pd > 2)
2058   unlink(path);
2059   } else
2060 pc.finish();
2061 
>>> CID 1265563:  Resource leak  (RESOURCE_LEAK)
>>> Handle variable "pd" going out of scope leaks the handle.
2062   return r;
2063 }
2064 
2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp,
2066   const char *destname)
2067 {



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
click 
http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
 .

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph

2015-01-16 Thread Sage Weil
Yeah, there's a pile of these warnings for most/all of the binaries we 
build.  Not sure if they are worth fixing or whether there is a coverity 
annotation we can add to suppress them..

s


On Fri, 16 Jan 2015, Gregory Farnum wrote:

> Sage, are these uncaught assertion errors something we normally
> ignore? I'm not familiar with any code that tries to catch errors in
> our standard init patterns, which is what looks to be the problem on
> these new coverity issues in cephfs-table-tool.
> -Greg
> 
> On Fri, Jan 16, 2015 at 6:39 AM,   wrote:
> >
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to ceph found 
> > with Coverity Scan.
> >
> > 4 new defect(s) introduced to ceph found with Coverity Scan.
> > 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> > recent build analyzed by Coverity Scan.
> >
> > New defect(s) Reported-by: Coverity Scan
> > Showing 4 of 4 defect(s)
> >
> >
> > ** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> >
> > ** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
> > /test/librbd/test_ImageWatcher.cc: 47 in 
> > TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
> >
> > ** CID 1264459:  Uninitialized scalar field  (UNINIT_CTOR)
> > /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
> >
> > ** CID 1264460:  Structurally dead code  (UNREACHABLE)
> > /common/sync_filesystem.h: 51 in sync_filesystem(int)()
> >
> >
> > 
> > *** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
>  CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>  In function "main(int, char const **)" an exception of type 
>  "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13   vector args;
> > 14   argv_to_vec(argc, argv, args);
> > 15   env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
>  CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>  In function "main(int, char const **)" an exception of type 
>  "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13   vector args;
> > 14   argv_to_vec(argc, argv, args);
> > 15   env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
>  CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>  In function "main(int, char const **)" an exception of type 
>  "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13   vector args;
> > 14   argv_to_vec(argc, argv, args);
> > 15   env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
>  CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>  In function "main(int, char const **)" an exception of type 
>  "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13   vector args;
> > 14   argv_to_vec(argc, argv, args);
> > 15   env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
>  CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>  In function "main(int, char const **)" an exception of type 
>  "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13   vector args;
> > 14   argv_to_vec(argc, argv, args);
> > 15   env_to_vec(args);
> > 16
> >
> > 
> > *** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
> > /test/librbd/test_ImageWatcher.cc: 47 in 
> > TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
> > 41 NOTIFY_OP_REQUEST_LOCK  = 2,
> > 42 NOTIFY_OP_HEADER_UPDATE = 3
> > 43   

Re: New Defects reported by Coverity Scan for ceph

2015-01-16 Thread John Spray
Hmm, maybe it's just because they're in a main() function?  I notice
that an exception handler was added to ceph_authtool.cc to handle the
same coverity complaint there a few months ago.

John

On Fri, Jan 16, 2015 at 3:17 PM, Gregory Farnum  wrote:
> Sage, are these uncaught assertion errors something we normally
> ignore? I'm not familiar with any code that tries to catch errors in
> our standard init patterns, which is what looks to be the problem on
> these new coverity issues in cephfs-table-tool.
> -Greg
>
> On Fri, Jan 16, 2015 at 6:39 AM,   wrote:
>>
>> Hi,
>>
>> Please find the latest report on new defect(s) introduced to ceph found with 
>> Coverity Scan.
>>
>> 4 new defect(s) introduced to ceph found with Coverity Scan.
>> 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
>> recent build analyzed by Coverity Scan.
>>
>> New defect(s) Reported-by: Coverity Scan
>> Showing 4 of 4 defect(s)
>>
>>
>> ** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>>
>> ** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
>> /test/librbd/test_ImageWatcher.cc: 47 in 
>> TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
>>
>> ** CID 1264459:  Uninitialized scalar field  (UNINIT_CTOR)
>> /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
>>
>> ** CID 1264460:  Structurally dead code  (UNREACHABLE)
>> /common/sync_filesystem.h: 51 in sync_filesystem(int)()
>>
>>
>> 
>> *** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> In function "main(int, char const **)" an exception of type 
> "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13   vector args;
>> 14   argv_to_vec(argc, argv, args);
>> 15   env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> In function "main(int, char const **)" an exception of type 
> "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13   vector args;
>> 14   argv_to_vec(argc, argv, args);
>> 15   env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> In function "main(int, char const **)" an exception of type 
> "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13   vector args;
>> 14   argv_to_vec(argc, argv, args);
>> 15   env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> In function "main(int, char const **)" an exception of type 
> "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13   vector args;
>> 14   argv_to_vec(argc, argv, args);
>> 15   env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> In function "main(int, char const **)" an exception of type 
> "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13   vector args;
>> 14   argv_to_vec(argc, argv, args);
>> 15   env_to_vec(args);
>> 16
>>
>> 
>> *** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
>> /test/librbd/test_ImageWatcher.cc: 47 in 
>> TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
>> 41 NOTIFY_OP_REQUEST_LOCK  = 2,
>> 42 NOTIFY_OP_HEADER_UPDATE = 3
>> 43   };
>> 44
>> 45   class WatchCtx : public librados::WatchCtx2 {
>> 46   public:
> CID 1264458:

Re: New Defects reported by Coverity Scan for ceph

2015-01-16 Thread Gregory Farnum
Sage, are these uncaught assertion errors something we normally
ignore? I'm not familiar with any code that tries to catch errors in
our standard init patterns, which is what looks to be the problem on
these new coverity issues in cephfs-table-tool.
-Greg

On Fri, Jan 16, 2015 at 6:39 AM,   wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
>
> 4 new defect(s) introduced to ceph found with Coverity Scan.
> 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 4 of 4 defect(s)
>
>
> ** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>
> ** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
> /test/librbd/test_ImageWatcher.cc: 47 in 
> TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
>
> ** CID 1264459:  Uninitialized scalar field  (UNINIT_CTOR)
> /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
>
> ** CID 1264460:  Structurally dead code  (UNREACHABLE)
> /common/sync_filesystem.h: 51 in sync_filesystem(int)()
>
>
> 
> *** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
 CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char const **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13   vector args;
> 14   argv_to_vec(argc, argv, args);
> 15   env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
 CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char const **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13   vector args;
> 14   argv_to_vec(argc, argv, args);
> 15   env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
 CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char const **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13   vector args;
> 14   argv_to_vec(argc, argv, args);
> 15   env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
 CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char const **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13   vector args;
> 14   argv_to_vec(argc, argv, args);
> 15   env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
 CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char const **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13   vector args;
> 14   argv_to_vec(argc, argv, args);
> 15   env_to_vec(args);
> 16
>
> 
> *** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
> /test/librbd/test_ImageWatcher.cc: 47 in 
> TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
> 41 NOTIFY_OP_REQUEST_LOCK  = 2,
> 42 NOTIFY_OP_HEADER_UPDATE = 3
> 43   };
> 44
> 45   class WatchCtx : public librados::WatchCtx2 {
> 46   public:
 CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
 Non-static class member "m_handle" is not initialized in this 
 constructor nor in any functions that it calls.
> 47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {}
> 48
> 49 int watch(const librbd::ImageCtx &ictx) {
> 50   m_header_oid = ictx.header_oid;
> 51   return m_parent.m_ioctx.watc

New Defects reported by Coverity Scan for ceph

2015-01-16 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

4 new defect(s) introduced to ceph found with Coverity Scan.
19 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()

** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
/test/librbd/test_ImageWatcher.cc: 47 in 
TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()

** CID 1264459:  Uninitialized scalar field  (UNINIT_CTOR)
/test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()

** CID 1264460:  Structurally dead code  (UNREACHABLE)
/common/sync_filesystem.h: 51 in sync_filesystem(int)()



*** CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7 
8 #include "TableTool.h"
9 
10 
>>> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13   vector args;
14   argv_to_vec(argc, argv, args);
15   env_to_vec(args);
16 
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7 
8 #include "TableTool.h"
9 
10 
>>> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13   vector args;
14   argv_to_vec(argc, argv, args);
15   env_to_vec(args);
16 
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7 
8 #include "TableTool.h"
9 
10 
>>> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13   vector args;
14   argv_to_vec(argc, argv, args);
15   env_to_vec(args);
16 
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7 
8 #include "TableTool.h"
9 
10 
>>> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13   vector args;
14   argv_to_vec(argc, argv, args);
15   env_to_vec(args);
16 
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7 
8 #include "TableTool.h"
9 
10 
>>> CID 1264457:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13   vector args;
14   argv_to_vec(argc, argv, args);
15   env_to_vec(args);
16 


*** CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
/test/librbd/test_ImageWatcher.cc: 47 in 
TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
41 NOTIFY_OP_REQUEST_LOCK  = 2,
42 NOTIFY_OP_HEADER_UPDATE = 3
43   };
44 
45   class WatchCtx : public librados::WatchCtx2 {
46   public:
>>> CID 1264458:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "m_handle" is not initialized in this 
>>> constructor nor in any functions that it calls.
47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {}
48 
49 int watch(const librbd::ImageCtx &ictx) {
50   m_header_oid = ictx.header_oid;
51   return m_parent.m_ioctx.watch2(m_header_oid, &m_handle, this);
52 }


*** CID 1264459:  Uninitialized scalar field  (UNINIT_CTOR)
/test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
38 
39 std::string TestFixture::_pool_name;
40 librados::Rados TestFixture::_rados;
41 uint64_t TestFixture::_image_number = 0;
42

Re: New Defects reported by Coverity Scan for ceph

2015-01-13 Thread Sage Weil
Hi Zhiqiang,

On Tue, 13 Jan 2015, scan-ad...@coverity.com wrote:
> 
> *** CID 1262557:  Using invalid iterator  (INVALIDATE_ITERATOR)
> /osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)()
> 2065   while (p != proxyread_ops.end()) {
> 2066 cancel_proxy_read((p++)->second);
> 2067   }
> 2068 
> 2069   if (requeue) {
> 2070 for (map >::iterator p = 
> in_progress_proxy_reads.begin();
> >>> CID 1262557:  Using invalid iterator  (INVALIDATE_ITERATOR)
> >>> Using invalid iterator "p".
> 2071  p != in_progress_proxy_reads.end(); p++) {
> 2072   list& ls = p->second;
> 2073   dout(10) << __func__ << " " << p->first << " requeuing " << 
> ls.size() << " requests" << dendl;
> 2074   requeue_ops(ls);
> 2075   in_progress_proxy_reads.erase(p);
> 2076 }
> 
> 
> *** CID 1262558:  Uninitialized scalar field  (UNINIT_CTOR)
> /osd/ReplicatedPG.h: 629 in 
> ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr, 
> osd_reqid_t, std::vector> &, ReplicatedPG*)()
> 623   num_write(0),
> 624   copy_cb(NULL),
> 625   async_read_result(0),
> 626   inflightreads(0),
> 627   lock_to_release(NONE),
> 628   on_finish(NULL),
> >>> CID 1262558:  Uninitialized scalar field  (UNINIT_CTOR)
> >>> Non-static class member "ignore_cache" is not initialized in this 
> >>> constructor nor in any functions that it calls.
> 629   release_snapset_obc(false) { }
> 630 void reset_obs(ObjectContextRef obc) {
> 631   new_obs = ObjectState(obc->obs.oi, obc->obs.exists);
> 632   if (obc->ssc) {
> 633   new_snapset = obc->ssc->snapset;
> 634   snapset = &obc->ssc->snapset;
> 

Can you review my fix for these?

https://github.com/ceph/ceph/pull/3363

Thanks!
sage
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2015-01-13 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

2 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1262557:  Using invalid iterator  (INVALIDATE_ITERATOR)
/osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)()

** CID 1262558:  Uninitialized scalar field  (UNINIT_CTOR)
/osd/ReplicatedPG.h: 629 in 
ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr, 
osd_reqid_t, std::vector> &, ReplicatedPG*)()



*** CID 1262557:  Using invalid iterator  (INVALIDATE_ITERATOR)
/osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)()
2065   while (p != proxyread_ops.end()) {
2066 cancel_proxy_read((p++)->second);
2067   }
2068 
2069   if (requeue) {
2070 for (map >::iterator p = 
in_progress_proxy_reads.begin();
>>> CID 1262557:  Using invalid iterator  (INVALIDATE_ITERATOR)
>>> Using invalid iterator "p".
2071p != in_progress_proxy_reads.end(); p++) {
2072   list& ls = p->second;
2073   dout(10) << __func__ << " " << p->first << " requeuing " << 
ls.size() << " requests" << dendl;
2074   requeue_ops(ls);
2075   in_progress_proxy_reads.erase(p);
2076 }


*** CID 1262558:  Uninitialized scalar field  (UNINIT_CTOR)
/osd/ReplicatedPG.h: 629 in 
ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr, 
osd_reqid_t, std::vector> &, ReplicatedPG*)()
623   num_write(0),
624   copy_cb(NULL),
625   async_read_result(0),
626   inflightreads(0),
627   lock_to_release(NONE),
628   on_finish(NULL),
>>> CID 1262558:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "ignore_cache" is not initialized in this 
>>> constructor nor in any functions that it calls.
629   release_snapset_obc(false) { }
630 void reset_obs(ObjectContextRef obc) {
631   new_obs = ObjectState(obc->obs.oi, obc->obs.exists);
632   if (obc->ssc) {
633 new_snapset = obc->ssc->snapset;
634 snapset = &obc->ssc->snapset;



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
click 
http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
 .

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph

2015-01-10 Thread Haomai Wang
The first exception should be shadowed?

And the second exception seemed strange, because other tests are follow this way

On Sat, Jan 10, 2015 at 10:36 PM,   wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
>
> 2 new defect(s) introduced to ceph found with Coverity Scan.
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 2 of 2 defect(s)
>
>
> ** CID 1260210:  Resource leak  (RESOURCE_LEAK)
> /test/msgr/test_msgr.cc: 537 in 
> MessengerTest_ClientStandbyTest_Test::TestBody()()
>
> ** CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
>
>
> 
> *** CID 1260210:  Resource leak  (RESOURCE_LEAK)
> /test/msgr/test_msgr.cc: 537 in 
> MessengerTest_ClientStandbyTest_Test::TestBody()()
> 531   usleep(300*1000);
> 532   // client should be standby, so we use original connection
> 533   {
> 534 m = new MPing();
> 535 conn->send_keepalive();
> 536 CHECK_AND_WAIT_TRUE(conn->is_connected());
 CID 1260210:  Resource leak  (RESOURCE_LEAK)
 Variable "m" going out of scope leaks the storage it points to.
> 537 ASSERT_TRUE(conn->is_connected());
> 538 ASSERT_EQ(conn->send_message(m), 0);
> 539 Mutex::Locker l(cli_dispatcher.lock);
> 540 while (!cli_dispatcher.got_new)
> 541   cli_dispatcher.cond.Wait(cli_dispatcher.lock);
> 542 cli_dispatcher.got_new = false;
>
> 
> *** CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) 
> {}
> 575
> 576 #endif
> 577
> 578
 CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580   vector args;
> 581   argv_to_vec(argc, (const char **)argv, args);
> 582
> 583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
> CODE_ENVIRONMENT_UTILITY, 0);
> 584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) 
> {}
> 575
> 576 #endif
> 577
> 578
 CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580   vector args;
> 581   argv_to_vec(argc, (const char **)argv, args);
> 582
> 583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
> CODE_ENVIRONMENT_UTILITY, 0);
> 584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) 
> {}
> 575
> 576 #endif
> 577
> 578
 CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580   vector args;
> 581   argv_to_vec(argc, (const char **)argv, args);
> 582
> 583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
> CODE_ENVIRONMENT_UTILITY, 0);
> 584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) 
> {}
> 575
> 576 #endif
> 577
> 578
 CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
 In function "main(int, char **)" an exception of type 
 "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580   vector args;
> 581   argv_to_vec(argc, (const char **)argv, args);
> 582
> 583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
> CODE_ENVIRONMENT_UTILITY, 0);
> 584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameter

New Defects reported by Coverity Scan for ceph

2015-01-10 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

2 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1260210:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in 
MessengerTest_ClientStandbyTest_Test::TestBody()()

** CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()



*** CID 1260210:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in 
MessengerTest_ClientStandbyTest_Test::TestBody()()
531   usleep(300*1000);
532   // client should be standby, so we use original connection
533   {
534 m = new MPing();
535 conn->send_keepalive();
536 CHECK_AND_WAIT_TRUE(conn->is_connected());
>>> CID 1260210:  Resource leak  (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
537 ASSERT_TRUE(conn->is_connected());
538 ASSERT_EQ(conn->send_message(m), 0);
539 Mutex::Locker l(cli_dispatcher.lock);
540 while (!cli_dispatcher.got_new)
541   cli_dispatcher.cond.Wait(cli_dispatcher.lock);
542 cli_dispatcher.got_new = false;


*** CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580   vector args;
581   argv_to_vec(argc, (const char **)argv, args);
582 
583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580   vector args;
581   argv_to_vec(argc, (const char **)argv, args);
582 
583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580   vector args;
581   argv_to_vec(argc, (const char **)argv, args);
582 
583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580   vector args;
581   argv_to_vec(argc, (const char **)argv, args);
582 
583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
584   g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580

Re: New Defects reported by Coverity Scan for ceph

2015-01-09 Thread Danny Al-Gaaf
Am 09.01.2015 um 16:26 schrieb Sage Weil:
> On Fri, 9 Jan 2015, scan-ad...@coverity.com wrote:
>> ** CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR) 
>> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
>> 
>> ** CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR) 
>> /messages/MOSDRepOpReply.h: 97 in
>> MOSDRepOpReply::MOSDRepOpReply()()
>> 
>> 
>> 
>>
>> 
*** CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
>> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() 101
>> ::encode(from, payload); 102
>> ::encode(updated_hit_set_history, payload); 103
>> ::encode(pg_trim_rollback_to, payload); 104   } 105 106
>> MOSDRepOp()
> CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR) 
> Non-static class member "acks_wanted" is not initialized in
> this constructor nor in any functions that it calls.
>> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION,
>> COMPAT_VERSION) { } 108   MOSDRepOp(osd_reqid_t r, pg_shard_t
>> from, 109spg_t p, const hobject_t& po, int aw, 110
>> epoch_t mape, ceph_tid_t rtid, eversion_t v) 111 :
>> Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION), 112
>> map_epoch(mape),
>> 
>> 
>>
>> 
*** CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR)
>> /messages/MOSDRepOpReply.h: 97 in
>> MOSDRepOpReply::MOSDRepOpReply()() 91 from(from), 92
>> pgid(req->pgid.pgid, req->from.shard), 93 ack_type(at), 
>> 94 result(result_) { 95 set_tid(req->get_tid()); 
>> 96   }
> CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR) 
> Non-static class member "result" is not initialized in this
> constructor nor in any functions that it calls.
>> 97   MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {} 98
>> private: 99   ~MOSDRepOpReply() {} 100 101 public: 102
>> const char *get_type_name() const { return "osd_repop_reply"; }
> 
> These are both warnings about the trivial constructors,
> 
>> 106   MOSDRepOp()
> CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR) 
> Non-static class member "acks_wanted" is not initialized in
> this constructor nor in any functions that it calls.
>> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION,
>> COMPAT_VERSION) { }
> 
> which are always followed by a ::decode.  We don't initialize
> fields in any of these so we probably have these coverity warnings
> for every message.  Perhaps we should add some annotations to
> indicate that?  Danny, are you familiar with those?
> 
> (I don't think we want to initialize... unless we rely on the
> optimizer to do magic it's inefficient to initialize the value and
> then overwrite it during decode shortly after.)
> 
> sage

I will take a look into it.

Danny

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph

2015-01-09 Thread Sage Weil
On Fri, 9 Jan 2015, scan-ad...@coverity.com wrote:
> ** CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
> 
> ** CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()
> 
> 
> 
> *** CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
> 101 ::encode(from, payload);
> 102 ::encode(updated_hit_set_history, payload);
> 103 ::encode(pg_trim_rollback_to, payload);
> 104   }
> 105 
> 106   MOSDRepOp()
> >>> CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
> >>> Non-static class member "acks_wanted" is not initialized in this 
> >>> constructor nor in any functions that it calls.
> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { }
> 108   MOSDRepOp(osd_reqid_t r, pg_shard_t from,
> 109   spg_t p, const hobject_t& po, int aw,
> 110   epoch_t mape, ceph_tid_t rtid, eversion_t v)
> 111 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION),
> 112   map_epoch(mape),
> 
> 
> *** CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()
> 91 from(from),
> 92 pgid(req->pgid.pgid, req->from.shard),
> 93 ack_type(at),
> 94 result(result_) {
> 95 set_tid(req->get_tid());
> 96   }
> >>> CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR)
> >>> Non-static class member "result" is not initialized in this 
> >>> constructor nor in any functions that it calls.
> 97   MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {}
> 98 private:
> 99   ~MOSDRepOpReply() {}
> 100 
> 101 public:
> 102   const char *get_type_name() const { return "osd_repop_reply"; }

These are both warnings about the trivial constructors,

> 106   MOSDRepOp()
> >>> CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
> >>> Non-static class member "acks_wanted" is not initialized in this 
> >>> constructor nor in any functions that it calls.
> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { }

which are always followed by a ::decode.  We don't initialize fields in 
any of these so we probably have these coverity warnings for every 
message.  Perhaps we should add some annotations to indicate that?  Danny, 
are you familiar with those?

(I don't think we want to initialize... unless we rely on the optimizer to 
do magic it's inefficient to initialize the value and then overwrite it 
during decode shortly after.)

sage
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2015-01-09 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

2 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()

** CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()



*** CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
101 ::encode(from, payload);
102 ::encode(updated_hit_set_history, payload);
103 ::encode(pg_trim_rollback_to, payload);
104   }
105 
106   MOSDRepOp()
>>> CID 1262114:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "acks_wanted" is not initialized in this 
>>> constructor nor in any functions that it calls.
107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { }
108   MOSDRepOp(osd_reqid_t r, pg_shard_t from,
109 spg_t p, const hobject_t& po, int aw,
110 epoch_t mape, ceph_tid_t rtid, eversion_t v)
111 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION),
112   map_epoch(mape),


*** CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()
91 from(from),
92 pgid(req->pgid.pgid, req->from.shard),
93 ack_type(at),
94 result(result_) {
95 set_tid(req->get_tid());
96   }
>>> CID 1262115:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "result" is not initialized in this constructor 
>>> nor in any functions that it calls.
97   MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {}
98 private:
99   ~MOSDRepOpReply() {}
100 
101 public:
102   const char *get_type_name() const { return "osd_repop_reply"; }



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
click 
http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
 .

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2015-01-04 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

1 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1261633:  Time of check time of use  (TOCTOU)
/mount/mtab.c: 275 in update_mtab_entry()



*** CID 1261633:  Time of check time of use  (TOCTOU)
/mount/mtab.c: 275 in update_mtab_entry()
269 mnt.mnt_freq = freq;
270 mnt.mnt_passno = pass;
271 
272 FILE *fp;
273 
274 lock_mtab();
>>> CID 1261633:  Time of check time of use  (TOCTOU)
>>> Calling function "setmntent" that uses ""/etc/mtab"" after a check 
>>> function. This can cause a time-of-check, time-of-use race condition.
275 fp = setmntent(_PATH_MOUNTED, "a+");
276 if (fp == NULL) {
277 int errsv = errno;
278 printf("mount: can't open %s: %s", _PATH_MOUNTED,
279strerror (errsv));
280 } else {



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
click 
http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
 .

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph

2014-12-27 Thread Sage Weil
Haomai, may want to double-check the pointer arithmetic here (and/or add a 
cast to make coverity less suspicious).

sage


On Sat, 27 Dec 2014, scan-ad...@coverity.com wrote:

> 
> Hi,
> 
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
> 
> 1 new defect(s) introduced to ceph found with Coverity Scan.
> 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> 
> 
> ** CID 1260497:  Extra sizeof expression  (SIZEOF_MISMATCH)
> /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, 
> std::tr1::shared_ptr)()
> 
> 
> 
> *** CID 1260497:  Extra sizeof expression  (SIZEOF_MISMATCH)
> /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, 
> std::tr1::shared_ptr)()
> 117 }
> 118 FileEvent *new_events = static_cast *>(realloc(file_events, sizeof(FileEvent)*new_size));
> 119 if (!new_events) {
> 120   lderr(cct) << __func__ << " failed to realloc file_events" << 
> cpp_strerror(errno) << dendl;
> 121   return -errno;
> 122 }
> >>> CID 1260497:  Extra sizeof expression  (SIZEOF_MISMATCH)
> >>> Adding "40UL /* sizeof (EventCenter::FileEvent) */ * this->nevent" to 
> >>> pointer "this->file_events" of type "EventCenter::FileEvent *" is 
> >>> suspicious because adding an integral value to this pointer automatically 
> >>> scales that value by the size, 40 bytes, of the pointed-to type, 
> >>> "EventCenter::FileEvent".  Most likely, the multiplication by "sizeof 
> >>> (EventCenter::FileEvent)" in this expression is extraneous and should be 
> >>> eliminated.
> 123 memset(file_events+sizeof(FileEvent)*nevent, 0, 
> sizeof(FileEvent)*(new_size-nevent));
> 124 file_events = new_events;
> 125 nevent = new_size;
> 126   }
> 127 
> 128   EventCenter::FileEvent *event = _get_file_event(fd);
> 
> 
> 
> To view the defects in Coverity Scan visit, 
> http://scan.coverity.com/projects/25?tab=overview
> 
> To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
> click 
> http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
>  .
> 
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majord...@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> 
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-12-27 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

1 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1260497:  Extra sizeof expression  (SIZEOF_MISMATCH)
/msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, 
std::tr1::shared_ptr)()



*** CID 1260497:  Extra sizeof expression  (SIZEOF_MISMATCH)
/msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, 
std::tr1::shared_ptr)()
117 }
118 FileEvent *new_events = static_cast(realloc(file_events, sizeof(FileEvent)*new_size));
119 if (!new_events) {
120   lderr(cct) << __func__ << " failed to realloc file_events" << 
cpp_strerror(errno) << dendl;
121   return -errno;
122 }
>>> CID 1260497:  Extra sizeof expression  (SIZEOF_MISMATCH)
>>> Adding "40UL /* sizeof (EventCenter::FileEvent) */ * this->nevent" to 
>>> pointer "this->file_events" of type "EventCenter::FileEvent *" is 
>>> suspicious because adding an integral value to this pointer automatically 
>>> scales that value by the size, 40 bytes, of the pointed-to type, 
>>> "EventCenter::FileEvent".  Most likely, the multiplication by "sizeof 
>>> (EventCenter::FileEvent)" in this expression is extraneous and should be 
>>> eliminated.
123 memset(file_events+sizeof(FileEvent)*nevent, 0, 
sizeof(FileEvent)*(new_size-nevent));
124 file_events = new_events;
125 nevent = new_size;
126   }
127 
128   EventCenter::FileEvent *event = _get_file_event(fd);



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
click 
http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
 .

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-12-26 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

1 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1260469:  Unchecked return value from library  (CHECKED_RETURN)
/os/FileJournal.cc: 1083 in FileJournal::do_write(ceph::buffer::list &)()



*** CID 1260469:  Unchecked return value from library  (CHECKED_RETURN)
/os/FileJournal.cc: 1083 in FileJournal::do_write(ceph::buffer::list &)()
1077 ::fsync(fd);
1078 #else
1079 ::fdatasync(fd);
1080 #endif
1081 #ifdef HAVE_POSIX_FADVISE
1082 if (g_conf->filestore_fadvise)
>>> CID 1260469:  Unchecked return value from library  (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->fd, 0L, 0L, 4)" without checking return 
>>> value. This library function may fail and return an error code.
1083   posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED);
1084 #endif
1085   }
1086 
1087   utime_t lat = ceph_clock_now(g_ceph_context) - from;
1088   dout(20) << "do_write latency " << lat << dendl;



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
click 
http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
 .

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-12-23 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

4 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1260393:  Logically dead code  (DEADCODE)
/osd/osd_types.cc: 3427 in 
object_copy_data_t::decode(ceph::buffer::list::iterator &)()

** CID 1260394:  Resource leak  (RESOURCE_LEAK)
/test/cls_refcount/test_cls_refcount.cc: 138 in 
cls_rgw_test_put_snap_Test::TestBody()()

** CID 1260395:  Resource leak  (RESOURCE_LEAK)
/test/librados/snapshots.cc: 160 in 
LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()
/test/librados/snapshots.cc: 164 in 
LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()

** CID 1260396:  Dereference before null check  (REVERSE_INULL)
/librados/RadosClient.cc: 297 in librados::RadosClient::shutdown()()



*** CID 1260393:  Logically dead code  (DEADCODE)
/osd/osd_types.cc: 3427 in 
object_copy_data_t::decode(ceph::buffer::list::iterator &)()
3421 if (struct_v >= 2)
3422   ::decode(omap_header, bl);
3423 if (struct_v >= 3) {
3424   ::decode(snaps, bl);
3425   ::decode(snap_seq, bl);
3426 } else {
>>> CID 1260393:  Logically dead code  (DEADCODE)
>>> Execution cannot reach this statement "this->snaps.clear();".
3427   snaps.clear();
3428   snap_seq = 0;
3429 }
3430 if (struct_v >= 4) {
3431   ::decode(flags, bl);
3432   ::decode(data_digest, bl);


*** CID 1260394:  Resource leak  (RESOURCE_LEAK)
/test/cls_refcount/test_cls_refcount.cc: 138 in 
cls_rgw_test_put_snap_Test::TestBody()()
132 
133   ASSERT_EQ(0, ioctx.snap_create("snapbar"));
134 
135   librados::ObjectWriteOperation *op = new_op();
136   op->create(false);
137   cls_refcount_put(*op, "notag", true);
>>> CID 1260394:  Resource leak  (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
138   ASSERT_EQ(-ENOENT, ioctx.operate("foo", op));
139 
140   EXPECT_EQ(0, ioctx.snap_remove("snapfoo"));
141   EXPECT_EQ(0, ioctx.snap_remove("snapbar"));
142 
143   delete op;


*** CID 1260395:  Resource leak  (RESOURCE_LEAK)
/test/librados/snapshots.cc: 160 in 
LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()
154   ASSERT_EQ(0, ioctx.remove("foo"));
155   ASSERT_EQ(0, ioctx.snap_create("snapbar"));
156 
157   librados::ObjectWriteOperation *op = new 
librados::ObjectWriteOperation();
158   op->create(false);
159   op->remove();
>>> CID 1260395:  Resource leak  (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
160   ASSERT_EQ(0, ioctx.operate("foo", op));
161 
162   EXPECT_EQ(0, ioctx.snap_remove("snapfoo"));
163   EXPECT_EQ(0, ioctx.snap_remove("snapbar"));
164 }
165 
/test/librados/snapshots.cc: 164 in 
LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()
158   op->create(false);
159   op->remove();
160   ASSERT_EQ(0, ioctx.operate("foo", op));
161 
162   EXPECT_EQ(0, ioctx.snap_remove("snapfoo"));
163   EXPECT_EQ(0, ioctx.snap_remove("snapbar"));
>>> CID 1260395:  Resource leak  (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
164 }
165 
166 TEST_F(LibRadosSnapshotsSelfManaged, Snap) {
167   std::vector my_snaps;
168   my_snaps.push_back(-2);
169   ASSERT_EQ(0, rados_ioctx_selfmanaged_snap_create(ioctx, 
&my_snaps.back()));


*** CID 1260396:  Dereference before null check  (REVERSE_INULL)
/librados/RadosClient.cc: 297 in librados::RadosClient::shutdown()()
291 return;
292   }
293   if (state == CONNECTED) {
294 finisher.stop();
295   }
296   bool need_objecter = false;
>>> CID 1260396:  Dereference before null check  (REVERSE_INULL)
>>> Null-checking "this->objecter" suggests that it may be null, but it has 
>>> already been dereferenced on all paths leading to the check.
297   if (objecter && objecter->initialized.read()) {
298 need_objecter = true;
299   }
300   state = DISCONNECTED;
301   instance_id = 0;
302   timer.shutdown();   // will drop+retake lock



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 

New Defects reported by Coverity Scan for ceph

2014-12-21 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

4 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1260211:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 414 in MessengerTest_StatefulTest_Test::TestBody()()

** CID 1260210:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in 
MessengerTest_ClientStandbyTest_Test::TestBody()()

** CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()

** CID 1260213:  Uninitialized scalar field  (UNINIT_CTOR)
/osd/ReplicatedPG.cc: 1242 in ReplicatedPG::ReplicatedPG(OSDService *, 
std::tr1::shared_ptr, const PGPool &, spg_t)()



*** CID 1260211:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 414 in MessengerTest_StatefulTest_Test::TestBody()()
408   }
409   CHECK_AND_WAIT_TRUE(conn->is_connected());
410   ASSERT_TRUE(conn->is_connected());
411   {
412 m = new MPing();
413 Mutex::Locker l(cli_dispatcher.lock);
>>> CID 1260211:  Resource leak  (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
414 ASSERT_TRUE(conn->is_connected());
415 ASSERT_EQ(conn->send_message(m), 0);
416 while (!cli_dispatcher.got_new)
417   cli_dispatcher.cond.Wait(cli_dispatcher.lock);
418 cli_dispatcher.got_new = false;
419   }


*** CID 1260210:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in 
MessengerTest_ClientStandbyTest_Test::TestBody()()
531   usleep(300*1000);
532   // client should be standby, so we use original connection
533   {
534 m = new MPing();
535 conn->send_keepalive();
536 CHECK_AND_WAIT_TRUE(conn->is_connected());
>>> CID 1260210:  Resource leak  (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
537 ASSERT_TRUE(conn->is_connected());
538 Mutex::Locker l(cli_dispatcher.lock);
539 ASSERT_EQ(conn->send_message(m), 0);
540 while (!cli_dispatcher.got_new)
541   cli_dispatcher.cond.Wait(cli_dispatcher.lock);
542 cli_dispatcher.got_new = false;


*** CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580   vector args;
581   argv_to_vec(argc, (const char **)argv, args);
582 
583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
584   common_init_finish(g_ceph_context);
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580   vector args;
581   argv_to_vec(argc, (const char **)argv, args);
582 
583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
584   common_init_finish(g_ceph_context);
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575 
576 #endif
577 
578 
>>> CID 1260212:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580   vector args;
581   argv_to_vec(argc, (const char **)argv, args);
582 
583   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
584   common_init_finish(g_ceph_context);
/test/msgr/test_msgr.cc: 579 in main()
573 // must be d

New Defects reported by Coverity Scan for ceph

2014-12-18 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

5 new defect(s) introduced to ceph found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1258786:  Unchecked dynamic_cast  (FORWARD_NULL)
/osd/ECBackend.cc: 839 in ECBackend::handle_sub_write(pg_shard_t, 
std::tr1::shared_ptr, ECSubWrite &, Context *)()

** CID 1258787:  Resource leak  (RESOURCE_LEAK)
/osd/OSD.cc: 6118 in OSD::handle_osd_map(MOSDMap *)()

** CID 1258789:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MClientCaps.h: 132 in MClientCaps::MClientCaps(int, inodeno_t, 
inodeno_t, unsigned long, int, unsigned int)()

** CID 1258790:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MClientCaps.h: 118 in MClientCaps::MClientCaps(int, inodeno_t, 
inodeno_t, unsigned long, long, int, int, int, int, unsigned int)()

** CID 1258788:  Uninitialized scalar field  (UNINIT_CTOR)
/librados/IoCtxImpl.cc: 44 in 
librados::IoCtxImpl::IoCtxImpl(librados::RadosClient *, Objecter *, int, const 
char *, snapid_t)()



*** CID 1258786:  Unchecked dynamic_cast  (FORWARD_NULL)
/osd/ECBackend.cc: 839 in ECBackend::handle_sub_write(pg_shard_t, 
std::tr1::shared_ptr, ECSubWrite &, Context *)()
833 op.updated_hit_set_history,
834 op.trim_to,
835 op.trim_rollback_to,
836 !(op.t.empty()),
837 localt);
838 
>>> CID 1258786:  Unchecked dynamic_cast  (FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast >> *>(this->get_parent())" can return "NULL".
839   if (!(dynamic_cast(get_parent())->is_undersized()) &&
840   get_parent()->whoami_shard().shard >= 
ec_impl->get_data_chunk_count())
841 op.t.set_fadvise_flag(CEPH_OSD_OP_FLAG_FADVISE_DONTNEED);
842 
843   localt->append(op.t);
844   if (on_local_applied_sync) {


*** CID 1258787:  Resource leak  (RESOURCE_LEAK)
/osd/OSD.cc: 6118 in OSD::handle_osd_map(MOSDMap *)()
6112<< dendl;
6113clog->warn() << "failed to encode map e" << e << " with 
expected crc\n";
6114MMonGetOSDMap *req = new MMonGetOSDMap;
6115req->request_full(e, last);
6116monc->send_mon_message(req);
6117last = e - 1;
>>> CID 1258787:  Resource leak  (RESOURCE_LEAK)
>>> Variable "o" going out of scope leaks the storage it points to.
6118break;
6119   }
6120 
6121 
6122   hobject_t fulloid = get_osdmap_pobject_name(e);
6123   t.write(META_COLL, fulloid, 0, fbl.length(), fbl);


*** CID 1258789:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MClientCaps.h: 132 in MClientCaps::MClientCaps(int, inodeno_t, 
inodeno_t, unsigned long, int, unsigned int)()
126 head.ino = ino;
127 head.realm = realm;
128 head.cap_id = id;
129 head.migrate_seq = mseq;
130 peer.cap_id = 0;
131 inline_version = 0;
>>> CID 1258789:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member field "peer.flags" is not initialized in this 
>>> constructor nor in any functions that it calls.
132   }
133 private:
134   ~MClientCaps() {}
135 
136 public:
137   const char *get_type_name() const { return "Cfcap";}


*** CID 1258790:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MClientCaps.h: 118 in MClientCaps::MClientCaps(int, inodeno_t, 
inodeno_t, unsigned long, long, int, int, int, int, unsigned int)()
112 head.caps = caps;
113 head.wanted = wanted;
114 head.dirty = dirty;
115 head.migrate_seq = mseq;
116 peer.cap_id = 0;
117 inline_version = 0;
>>> CID 1258790:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member field "peer.flags" is not initialized in this 
>>> constructor nor in any functions that it calls.
118   }
119   MClientCaps(int op,
120   inodeno_t ino, inodeno_t realm,
121   uint64_t id, int mseq, epoch_t oeb)
122 : Message(CEPH_MSG_CLIENT_CAPS, HEAD_VERSION, COMPAT_VERSION),
123   osd_epoch_barrier(oeb){


*** CID 1258788:  Uninitialized scalar field  (UNINIT_CTOR)
/librados/IoCtxImpl.cc: 44 in 
librados::IoCtxImpl::IoCtxImpl(librados::RadosClient *, Objecter *, int, const 
char *, snapid_t)()
38   : ref_cnt(

New Defects reported by Coverity Scan for ceph

2014-12-14 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

4 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1258437:  Wrong size argument  (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 956 in TestLibRBD_TestIOPP_Test::TestBody()()

** CID 1258438:  Wrong size argument  (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 955 in TestLibRBD_TestIOPP_Test::TestBody()()

** CID 1258439:  Copy into fixed size buffer  (STRING_OVERFLOW)
/common/blkdev.cc: 60 in get_block_device_base(const char *, char *, unsigned 
long)()

** CID 1258440:  Time of check time of use  (TOCTOU)
/common/blkdev.cc: 75 in get_block_device_base(const char *, char *, unsigned 
long)()



*** CID 1258437:  Wrong size argument  (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 956 in TestLibRBD_TestIOPP_Test::TestBody()()
950 
951 for (i = 5; i < 10; ++i)
952   ASSERT_PASSED(aio_read_test_data, image, test_data, 
strlen(test_data) * i, TEST_IO_SIZE);
953 
954 // discard 2nd, 4th sections.
955 ASSERT_PASSED(discard_test_data, image, TEST_IO_SIZE, TEST_IO_SIZE);
>>> CID 1258437:  Wrong size argument  (SIZEOF_MISMATCH)
>>> Passing argument "&passed" of type "bool *" and argument "512UL" to 
>>> function "aio_discard_test_data" is suspicious because "sizeof (bool)" 
>>> /*1*/ is expected.
956 ASSERT_PASSED(aio_discard_test_data, image, TEST_IO_SIZE*3, 
TEST_IO_SIZE);
957 
958 ASSERT_PASSED(read_test_data, image, test_data,  0, TEST_IO_SIZE);
959 ASSERT_PASSED(read_test_data, image,  zero_data, TEST_IO_SIZE, 
TEST_IO_SIZE);
960 ASSERT_PASSED(read_test_data, image, test_data,  TEST_IO_SIZE*2, 
TEST_IO_SIZE);
961 ASSERT_PASSED(read_test_data, image,  zero_data, TEST_IO_SIZE*3, 
TEST_IO_SIZE);


*** CID 1258438:  Wrong size argument  (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 955 in TestLibRBD_TestIOPP_Test::TestBody()()
949   ASSERT_PASSED(read_test_data, image, test_data, strlen(test_data) 
* i, TEST_IO_SIZE);
950 
951 for (i = 5; i < 10; ++i)
952   ASSERT_PASSED(aio_read_test_data, image, test_data, 
strlen(test_data) * i, TEST_IO_SIZE);
953 
954 // discard 2nd, 4th sections.
>>> CID 1258438:  Wrong size argument  (SIZEOF_MISMATCH)
>>> Passing argument "&passed" of type "bool *" and argument "512UL" to 
>>> function "discard_test_data" is suspicious because "sizeof (bool)" /*1*/ is 
>>> expected.
955 ASSERT_PASSED(discard_test_data, image, TEST_IO_SIZE, TEST_IO_SIZE);
956 ASSERT_PASSED(aio_discard_test_data, image, TEST_IO_SIZE*3, 
TEST_IO_SIZE);
957 
958 ASSERT_PASSED(read_test_data, image, test_data,  0, TEST_IO_SIZE);
959 ASSERT_PASSED(read_test_data, image,  zero_data, TEST_IO_SIZE, 
TEST_IO_SIZE);
960 ASSERT_PASSED(read_test_data, image, test_data,  TEST_IO_SIZE*2, 
TEST_IO_SIZE);


*** CID 1258439:  Copy into fixed size buffer  (STRING_OVERFLOW)
/common/blkdev.cc: 60 in get_block_device_base(const char *, char *, unsigned 
long)()
54   char devname[PATH_MAX], fn[PATH_MAX];
55   char *p;
56 
57   if (strncmp(dev, "/dev/", 5) != 0)
58 return -EINVAL;
59 
>>> CID 1258439:  Copy into fixed size buffer  (STRING_OVERFLOW)
>>> You might overrun the 4096 byte fixed-size string "devname" by copying 
>>> "dev + 5" without checking the length.
60   strcpy(devname, dev + 5);
61   for (p = devname; *p; ++p)
62 if (*p == '/')
63   *p = '!';
64 
65   snprintf(fn, sizeof(fn), "%s/sys/block/%s", sandbox_dir, devname);


*** CID 1258440:  Time of check time of use  (TOCTOU)
/common/blkdev.cc: 75 in get_block_device_base(const char *, char *, unsigned 
long)()
69 }
70 strncpy(out, devname, out_len);
71 return 0;
72   }
73 
74   snprintf(fn, sizeof(fn), "%s/sys/block", sandbox_dir);
>>> CID 1258440:  Time of check time of use  (TOCTOU)
>>> Calling function "opendir" that uses "fn" after a check function. This 
>>> can cause a time-of-check, time-of-use race condition.
75   dir = opendir(fn);
76   if (!dir)
77 return -errno;
78 
79   while (!::readdir_r(dir, reinterpret_cast(buf), &de)) {
80 if (!de) {



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?ta

New Defects reported by Coverity Scan for ceph

2014-12-07 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

2 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1257029:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()

** CID 1257030:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()



*** CID 1257029:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244 
245 void usage(const string &name) {
246   cerr << "Usage: " << name << " [times] "
247<< std::endl;
248 }
249 
>>> CID 1257029:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252   vector args;
253   argv_to_vec(argc, (const char **)argv, args);
254 
255   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244 
245 void usage(const string &name) {
246   cerr << "Usage: " << name << " [times] "
247<< std::endl;
248 }
249 
>>> CID 1257029:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252   vector args;
253   argv_to_vec(argc, (const char **)argv, args);
254 
255   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244 
245 void usage(const string &name) {
246   cerr << "Usage: " << name << " [times] "
247<< std::endl;
248 }
249 
>>> CID 1257029:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252   vector args;
253   argv_to_vec(argc, (const char **)argv, args);
254 
255   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244 
245 void usage(const string &name) {
246   cerr << "Usage: " << name << " [times] "
247<< std::endl;
248 }
249 
>>> CID 1257029:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252   vector args;
253   argv_to_vec(argc, (const char **)argv, args);
254 
255   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244 
245 void usage(const string &name) {
246   cerr << "Usage: " << name << " [times] "
247<< std::endl;
248 }
249 
>>> CID 1257029:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252   vector args;
253   argv_to_vec(argc, (const char **)argv, args);
254 
255   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);


*** CID 1257030:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244 
245 void usage(const string &name) {
246   cerr << "Usage: " << name << " [times] "
247<< std::endl;
248 }
249 
>>> CID 1257030:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::buffer::end_of_buffer" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252   vector args;
253   argv_to_vec(argc, (const char **)argv, args);
254 
255   global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, 
CODE_ENVIRONMENT_UTILITY, 0);


___

New Defects reported by Coverity Scan for ceph

2014-12-05 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

2 new defect(s) introduced to ceph found with Coverity Scan.
14 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1256941:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w32.c: 2309 in gf_w32_split_init()

** CID 1256942:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1147 in gf_w8_table_init()



*** CID 1256941:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w32.c: 2309 in gf_w32_split_init()
2303   if ((h->arg1 == 4 && h->arg2 == 32) || (h->arg1 == 32 && h->arg2 == 
4) ||
2304   ((issse3 || isneon) && h->mult_type == GF_REGION_DEFAULT)) {
2305 ld4 = (struct gf_split_4_32_lazy_data *) h->private;
2306 ld4->last_value = 0;
2307 if ((h->region_type & GF_REGION_NOSIMD) || !(issse3 || isneon)) {
2308   gf->multiply_region.w32 = gf_w32_split_4_32_lazy_multiply_region;
>>> CID 1256941:  Logically dead code  (DEADCODE)
>>> Execution cannot reach this statement "if (isneon) {
} else if (h-...".
2309 } else if (isneon) {
2310 #ifdef ARM_NEON
2311   gf_w32_neon_split_init(gf);
2312 #endif
2313 } else if (h->region_type & GF_REGION_ALTMAP) {
2314   gf->multiply_region.w32 = 
gf_w32_split_4_32_lazy_sse_altmap_multiply_region;


*** CID 1256942:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1147 in gf_w8_table_init()
1141   use_simd = 1;
1142 #else
1143   use_simd = 0;
1144 #endif
1145 
1146   if (h->mult_type == GF_MULT_DEFAULT && use_simd) {
>>> CID 1256942:  Logically dead code  (DEADCODE)
>>> Execution cannot reach this statement "dd = (struct gf_w8_default_...".
1147 dd = (struct gf_w8_default_data *)h->private;
1148 scase = 3;
1149 bzero(dd->high, sizeof(uint8_t) * GF_FIELD_SIZE * GF_HALF_SIZE);
1150 bzero(dd->low, sizeof(uint8_t) * GF_FIELD_SIZE * GF_HALF_SIZE);
1151 bzero(dd->divtable, sizeof(uint8_t) * GF_FIELD_SIZE * 
GF_FIELD_SIZE);
1152 bzero(dd->multtable, sizeof(uint8_t) * GF_FIELD_SIZE * 
GF_FIELD_SIZE);



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", 
click 
http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
 .

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-12-02 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

1 new defect(s) introduced to ceph found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1256511:  Missing unlock  (LOCK)
/mds/MDLog.cc: 612 in MDLog::trim_all()()
/mds/MDLog.cc: 612 in MDLog::trim_all()()



*** CID 1256511:  Missing unlock  (LOCK)
/mds/MDLog.cc: 612 in MDLog::trim_all()()
606   p = segments.lower_bound(last_seq + 1);
607 }
608   }
609 
610   _trim_expired_segments();
611 
>>> CID 1256511:  Missing unlock  (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
612   return 0;
613 }
614 
615 
616 void MDLog::try_expire(LogSegment *ls, int op_prio)
617 {
/mds/MDLog.cc: 612 in MDLog::trim_all()()
606   p = segments.lower_bound(last_seq + 1);
607 }
608   }
609 
610   _trim_expired_segments();
611 
>>> CID 1256511:  Missing unlock  (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
612   return 0;
613 }
614 
615 
616 void MDLog::try_expire(LogSegment *ls, int op_prio)
617 {



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-11-25 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

5 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1256098:  Resource leak  (RESOURCE_LEAK)
/test/librados/tier.cc: 2792 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()
/test/librados/tier.cc: 2789 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()

** CID 1256096:  Resource leak  (RESOURCE_LEAK)
/test/librados/TestCase.cc: 336 in 
RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)()
/test/librados/TestCase.cc: 333 in 
RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)()

** CID 1256097:  Resource leak  (RESOURCE_LEAK)
/test/librados/tier.cc: 648 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()()
/test/librados/tier.cc: 645 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()()

** CID 1256100:  Uninitialized pointer read  (UNINIT)
/librados/librados.cc: 4516 in librados::ListObject::ListObject(const 
librados::ListObject&)()

** CID 1256099:  Uninitialized pointer read  (UNINIT)
/librados/librados.cc: 650 in librados::NObjectIterator::NObjectIterator(const 
librados::NObjectIterator&)()



*** CID 1256098:  Resource leak  (RESOURCE_LEAK)
/test/librados/tier.cc: 2792 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()
2786 ObjectWriteOperation op;
2787 op.remove();
2788 librados::AioCompletion *completion = 
cluster.aio_create_completion();
2789 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op,
2790   librados::OPERATION_IGNORE_CACHE));
2791 completion->wait_for_safe();
>>> CID 1256098:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
2792 ASSERT_EQ(0, completion->get_return_value());
2793 completion->release();
2794 
2795 NObjectIterator it = cache_ioctx.nobjects_begin();
2796 ASSERT_TRUE(it != cache_ioctx.nobjects_end());
2797 ASSERT_TRUE(it->get_oid() == string("foo"));
/test/librados/tier.cc: 2789 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()
2783   // delete a whiteout and verify it goes away
2784   ASSERT_EQ(-ENOENT, ioctx.remove("foo"));
2785   {
2786 ObjectWriteOperation op;
2787 op.remove();
2788 librados::AioCompletion *completion = 
cluster.aio_create_completion();
>>> CID 1256098:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
2789 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op,
2790   librados::OPERATION_IGNORE_CACHE));
2791 completion->wait_for_safe();
2792 ASSERT_EQ(0, completion->get_return_value());
2793 completion->release();
2794 


*** CID 1256096:  Resource leak  (RESOURCE_LEAK)
/test/librados/TestCase.cc: 336 in 
RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)()
330 ObjectWriteOperation op;
331 op.remove();
332 librados::AioCompletion *completion = 
s_cluster.aio_create_completion();
333 ASSERT_EQ(0, ioctx.aio_operate(it->get_oid(), completion, &op,
334librados::OPERATION_IGNORE_CACHE));
335 completion->wait_for_safe();
>>> CID 1256096:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
336 ASSERT_EQ(0, completion->get_return_value());
337 completion->release();
338   }
339 }
340 
341 std::string RadosTestParamPP::pool_name;
/test/librados/TestCase.cc: 333 in 
RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)()
327   for (NObjectIterator it = ioctx.nobjects_begin();
328it != ioctx.nobjects_end(); ++it) {
329 ioctx.locator_set_key(it->get_locator());
330 ObjectWriteOperation op;
331 op.remove();
332 librados::AioCompletion *completion = 
s_cluster.aio_create_completion();
>>> CID 1256096:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
333 ASSERT_EQ(0, ioctx.aio_operate(it->get_oid(), completion, &op,
334librados::OPERATION_IGNORE_CACHE));
335 completion->wait_for_safe();
336 ASSERT_EQ(0, completion->get_return_value());
337 completion->release();
338   }


*** CID 1256097:  Resource leak  (RESOURCE_LEAK)
/test/librados/tie

New Defects reported by Coverity Scan for ceph

2014-11-23 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

1 new defect(s) introduced to ceph found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1255885:  Ignoring number of bytes read  (CHECKED_RETURN)
/msg/async/Event.cc: 42 in C_handle_notify::do_request(int)()



*** CID 1255885:  Ignoring number of bytes read  (CHECKED_RETURN)
/msg/async/Event.cc: 42 in C_handle_notify::do_request(int)()
36 
37 class C_handle_notify : public EventCallback {
38  public:
39   C_handle_notify() {}
40   void do_request(int fd_or_id) {
41 char c[100];
>>> CID 1255885:  Ignoring number of bytes read  (CHECKED_RETURN)
>>> "read(int, void *, size_t)" returns the number of bytes read, but it is 
>>> ignored.
42 assert(read(fd_or_id, c, 100));
43   }
44 };
45 
46 int EventCenter::init(int n)
47 {



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-11-20 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

1 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1255369:  Copy into fixed size buffer  (STRING_OVERFLOW)
/common/blkdev.cc: 34 in block_device_support_discard(const char *)()



*** CID 1255369:  Copy into fixed size buffer  (STRING_OVERFLOW)
/common/blkdev.cc: 34 in block_device_support_discard(const char *)()
28 bool block_device_support_discard(const char *devname)
29 {
30   bool can_trim = false;
31   char *p = strstr((char *)devname, "sd");
32   char name[32] = {0};
33 
>>> CID 1255369:  Copy into fixed size buffer  (STRING_OVERFLOW)
>>> You might overrun the 32 byte fixed-size string "name" by copying "p" 
>>> without checking the length.
34   strcpy(name, p);
35   for (unsigned int i = 0; i < strlen(name); i++) {
36 if(isdigit(name[i])) {
37   name[i] = 0;
38   break;
39 }



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-11-14 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

8 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)


** CID 1254376:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_async_driver.cc: 212 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 219 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 220 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 230 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 231 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 227 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 233 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 210 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()

** CID 1254374:  Argument cannot be negative  (NEGATIVE_RETURNS)
/test/msgr/test_async_driver.cc: 147 in echoclient(void *)()

** CID 1254375:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_async_driver.cc: 169 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 166 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 171 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 185 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 187 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 194 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 196 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 201 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 205 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 206 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 210 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 212 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 219 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 220 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 227 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 230 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 231 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 233 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()

** CID 1254380:  Uninitialized scalar variable  (UNINIT)
/test/msgr/test_async_driver.cc: 147 in echoclient(void *)()

** CID 1254379:  Uninitialized scalar variable  (UNINIT)
/test/msgr/test_async_driver.cc: 116 in 
EventDriverTest_PipeTest_Test::TestBody()()

** CID 1254381:  Uninitialized scalar field  (UNINIT_CTOR)
/msg/async/EventSelect.h: 34 in SelectDriver::SelectDriver(CephContext *)()

** CID 1254377:  String not null terminated  (STRING_NULL)
/test/msgr/test_async_driver.cc: 232 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()

** CID 1254378:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/msgr/test_async_driver.cc: 269 in main()
/test/msgr/test_async_driver.cc: 269 in main()



*** CID 1254376:  Resource leak  (RESOURCE_LEAK)
/test/msgr/test_async_driver.cc: 212 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
206   ASSERT_EQ(fired_events[0].fd, listen_sd);
207 
208   fired_events.clear();
209   int client_sd = ::accept(listen_sd, NULL, NULL);
210   ASSERT_TRUE(client_sd > 0);
211   r = driver->add_event(client_sd, EVENT_NONE, EVENT_READABLE);
>>> CID 1254376:  Resource leak  (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
212   ASSERT_EQ(r, 0);
213 
214   do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
/test/msgr/test_async_driver.cc: 219 in 
EventDriverTest_NetworkSocketTest_Test::TestBody()()
213 
214   do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
218 r = driver->event_wait(fired_events, &tv);
>>> CID 1254376:  Resource leak  (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
219 ASSERT_EQ(r, 1);
220 ASSERT_EQ(fired_events[0].mask, EVENT_READABLE);
221 
222 fired_events.clear();
223 char data[100];
224 r = ::read(client_sd, data, sizeof(data));
/test/msgr/test_

New Defects reported by Coverity Scan for ceph

2014-11-13 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

4 new defect(s) introduced to ceph found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1251575:  Dereference after null check  (FORWARD_NULL)
/test/librados/c_read_operations.cc: 106 in CReadOpsTest::compare_xattrs(const 
char *const *, const char *const *, const unsigned long *, unsigned long, void 
*)()

** CID 1251577:  Resource leak  (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 116 in Dumper::dump(const char *)()

** CID 1251576:  Resource leak  (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1994 in 
TestLibRBD_LargeCacheRead_Test::TestBody()()

** CID 717084:  Resource leak  (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 192 in Dumper::undump(const char *)()
/tools/cephfs/Dumper.cc: 198 in Dumper::undump(const char *)()



*** CID 1251575:  Dereference after null check  (FORWARD_NULL)
/test/librados/c_read_operations.cc: 106 in CReadOpsTest::compare_xattrs(const 
char *const *, const char *const *, const unsigned long *, unsigned long, void 
*)()
100 size_t val_len = 0;
101 while (i < len) {
102   ASSERT_EQ(0, rados_getxattrs_next(iter, (const char**) &key,
103 (const char**) &val, &val_len));
104   if (val_len == 0 && key == NULL && val == NULL)
105 break;
>>> CID 1251575:  Dereference after null check  (FORWARD_NULL)
>>> Passing null pointer "key" to "basic_string", which dereferences it.
106   EXPECT_EQ(std::string(keys[i]), std::string(key));
107   EXPECT_EQ(0, memcmp(vals[i], val, val_len));
108   EXPECT_EQ(lens[i], val_len);
109   ++i;
110 }
111 ASSERT_EQ(i, len);


*** CID 1251577:  Resource leak  (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 116 in Dumper::dump(const char *)()
110 (unsigned long long)journaler.last_committed.stream_format,
111 (unsigned long long)journaler.last_committed.trimmed_pos, 
(unsigned long long)journaler.last_committed.trimmed_pos,
112 4);
113 r = safe_write(fd, buf, sizeof(buf));
114 if (r) {
115   derr << "Error " << r << " (" << cpp_strerror(r) << ") writing 
journal file header" << dendl;
>>> CID 1251577:  Resource leak  (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
116   return r;
117 }
118 
119 // write the data
120 off64_t seeked = ::lseek64(fd, start, SEEK_SET);
121 if (seeked == (off64_t)-1) {


*** CID 1251576:  Resource leak  (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1994 in 
TestLibRBD_LargeCacheRead_Test::TestBody()()
1988 
1989   uint64_t orig_cache_size = g_conf->rbd_cache_size;
1990   g_conf->set_val("rbd_cache_size", "16777216");
1991   BOOST_SCOPE_EXIT( (orig_cache_size) ) {
1992 g_conf->set_val("rbd_cache_size", 
stringify(orig_cache_size).c_str());
1993   } BOOST_SCOPE_EXIT_END;
>>> CID 1251576:  Resource leak  (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
1994   ASSERT_EQ(16777216, g_conf->rbd_cache_size);
1995 
1996   rbd_image_t image;
1997   int order = 0;
1998   const char *name = "testimg";
1999   uint64_t size = g_conf->rbd_cache_size + 1;


*** CID 717084:  Resource leak  (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 192 in Dumper::undump(const char *)()
186 trimmed_pos = start - (start % 
g_default_file_layout.fl_object_size);
187   }
188 
189   if (trimmed_pos > start) {
190 derr << std::hex << "Invalid header (trimmed 0x" << trimmed_pos
191   << " > expire 0x" << start << std::dec << dendl;
>>> CID 717084:  Resource leak  (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
192 return -EINVAL;
193   }
194 
195   if (start > write_pos) {
196 derr << std::hex << "Invalid header (expire 0x" << start
197   << " > write 0x" << write_pos << std::dec << dendl;
/tools/cephfs/Dumper.cc: 198 in Dumper::undump(const char *)()
192 return -EINVAL;
193   }
194 
195   if (start > write_pos) {
196 derr << std::hex << "Invalid header (expire 0x" << start
197   << " > write 0x" << write_pos << std::dec << dendl;
>>> CID 717084:  Resource leak  (RESOURCE_LEAK)
>>> Ha

New Defects reported by Coverity Scan for ceph

2014-11-11 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

19 new defect(s) introduced to ceph found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 19 of 19 defect(s)


** CID 1251445:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1511 in MDSMonitor::filesystem_command(MMonCommand *, const 
std::basic_string, std::allocator>&, 
std::map, std::allocator>, 
boost::variant, 
std::allocator>, bool, long, double, std::vector, std::allocator>, 
std::allocator, 
std::allocator>>>, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_>, 
std::less, std::allocator>>, 
std::allocator, 
std::allocator>, boost::variant, std::allocator>, bool, long, double, 
std::vector, 
std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_ &, 
std::basic_stringstream, std::allocator> &)()

** CID 1251446:  Unchecked return value  (CHECKED_RETURN)
/osd/PGBackend.cc: 292 in PGBackend::build_pg_backend(const pg_pool_t &, 
std::tr1::shared_ptr, PGBackend::Listener *, coll_t, coll_t, 
ObjectStore *, CephContext *)()

** CID 1251447:  Data race condition  (MISSING_LOCK)
/os/FileJournal.cc: 614 in FileJournal::start_writer()()

** CID 1251448:  Resource leak  (RESOURCE_LEAK)
/test/librados/TestCase.cc: 282 in RadosTest::cleanup_namespace(void *, 
std::basic_string, std::allocator>)()
/test/librados/TestCase.cc: 275 in RadosTest::cleanup_namespace(void *, 
std::basic_string, std::allocator>)()

** CID 1251449:  Resource leak  (RESOURCE_LEAK)
/test/librados/TestCase.cc: 52 in RadosTestNS::cleanup_all_objects(void *)()
/test/librados/TestCase.cc: 43 in RadosTestNS::cleanup_all_objects(void *)()

** CID 1251450:  Resource leak  (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 177 in TestLibRBD_CreateAndStat_Test::TestBody()()

** CID 1251451:  Resource leak  (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1288 in TestLibRBD_ListChildren_Test::TestBody()()

** CID 1251452:  Resource leak  (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1388 in 
TestLibRBD_ListChildrenTiered_Test::TestBody()()

** CID 1251453:  Resource leak  (RESOURCE_LEAK)
/test/system/st_rados_list_objects.cc: 72 in StRadosListObjects::run()()
/test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()()

** CID 1251454:  Resource leak  (RESOURCE_LEAK)
/test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()()

** CID 1251455:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()

** CID 1251456:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()

** CID 1251457:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()

** CID 1251458:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()

** CID 1251459:  Uninitialized pointer field  (UNINIT_CTOR)
/test/librados/TestCase.h: 24 in RadosTestNS::RadosTestNS()()

** CID 1251460:  Uninitialized pointer field  (UNINIT_CTOR)
/test/librados/TestCase.h: 76 in RadosTestECNS::RadosTestECNS()()

** CID 1251461:  Uninitialized scalar field  (UNINIT_CTOR)
/test/librados/TestCase.h: 93 in RadosTestECPPNS::RadosTestECPPNS()()

** CID 1251462:  Use after free  (USE_AFTER_FREE)
/test/librbd/test_librbd.cc: 299 in test_ls(void *, unsigned long, ...)()

** CID 1251463:  Missing varargs init or cleanup  (VARARGS)
/test/librbd/test_librbd.cc: 303 in test_ls(void *, unsigned long, ...)()



*** CID 1251445:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1511 in MDSMonitor::filesystem_command(MMonCommand *, const 
std::basic_string, std::allocator>&, 
std::map, std::allocator>, 
boost::variant, 
std::allocator>, bool, long, double, std::vector, std::allocator>, 
std::all

New Defects reported by Coverity Scan for ceph

2014-11-09 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

2 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1251353:  Big parameter passed by value  (PASS_BY_VALUE)
/mds/CInode.cc: 3544 in CInode::validate_disk_state(CInode::validated_data *, 
std::tr1::shared_ptr 
&)::ValidationContinuation::_backtrace(int)()

** CID 1251354:  Structurally dead code  (UNREACHABLE)
/mds/mdstypes.cc: 440 in inode_t::compare(const inode_t&, bool *) const()



*** CID 1251353:  Big parameter passed by value  (PASS_BY_VALUE)
/mds/CInode.cc: 3544 in CInode::validate_disk_state(CInode::validated_data *, 
std::tr1::shared_ptr 
&)::ValidationContinuation::_backtrace(int)()
3538   }
3539 
3540   // extract the backtrace, and compare it to a newly-constructed 
one
3541   try {
3542 bufferlist::iterator p = bl.begin();
3543 ::decode(results->backtrace.ondisk_value, p);
>>> CID 1251353:  Big parameter passed by value  (PASS_BY_VALUE)
>>> Catching an exception object of size 264 bytes by value.
3544   } catch (buffer::malformed_input) {
3545 results->backtrace.passed = false;
3546 results->backtrace.error_str << "failed to decode on-disk 
backtrace!";
3547 return true;
3548   }
3549   int64_t pool;


*** CID 1251354:  Structurally dead code  (UNREACHABLE)
/mds/mdstypes.cc: 440 in inode_t::compare(const inode_t&, bool *) const()
434   } else {
435 assert(version < other.version);
436 *divergent = !other.older_is_consistent(*this);
437 return -1;
438   }
439   assert(0 == "can't have reached this point");
>>> CID 1251354:  Structurally dead code  (UNREACHABLE)
>>> This code cannot be reached: "*divergent = true;".
440   *divergent = true;
441   return 0;
442 }
443 
444 bool inode_t::older_is_consistent(const inode_t &other) const
445 {



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph

2014-10-30 Thread Sage Weil
On Thu, 30 Oct 2014, scan-ad...@coverity.com wrote:
> 
> Hi,
> 
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
> 
> 1 new defect(s) introduced to ceph found with Coverity Scan.
> 25 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
> 
> 
> ** CID 1250262:  Dereference after null check  (FORWARD_NULL)
> /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, 
> bool)()
> 
> 
> 
> *** CID 1250262:  Dereference after null check  (FORWARD_NULL)
> /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, 
> bool)()
> 2056 if (ret == -ENOENT) {
> 2057   t->osd = -1;
> 2058   return RECALC_OP_TARGET_POOL_DNE;
> 2059 }
> 2060   }
> 2061 
> >>> CID 1250262:  Dereference after null check  (FORWARD_NULL)
> >>> Dereferencing null pointer "pi".
> 2062   int min_size = pi->min_size;
> 2063   unsigned pg_num = pi->get_pg_num();
> 2064   int up_primary, acting_primary;
> 2065   vector up, acting;
> 2066   osdmap->pg_to_up_acting_osds(pgid, &up, &up_primary,
> 2067 &acting, &acting_primary);

opened #9944

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-10-30 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

1 new defect(s) introduced to ceph found with Coverity Scan.
25 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1250262:  Dereference after null check  (FORWARD_NULL)
/osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, 
bool)()



*** CID 1250262:  Dereference after null check  (FORWARD_NULL)
/osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, 
bool)()
2056 if (ret == -ENOENT) {
2057   t->osd = -1;
2058   return RECALC_OP_TARGET_POOL_DNE;
2059 }
2060   }
2061 
>>> CID 1250262:  Dereference after null check  (FORWARD_NULL)
>>> Dereferencing null pointer "pi".
2062   int min_size = pi->min_size;
2063   unsigned pg_num = pi->get_pg_num();
2064   int up_primary, acting_primary;
2065   vector up, acting;
2066   osdmap->pg_to_up_acting_osds(pgid, &up, &up_primary,
2067   &acting, &acting_primary);



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph

2014-10-28 Thread Danny Al-Gaaf
Hi,

these can be ignored, they are caused by the ASSERT_* handling of the
gtest framework.

Danny


Am 28.10.2014 um 14:16 schrieb scan-ad...@coverity.com:
> 
> Hi,
> 
> Please find the latest report on new defect(s) introduced to ceph
> found with Coverity Scan.
> 
> 2 new defect(s) introduced to ceph found with Coverity Scan. 5
> defect(s), reported by Coverity Scan earlier, were marked fixed in
> the recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s)
> 
> 
> ** CID 1249779:  Resource leak  (RESOURCE_LEAK) 
> /test/libradosstriper/striping.cc: 56 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 59 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 52 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 55 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 47 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 50 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 51 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 45 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 46 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)()
> 
> ** CID 1249780:  Resource leak  (RESOURCE_LEAK) 
> /test/libradosstriper/striping.cc: 95 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 97 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 100 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 103 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 145 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)()
> 
> 
> 
>
> 
*** CID 1249779:  Resource leak  (RESOURCE_LEAK)
> /test/libradosstriper/striping.cc: 56 in
> StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 50 ASSERT_LT(0U, stripe_count); 51
> ASSERT_EQ(stripe_count, exp_stripe_count); 52 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl)); 
> 53 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 54 uint64_t
> object_size = strtoll(s_xattr.c_str(), NULL, 10); 55
> ASSERT_EQ(object_size, exp_object_size);
 CID 1249779:  Resource leak  (RESOURCE_LEAK) Variable
 "firstOid" going out of scope leaks the storage it points
 to.
> 56 ASSERT_LT(0, ioctx.ge

New Defects reported by Coverity Scan for ceph

2014-10-28 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

2 new defect(s) introduced to ceph found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1249779:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 56 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 59 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 52 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 55 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 47 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 50 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 51 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 45 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 46 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()

** CID 1249780:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 95 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 97 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 100 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 103 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 145 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()



*** CID 1249779:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 56 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
50 ASSERT_LT(0U, stripe_count);
51 ASSERT_EQ(stripe_count, exp_stripe_count);
52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", 
xattrbl));
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 
byte at the end
54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(object_size, exp_object_size);
>>> CID 1249779:  Resource leak  (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl));
57 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 
byte at the end
58 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10);
59 ASSERT_EQ(xa_size, size);
60 // checking object content from rados point of view
61 // we will go stripe by stripe, read the content of each of them and
/test/libradosstriper/striping.cc: 59 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buff

New Defects reported by Coverity Scan for ceph

2014-10-26 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

77 new defect(s) introduced to ceph found with Coverity Scan.
74 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 77 defect(s)


** CID 717233:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/Capability.h: 253 in Capability::Capability(CInode *, unsigned long, 
client_t)()

** CID 1201388:  Missing unlock  (LOCK)
/mon/Monitor.cc: 564 in Monitor::preinit()()

** CID 1213581:  Dereference null return value  (NULL_RETURNS)
/osd/OSD.cc: 5523 in OSD::ms_fast_preprocess(Message *)()

** CID 1214678:  Unchecked return value  (CHECKED_RETURN)
/osd/OSD.cc: 326 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr, std::tr1::shared_ptr, spg_t)()

** CID 1219460:  Unchecked return value  (CHECKED_RETURN)
/tools/cephfs/JournalTool.cc: 104 in JournalTool::main(std::vector> &)()

** CID 1219463:  Unchecked return value  (CHECKED_RETURN)
/client/SyntheticClient.cc: 1142 in SyntheticClient::play_trace(Trace &, 
std::basic_string, std::allocator>&, bool)()

** CID 1219620:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()

** CID 1219621:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()

** CID 1219622:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()

** CID 1219637:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()

** CID 1219650:  Uninitialized scalar field  (UNINIT_CTOR)
/tools/cephfs/Resetter.h: 29 in Resetter::Resetter()()

** CID 1220854:  Invalid iterator comparison  (MISMATCHED_ITERATOR)
/osd/PG.cc: 1000 in 
PG::calc_ec_acting(std::_Rb_tree_const_iterator>, unsigned int, const std::vector> &, 
pg_shard_t, const std::vector> &, pg_shard_t, const 
std::map, 
std::allocator>> &, bool, 
std::vector> *, std::set, std::allocator> *, std::set, std::allocator> *, pg_shard_t *, 
std::basic_ostream>&)()

** CID 1221498:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 61 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()

** CID 1221499:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 70 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()

** CID 1221525:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 227 in 
StriperTestRT_StripedRoundtrip_Test::TestBody()()

** CID 1221526:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 39 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 86 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 140 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()

** CID 1221538:  Uninitialized pointer field  (UNINIT_CTOR)
/test/libradosstriper/TestCase.h: 25 in StriperTest::StriperTest()()

** CID 1225099:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1523 in MDSMonitor::filesystem_command(MMonCommand *, const 
std::basic_string, std::allocator>&, 
std::map, std::allocator>, 
boost::variant, 
std::allocator>, bool, long, double, std::vector, std::allocator>, 
std::allocator, 
std::allocator>>>, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_>, 
std::less, std::allocator>>, 
std::allocator, 
std::allocator>, boost::variant, std::allocator>, bool, long, double, 
std::vector, 
std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant:

Re: New Defects reported by Coverity Scan for ceph

2014-10-24 Thread Sage Weil
Note: this is a run against firefly (vs the usual master).

s

On Fri, 24 Oct 2014, scan-ad...@coverity.com wrote:

> 
> Hi,
> 
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
> 
> 26 new defect(s) introduced to ceph found with Coverity Scan.
> 114 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> recent build analyzed by Coverity Scan.
> 
> New defect(s) Reported-by: Coverity Scan
> Showing 20 of 26 defect(s)
> 
> 
> ** CID 717128:  Wrong sizeof argument  (SIZEOF_MISMATCH)
> /test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)()
> 
> ** CID 717147:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /ceph_mds.cc: 141 in main()
> 
> ** CID 717246:  Uninitialized scalar field  (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const 
> std::basic_string, std::allocator>&, 
> snapid_t, snapid_t, unsigned long, bool)()
> 
> ** CID 717248:  Uninitialized scalar field  (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const 
> std::basic_string, std::allocator>&, 
> snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)()
> 
> ** CID 717264:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MClientReply.h: 129 in InodeStat::InodeStat()()
> 
> ** CID 717270:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, 
> std::set, std::allocator> &, filepath &, bool)()
> 
> ** CID 717275:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MExportDirDiscover.h: 36 in 
> MExportDirDiscover::MExportDirDiscover()()
> 
> ** CID 717289:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()()
> 
> ** CID 1026810:  Uninitialized pointer field  (UNINIT_CTOR)
> /mds/MDCache.h: 332 in MDCache::umaster::umaster()()
> 
> ** CID 1026811:  Uninitialized scalar field  (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const 
> std::basic_string, std::allocator>&, 
> snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const 
> std::map, 
> std::allocator>, ceph::buffer::ptr, std::less std::char_traits, std::allocator>>, 
> std::allocator std::char_traits, std::allocator>, ceph::buffer::ptr>>> &, const 
> std::basic_string, std::allocator>&, const 
> ceph::buffer::list &, unsigned char, std::map std::less, std::allocator old_inode_t>>>*)()
> 
> ** CID 1128407:  Dereference before null check  (REVERSE_INULL)
> /client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)()
> 
> ** CID 1128412:  Resource leak  (RESOURCE_LEAK)
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> 
> ** CID 1160849:  Uninitialized scalar field  (UNINIT_CTOR)
> /mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const 
> std::basic_string, std::allocator>&)()
> 
> ** CID 1188129:  Logically dead code  (DEADCODE)
> /client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, 
> char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, 
> unsigned int)()
> 
> ** CID 1188130:  Logically dead code  (DEADCODE)
> /client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, 
> char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, 
> unsigned int)()
> 
> ** CID 1192611:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> 
> ** CID 1192612:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_dump.cc: 1076 in main()
> 
> ** CID 1192613:  Uncaught exception  (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc:

New Defects reported by Coverity Scan for ceph

2014-10-24 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

26 new defect(s) introduced to ceph found with Coverity Scan.
114 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 20 of 26 defect(s)


** CID 717128:  Wrong sizeof argument  (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)()

** CID 717147:  Uncaught exception  (UNCAUGHT_EXCEPT)
/ceph_mds.cc: 141 in main()

** CID 717246:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const 
std::basic_string, std::allocator>&, 
snapid_t, snapid_t, unsigned long, bool)()

** CID 717248:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const 
std::basic_string, std::allocator>&, 
snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)()

** CID 717264:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MClientReply.h: 129 in InodeStat::InodeStat()()

** CID 717270:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, 
std::set, std::allocator> &, filepath &, bool)()

** CID 717275:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MExportDirDiscover.h: 36 in MExportDirDiscover::MExportDirDiscover()()

** CID 717289:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()()

** CID 1026810:  Uninitialized pointer field  (UNINIT_CTOR)
/mds/MDCache.h: 332 in MDCache::umaster::umaster()()

** CID 1026811:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const 
std::basic_string, std::allocator>&, 
snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const 
std::map, std::allocator>, 
ceph::buffer::ptr, std::less, 
std::allocator>>, std::allocator, std::allocator>, ceph::buffer::ptr>>> &, const 
std::basic_string, std::allocator>&, const 
ceph::buffer::list &, unsigned char, std::map, std::allocator>>*)()

** CID 1128407:  Dereference before null check  (REVERSE_INULL)
/client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)()

** CID 1128412:  Resource leak  (RESOURCE_LEAK)
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()

** CID 1160849:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const 
std::basic_string, std::allocator>&)()

** CID 1188129:  Logically dead code  (DEADCODE)
/client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, char 
*, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned 
int)()

** CID 1188130:  Logically dead code  (DEADCODE)
/client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, char 
*, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned 
int)()

** CID 1192611:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()

** CID 1192612:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_dump.cc: 1076 in main()

** CID 1192613:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()

** CID 1192614:  Uncaught exception  (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_tool.cc: 48 in main()

** CID 1201374:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()



New Defects reported by Coverity Scan for ceph

2014-10-17 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

4 new defect(s) introduced to ceph found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1247718:  Explicit null dereferenced  (FORWARD_NULL)
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()

** CID 1247719:  Unintentional integer overflow  (OVERFLOW_BEFORE_WIDEN)
/osdc/Striper.cc: 221 in Striper::get_num_objects(const ceph_file_layout &, 
unsigned long)()

** CID 1247720:  Unintentional integer overflow  (OVERFLOW_BEFORE_WIDEN)
/osdc/Striper.cc: 225 in Striper::get_num_objects(const ceph_file_layout &, 
unsigned long)()

** CID 1247721:  Uncaught exception  (UNCAUGHT_EXCEPT)
/rbd.cc: 2071 in main()
/rbd.cc: 2071 in main()



*** CID 1247718:  Explicit null dereferenced  (FORWARD_NULL)
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()
3178   set_lock.pid = req->head.args.filelock_change.pid;
3179   set_lock.type = req->head.args.filelock_change.type;
3180   bool will_wait = req->head.args.filelock_change.wait;
3181 
3182   dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183 
>>> CID 1247718:  Explicit null dereferenced  (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184   ceph_lock_state_t *lock_state = NULL;
3185   bool interrupt = false;
3186 
3187   // get the appropriate lock state
3188   switch (req->head.args.filelock_change.rule) {
3189   case CEPH_LOCK_FLOCK_INTR:
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()
3178   set_lock.pid = req->head.args.filelock_change.pid;
3179   set_lock.type = req->head.args.filelock_change.type;
3180   bool will_wait = req->head.args.filelock_change.wait;
3181 
3182   dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183 
>>> CID 1247718:  Explicit null dereferenced  (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184   ceph_lock_state_t *lock_state = NULL;
3185   bool interrupt = false;
3186 
3187   // get the appropriate lock state
3188   switch (req->head.args.filelock_change.rule) {
3189   case CEPH_LOCK_FLOCK_INTR:
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()
3178   set_lock.pid = req->head.args.filelock_change.pid;
3179   set_lock.type = req->head.args.filelock_change.type;
3180   bool will_wait = req->head.args.filelock_change.wait;
3181 
3182   dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183 
>>> CID 1247718:  Explicit null dereferenced  (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184   ceph_lock_state_t *lock_state = NULL;
3185   bool interrupt = false;
3186 
3187   // get the appropriate lock state
3188   switch (req->head.args.filelock_change.rule) {
3189   case CEPH_LOCK_FLOCK_INTR:
/mds/Server.cc: 3184 in 
Server::handle_client_file_setlock(std::tr1::shared_ptr &)()
3178   set_lock.pid = req->head.args.filelock_change.pid;
3179   set_lock.type = req->head.args.filelock_change.type;
3180   bool will_wait = req->head.args.filelock_change.wait;
3181 
3182   dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183 
>>> CID 1247718:  Explicit null dereferenced  (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184   ceph_lock_state_t *lock_state = NULL;
3185   bool interrupt = false;
3186 
3187   // get the appropriate lock state
3188   switch (req->head.args.filelock_change.rule) {
3189   case CEPH_LOCK_FLOCK_INTR:


*** CID 1247719:  Unintentional integer overflow  (OVERFLOW_BEFORE_WIDEN)
/osdc/Striper.cc: 221 in Striper::get_num_objects(const ceph_file_layout &, 
unsigned long)()
215 }
216 uint64_t Striper::get_num_objects(const ceph_file_layout& layout, 
uint64_t size)
217 {
218   __u32 object_size = layout.fl_object_size;
219   __u32 stripe_unit = layout.fl_stripe_unit;
220   __u32 stripe_count = layout.fl_stripe_count;
>>> CID 1247719:  Unintentional integer overflow  (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "stripe_count * object_size" with 
>>> type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit 
>>> arithmetic before being used in a context which expects an expression of 
>>> type "uint64_t" (64 bits, unsigned). To av

Re: [Ceph-qa] New Defects reported by Coverity Scan for ceph

2014-10-09 Thread Gregory Farnum
On Thu, Oct 9, 2014 at 6:23 AM,   wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
>
> 3 new defect(s) introduced to ceph found with Coverity Scan.
> 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the 
> recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1244227:  Dereference after null check  (FORWARD_NULL)
> /mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, 
> mds_rank_t, std::tr1::shared_ptr &, bool)()
> /mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, 
> mds_rank_t, std::tr1::shared_ptr &, bool)()

These lines are
if (in && in->is_dir() && srcdn->authority().first != whoami) ...
and
} else if (force_journal_src || (in && in->is_dir() &&
srcdn->authority().first == whoami)) { ...

Coverity is complaining about the srcdn dereference, and I've dug into
it a bit but I think this might actually be an issue. Well, more
accurately, I think maybe if srcdn is NULL we've failed somehow and
should have given up, but the code looks to be not failing on purpose,
so I'm missing something. We should dig into this and either fix or
promote the
if (in && in->is_dir())
  assert(srcdn && destdn);
which we have nested inside of a check for rollback.orig_src.ino (ie,
we were auth/primary for the srcdn at rename time).

The other two I've sent in an (untested) PR for:
https://github.com/ceph/ceph/pull/2677

>
> ** CID 1244228:  Uninitialized scalar field  (UNINIT_CTOR)
> /mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()()

The "read" cap bool is indeed uninitialized; easy enough to
default-fill it to false.

> ** CID 1244229:  Uninitialized scalar field  (UNINIT_CTOR)
> /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, 
> int, std::set, std::allocator> &, filepath &, bool)()

"discover" is indeed uninitialized by default (although it looks like
the only caller overrides that default). The PR sets it to 0, which
appears to be the correct default from my reading of the code.
-Greg
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph

2014-10-09 Thread scan-admin

Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

3 new defect(s) introduced to ceph found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)


** CID 1244227:  Dereference after null check  (FORWARD_NULL)
/mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, 
mds_rank_t, std::tr1::shared_ptr &, bool)()
/mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, 
mds_rank_t, std::tr1::shared_ptr &, bool)()

** CID 1244228:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()()

** CID 1244229:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, 
int, std::set, std::allocator> &, filepath &, bool)()



*** CID 1244227:  Dereference after null check  (FORWARD_NULL)
/mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, 
mds_rank_t, std::tr1::shared_ptr &, bool)()
7005   // slave
7006   assert(!destdn || destdn->authority().first != whoami);
7007   assert(!straydn || straydn->authority().first != whoami);
7008 
7009   bool force_journal_src = false;
7010   bool force_journal_dest = false;
>>> CID 1244227:  Dereference after null check  (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. 
>>> (The dereference happens because this is a virtual function call.)
7011   if (in && in->is_dir() && srcdn->authority().first != whoami)
7012 force_journal_src = _need_force_journal(in, false);
7013   if (in && target && target->is_dir())
7014 force_journal_dest = _need_force_journal(in, true);
7015   
7016   version_t srcdnpv = 0;
/mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, 
mds_rank_t, std::tr1::shared_ptr &, bool)()
7124 le->commit.add_primary_dentry(target->get_projected_parent_dn(), 
target, true);
7125   }
7126 
7127   if (force_journal_dest) {
7128 dout(10) << " noting rename target ino " << target->ino() << " in 
metablob" << dendl;
7129 le->commit.renamed_dirino = target->ino();
>>> CID 1244227:  Dereference after null check  (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. 
>>> (The dereference happens because this is a virtual function call.)
7130   } else if (force_journal_src || (in && in->is_dir() && 
srcdn->authority().first == whoami)) {
7131 dout(10) << " noting renamed dir ino " << in->ino() << " in 
metablob" << dendl;
7132 le->commit.renamed_dirino = in->ino();
7133   }
7134   
7135   if (target && target->is_dir()) {


*** CID 1244228:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()()
23 
24 struct MDSCapSpec {
25   bool read;
26   bool write;
27   bool any;
28 
>>> CID 1244228:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "read" is not initialized in this constructor 
>>> nor in any functions that it calls.
29   MDSCapSpec() : write(false), any(false) {}
30   MDSCapSpec(bool r_, bool w_, bool a_) : read(r_), write(w_), any(a_) {}
31 
32   bool allow_all() const {return any;}
33 };
34 


*** CID 1244229:  Uninitialized scalar field  (UNINIT_CTOR)
/messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, 
int, std::set, std::allocator> &, filepath &, bool)()
49 this->from_mds = f;
50 this->dirfrag = dirfrag;
51 this->dir_rep = dir_rep;
52 this->dir_rep_by = dir_rep_by;
53 if (discover) this->discover = 5;
54 this->path = path;
>>> CID 1244229:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "discover" is not initialized in this 
>>> constructor nor in any functions that it calls.
55   }
56 private:
57   ~MDirUpdate() {}
58 
59 public:
60   const char *get_type_name() const { return "dir_update"; }



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vg

New Defects reported by Coverity Scan for ceph (fwd)

2014-10-08 Thread Sage Weil
--- Begin Message ---


Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

6 new defect(s) introduced to ceph found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)


** CID 1244195:  Dereference after null check  (FORWARD_NULL)
/mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)()

** CID 1244196:  Data race condition  (MISSING_LOCK)
/test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()()

** CID 1244197:  Dereference before null check  (REVERSE_INULL)
/mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)()

** CID 1244198:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/mon/test-mon-msg.cc: 322 in main()
/test/mon/test-mon-msg.cc: 322 in main()
/test/mon/test-mon-msg.cc: 322 in main()

** CID 1244200:  Uninitialized pointer field  (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 67 in MonClientHelper::MonClientHelper(CephContext 
*)()

** CID 1244199:  Uninitialized pointer field  (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 225 in MonMsgTest::MonMsgTest()()



*** CID 1244195:  Dereference after null check  (FORWARD_NULL)
/mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)()
3104   if (s && s->closed) {
3105 caps = s->caps;
3106 reuse_caps = true;
3107 s->put();
3108 s = NULL;
3109   }
>>> CID 1244195:  Dereference after null check  (FORWARD_NULL)
>>> Comparing "s" to null implies that "s" might be null.
3110   if (!s) {
3111 // if the sender is not a monitor, make sure their first message 
for a
3112 // session is an MAuth.  If it is not, assume it's a stray message,
3113 // and considering that we are creating a new session it is safe to
3114 // assume that the sender hasn't authenticated yet, so we have no 
way
3115 // of assessing whether we should handle it or not.


*** CID 1244196:  Data race condition  (MISSING_LOCK)
/test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()()
223   MonMsgTest() :
224 MonClientHelper(g_ceph_context),
225 lock("lock") { }
226 
227 public:
228   virtual void SetUp() {
>>> CID 1244196:  Data race condition  (MISSING_LOCK)
>>> Accessing "this->reply_type" without holding lock "Mutex._m". 
>>> Elsewhere, "MonMsgTest.reply_type" is accessed with "Mutex._m" held 1 out 
>>> of 2 times (1 of these accesses strongly imply that it is necessary).
229 reply_type = -1;
230 if (reply_msg) {
231   reply_msg->put();
232   reply_msg = NULL;
233 }
234 ASSERT_EQ(init(), 0);


*** CID 1244197:  Dereference before null check  (REVERSE_INULL)
/mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)()
3360   }
3361   break;
3362 
3363 // elector messages
3364 case MSG_MON_ELECTION:
3365   //check privileges here for simplicity
>>> CID 1244197:  Dereference before null check  (REVERSE_INULL)
>>> Null-checking "s" suggests that it may be null, but it has already been 
>>> dereferenced on all paths leading to the check.
3366   if (s &&
3367   !s->is_capable("mon", MON_CAP_X)) {
3368 dout(0) << "MMonElection received from entity without enough 
caps!"
3369   << s->caps << dendl;
3370 m->put();
3371 break;


*** CID 1244198:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/mon/test-mon-msg.cc: 322 in main()
316 
317   int r = monc.get_monmap();
318   ASSERT_EQ(r, 0);
319   ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321 
>>> CID 1244198:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324   vector def_args;
325   vector args;
326   argv_to_vec(argc, (const char **)argv, args);
327 
/test/mon/test-mon-msg.cc: 322 in main()
316 
317   int r = monc.get_monmap();
318   ASSERT_EQ(r, 0);
319   ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321 
>>> CID 1244198:  Uncaught exception  (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type 
>>> "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324   vector def_args;
325   vector args;
326   argv_to

Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-09-30 Thread Ric Wheeler

On 09/30/2014 01:38 PM, Sage Weil wrote:

On Tue, 30 Sep 2014, Gregory Farnum wrote:

On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil  wrote:

Looks like recent changes from Greg, Loic, and I.

-- Forwarded message --
From: scan-ad...@coverity.com
To: undisclosed-recipients:;
Cc:
Date: Tue, 30 Sep 2014 06:21:08 -0700
Subject: New Defects reported by Coverity Scan for ceph


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1242019:  Data race condition  (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()

** CID 1242021:  Resource leak  (RESOURCE_LEAK)
/test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()

** CID 1242020:  Resource leak  (RESOURCE_LEAK)
/test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()

** CID 1242018:  Resource leak  (RESOURCE_LEAK)
/test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()



*** CID 1242019:  Data race condition  (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
224 if (flush_count > 0) {
225   --flush_count;
226   active_flush = true;
227 }
228 if (pipe->in_q->can_fast_dispatch(m)) {
229   if (!stop_fast_dispatching_flag) {

 CID 1242019:  Data race condition  (MISSING_LOCK)
 Accessing "this->delay_dispatching" without holding lock "Mutex._m". Elsewhere, 
"_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with "Mutex._m" held 1 out of 2 times (1 of 
these accesses strongly imply that it is necessary).

230 delay_dispatching = true;
231 delay_lock.Unlock();
232 pipe->in_q->fast_dispatch(m);
233 delay_lock.Lock();
234 delay_dispatching = false;
235 if (stop_fast_dispatching_flag) {

This one's a false positive. (delay_dispatching is protected by the
delay_lock, but I think it's picking up on the Pipe::lock which is
held when DelayedDelivery is constructed and initialized.) Is there a
way I should annotate this, or is it something we need to adjust in
the Coverity web interface?

There are annotations but I don't know how they work.  I've been marking
them through the web interface...

sage



Jeff and Kaleb (last I remember) had more expertise in coverity magic - they 
might know how to annotate those false positives...


ric

--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-09-30 Thread Sage Weil
On Tue, 30 Sep 2014, Gregory Farnum wrote:
> On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil  wrote:
> > Looks like recent changes from Greg, Loic, and I.
> >
> > -- Forwarded message --
> > From: scan-ad...@coverity.com
> > To: undisclosed-recipients:;
> > Cc:
> > Date: Tue, 30 Sep 2014 06:21:08 -0700
> > Subject: New Defects reported by Coverity Scan for ceph
> >
> >
> > Hi,
> >
> >
> > Please find the latest report on new defect(s) introduced to ceph found 
> > with Coverity Scan.
> >
> > Defect(s) Reported-by: Coverity Scan
> > Showing 4 of 4 defect(s)
> >
> >
> > ** CID 1242019:  Data race condition  (MISSING_LOCK)
> > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
> >
> > ** CID 1242021:  Resource leak  (RESOURCE_LEAK)
> > /test/librados/tier.cc: 1026 in 
> > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> > /test/librados/tier.cc: 1022 in 
> > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> > /test/librados/tier.cc: 1040 in 
> > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> > /test/librados/tier.cc: 1037 in 
> > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> >
> > ** CID 1242020:  Resource leak  (RESOURCE_LEAK)
> > /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
> >
> > ** CID 1242018:  Resource leak  (RESOURCE_LEAK)
> > /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
> > /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
> > /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
> >
> >
> > 
> > *** CID 1242019:  Data race condition  (MISSING_LOCK)
> > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
> > 224 if (flush_count > 0) {
> > 225   --flush_count;
> > 226   active_flush = true;
> > 227 }
> > 228 if (pipe->in_q->can_fast_dispatch(m)) {
> > 229   if (!stop_fast_dispatching_flag) {
> >>>> CID 1242019:  Data race condition  (MISSING_LOCK)
> >>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". 
> >>>> Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed 
> >>>> with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly 
> >>>> imply that it is necessary).
> > 230 delay_dispatching = true;
> > 231 delay_lock.Unlock();
> > 232 pipe->in_q->fast_dispatch(m);
> > 233 delay_lock.Lock();
> > 234 delay_dispatching = false;
> > 235 if (stop_fast_dispatching_flag) {
> 
> This one's a false positive. (delay_dispatching is protected by the
> delay_lock, but I think it's picking up on the Pipe::lock which is
> held when DelayedDelivery is constructed and initialized.) Is there a
> way I should annotate this, or is it something we need to adjust in
> the Coverity web interface?

There are annotations but I don't know how they work.  I've been marking 
them through the web interface...

sage
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-09-30 Thread Gregory Farnum
On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil  wrote:
> Looks like recent changes from Greg, Loic, and I.
>
> -- Forwarded message --
> From: scan-ad...@coverity.com
> To: undisclosed-recipients:;
> Cc:
> Date: Tue, 30 Sep 2014 06:21:08 -0700
> Subject: New Defects reported by Coverity Scan for ceph
>
>
> Hi,
>
>
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
>
> Defect(s) Reported-by: Coverity Scan
> Showing 4 of 4 defect(s)
>
>
> ** CID 1242019:  Data race condition  (MISSING_LOCK)
> /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
>
> ** CID 1242021:  Resource leak  (RESOURCE_LEAK)
> /test/librados/tier.cc: 1026 in 
> LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> /test/librados/tier.cc: 1022 in 
> LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> /test/librados/tier.cc: 1040 in 
> LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> /test/librados/tier.cc: 1037 in 
> LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
>
> ** CID 1242020:  Resource leak  (RESOURCE_LEAK)
> /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
>
> ** CID 1242018:  Resource leak  (RESOURCE_LEAK)
> /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
> /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
> /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
>
>
> 
> *** CID 1242019:  Data race condition  (MISSING_LOCK)
> /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
> 224 if (flush_count > 0) {
> 225   --flush_count;
> 226   active_flush = true;
> 227 }
> 228 if (pipe->in_q->can_fast_dispatch(m)) {
> 229   if (!stop_fast_dispatching_flag) {
>>>> CID 1242019:  Data race condition  (MISSING_LOCK)
>>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". 
>>>> Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with 
>>>> "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that 
>>>> it is necessary).
> 230 delay_dispatching = true;
> 231 delay_lock.Unlock();
> 232 pipe->in_q->fast_dispatch(m);
> 233 delay_lock.Lock();
> 234 delay_dispatching = false;
> 235 if (stop_fast_dispatching_flag) {

This one's a false positive. (delay_dispatching is protected by the
delay_lock, but I think it's picking up on the Pipe::lock which is
held when DelayedDelivery is constructed and initialized.) Is there a
way I should annotate this, or is it something we need to adjust in
the Coverity web interface?
-Greg
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-09-30 Thread Loic Dachary
I'll fix the aio.cc problems, thanks !

On 30/09/2014 15:59, Sage Weil wrote:
> Looks like recent changes from Greg, Loic, and I.
> 

-- 
Loïc Dachary, Artisan Logiciel Libre



signature.asc
Description: OpenPGP digital signature


New Defects reported by Coverity Scan for ceph (fwd)

2014-09-30 Thread Sage Weil
Looks like recent changes from Greg, Loic, and I.--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1242019:  Data race condition  (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()

** CID 1242021:  Resource leak  (RESOURCE_LEAK)
/test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()

** CID 1242020:  Resource leak  (RESOURCE_LEAK)
/test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()

** CID 1242018:  Resource leak  (RESOURCE_LEAK)
/test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()



*** CID 1242019:  Data race condition  (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
224 if (flush_count > 0) {
225   --flush_count;
226   active_flush = true;
227 }
228 if (pipe->in_q->can_fast_dispatch(m)) {
229   if (!stop_fast_dispatching_flag) {
>>> CID 1242019:  Data race condition  (MISSING_LOCK)
>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". 
>>> Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with 
>>> "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that 
>>> it is necessary).
230 delay_dispatching = true;
231 delay_lock.Unlock();
232 pipe->in_q->fast_dispatch(m);
233 delay_lock.Lock();
234 delay_dispatching = false;
235 if (stop_fast_dispatching_flag) {


*** CID 1242021:  Resource leak  (RESOURCE_LEAK)
/test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1020 op.cache_evict();
1021 librados::AioCompletion *completion = 
cluster.aio_create_completion();
1022 ASSERT_EQ(0, cache_ioctx.aio_operate(
1023   "foo", completion, &op,
1024   librados::OPERATION_IGNORE_CACHE, NULL));
1025 completion->wait_for_safe();
>>> CID 1242021:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1026 ASSERT_EQ(0, completion->get_return_value());
1027 completion->release();
1028   }
1029 
1030   // verify the snapdir is not present in the cache pool
1031   {
/test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1016 
1017   // evict
1018   {
1019 ObjectReadOperation op;
1020 op.cache_evict();
1021 librados::AioCompletion *completion = 
cluster.aio_create_completion();
>>> CID 1242021:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1022 ASSERT_EQ(0, cache_ioctx.aio_operate(
1023   "foo", completion, &op,
1024   librados::OPERATION_IGNORE_CACHE, NULL));
1025 completion->wait_for_safe();
1026 ASSERT_EQ(0, completion->get_return_value());
1027 completion->release();
/test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1034 op.list_snaps(&snapset, NULL);
1035 ioctx.snap_set_read(librados::SNAP_DIR);
1036 librados::AioCompletion *completion = 
cluster.aio_create_completion();
1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op,
1038   librados::OPERATION_IGNORE_CACHE, 
NULL));
1039 completion->wait_for_safe();
>>> CID 1242021:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1040 ASSERT_EQ(-ENOENT, completion->get_return_value());
1041 completion->release();
1042   }
1043 }
1044 
1045 TEST_F(LibRadosTwoPoolsPP, TryFlush) {
/test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1031   {
1032 ObjectReadOperation op;
1033 librados::snap_set_t snapset;
1034 op.list_snaps(&snapset, NULL);
1035 ioctx.snap_set_read(librados::SNAP_DIR);
1036 librados::AioCompletion *completion = 
cluster.aio_create_completion();
>>> CID 1242021:  Resource leak  (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op,
1038

Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-09-25 Thread John Spray
Nice to see that coverity and lockdep agree :-)

This should go away with the fix for #9562.

John

On Thu, Sep 25, 2014 at 4:02 PM, Sage Weil  wrote:
>
>
> -- Forwarded message --
> From: scan-ad...@coverity.com
> To: undisclosed-recipients:;
> Cc:
> Date: Thu, 25 Sep 2014 06:18:46 -0700
> Subject: New Defects reported by Coverity Scan for ceph
>
>
> Hi,
>
>
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
>
> Defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
>
>
> ** CID 1241497:  Thread deadlock  (ORDER_REVERSAL)
>
>
>
> 
> *** CID 1241497:  Thread deadlock  (ORDER_REVERSAL)
> /osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)()
> 308 return;
> 309   }
> 310
> 311   int max = 10 - pr->uncommitted;
> 312   while (pr->num > 0 && max > 0) {
> 313 object_t oid = file_object_t(pr->ino, pr->first);
>>>> CID 1241497:  Thread deadlock  (ORDER_REVERSAL)
>>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock 
>>>> "Mutex._m" (count: 15 / 30).
> 314 const OSDMap *osdmap = objecter->get_osdmap_read();
> 315 object_locator_t oloc = 
> osdmap->file_to_object_locator(pr->layout);
> 316 objecter->put_osdmap_read();
> 317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags,
> 318  NULL, new C_PurgeRange(this, pr));
> 319 pr->uncommitted++;
>
>
> 
> To view the defects in Coverity Scan visit, 
> http://scan.coverity.com/projects/25?tab=overview
>
> To unsubscribe from the email notification for new defects, 
> http://scan5.coverity.com/cgi-bin/unsubscribe.py
>
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph (fwd)

2014-09-25 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1241497:  Thread deadlock  (ORDER_REVERSAL)




*** CID 1241497:  Thread deadlock  (ORDER_REVERSAL)
/osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)()
308 return;
309   }
310 
311   int max = 10 - pr->uncommitted;
312   while (pr->num > 0 && max > 0) {
313 object_t oid = file_object_t(pr->ino, pr->first);
>>> CID 1241497:  Thread deadlock  (ORDER_REVERSAL)
>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock 
>>> "Mutex._m" (count: 15 / 30).
314 const OSDMap *osdmap = objecter->get_osdmap_read();
315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout);
316 objecter->put_osdmap_read();
317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags,
318  NULL, new C_PurgeRange(this, pr));
319 pr->uncommitted++;



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--- End Message ---


New Defects reported by Coverity Scan for ceph (fwd)

2014-09-16 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 20 of 38 defect(s)


** CID 717233:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, 
client_t)()

** CID 1238869:  Value not atomically updated  (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()

** CID 1238870:  Unchecked return value  (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()

** CID 1238871:  Dereference after null check  (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, 
std::tr1::shared_ptr &, bool)()
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, 
std::tr1::shared_ptr &, bool)()

** CID 1238872:  Unchecked return value  (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in 
do_import_rados(std::basic_string, 
std::allocator>)()

** CID 1238873:  Unchecked return value  (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const 
std::basic_string, std::allocator>&)()

** CID 1238874:  Missing unlock  (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned 
long, int)()

** CID 1238875:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7737 in ()

** CID 1238876:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7735 in ()

** CID 1238877:  Missing unlock  (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()

** CID 1238878:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7734 in ()

** CID 1238879:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238880:  Thread deadlock  (ORDER_REVERSAL)



** CID 1238881:  Thread deadlock  (ORDER_REVERSAL)



** CID 1238882:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238883:  Improper use of negative value  (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()

** CID 1238884:  Unrecoverable parse warning  (PARSE_ERROR)
/client/Client.cc: 7733 in ()

** CID 1238885:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238886:  Thread deadlock  (ORDER_REVERSAL)


** CID 1238887:  Thread deadlock  (ORDER_REVERSAL)




*** CID 717233:  Uninitialized scalar field  (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, 
client_t)()
243 suppress(0), state(0),
244 client_follows(0), client_xattr_version(0),
245 client_inline_version(0),
246 item_session_caps(this), item_snaprealm_caps(this), 
item_revoking_caps(this) {
247 g_num_cap++;
248 g_num_capa++;
>>> CID 717233:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "num_revoke_warnings" is not initialized in 
>>> this constructor nor in any functions that it calls.
249   }
250   ~Capability() {
251 g_num_cap--;
252 g_num_caps++;
253   }
254 


*** CID 1238869:  Value not atomically updated  (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050   rwlock.unlock();
3051   rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869:  Value not atomically updated  (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If 
>>> the data that "op" depends on was changed by another thread, this use might 
>>> be incorrect.
3055   _finish_pool_op(op);
3056 }
3057   } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059   }
3060   rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050   rwlock.unlock();
3051   rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869:  Value not atomically updated  (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If 
>>> the data that "op" depends on was changed by another thread, this use might 
>>> be incorrect.
3055   _finish_pool_op(op);
3056 }
3057   } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059   }
3060   rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050   rwlock.unlock();
3051   

New Defects reported by Coverity Scan for ceph (fwd)

2014-08-23 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)


** CID 1232599:  Bad bit shift operation  (BAD_SHIFT)
/os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned 
long)()

** CID 1232600:  Bad bit shift operation  (BAD_SHIFT)
/os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned 
long)()

** CID 1232601:  Unchecked return value  (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in 
rbd_replay::Replayer::run(std::basic_string, 
std::allocator>)()

** CID 1232602:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, 
std::basic_string, std::allocator>&, bool, 
const std::set, std::allocator> *)()

** CID 1232603:  Unintentional integer overflow  (OVERFLOW_BEFORE_WIDEN)
/test/objectstore/store_test.cc: 138 in 
StoreTest_SimpleColPreHashTest_Test::TestBody()()

** CID 1232604:  Unintentional integer overflow  (OVERFLOW_BEFORE_WIDEN)
/os/HashIndex.cc: 378 in HashIndex::pre_split_folder(unsigned int, unsigned 
long)()

** CID 1232605:  Uncaught exception  (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()

** CID 1232606:  Uncaught exception  (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()

** CID 1232607:  Uninitialized pointer field  (UNINIT_CTOR)
/rbd_replay/Replayer.cc: 141 in rbd_replay::Replayer::Replayer(int)()



*** CID 1232599:  Bad bit shift operation  (BAD_SHIFT)
/os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned 
long)()
427   leavies /= subs;
428   while (leavies > 1) {
429 ++level;
430 leavies = leavies >> 4;
431   }
432   for (uint32_t i = 0; i < subs; ++i) {
>>> CID 1232599:  Bad bit shift operation  (BAD_SHIFT)
>>> In expression "i << (4 - split_bits) % 4", shifting by a negative 
>>> amount has undefined behavior.  The shift amount, "(4 - split_bits) % 4", 
>>> is -1.
433 int v = tmp_id | (i << ((4 - split_bits) % 4));
434 paths.push_back(to_hex(v));
435 ret = create_path(paths);
436 if (ret < 0 && ret != -EEXIST)
437   return ret;
438 ret = recursive_create_path(paths, level);


*** CID 1232600:  Bad bit shift operation  (BAD_SHIFT)
/os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned 
long)()
415   // this variable denotes how many bits (for this level) that can be
416   // used for sub folder splitting
417   int split_bits = 4 - left_bits;
418   // the below logic is inspired by rados.h#ceph_stable_mod,
419   // it basically determines how many sub-folders should we
420   // create for splitting
>>> CID 1232600:  Bad bit shift operation  (BAD_SHIFT)
>>> In expression "1 << pg_num_bits - 1", shifting by a negative amount has 
>>> undefined behavior.  The shift amount, "pg_num_bits - 1", is -1.
421   if (((1 << (pg_num_bits - 1)) | ps) >= pg_num) {
422 ++split_bits;
423   }
424   const uint32_t subs = (1 << split_bits);
425   // Calculate how many levels we create starting from here
426   int level  = 0;


*** CID 1232601:  Unchecked return value  (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in 
rbd_replay::Replayer::run(std::basic_string, 
std::allocator>)()
148   return m_action_trackers[id % m_num_action_trackers];
149 }
150 
151 void Replayer::run(const std::string replay_file) {
152   {
153 librados::Rados rados;
>>> CID 1232601:  Unchecked return value  (CHECKED_RETURN)
>>> Calling "init" without checking return value (as is done elsewhere 10 
>>> out of 11 times).
154 rados.init(NULL);
155 int r = rados.init_with_context(g_ceph_context);
156 if (r) {
157   cerr << "Unable to read conf file: " << r << std::endl;
158   goto out;
159 }


*** CID 1232602:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, 
std::basic_string, std::allocator>&, bool, 
const std::set, std::allocator> *)()
484 }
485 ++pgs_by_osd[*q];
486 ++num_pg_copies;
487   }
488 }
489 
>>> CID 1232602:  Division or modulo by zero  (DIVIDE_BY_ZERO)
>>> In expression "num_p

New Defects reported by Coverity Scan for ceph (fwd)

2014-07-10 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)


** CID 1201388:  Missing unlock  (LOCK)
/mon/Monitor.cc: 438 in Monitor::preinit()()

** CID 1225099:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const 
std::basic_string, std::allocator>&, 
std::map, std::allocator>, 
boost::variant, 
std::allocator>, bool, long, double, std::vector, std::allocator>, 
std::allocator, 
std::allocator>>>, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_>, std::less, std::allocator>>, 
std::allocator, 
std::allocator>, boost::variant, std::allocator>, bool, long, double, 
std::vector, 
std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_ &, 
std::basic_stringstream, std::allocator> &, int &)()

** CID 1225100:  Missing unlock  (LOCK)
/mds/MDLog.cc: 511 in MDLog::trim(int)()
/mds/MDLog.cc: 511 in MDLog::trim(int)()

** CID 1225101:  Missing unlock  (LOCK)
/mds/MDLog.cc: 394 in MDLog::shutdown()()

** CID 1225102:  Dereference before null check  (REVERSE_INULL)
/mon/Monitor.cc: 746 in Monitor::shutdown()()



*** CID 1201388:  Missing unlock  (LOCK)
/mon/Monitor.cc: 438 in Monitor::preinit()()
432 
433   dout(1) << "preinit fsid " << monmap->fsid << dendl;
434 
435   int r = sanitize_options();
436   if (r < 0) {
437 derr << "option sanitization failed!" << dendl;
>>> CID 1201388:  Missing unlock  (LOCK)
>>> Returning without unlocking "this->lock._m".
438 return r;
439   }
440 
441   assert(!logger);
442   {
443 PerfCountersBuilder pcb(g_ceph_context, "mon", l_mon_first, 
l_mon_last);


*** CID 1225099:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const 
std::basic_string, std::allocator>&, 
std::map, std::allocator>, 
boost::variant, 
std::allocator>, bool, long, double, std::vector, std::allocator>, 
std::allocator, 
std::allocator>>>, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_>, std::less, std::allocator>>, 
std::allocator, 
std::allocator>, boost::variant, std::allocator>, bool, long, double, 
std::vector, 
std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_, 
boost::detail::variant::void_, boost::detail::variant::void_ &, 
std::basic_stringstream, std::allocator> &, int &)()
1403   r = -EINVAL;
1404   poolid = -1;
1405   ss << "cannot remove default data pool";
1406 }
1407 
1408 if (poolid >= 0) {
>>> CID 1225099:  Unchecked return value  (CHECKED_RETURN)
>>> Calling "cmd_getval" without checking return value (as is done 
>>> elsewhere 22 out of 25 times).
1409   cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1410   r = pending_mdsmap.remove_data_pool(poolid);
1411   if (r == -ENOENT)
1412r = 0;
1413   if (r == 0)
1414ss << "removed data pool " << poolid << " f

New Defects reported by Coverity Scan for ceph (fwd)

2014-06-20 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1223276:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/tools/rados/rados.cc: 1368 in rados_tool_common(const 
std::map, std::allocator>, 
std::basic_string, std::allocator>, 
std::less, 
std::allocator>>, std::allocator, std::allocator>, std::basic_string, std::allocator &, std::vector> &)()



*** CID 1223276:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/tools/rados/rados.cc: 1368 in rados_tool_common(const 
std::map, std::allocator>, 
std::basic_string, std::allocator>, 
std::less, 
std::allocator>>, std::allocator, std::allocator>, std::basic_string, std::allocator &, std::vector> &)()
1362   }
1363 
1364   // align op_size
1365   if (io_ctx.pool_requires_alignment()) {
1366 const uint64_t align = io_ctx.pool_required_alignment();
1367 const bool wrn = (op_size != (1<<22));
>>> CID 1223276:  Division or modulo by zero  (DIVIDE_BY_ZERO)
>>> In expression "(op_size + align - 1UL) / align", division by expression 
>>> "align" which may be zero has undefined behavior.
1368 op_size = uint64_t((op_size + align - 1) / align) * align;
1369 if (wrn)
1370   cerr << "INFO: op_size has been rounded to " << op_size << 
std::endl;
1371   }
1372 
1373   // snapname?



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--- End Message ---


Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-06-18 Thread Sebastien Ponce
I've now looked at the defects. And according to me, there are mostly
irrelevant.
There are 2 cases :
  - the 2 "division by zero" will never happen because we will never run
the test with a zero parameter. Still, I've added an ASSERT to avoid
their report.
  - all the rest is a clash between gtest and coverity : whenever you
allocate something via the C API and you have an assert between this
allocation and the deallocation, you have a potential resource leak if
the assert fails. However, avoiding it means wrapping all the C API in a
kind of autoPtr interface. I do not believe it's worth it for test code.
By the way, the rados tests must have the same leaks a priori and I
suppose they are ignored.

So is it ok to commit the 2 new asserts and ignore the other defects ?

Cheers,

Sebastien

On Sat, 2014-06-07 at 09:12 -0700, Sage Weil wrote:
> Mostly stuff in teh new libradosstriper code, it looks like.


--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-06-08 Thread Sebastien Ponce
Not surprising, this was just integrated and I did not have the
possibility to run a coverity scan myself.
I'll fix all this.

Sebastien

On Sat, 2014-06-07 at 09:12 -0700, Sage Weil wrote:
> Mostly stuff in teh new libradosstriper code, it looks like.


--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph (fwd)

2014-06-07 Thread Sage Weil
Mostly stuff in teh new libradosstriper code, it looks like.--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 20 of 41 defect(s)


** CID 1221498:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 59 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()

** CID 1221499:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 68 in 
StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned 
long, unsigned long, unsigned long, unsigned long, unsigned long)()

** CID 1221500:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/io.cc: 341 in StriperTest_XattrIter_Test::TestBody()()
/test/libradosstriper/io.cc: 335 in StriperTest_XattrIter_Test::TestBody()()

** CID 1221501:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 513 in 
StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()

** CID 1221502:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 537 in 
StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 538 in 
StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 532 in 
StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()

** CID 1221503:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()

** CID 1221504:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 428 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 424 in StriperTest_Flush_Test::TestBody()()

** CID 1221505:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()

** CID 1221506:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 285 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 281 in StriperTest_IsSafe_Test::TestBody()()

** CID 1221507:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 453 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()

** CID 1221508:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()

** CID 1221509:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()

** CID 1221510:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 108 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 104 in StriperTest_RoundTrip_Test::TestBody()()

** CID 1221511:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 319 in StriperTestPP_IsSafePP_Test::TestBody()()

** CID 1221512:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()

** CID 1221513:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()

** CID 1221514:  Resource leak  (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 218 in StriperTest_IsComplete_Test::TestBody()()
/test/li

New Defects reported by Coverity Scan for ceph (fwd)

2014-06-06 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1220854:  Invalid iterator comparison  (MISMATCHED_ITERATOR)
/osd/PG.cc: 981 in 
PG::calc_ec_acting(std::_Rb_tree_const_iterator>, unsigned int, const std::vector> &, 
pg_shard_t, const std::vector> &, pg_shard_t, const 
std::map, 
std::allocator>> &, bool, 
std::vector> *, std::set, std::allocator> *, std::set, std::allocator> *, pg_shard_t *, 
std::basic_ostream>&)()



*** CID 1220854:  Invalid iterator comparison  (MISMATCHED_ITERATOR)
/osd/PG.cc: 981 in 
PG::calc_ec_acting(std::_Rb_tree_const_iterator>, unsigned int, const std::vector> &, 
pg_shard_t, const std::vector> &, pg_shard_t, const 
std::map, 
std::allocator>> &, bool, 
std::vector> *, std::set, std::allocator> *, std::set, std::allocator> *, pg_shard_t *, 
std::basic_ostream>&)()
975 all_info.find(pg_shard_t(acting[i], 
shard_id_t(i)))->second.last_update >=
976 auth_log_shard->second.log_tail) {
977   ss << " selecting acting[i]: " << pg_shard_t(acting[i], 
shard_id_t(i)) << std::endl;
978   want[i] = acting[i];
979   ++usable;
980 } else {
>>> CID 1220854:  Invalid iterator comparison  (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to 
>>> "all_info_by_shard[shard_id_t(i)]->end()" from 
>>> "all_info_by_shard[shard_id_t(i)]".
981   for (set::iterator j = 
all_info_by_shard[shard_id_t(i)].begin();
982j != all_info_by_shard[shard_id_t(i)].end();
983++j) {
984 assert(j->shard == i);
985 if (!all_info.find(*j)->second.is_incomplete() &&
986 all_info.find(*j)->second.last_update >=



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--- End Message ---


New Defects reported by Coverity Scan for ceph (fwd)

2014-05-20 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1214678:  Unchecked return value  (CHECKED_RETURN)
/osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr, std::tr1::shared_ptr, spg_t)()



*** CID 1214678:  Unchecked return value  (CHECKED_RETURN)
/osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr, std::tr1::shared_ptr, spg_t)()
312   OSDMapRef new_map,
313   spg_t pgid)
314 {
315   assert(old_map->have_pg_pool(pgid.pool()));
316   if (pgid.ps() < 
static_cast(old_map->get_pg_num(pgid.pool( {
317 set children;
>>> CID 1214678:  Unchecked return value  (CHECKED_RETURN)
>>> No check of the return value of 
>>> "pgid.is_split(old_map->get_pg_num(pgid.pool()), 
>>> new_map->get_pg_num(pgid.pool()), &children)".
318 pgid.is_split(old_map->get_pg_num(pgid.pool()),
319   new_map->get_pg_num(pgid.pool()), &children);
320 _start_split(pgid, children);
321   } else {
322 assert(pgid.ps() < 
static_cast(new_map->get_pg_num(pgid.pool(;
323   }



To view the defects in Coverity Scan visit, 
http://scan.coverity.com/projects/25?tab=overview

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--- End Message ---


New Defects reported by Coverity Scan for ceph (fwd)

2014-05-10 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)


** CID 717008:  Dereference null return value  (NULL_RETURNS)


** CID 1128417:  Dereference null return value  (NULL_RETURNS)
/mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)()

** CID 1213580:  Dereference null return value  (NULL_RETURNS)
/osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr, 
std::tr1::shared_ptr)()

** CID 1213581:  Dereference null return value  (NULL_RETURNS)
/osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)()

** CID 1213582:  Dereference null return value  (NULL_RETURNS)
/osd/Watch.cc: 359 in Watch::discard_state()()

** CID 1213583:  Dereference null return value  (NULL_RETURNS)
/osd/Watch.cc: 321 in Watch::connect(boost::intrusive_ptr)()

** CID 1213584:  Thread deadlock  (ORDER_REVERSAL)


** CID 1213585:  Thread deadlock  (ORDER_REVERSAL)




*** CID 717008:  Dereference null return value  (NULL_RETURNS)
/osd/ReplicatedPG.cc: 4962 in 
ReplicatedPG::do_osd_op_effects(ReplicatedPG::OpContext *)()
4956 
4957 void ReplicatedPG::do_osd_op_effects(OpContext *ctx)
4958 {
4959   ConnectionRef conn(ctx->op->get_req()->get_connection());
4960   boost::intrusive_ptr session(
4961 (OSD::Session *)conn->get_priv());
>>> CID 717008:  Dereference null return value  (NULL_RETURNS)
>>> Dereferencing a pointer that might be null "session" when calling 
>>> "RefCountedObject::put()".
4962   session->put();  // get_priv() takes a ref, and so does the 
intrusive_ptr
4963   entity_name_t entity = ctx->reqid.name;
4964 
4965   dout(15) << "do_osd_op_effects on session " << session.get() << 
dendl;
4966 
4967   for (list::iterator i = ctx->watch_connects.begin();


*** CID 1128417:  Dereference null return value  (NULL_RETURNS)
/mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)()
9980 } else {
9981   // note: this can only happen our first way around this loop.
9982   if (p.end() && m->is_flag_error_dn()) {
9983fg = cur->pick_dirfrag(m->get_error_dentry());
9984curdir = cur->get_dirfrag(fg);
9985   } else
>>> CID 1128417:  Dereference null return value  (NULL_RETURNS)
>>> Assigning: "curdir" = null return value from 
>>> "CInode::get_dirfrag(frag_t)".
9986curdir = cur->get_dirfrag(m->get_base_dir_frag());
9987 }
9988 
9989 if (p.end())
9990   break;
9991 


*** CID 1213580:  Dereference null return value  (NULL_RETURNS)
/osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr, 
std::tr1::shared_ptr)()
5144 // we're shutting down, so drop the op
5145 return true;
5146   }
5147 
5148   epoch_t msg_epoch(op_required_epoch(op));
5149   if (msg_epoch > osdmap->get_epoch()) {
>>> CID 1213580:  Dereference null return value  (NULL_RETURNS)
>>> Assigning: "s" = null return value from "Connection::get_priv()".
5150 Session *s = static_cast(op->get_req()->
5151   get_connection()->get_priv());
5152 s->received_map_lock.Lock();
5153 epoch_t received_epoch = s->received_map_epoch;
5154 s->received_map_lock.Unlock();
5155 if (received_epoch < msg_epoch) {


*** CID 1213581:  Dereference null return value  (NULL_RETURNS)
/osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)()
4938 
4939 void OSD::ms_fast_preprocess(Message *m)
4940 {
4941   if (m->get_connection()->get_peer_type() == CEPH_ENTITY_TYPE_OSD) {
4942 if (m->get_type() == CEPH_MSG_OSD_MAP) {
4943   MOSDMap *mm = static_cast(m);
>>> CID 1213581:  Dereference null return value  (NULL_RETURNS)
>>> Assigning: "s" = null return value from "Connection::get_priv()".
4944   Session *s = 
static_cast(m->get_connection()->get_priv());
4945   s->received_map_lock.Lock();
4946   s->received_map_epoch = mm->get_last();
4947   s->received_map_lock.Unlock();
4948   s->put();
4949 }


*** CID 1213582:  Dereference null return value  (NULL_RETURNS)
/osd/Watch.cc: 359 in Watch::discard_state()()
353   assert(!discarded);
354   assert(obc);
355   in_progress_notifies.clear();
356   unregister_cb();
357   discarded

New Defects reported by Coverity Scan for ceph (fwd)

2014-04-22 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1204293:  Buffer not null terminated  (BUFFER_SIZE_WARNING)
/mds/MDS.cc: 1714 in MDS::respawn()()

** CID 1204294:  Resource leak  (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 980 in 
ReplicatedPG::do_pg_op(std::tr1::shared_ptr)()

** CID 1204295:  Uninitialized scalar field  (UNINIT_CTOR)
/osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()()

** CID 1204296:  Uninitialized scalar field  (UNINIT_CTOR)
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const 
object_locator_t &, std::vector> &, int, Context 
*, Context *, unsigned long *)()
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const 
object_locator_t &, std::vector> &, int, Context 
*, Context *, unsigned long *)()



*** CID 1204293:  Buffer not null terminated  (BUFFER_SIZE_WARNING)
/mds/MDS.cc: 1714 in MDS::respawn()()
1708 char buf[PATH_MAX];
1709 char *cwd = getcwd(buf, sizeof(buf));
1710 assert(cwd);
1711 dout(1) << " cwd " << cwd << dendl;
1712 
1713 /* Fall back to a best-effort: just running in our CWD */
>>> CID 1204293:  Buffer not null terminated  (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 4096 bytes on 
>>> destination array "exe_path" of size 4096 bytes might leave the destination 
>>> string unterminated.
1714 strncpy(exe_path, orig_argv[0], sizeof(exe_path));
1715   }
1716 
1717   dout(1) << " exe_path " << exe_path << dendl;
1718 
1719   unblock_all_signals(NULL);


*** CID 1204294:  Resource leak  (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 980 in 
ReplicatedPG::do_pg_op(std::tr1::shared_ptr)()
974 // FIXME: EC not supported yet
975 result = -EOPNOTSUPP;
976 break;
977   }
978   if (is_unreadable_object(oid)) {
979 wait_for_unreadable_object(oid, op);
>>> CID 1204294:  Resource leak  (RESOURCE_LEAK)
>>> Variable "filter" going out of scope leaks the storage it points to.
980 return;
981   }
982   result = osd->store->read(coll, oid, 0, 0, osd_op.outdata);
983 }
984   }
985   break;


*** CID 1204295:  Uninitialized scalar field  (UNINIT_CTOR)
/osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()()
2710 /// if set, restart backfill when we can get a read lock
2711 bool backfill_read_marker;
2712 
2713 /// if set, requeue snaptrim on lock release
2714 bool snaptrimmer_write_marker;
2715 
>>> CID 1204295:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "snaptrimmer_write_marker" is not initialized 
>>> in this constructor nor in any functions that it calls.
2716 RWState() : state(RWNONE), count(0), backfill_read_marker(false) {}
2717 bool get_read(OpRequestRef op) {
2718   if (get_read_lock()) {
2719return true;
2720   } // else
2721   waiters.push_back(op);


*** CID 1204296:  Uninitialized scalar field  (UNINIT_CTOR)
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const 
object_locator_t &, std::vector> &, int, Context 
*, Context *, unsigned long *)()
1159out_handler[i] = NULL;
1160out_rval[i] = NULL;
1161   }
1162 
1163   if (target.base_oloc.key == o)
1164target.base_oloc.key.clear();
>>> CID 1204296:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "used_replica" is not initialized in this 
>>> constructor nor in any functions that it calls.
1165 }
1166 ~Op() {
1167   while (!out_handler.empty()) {
1168delete out_handler.back();
1169out_handler.pop_back();
1170   }
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const 
object_locator_t &, std::vector> &, int, Context 
*, Context *, unsigned long *)()
1159out_handler[i] = NULL;
1160out_rval[i] = NULL;
1161   }
1162 
1163   if (target.base_oloc.key == o)
1164target.base_oloc.key.clear();
>>> CID 1204296:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "used_replica" is not initialized in this 
>>> constructor nor in any functions that it calls.
1165 }
1166 ~Op() {
1167   while (!out_handler.

Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-04-12 Thread Loic Dachary
I'll deal with the problems found in gf-complete: 
http://tracker.ceph.com/issues/8083

On 12/04/2014 06:06, Sage Weil wrote:
> Several new defects.  This wasn't running for the last couple of weeks 
> because the submodules didn't update on the test checkout.
> 

-- 
Loïc Dachary, Artisan Logiciel Libre



signature.asc
Description: OpenPGP digital signature


New Defects reported by Coverity Scan for ceph (fwd)

2014-04-11 Thread Sage Weil
Several new defects.  This wasn't running for the last couple of weeks 
because the submodules didn't update on the test checkout.

--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 20 of 41 defect(s)


** CID 1201374:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()

** CID 1201375:  Unchecked return value  (CHECKED_RETURN)
/osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, 
std::vector, 
std::allocator>, std::allocator, std::allocator>>> &, ceph::buffer::list &)()

** CID 1201376:  Unchecked return value  (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 333 in main()

** CID 1201377:  Unchecked return value  (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 335 in main()

** CID 1201378:  Unchecked return value  (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 330 in main()

** CID 1201379:  Copy-paste error  (COPY_PASTE_ERROR)
/mds/Server.cc: 7119 in Server::do_rename_rollback(ceph::buffer::list &, int, 
std::tr1::shared_ptr &, bool)()

** CID 1201380:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 291 in gf_error_check()

** CID 1201381:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 376 in gf_error_check()
/erasure-code/jerasure/gf-complete/src/gf.c: 377 in gf_error_check()

** CID 1201382:  Dereference after null check  (FORWARD_NULL)
/mds/Server.cc: 6073 in 
Server::_rename_prepare(std::tr1::shared_ptr &, EMetaBlob *, 
ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()

** CID 1201383:  Dereference after null check  (FORWARD_NULL)
/mds/Server.cc: 7112 in Server::do_rename_rollback(ceph::buffer::list &, int, 
std::tr1::shared_ptr &, bool)()

** CID 1201384:  Dereference after null check  (FORWARD_NULL)
/mds/Server.cc: 7154 in 
Server::_rename_rollback_finish(std::tr1::shared_ptr &, 
std::tr1::shared_ptr &, CDentry *, unsigned long, CDentry *, 
CDentry *, bool)()

** CID 1201385:  Using invalid iterator  (INVALIDATE_ITERATOR)
/mds/Locker.cc: 416 in 
Locker::acquire_locks(std::tr1::shared_ptr &, 
std::set, std::allocator> 
&, std::set, std::allocator> &, std::set, 
std::allocator> &, std::map, std::allocator>> *, 
CInode *, bool)()
/mds/Locker.cc: 416 in 
Locker::acquire_locks(std::tr1::shared_ptr &, 
std::set, std::allocator> 
&, std::set, std::allocator> &, std::set, 
std::allocator> &, std::map, std::allocator>> *, 
CInode *, bool)()

** CID 1201386:  Using invalid iterator  (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 371 in LibRadosLockECPP_BreakLockPP_Test::TestBody()()

** CID 1201387:  Using invalid iterator  (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 330 in LibRadosLockECPP_ListLockersPP_Test::TestBody()()

** CID 1201388:  Missing unlock  (LOCK)
/mon/Monitor.cc: 462 in Monitor::preinit()()

** CID 1201389:  Out-of-bounds access  (OVERRUN)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()

** CID 1201390:  Out-of-bounds access  (OVERRUN_DYNAMIC)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()

** CID 1201391:  Out-of-bounds write  (OVERRUN_STATIC)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1267 in gf_w8_table_init()

** CID 1201392:  Resource leak  (RESOURCE_LEAK)
/test/librados/TestCase.cc: 134 in RadosTestEC::cleanup_default_namespace(void 
*)()
/test/librados/TestCase.cc: 139 in RadosTestEC::cleanup_default_namespace(void 
*)()
/test/librados/TestCase.cc: 141 in RadosTestEC::cleanup_default_namespace(void 
*)()

** CID 1201393:  Resource leak  (RESOURCE_LEAK)
/test/librados/aio.cc: 1881 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
/test/librados/aio.cc: 1883 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()



*** CID 1201374:  Unchecked return value  (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
1091   r = -EINVAL;
1092   poolid = -1;
1093   ss << "cannot remove default data pool";
1094 }
1095 
1096 if (poolid >= 0) {
>>> CID 1201374:  Unchecked return value  (CHECKED_RETURN)
>>> No check of the return value of "cmd_getval(g_ceph_context, cmdmap, 
>>> std::string("poolid", std::allocator()), poolid)".
1097   cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1098   r = pending_mdsmap.remove_data_pool(poolid);
1099   if (r == -ENOENT)
1100r = 0;
1101   if (r == 0)
1102ss << "removed data pool " << poolid << " from mdsmap";


*** CID 1201375:  Unchecked return value  (CHECKED_RETURN)
/osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, 
std::vector, 
std::allocator>

Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-03-03 Thread Li Wang
Then it seems that Coverity is only able to perform intra-procedure 
check, is there any inter-procedure check option to turn on?


On 2014/3/4 6:53, John Spray wrote:

On Mon, Mar 3, 2014 at 10:23 PM, Sage Weil  wrote:

** CID 1188299:  Data race condition  (MISSING_LOCK)
/mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()


Is there a trick to getting coverity to realise that the lock is held,
but by the calling function?  Does it recognise assertions that the
lock is held?

Cheers,
John
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


Re: New Defects reported by Coverity Scan for ceph (fwd)

2014-03-03 Thread John Spray
On Mon, Mar 3, 2014 at 10:23 PM, Sage Weil  wrote:
> ** CID 1188299:  Data race condition  (MISSING_LOCK)
> /mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()

Is there a trick to getting coverity to realise that the lock is held,
but by the calling function?  Does it recognise assertions that the
lock is held?

Cheers,
John
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph (fwd)

2014-03-03 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 15 of 15 defect(s)


** CID 1188299:  Data race condition  (MISSING_LOCK)
/mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()

** CID 717359:  Uninitialized scalar field  (UNINIT_CTOR)
/rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)()

** CID 1188131:  Division or modulo by zero  (DIVIDE_BY_ZERO)
/common/histogram.h: 97 in pow2_hist_t::get_position_micro(int, unsigned long 
*, unsigned long *)()

** CID 716921:  Dereference after null check  (FORWARD_NULL)
/mds/MDCache.cc: 6950 in MDCache::handle_cache_expire(MCacheExpire *)()

** CID 1188134:  Unchecked dynamic_cast  (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 428 in 
RPGTransaction::append(PGBackend::PGTransaction *)()

** CID 1188135:  Unchecked dynamic_cast  (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 494 in ReplicatedBackend::submit_transaction(const 
hobject_t &, const eversion_t &, PGBackend::PGTransaction *, const eversion_t 
&, std::vector> &, Context *, 
Context *, Context *, unsigned long, osd_reqid_t, 
std::tr1::shared_ptr)()

** CID 716990:  Dereference null return value  (NULL_RETURNS)
/mds/MDCache.cc: 10098 in MDCache::handle_discover(MDiscover *)()

** CID 1135931:  Resource leak  (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer 
*, std::list> &, std::tr1::shared_ptr, 
ThreadPool::TPHandle *)()

** CID 1135933:  Resource leak  (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer 
*, std::list> &, std::tr1::shared_ptr, 
ThreadPool::TPHandle *)()

** CID 1188126:  Unchecked return value  (CHECKED_RETURN)
/test/objectstore/store_test.cc: 564 in SyntheticWorkloadState::stat()()

** CID 1188145:  Resource leak  (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 5231 in 
ReplicatedPG::fill_in_copy_get(ReplicatedPG::OpContext *, 
ceph::buffer::list::iterator &, OSDOp &, std::tr1::shared_ptr &, 
bool)()

** CID 1188156:  Resource leak  (RESOURCE_LEAK)
/test/librados/c_write_operations.cc: 131 in 
LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 134 in 
LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 136 in 
LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 138 in 
LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 139 in 
LibRadosCWriteOps_Exec_Test::TestBody()()

** CID 1160848:  Uninitialized scalar variable  (UNINIT)
/osdc/Objecter.cc: 1519 in Objecter::recalc_op_target(Objecter::Op *)()

** CID 1030132:  Uninitialized scalar variable  (UNINIT)
/mon/PGMonitor.cc: 1979 in 
PGMonitor::dump_stuck_pg_stats(std::basic_stringstream, std::allocator> &, ceph::Formatter *, int, 
std::vector, 
std::allocator>, std::allocator, std::allocator>>> &) const()
/mon/PGMonitor.cc: 1979 in 
PGMonitor::dump_stuck_pg_stats(std::basic_stringstream, std::allocator> &, ceph::Formatter *, int, 
std::vector, 
std::allocator>, std::allocator, std::allocator>>> &) const()

** CID 1135932:  Resource leak  (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer 
*, std::list> &, std::tr1::shared_ptr, 
ThreadPool::TPHandle *)()



*** CID 1188299:  Data race condition  (MISSING_LOCK)
/mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()
136 
137 void MDSUtility::handle_mds_map(MMDSMap* m)
138 {
139   mdsmap->decode(m->get_encoded());
140   if (waiting_for_mds_map) {
141 waiting_for_mds_map->complete(0);
>>> CID 1188299:  Data race condition  (MISSING_LOCK)
>>> Accessing "this->waiting_for_mds_map" 
>>> ("MDSUtility.waiting_for_mds_map") requires the "Mutex._m" lock.
142 waiting_for_mds_map = NULL;
143   }
144 }
145 
146 
147 bool MDSUtility::ms_get_authorizer(int dest_type, AuthAuthorizer 
**authorizer,


*** CID 717359:  Uninitialized scalar field  (UNINIT_CTOR)
/rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)()
155   length = NULL;
156   copy_source = NULL;
157   http_auth = NULL;
158   local_source = false;
159 
160   obj_ctx = NULL;
>>> CID 717359:  Uninitialized scalar field  (UNINIT_CTOR)
>>> Non-static class member "bucket_exists" is not initialized in this 
>>> constructor nor in any functions that it calls.
161 }
162 
163 req_state::~req_state() {
164   delete formatter;
165   delete bucket_acl;
166   delete object_acl;


*** CID 1188131:  Division or modulo by zero  (DIVIDE

New Defects reported by Coverity Scan for ceph (fwd)

2013-12-17 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 7 of 13 defect(s)


** CID 1138583:  Dereference null return value  (NULL_RETURNS)
/mds/MDCache.cc: 5074 in MDCache::process_imported_caps()()

** CID 1138584:  Dereference null return value  (NULL_RETURNS)
/mds/Migrator.cc: 2480 in Migrator::import_finish(CDir *, bool, bool)()

** CID 1138585:  Dereference null return value  (NULL_RETURNS)
/mds/Migrator.cc: 2289 in Migrator::import_reverse(CDir *)()

** CID 1138586:  Dereference null return value  (NULL_RETURNS)
/mds/Migrator.cc: 2297 in Migrator::import_reverse(CDir *)()

** CID 1138587:  Out-of-bounds access  (OVERRUN)
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()

** CID 1138588:  Out-of-bounds access  (OVERRUN)
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()

** CID 739602:  Dereference null return value  (NULL_RETURNS)
/mds/Server.cc: 707 in Server::reconnect_tick()()





To view the defects in Coverity Scan visit, http://scan.coverity.com

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--- End Message ---


Re: New Defects reported by Coverity Scan for ceph (fwd)

2013-12-17 Thread Ilya Dryomov
On Mon, Dec 16, 2013 at 6:07 PM, Sage Weil  wrote:
>
>
> -- Forwarded message --
> From: scan-ad...@coverity.com
> To: undisclosed-recipients:;
> Cc:
> Date: Mon, 16 Dec 2013 00:57:57 -0800
> Subject: New Defects reported by Coverity Scan for ceph
>
>
> Hi,
>
>
> Please find the latest report on new defect(s) introduced to ceph found with 
> Coverity Scan.
>
> Defect(s) Reported-by: Coverity Scan
> Showing 4 of 4 defect(s)
>
>
> ** CID 1138366:  Resource leak  (RESOURCE_LEAK)
> /test/librados/tier.cc: 96 in LibRadosMisc_HitSetNone_Test::TestBody()()
> /test/librados/tier.cc: 98 in LibRadosMisc_HitSetNone_Test::TestBody()()
> /test/librados/tier.cc: 99 in LibRadosMisc_HitSetNone_Test::TestBody()()
>
> ** CID 1138367:  Time of check time of use  (TOCTOU)
> /rbd.cc: 2024 in do_kernel_rm(const char *)()
>
> ** CID 1138368:  Time of check time of use  (TOCTOU)
> /rbd.cc: 1735 in do_kernel_add(const char *, const char *, const char *)()

Look like these two refer to my recent work on rbd:

2019   const char *fname = "/sys/bus/rbd/remove_single_major";
2020   if (stat(fname, &sbuf)) {
2021 fname = "/sys/bus/rbd/remove";
2022   }
2023
2024   int fd = open(fname, O_WRONLY); <---
2025   if (fd < 0) {

This is not a TOCTOU as there is no race here, so technically
annotations are in order, but I'll redo it as two open()s instead.

Thanks,

Ilya
--
To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html


New Defects reported by Coverity Scan for ceph (fwd)

2013-12-16 Thread Sage Weil
--- Begin Message ---


Hi,


Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1138366:  Resource leak  (RESOURCE_LEAK)
/test/librados/tier.cc: 96 in LibRadosMisc_HitSetNone_Test::TestBody()()
/test/librados/tier.cc: 98 in LibRadosMisc_HitSetNone_Test::TestBody()()
/test/librados/tier.cc: 99 in LibRadosMisc_HitSetNone_Test::TestBody()()

** CID 1138367:  Time of check time of use  (TOCTOU)
/rbd.cc: 2024 in do_kernel_rm(const char *)()

** CID 1138368:  Time of check time of use  (TOCTOU)
/rbd.cc: 1735 in do_kernel_add(const char *, const char *, const char *)()

** CID 1138369:  Uncaught exception  (UNCAUGHT_EXCEPT)
/test/librados/tier.cc: 369 in main()
/test/librados/tier.cc: 369 in main()





To view the defects in Coverity Scan visit, http://scan.coverity.com

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py



--- End Message ---


New Defects reported by Coverity Scan for ceph (fwd)

2013-08-20 Thread Sage Weil
Coverity picked up some issues with the filestore code.  These are mostly 
old issues that appear new becuase code moved around, but this is probably 
a good opportunity to fix them... :)

sage--- Begin Message ---


Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan

Defect(s) Reported-by: Coverity Scan
Showing 7 of 9 defects

** CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
/os/BtrfsFileStoreBackend.cc: 57

** CID 1063703: Time of check time of use (TOCTOU)
/os/GenericFileStoreBackend.cc: 170

** CID 1063702: Time of check time of use (TOCTOU)
/os/BtrfsFileStoreBackend.cc: 246

** CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 458

** CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 370

** CID 1063699: Resource leak (RESOURCE_LEAK)
/os/BtrfsFileStoreBackend.cc: 345

** CID 1063698: Improper use of negative value (NEGATIVE_RETURNS)



CID 1063704: Uninitialized scalar field (UNINIT_CTOR)

/os/BtrfsFileStoreBackend.h: 25 ( member_decl)
   22private:
   23  bool has_clone_range;   ///< clone range ioctl is supported
   24  bool has_snap_create;   ///< snap create ioctl is supported
>>> Class member declaration for "has_snap_destroy".
   25  bool has_snap_destroy;  ///< snap destroy ioctl is supported
   26  bool has_snap_create_v2;///< snap create v2 ioctl (async!) is 
supported
   27  bool has_wait_sync; ///< wait sync ioctl is supported
   28  bool stable_commits;
   29  bool m_filestore_btrfs_clone_range;
  

/os/BtrfsFileStoreBackend.cc: 57 ( uninit_member)
   54GenericFileStoreBackend(fs), has_clone_range(false), 
has_snap_create(false),
   55has_snap_create_v2(false), has_wait_sync(false), 
stable_commits(false),
   56m_filestore_btrfs_clone_range(g_conf->filestore_btrfs_clone_range),
>>> CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "has_snap_destroy" is not initialized in this 
>>> constructor nor in any functions that it calls.
   57m_filestore_btrfs_snap (g_conf->filestore_btrfs_snap) { }
   58
   59int BtrfsFileStoreBackend::detect_features()
   60{
   61  int r;
  

CID 1063703: Time of check time of use (TOCTOU)

/os/GenericFileStoreBackend.cc: 170 ( fs_check_call)
   167int GenericFileStoreBackend::create_current()
   168{
   169  struct stat st;
>>> CID 1063703: Time of check time of use (TOCTOU)
>>> Calling function "stat(char const *, stat *)" to perform check on 
>>> "this->get_current_path()->c_str()".
   170  int ret = ::stat(get_current_path().c_str(), &st);
   171  if (ret == 0) {
   172// current/ exists
   173if (!S_ISDIR(st.st_mode)) {
   174  dout(0) << "_create_current: current/ exists but is not a 
directory" << dendl;
  

/os/GenericFileStoreBackend.cc: 178 ( toctou)
   175  ret = -EINVAL;
   176}
   177  } else {
>>> Calling function "mkdir(char const *, __mode_t)" that uses 
>>> "this->get_current_path()->c_str()" after a check function. This can cause 
>>> a time-of-check, time-of-use race condition.
   178ret = ::mkdir(get_current_path().c_str(), 0755);
   179if (ret < 0) {
   180  ret = -errno;
   181  dout(0) << "_create_current: mkdir " << get_current_path() << " 
failed: "<< cpp_strerror(ret) << dendl;
   182}
  

CID 1063702: Time of check time of use (TOCTOU)

/os/BtrfsFileStoreBackend.cc: 246 ( fs_check_call)
   243int BtrfsFileStoreBackend::create_current()
   244{
   245  struct stat st;
>>> CID 1063702: Time of check time of use (TOCTOU)
>>> Calling function "stat(char const *, stat *)" to perform check on 
>>> "this->get_current_path()->c_str()".
   246  int ret = ::stat(get_current_path().c_str(), &st);
   247  if (ret == 0) {
   248// current/ exists
   249if (!S_ISDIR(st.st_mode)) {
   250  dout(0) << "create_current: current/ exists but is not a 
directory" << dendl;
  

/os/BtrfsFileStoreBackend.cc: 288 ( toctou)
   285  }
   286
   287  dout(2) << "create_current: created btrfs subvol " << 
get_current_path() << dendl;
>>> Calling function "chmod(char const *, __mode_t)" that uses 
>>> "this->get_current_path()->c_str()" after a check function. This can cause 
>>> a time-of-check, time-of-use race condition.
   288  if (::chmod(get_current_path().c_str(), 0755) < 0) {
   289ret = -errno;
   290dout(0) << "create_current: failed to chmod " << 
get_current_path() << " to 0755: "
   291  << cpp_strerror(ret) << dendl;
   292return ret;
  
___

New Defects reported by Coverity Scan for ceph (fwd)

2013-07-25 Thread Sage Weil
--- Begin Message ---


Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan

Defect(s) Reported-by: Coverity Scan


** CID 1057291: Resource leak (RESOURCE_LEAK)
/rgw/rgw_rados.cc: 2643



CID 1057291: Resource leak (RESOURCE_LEAK)

/rgw/rgw_rados.cc: 2641 ( alloc_arg)
   2638
   2639RGWRESTStreamWriteRequest *out_stream_req;
   2640
>>> "RGWRESTConn::put_obj_init(std::string const &, rgw_obj &, uint64_t, 
>>> std::map, 
>>> std::allocator >, ceph::buffer::list, 
>>> std::less, 
>>> std::allocator > >, std::allocator>> std::char_traits, std::allocator > const, ceph::buffer::list> > 
>>> > &, RGWRESTStreamWriteRequest **)" allocates memory that is stored into 
>>> "out_stream_req".
   2641int ret = rest_master_conn->put_obj_init(user_id, dest_obj, 
astate->size, src_attrs, &out_stream_req);
   2642if (ret < 0)
   2643  return ret;
   2644
   2645ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 
1, out_stream_req->get_out_cb());
  

/rgw/rgw_rados.cc: 2643 ( leaked_storage)
   2640
   2641int ret = rest_master_conn->put_obj_init(user_id, dest_obj, 
astate->size, src_attrs, &out_stream_req);
   2642if (ret < 0)
>>> CID 1057291: Resource leak (RESOURCE_LEAK)
>>> Variable "out_stream_req" going out of scope leaks the storage it points to.
   2643  return ret;
   2644
   2645ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 
1, out_stream_req->get_out_cb());
   2646if (ret < 0)
   2647  return ret;
  

To view the defects in Coverity Scan visit, http://scan.coverity.com

To unsubscribe from the email notification for new defects, 
http://scan5.coverity.com/cgi-bin/unsubscribe.py

--- End Message ---


New Defects reported by Coverity Scan for ceph (fwd)

2013-07-19 Thread Sage Weil
Several new rgw issues from the recent merge...--- Begin Message ---


Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan

Defect(s) Reported-by: Coverity Scan
Showing 7 of 61 defects

** CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 79

** CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 59

** CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 39

** CID 1049249: Missing varargs init or cleanup (VARARGS)
/test/librbd/test_librbd.cc: 315

** CID 1049248: Use after free (USE_AFTER_FREE)
/test/test_rgw_admin_log.cc: 782

** CID 1049247: Use after free (USE_AFTER_FREE)
/test/cls_version/test_cls_version.cc: 79

** CID 1049246: Use after free (USE_AFTER_FREE)
/rgw/rgw_rest_s3.cc: 415



CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)

/rgw/rgw_rest_replica_log.h: 79 ( escape)
   76string s = "replica";
   77s.append(obj_type);
   78s.append("_deletebound");
>>> CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits 
>>> scope.
   79return s.c_str();
   80  }
   81};
   82
   83class RGWOp_BILog_GetBounds : public RGWRESTOp {
  

CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)

/rgw/rgw_rest_replica_log.h: 59 ( escape)
   56string s = "replica";
   57s.append(obj_type);
   58s.append("_updatebounds");
>>> CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits 
>>> scope.
   59return s.c_str();
   60  }
   61};
   62
   63class RGWOp_OBJLog_DeleteBounds : public RGWRESTOp {
  

CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)

/rgw/rgw_rest_replica_log.h: 39 ( escape)
   36string s = "replica";
   37s.append(obj_type);
   38s.append("_getbounds");
>>> CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits 
>>> scope.
   39return s.c_str();
   40  }
   41};
   42
   43class RGWOp_OBJLog_SetBounds : public RGWRESTOp {
  

CID 1049249: Missing varargs init or cleanup (VARARGS)

/test/librbd/test_librbd.cc: 305 ( va_init)
   302cout << "image: " << names[i] << endl;
   303  }
   304
>>> Initializing va_list "ap".
   305  va_start(ap, num_expected);
   306  for (i = num_expected; i > 0; i--) {
   307char *expected = va_arg(ap, char *);
   308cout << "expected = " << expected << endl;
   309vector::iterator listed_name = find(names.begin(), 
names.end(), string(expected));
  

/test/librbd/test_librbd.cc: 315 ( missing_va_end)
   312  }
   313  assert(names.empty());
   314
>>> CID 1049249: Missing varargs init or cleanup (VARARGS)
>>> va_end was not called for "ap".
   315  return num;
   316}
   317
   318TEST(LibRBD, TestCreateLsDeletePP)
   319{
  

CID 1049248: Use after free (USE_AFTER_FREE)

/test/test_rgw_admin_log.cc: 750 ( freed_arg)
   747  char *bucket_obj = (char *)malloc(TEST_BUCKET_OBJECT_SIZE);
   748  ASSERT_TRUE(bucket_obj != NULL);
   749  EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, 
TEST_BUCKET_OBJECT_SIZE), 0);
>>> "free(void *)" frees "bucket_obj".
   750  free(bucket_obj);
   751  sleep(1); 
   752  ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << 
start_time;
   753  rest_req = ss.str();
   754  g_test->send_request(string("GET"), rest_req);
  

/test/test_rgw_admin_log.cc: 782 ( pass_freed_arg)
   779  }
   780
   781  sleep(1);
>>> CID 1049248: Use after free (USE_AFTER_FREE)
>>> Passing freed pointer "bucket_obj" as an argument to function 
>>> "put_bucket_obj(char const *, char *, unsigned int)".
   782  EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, 
TEST_BUCKET_OBJECT_SIZE), 0);
   783  sleep(20);
   784  ss.str("");
   785  ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << 
start_time;
   786  rest_req = ss.str();
  

CID 1049247: Use after free (USE_AFTER_FREE)

/test/cls_version/test_cls_version.cc: 68 ( freed_arg)
   65  ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
   66  ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
   67
>>> "operator delete(void *)

Re: New Defects reported by Coverity Scan for ceph (fwd)

2013-06-19 Thread Loic Dachary
Hi Sage,

I believe
https://github.com/ceph/ceph/pull/366
fixes the issue. It was introduced by
https://github.com/ceph/ceph/commit/b16fdf23e5325623874ee1a02e134f577c5a7dcd#L0R364
which was merged in master yesterday.

Cheers

On 06/19/2013 09:36 PM, Sage Weil wrote:
> Dereferencing iterator "p" though it is already past the end of its container.

-- 
Loïc Dachary, Artisan Logiciel Libre
All that is necessary for the triumph of evil is that good people do nothing.



signature.asc
Description: OpenPGP digital signature


New Defects reported by Coverity Scan for ceph (fwd)

2013-06-19 Thread Sage Weil
Hi Loic,

Do you mind looking at the PGLog.cc iterator issue coverity picked up on?

sage--- Begin Message ---


Hi,

Please find the latest report on new defect(s) introduced to ceph found with 
Coverity Scan

Defect(s) Reported-by: Coverity Scan


** CID 1035577: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 67

** CID 1035576: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 32

** CID 1035575: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 27

** CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)
/osd/PGLog.cc: 369



CID 1035577: Resource leak (RESOURCE_LEAK)

/test/libcephfs/multiclient.cc: 67 ( alloc_arg)
   64
   65TEST(LibCephFS, MulticlientHoleEOF) {
   66  struct ceph_mount_info *ca, *cb;
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is 
>>> stored into "ca".
   67  ASSERT_EQ(ceph_create(&ca, NULL), 0);
   68  ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
   69  ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
   70  ASSERT_EQ(ceph_mount(ca, NULL), 0);
   71
  

/test/libcephfs/multiclient.cc: 67 ( leaked_storage)
   64
   65TEST(LibCephFS, MulticlientHoleEOF) {
   66  struct ceph_mount_info *ca, *cb;
>>> CID 1035577: Resource leak (RESOURCE_LEAK)
>>> Variable "ca" going out of scope leaks the storage it points to.
   67  ASSERT_EQ(ceph_create(&ca, NULL), 0);
   68  ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
   69  ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
   70  ASSERT_EQ(ceph_mount(ca, NULL), 0);
   71
  

CID 1035576: Resource leak (RESOURCE_LEAK)

/test/libcephfs/multiclient.cc: 32 ( alloc_arg)
   29  ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
   30  ASSERT_EQ(ceph_mount(ca, NULL), 0);
   31
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is 
>>> stored into "cb".
   32  ASSERT_EQ(ceph_create(&cb, NULL), 0);
   33  ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL));
   34  ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0);
   35  ASSERT_EQ(ceph_mount(cb, NULL), 0);
   36
  

/test/libcephfs/multiclient.cc: 32 ( leaked_storage)
   29  ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
   30  ASSERT_EQ(ceph_mount(ca, NULL), 0);
   31
>>> CID 1035576: Resource leak (RESOURCE_LEAK)
>>> Variable "cb" going out of scope leaks the storage it points to.
   32  ASSERT_EQ(ceph_create(&cb, NULL), 0);
   33  ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL));
   34  ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0);
   35  ASSERT_EQ(ceph_mount(cb, NULL), 0);
   36
  

CID 1035575: Resource leak (RESOURCE_LEAK)

/test/libcephfs/multiclient.cc: 27 ( alloc_arg)
   24
   25TEST(LibCephFS, MulticlientSimple) {
   26  struct ceph_mount_info *ca, *cb;
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is 
>>> stored into "ca".
   27  ASSERT_EQ(ceph_create(&ca, NULL), 0);
   28  ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
   29  ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
   30  ASSERT_EQ(ceph_mount(ca, NULL), 0);
   31
  

/test/libcephfs/multiclient.cc: 27 ( leaked_storage)
   24
   25TEST(LibCephFS, MulticlientSimple) {
   26  struct ceph_mount_info *ca, *cb;
>>> CID 1035575: Resource leak (RESOURCE_LEAK)
>>> Variable "ca" going out of scope leaks the storage it points to.
   27  ASSERT_EQ(ceph_create(&ca, NULL), 0);
   28  ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
   29  ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
   30  ASSERT_EQ(ceph_mount(ca, NULL), 0);
   31
  

CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)

/osd/PGLog.cc: 361 ( past_the_end)
   358  dout(10) << "rewind_divergent_log truncate divergent future " << 
newhead << dendl;
   359  assert(newhead > log.tail);
   360
>>> Function "end" creates an iterator.
   361  list::iterator p = log.log.end();
   362  list divergent;
   363  while (true) {
   364if (p == log.log.begin()) {
   365  // yikes, the whole thing is divergent!
  

/osd/PGLog.cc: 361 ( assign_var)
   358  dout(10) << "rewind_divergent_log truncate divergent future " << 
newhead << dendl;
   359  assert(newhead > log.tail);
   360
>>> Assigning: "p" = "this->log.log.end()".
   361  list::iterator p = log.log.end();
   362  list divergent;
   363  while (true) {
   364if (p == log.log.begin()) {
   365  // yikes, the whole thing is divergent!
  

/osd/PGLog.cc: 369 ( deref_iterator)
   366  divergent.swap(log.log);
   367  break;
   368}
>>> CID 1035574: Using invalid iterator (INVALIDATE_I