New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 20 of 38 defect(s) ** CID 717233: Uninitialized scalar field (UNINIT_CTOR) /mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)() ** CID 1238869: Value not atomically updated (ATOMICITY) /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() ** CID 1238870: Unchecked return value (CHECKED_RETURN) /test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()() ** CID 1238871: Dereference after null check (FORWARD_NULL) /mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr &, bool)() /mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr &, bool)() ** CID 1238872: Unchecked return value (CHECKED_RETURN) /tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string, std::allocator>)() ** CID 1238873: Unchecked return value (CHECKED_RETURN) /rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string, std::allocator>&)() ** CID 1238874: Missing unlock (LOCK) /osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)() ** CID 1238875: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7737 in () ** CID 1238876: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7735 in () ** CID 1238877: Missing unlock (LOCK) /common/Timer.cc: 240 in RWTimer::shutdown()() ** CID 1238878: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7734 in () ** CID 1238879: Thread deadlock (ORDER_REVERSAL) ** CID 1238880: Thread deadlock (ORDER_REVERSAL) ** CID 1238881: Thread deadlock (ORDER_REVERSAL) ** CID 1238882: Thread deadlock (ORDER_REVERSAL) ** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS) /mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)() ** CID 1238884: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7733 in () ** CID 1238885: Thread deadlock (ORDER_REVERSAL) ** CID 1238886: Thread deadlock (ORDER_REVERSAL) ** CID 1238887: Thread deadlock (ORDER_REVERSAL) *** CID 717233: Uninitialized scalar field (UNINIT_CTOR) /mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)() 243 suppress(0), state(0), 244 client_follows(0), client_xattr_version(0), 245 client_inline_version(0), 246 item_session_caps(this), item_snaprealm_caps(this), item_revoking_caps(this) { 247 g_num_cap++; 248 g_num_capa++; >>> CID 717233: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "num_revoke_warnings" is not initialized in >>> this constructor nor in any functions that it calls. 249 } 250 ~Capability() { 251 g_num_cap--; 252 g_num_caps++; 253 } 254 *** CID 1238869: Value not atomically updated (ATOMICITY) /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() 3049 if (!rwlock.is_wlocked()) { 3050 rwlock.unlock(); 3051 rwlock.get_write(); 3052 } 3053 iter = pool_ops.find(tid); 3054 if (iter != pool_ops.end()) { >>> CID 1238869: Value not atomically updated (ATOMICITY) >>> Using an unreliable value of "op" inside the second locked section. If >>> the data that "op" depends on was changed by another thread, this use might >>> be incorrect. 3055 _finish_pool_op(op); 3056 } 3057 } else { 3058 ldout(cct, 10) << "unknown request " << tid << dendl; 3059 } 3060 rwlock.unlock(); /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() 3049 if (!rwlock.is_wlocked()) { 3050 rwlock.unlock(); 3051 rwlock.get_write(); 3052 } 3053 iter = pool_ops.find(tid); 3054 if (iter != pool_ops.end()) { >>> CID 1238869: Value not atomically updated (ATOMICITY) >>> Using an unreliable value of "op" inside the second locked section. If >>> the data that "op" depends on was changed by another thread, this use might >>> be incorrect. 3055 _finish_pool_op(op); 3056 } 3057 } else { 3058 ldout(cct, 10) << "unknown request " << tid << dendl; 3059 } 3060 rwlock.unlock(); /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() 3049 if (!rwlock.is_wlocked()) { 3050 rwlock.unlock(); 3051 rwlock.get_write();
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 6 of 6 defect(s) ** CID 1019567: Thread deadlock (ORDER_REVERSAL) ** CID 1231681: Thread deadlock (ORDER_REVERSAL) ** CID 1231682: Thread deadlock (ORDER_REVERSAL) ** CID 1231683: Thread deadlock (ORDER_REVERSAL) ** CID 1231684: Thread deadlock (ORDER_REVERSAL) ** CID 1231685: Use after free (USE_AFTER_FREE) *** CID 1019567: Thread deadlock (ORDER_REVERSAL) /osd/OSD.cc: 3689 in OSD::handle_osd_ping(MOSDPing *)() 3683 << ", " << debug_heartbeat_drops_remaining[from] 3684 << " remaining to drop" << dendl; 3685 break; 3686} 3687 } 3688 >>> CID 1019567: Thread deadlock (ORDER_REVERSAL) >>> Calling "is_healthy" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 7 / 14). 3689 if (!cct->get_heartbeat_map()->is_healthy()) { 3690dout(10) << "internal heartbeat not healthy, dropping ping request" << dendl; 3691break; 3692 } 3693 3694 Message *r = new MOSDPing(monc->get_fsid(), *** CID 1231681: Thread deadlock (ORDER_REVERSAL) /librados/RadosClient.cc: 111 in librados::RadosClient::lookup_pool(const char *)() 105 int r = wait_for_osdmap(); 106 if (r < 0) { 107 lock.Unlock(); 108 return r; 109 } 110 int64_t ret = osdmap.lookup_pg_pool_name(name); >>> CID 1231681: Thread deadlock (ORDER_REVERSAL) >>> Calling "get_write" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 7 / 14). 111 pool_cache_rwl.get_write(); 112 lock.Unlock(); 113 if (ret < 0) { 114 pool_cache_rwl.unlock(); 115 return -ENOENT; 116 } *** CID 1231682: Thread deadlock (ORDER_REVERSAL) /osd/OSD.cc: 2369 in OSD::shutdown()() 2363 service.start_shutdown(); 2364 2365 clear_waiting_sessions(); 2366 2367 // Shutdown PGs 2368 { >>> CID 1231682: Thread deadlock (ORDER_REVERSAL) >>> Calling "RLocker" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 7 / 14). 2369 RWLock::RLocker l(pg_map_lock); 2370 for (ceph::unordered_map::iterator p = pg_map.begin(); 2371 p != pg_map.end(); 2372 ++p) { 2373 dout(20) << " kicking pg " << p->first << dendl; 2374 p->second->lock(); *** CID 1231683: Thread deadlock (ORDER_REVERSAL) /client/Client.cc: 372 in Client::init()() 366 client_lock.Unlock(); 367 objecter->init_unlocked(); 368 client_lock.Lock(); 369 370 objecter->init_locked(); 371 >>> CID 1231683: Thread deadlock (ORDER_REVERSAL) >>> Calling "set_want_keys" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 7 / 14). 372 monclient->set_want_keys(CEPH_ENTITY_TYPE_MDS | CEPH_ENTITY_TYPE_OSD); 373 monclient->sub_want("mdsmap", 0, 0); 374 monclient->sub_want("osdmap", 0, CEPH_SUBSCRIBE_ONETIME); 375 monclient->renew_subs(); 376 377 // logger *** CID 1231684: Thread deadlock (ORDER_REVERSAL) /osd/OSD.h: 2237 in OSD::RepScrubWQ::_process(MOSDRepScrub *, ThreadPool::TPHandle &)() 2231 ThreadPool::TPHandle &handle) { 2232 osd->osd_lock.Lock(); 2233 if (osd->is_stopping()) { 2234osd->osd_lock.Unlock(); 2235return; 2236 } >>> CID 1231684: Thread deadlock (ORDER_REVERSAL) >>> Calling "_have_pg" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 7 / 14). 2237 if (osd->_have_pg(msg->pgid)) { 2238PG *pg = osd->_lookup_lock_pg(msg->pgid); 2239osd->osd_lock.Unlock(); 2240pg->replica_scrub(msg, handle); 2241msg->put(); 2242pg->unlock(); /osd/OSD.h: 2238 in OSD::RepScrubWQ::_process(MOSDRepScrub *, ThreadPool::TPHandle &)() 2232 osd->osd_lock.Lock(); 2233 if (osd->is_stopping()) { 2234osd->osd_lock.Unlock(); 2235return; 2236 } 2237 if (osd->_have_pg(msg->pgid)) { >>> CID 1231684: Thread deadlock (ORDER_REVERSAL) >>> Calling "_lookup_lock_pg" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 7 / 14). 2238PG *pg = osd->_lookup_lock_pg(msg->pgid)
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1230671: Missing unlock (LOCK) /msg/SimpleMessenger.cc: 258 in SimpleMessenger::reaper()() *** CID 1230671: Missing unlock (LOCK) /msg/SimpleMessenger.cc: 258 in SimpleMessenger::reaper()() 252 ::close(p->sd); 253 ldout(cct,10) << "reaper reaped pipe " << p << " " << p->get_peer_addr() << dendl; 254 p->put(); 255 ldout(cct,10) << "reaper deleted pipe " << p << dendl; 256 } 257 ldout(cct,10) << "reaper done" << dendl; >>> CID 1230671: Missing unlock (LOCK) >>> Returning without unlocking "this->lock._m". 258 } 259 260 void SimpleMessenger::queue_reap(Pipe *pipe) 261 { 262 ldout(cct,10) << "queue_reap " << pipe << dendl; 263 lock.Lock(); To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 14 new defect(s) introduced to ceph found with Coverity Scan. 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 14 of 14 defect(s) ** CID 1296388: Uninitialized members (UNINIT_CTOR) /librbd/RebuildObjectMapRequest.cc: 35 in librbdC_VerifyObject::C_VerifyObject(librbd::AsyncObjectThrottle &, librbd::ImageCtx *, unsigned long, unsigned long)() *** CID 1296388: Uninitialized members (UNINIT_CTOR) /librbd/RebuildObjectMapRequest.cc: 35 in librbdC_VerifyObject::C_VerifyObject(librbd::AsyncObjectThrottle &, librbd::ImageCtx *, unsigned long, unsigned long)() 29 : C_AsyncObjectThrottle(throttle), m_image_ctx(*image_ctx), 30 m_snap_id(snap_id), m_object_no(object_no), 31 m_oid(m_image_ctx.get_object_name(m_object_no)) 32 { 33 m_io_ctx.dup(m_image_ctx.md_ctx); 34 m_io_ctx.snap_set_read(CEPH_SNAPDIR); >>> CID 1296388: Uninitialized members (UNINIT_CTOR) >>> Non-static class member "m_snap_list_ret" is not initialized in this >>> constructor nor in any functions that it calls. 35 } 36 37 virtual void complete(int r) { 38 if (should_complete(r)) { 39 ldout(m_image_ctx.cct, 20) << m_oid << " C_VerifyObject completed " 40 << dendl; ** CID 1296387:(UNCAUGHT_EXCEPT) /test/system/rados_watch_notify.cc: 59 in main() /test/system/rados_watch_notify.cc: 59 in main() /test/system/rados_watch_notify.cc: 59 in main() /test/system/rados_watch_notify.cc: 59 in main() *** CID 1296387:(UNCAUGHT_EXCEPT) /test/system/rados_watch_notify.cc: 59 in main() 53 54 const char *get_id_str() 55 { 56 return "main"; 57 } 58 >>> CID 1296387:(UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 59 int main(int argc, const char **argv) 60 { 61 std::string pool = "foo." + stringify(getpid()); 62 CrossProcessSem *setup_sem = NULL; 63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem)); 64 CrossProcessSem *watch_sem = NULL; /test/system/rados_watch_notify.cc: 59 in main() 53 54 const char *get_id_str() 55 { 56 return "main"; 57 } 58 >>> CID 1296387:(UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 59 int main(int argc, const char **argv) 60 { 61 std::string pool = "foo." + stringify(getpid()); 62 CrossProcessSem *setup_sem = NULL; 63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem)); 64 CrossProcessSem *watch_sem = NULL; /test/system/rados_watch_notify.cc: 59 in main() 53 54 const char *get_id_str() 55 { 56 return "main"; 57 } 58 >>> CID 1296387:(UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 59 int main(int argc, const char **argv) 60 { 61 std::string pool = "foo." + stringify(getpid()); 62 CrossProcessSem *setup_sem = NULL; 63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem)); 64 CrossProcessSem *watch_sem = NULL; /test/system/rados_watch_notify.cc: 59 in main() 53 54 const char *get_id_str() 55 { 56 return "main"; 57 } 58 >>> CID 1296387:(UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 59 int main(int argc, const char **argv) 60 { 61 std::string pool = "foo." + stringify(getpid()); 62 CrossProcessSem *setup_sem = NULL; 63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem)); 64 CrossProcessSem *watch_sem = NULL; ** CID 1296386:(UNCAUGHT_EXCEPT) /test/system/rados_open_pools_parallel.cc: 98 in main() /test/system/rados_open_pools_parallel.cc: 98 in main() *** CID 1296386:(UNCAUGHT_EXCEPT) /test/system/rados_open_pools_parallel.cc: 98 in main() 92 93 const char *get_id_str() 94 { 95 return "main"; 96 } 97 >>> CID 1296386:(UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 98 int main(int argc, const char **argv) 99 { 100 // first test: create a pool, shut down
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1243158: Resource leak (RESOURCE_LEAK) /test/librbd/test_librbd.cc: 1370 in LibRBD_ListChildrenTiered_Test::TestBody()() *** CID 1243158: Resource leak (RESOURCE_LEAK) /test/librbd/test_librbd.cc: 1370 in LibRBD_ListChildrenTiered_Test::TestBody()() 1364 1365 int features = RBD_FEATURE_LAYERING; 1366 rbd_image_t parent; 1367 int order = 0; 1368 1369 // make a parent to clone from >>> CID 1243158: Resource leak (RESOURCE_LEAK) >>> Variable "ioctx2" going out of scope leaks the storage it points to. 1370 ASSERT_EQ(0, create_image_full(ioctx1, "parent", 4<<20, &order, 1371 false, features)); 1372 ASSERT_EQ(0, rbd_open(ioctx1, "parent", &parent, NULL)); 1373 // create a snapshot, reopen as the parent we're interested in 1374 ASSERT_EQ(0, rbd_snap_create(parent, "parent_snap")); 1375 ASSERT_EQ(0, rbd_snap_set(parent, "parent_snap")); To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1241497: Thread deadlock (ORDER_REVERSAL) *** CID 1241497: Thread deadlock (ORDER_REVERSAL) /osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)() 308 return; 309 } 310 311 int max = 10 - pr->uncommitted; 312 while (pr->num > 0 && max > 0) { 313 object_t oid = file_object_t(pr->ino, pr->first); >>> CID 1241497: Thread deadlock (ORDER_REVERSAL) >>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 15 / 30). 314 const OSDMap *osdmap = objecter->get_osdmap_read(); 315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout); 316 objecter->put_osdmap_read(); 317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags, 318 NULL, new C_PurgeRange(this, pr)); 319 pr->uncommitted++; To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 3 new defect(s) introduced to ceph found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 1265561: Resource leak (RESOURCE_LEAK) /rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)() ** CID 1265562: Resource leak (RESOURCE_LEAK) /rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)() ** CID 1265563: Resource leak (RESOURCE_LEAK) /rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)() *** CID 1265561: Resource leak (RESOURCE_LEAK) /rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)() 2056 pc.fail(); 2057 if (pd > 2) 2058 unlink(path); 2059 } else 2060 pc.finish(); 2061 >>> CID 1265561: Resource leak (RESOURCE_LEAK) >>> Handle variable "fd" going out of scope leaks the handle. 2062 return r; 2063 } 2064 2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp, 2066 const char *destname) 2067 { *** CID 1265562: Resource leak (RESOURCE_LEAK) /rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)() 2056 pc.fail(); 2057 if (pd > 2) 2058 unlink(path); 2059 } else 2060 pc.finish(); 2061 >>> CID 1265562: Resource leak (RESOURCE_LEAK) >>> Handle variable "sd" going out of scope leaks the handle. 2062 return r; 2063 } 2064 2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp, 2066 const char *destname) 2067 { *** CID 1265563: Resource leak (RESOURCE_LEAK) /rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)() 2056 pc.fail(); 2057 if (pd > 2) 2058 unlink(path); 2059 } else 2060 pc.finish(); 2061 >>> CID 1265563: Resource leak (RESOURCE_LEAK) >>> Handle variable "pd" going out of scope leaks the handle. 2062 return r; 2063 } 2064 2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp, 2066 const char *destname) 2067 { To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c . -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph
Yeah, there's a pile of these warnings for most/all of the binaries we build. Not sure if they are worth fixing or whether there is a coverity annotation we can add to suppress them.. s On Fri, 16 Jan 2015, Gregory Farnum wrote: > Sage, are these uncaught assertion errors something we normally > ignore? I'm not familiar with any code that tries to catch errors in > our standard init patterns, which is what looks to be the problem on > these new coverity issues in cephfs-table-tool. > -Greg > > On Fri, Jan 16, 2015 at 6:39 AM, wrote: > > > > Hi, > > > > Please find the latest report on new defect(s) introduced to ceph found > > with Coverity Scan. > > > > 4 new defect(s) introduced to ceph found with Coverity Scan. > > 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the > > recent build analyzed by Coverity Scan. > > > > New defect(s) Reported-by: Coverity Scan > > Showing 4 of 4 defect(s) > > > > > > ** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > > > ** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) > > /test/librbd/test_ImageWatcher.cc: 47 in > > TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() > > > > ** CID 1264459: Uninitialized scalar field (UNINIT_CTOR) > > /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()() > > > > ** CID 1264460: Structurally dead code (UNREACHABLE) > > /common/sync_filesystem.h: 51 in sync_filesystem(int)() > > > > > > > > *** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > 5 #include "common/errno.h" > > 6 #include "global/global_init.h" > > 7 > > 8 #include "TableTool.h" > > 9 > > 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. > > 11 int main(int argc, const char **argv) > > 12 { > > 13 vector args; > > 14 argv_to_vec(argc, argv, args); > > 15 env_to_vec(args); > > 16 > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > 5 #include "common/errno.h" > > 6 #include "global/global_init.h" > > 7 > > 8 #include "TableTool.h" > > 9 > > 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. > > 11 int main(int argc, const char **argv) > > 12 { > > 13 vector args; > > 14 argv_to_vec(argc, argv, args); > > 15 env_to_vec(args); > > 16 > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > 5 #include "common/errno.h" > > 6 #include "global/global_init.h" > > 7 > > 8 #include "TableTool.h" > > 9 > > 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. > > 11 int main(int argc, const char **argv) > > 12 { > > 13 vector args; > > 14 argv_to_vec(argc, argv, args); > > 15 env_to_vec(args); > > 16 > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > 5 #include "common/errno.h" > > 6 #include "global/global_init.h" > > 7 > > 8 #include "TableTool.h" > > 9 > > 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. > > 11 int main(int argc, const char **argv) > > 12 { > > 13 vector args; > > 14 argv_to_vec(argc, argv, args); > > 15 env_to_vec(args); > > 16 > > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > 5 #include "common/errno.h" > > 6 #include "global/global_init.h" > > 7 > > 8 #include "TableTool.h" > > 9 > > 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. > > 11 int main(int argc, const char **argv) > > 12 { > > 13 vector args; > > 14 argv_to_vec(argc, argv, args); > > 15 env_to_vec(args); > > 16 > > > > > > *** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) > > /test/librbd/test_ImageWatcher.cc: 47 in > > TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() > > 41 NOTIFY_OP_REQUEST_LOCK = 2, > > 42 NOTIFY_OP_HEADER_UPDATE = 3 > > 43
Re: New Defects reported by Coverity Scan for ceph
Hmm, maybe it's just because they're in a main() function? I notice that an exception handler was added to ceph_authtool.cc to handle the same coverity complaint there a few months ago. John On Fri, Jan 16, 2015 at 3:17 PM, Gregory Farnum wrote: > Sage, are these uncaught assertion errors something we normally > ignore? I'm not familiar with any code that tries to catch errors in > our standard init patterns, which is what looks to be the problem on > these new coverity issues in cephfs-table-tool. > -Greg > > On Fri, Jan 16, 2015 at 6:39 AM, wrote: >> >> Hi, >> >> Please find the latest report on new defect(s) introduced to ceph found with >> Coverity Scan. >> >> 4 new defect(s) introduced to ceph found with Coverity Scan. >> 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the >> recent build analyzed by Coverity Scan. >> >> New defect(s) Reported-by: Coverity Scan >> Showing 4 of 4 defect(s) >> >> >> ** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> >> ** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) >> /test/librbd/test_ImageWatcher.cc: 47 in >> TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() >> >> ** CID 1264459: Uninitialized scalar field (UNINIT_CTOR) >> /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()() >> >> ** CID 1264460: Structurally dead code (UNREACHABLE) >> /common/sync_filesystem.h: 51 in sync_filesystem(int)() >> >> >> >> *** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> 5 #include "common/errno.h" >> 6 #include "global/global_init.h" >> 7 >> 8 #include "TableTool.h" >> 9 >> 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. >> 11 int main(int argc, const char **argv) >> 12 { >> 13 vector args; >> 14 argv_to_vec(argc, argv, args); >> 15 env_to_vec(args); >> 16 >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> 5 #include "common/errno.h" >> 6 #include "global/global_init.h" >> 7 >> 8 #include "TableTool.h" >> 9 >> 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. >> 11 int main(int argc, const char **argv) >> 12 { >> 13 vector args; >> 14 argv_to_vec(argc, argv, args); >> 15 env_to_vec(args); >> 16 >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> 5 #include "common/errno.h" >> 6 #include "global/global_init.h" >> 7 >> 8 #include "TableTool.h" >> 9 >> 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. >> 11 int main(int argc, const char **argv) >> 12 { >> 13 vector args; >> 14 argv_to_vec(argc, argv, args); >> 15 env_to_vec(args); >> 16 >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> 5 #include "common/errno.h" >> 6 #include "global/global_init.h" >> 7 >> 8 #include "TableTool.h" >> 9 >> 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. >> 11 int main(int argc, const char **argv) >> 12 { >> 13 vector args; >> 14 argv_to_vec(argc, argv, args); >> 15 env_to_vec(args); >> 16 >> /tools/cephfs/cephfs-table-tool.cc: 11 in main() >> 5 #include "common/errno.h" >> 6 #include "global/global_init.h" >> 7 >> 8 #include "TableTool.h" >> 9 >> 10 > CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > In function "main(int, char const **)" an exception of type > "ceph::FailedAssertion" is thrown and never caught. >> 11 int main(int argc, const char **argv) >> 12 { >> 13 vector args; >> 14 argv_to_vec(argc, argv, args); >> 15 env_to_vec(args); >> 16 >> >> >> *** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) >> /test/librbd/test_ImageWatcher.cc: 47 in >> TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() >> 41 NOTIFY_OP_REQUEST_LOCK = 2, >> 42 NOTIFY_OP_HEADER_UPDATE = 3 >> 43 }; >> 44 >> 45 class WatchCtx : public librados::WatchCtx2 { >> 46 public: > CID 1264458:
Re: New Defects reported by Coverity Scan for ceph
Sage, are these uncaught assertion errors something we normally ignore? I'm not familiar with any code that tries to catch errors in our standard init patterns, which is what looks to be the problem on these new coverity issues in cephfs-table-tool. -Greg On Fri, Jan 16, 2015 at 6:39 AM, wrote: > > Hi, > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > 4 new defect(s) introduced to ceph found with Coverity Scan. > 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the > recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan > Showing 4 of 4 defect(s) > > > ** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > > ** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) > /test/librbd/test_ImageWatcher.cc: 47 in > TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() > > ** CID 1264459: Uninitialized scalar field (UNINIT_CTOR) > /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()() > > ** CID 1264460: Structurally dead code (UNREACHABLE) > /common/sync_filesystem.h: 51 in sync_filesystem(int)() > > > > *** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > 5 #include "common/errno.h" > 6 #include "global/global_init.h" > 7 > 8 #include "TableTool.h" > 9 > 10 CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 11 int main(int argc, const char **argv) > 12 { > 13 vector args; > 14 argv_to_vec(argc, argv, args); > 15 env_to_vec(args); > 16 > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > 5 #include "common/errno.h" > 6 #include "global/global_init.h" > 7 > 8 #include "TableTool.h" > 9 > 10 CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 11 int main(int argc, const char **argv) > 12 { > 13 vector args; > 14 argv_to_vec(argc, argv, args); > 15 env_to_vec(args); > 16 > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > 5 #include "common/errno.h" > 6 #include "global/global_init.h" > 7 > 8 #include "TableTool.h" > 9 > 10 CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 11 int main(int argc, const char **argv) > 12 { > 13 vector args; > 14 argv_to_vec(argc, argv, args); > 15 env_to_vec(args); > 16 > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > 5 #include "common/errno.h" > 6 #include "global/global_init.h" > 7 > 8 #include "TableTool.h" > 9 > 10 CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 11 int main(int argc, const char **argv) > 12 { > 13 vector args; > 14 argv_to_vec(argc, argv, args); > 15 env_to_vec(args); > 16 > /tools/cephfs/cephfs-table-tool.cc: 11 in main() > 5 #include "common/errno.h" > 6 #include "global/global_init.h" > 7 > 8 #include "TableTool.h" > 9 > 10 CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 11 int main(int argc, const char **argv) > 12 { > 13 vector args; > 14 argv_to_vec(argc, argv, args); > 15 env_to_vec(args); > 16 > > > *** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) > /test/librbd/test_ImageWatcher.cc: 47 in > TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() > 41 NOTIFY_OP_REQUEST_LOCK = 2, > 42 NOTIFY_OP_HEADER_UPDATE = 3 > 43 }; > 44 > 45 class WatchCtx : public librados::WatchCtx2 { > 46 public: CID 1264458: Uninitialized scalar field (UNINIT_CTOR) Non-static class member "m_handle" is not initialized in this constructor nor in any functions that it calls. > 47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {} > 48 > 49 int watch(const librbd::ImageCtx &ictx) { > 50 m_header_oid = ictx.header_oid; > 51 return m_parent.m_ioctx.watc
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 4 new defect(s) introduced to ceph found with Coverity Scan. 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) /tools/cephfs/cephfs-table-tool.cc: 11 in main() /tools/cephfs/cephfs-table-tool.cc: 11 in main() /tools/cephfs/cephfs-table-tool.cc: 11 in main() /tools/cephfs/cephfs-table-tool.cc: 11 in main() /tools/cephfs/cephfs-table-tool.cc: 11 in main() ** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() ** CID 1264459: Uninitialized scalar field (UNINIT_CTOR) /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()() ** CID 1264460: Structurally dead code (UNREACHABLE) /common/sync_filesystem.h: 51 in sync_filesystem(int)() *** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) /tools/cephfs/cephfs-table-tool.cc: 11 in main() 5 #include "common/errno.h" 6 #include "global/global_init.h" 7 8 #include "TableTool.h" 9 10 >>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 11 int main(int argc, const char **argv) 12 { 13 vector args; 14 argv_to_vec(argc, argv, args); 15 env_to_vec(args); 16 /tools/cephfs/cephfs-table-tool.cc: 11 in main() 5 #include "common/errno.h" 6 #include "global/global_init.h" 7 8 #include "TableTool.h" 9 10 >>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 11 int main(int argc, const char **argv) 12 { 13 vector args; 14 argv_to_vec(argc, argv, args); 15 env_to_vec(args); 16 /tools/cephfs/cephfs-table-tool.cc: 11 in main() 5 #include "common/errno.h" 6 #include "global/global_init.h" 7 8 #include "TableTool.h" 9 10 >>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 11 int main(int argc, const char **argv) 12 { 13 vector args; 14 argv_to_vec(argc, argv, args); 15 env_to_vec(args); 16 /tools/cephfs/cephfs-table-tool.cc: 11 in main() 5 #include "common/errno.h" 6 #include "global/global_init.h" 7 8 #include "TableTool.h" 9 10 >>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 11 int main(int argc, const char **argv) 12 { 13 vector args; 14 argv_to_vec(argc, argv, args); 15 env_to_vec(args); 16 /tools/cephfs/cephfs-table-tool.cc: 11 in main() 5 #include "common/errno.h" 6 #include "global/global_init.h" 7 8 #include "TableTool.h" 9 10 >>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char const **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 11 int main(int argc, const char **argv) 12 { 13 vector args; 14 argv_to_vec(argc, argv, args); 15 env_to_vec(args); 16 *** CID 1264458: Uninitialized scalar field (UNINIT_CTOR) /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)() 41 NOTIFY_OP_REQUEST_LOCK = 2, 42 NOTIFY_OP_HEADER_UPDATE = 3 43 }; 44 45 class WatchCtx : public librados::WatchCtx2 { 46 public: >>> CID 1264458: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "m_handle" is not initialized in this >>> constructor nor in any functions that it calls. 47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {} 48 49 int watch(const librbd::ImageCtx &ictx) { 50 m_header_oid = ictx.header_oid; 51 return m_parent.m_ioctx.watch2(m_header_oid, &m_handle, this); 52 } *** CID 1264459: Uninitialized scalar field (UNINIT_CTOR) /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()() 38 39 std::string TestFixture::_pool_name; 40 librados::Rados TestFixture::_rados; 41 uint64_t TestFixture::_image_number = 0; 42
Re: New Defects reported by Coverity Scan for ceph
Hi Zhiqiang, On Tue, 13 Jan 2015, scan-ad...@coverity.com wrote: > > *** CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR) > /osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)() > 2065 while (p != proxyread_ops.end()) { > 2066 cancel_proxy_read((p++)->second); > 2067 } > 2068 > 2069 if (requeue) { > 2070 for (map >::iterator p = > in_progress_proxy_reads.begin(); > >>> CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR) > >>> Using invalid iterator "p". > 2071 p != in_progress_proxy_reads.end(); p++) { > 2072 list& ls = p->second; > 2073 dout(10) << __func__ << " " << p->first << " requeuing " << > ls.size() << " requests" << dendl; > 2074 requeue_ops(ls); > 2075 in_progress_proxy_reads.erase(p); > 2076 } > > > *** CID 1262558: Uninitialized scalar field (UNINIT_CTOR) > /osd/ReplicatedPG.h: 629 in > ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr, > osd_reqid_t, std::vector> &, ReplicatedPG*)() > 623 num_write(0), > 624 copy_cb(NULL), > 625 async_read_result(0), > 626 inflightreads(0), > 627 lock_to_release(NONE), > 628 on_finish(NULL), > >>> CID 1262558: Uninitialized scalar field (UNINIT_CTOR) > >>> Non-static class member "ignore_cache" is not initialized in this > >>> constructor nor in any functions that it calls. > 629 release_snapset_obc(false) { } > 630 void reset_obs(ObjectContextRef obc) { > 631 new_obs = ObjectState(obc->obs.oi, obc->obs.exists); > 632 if (obc->ssc) { > 633 new_snapset = obc->ssc->snapset; > 634 snapset = &obc->ssc->snapset; > Can you review my fix for these? https://github.com/ceph/ceph/pull/3363 Thanks! sage -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 2 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR) /osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)() ** CID 1262558: Uninitialized scalar field (UNINIT_CTOR) /osd/ReplicatedPG.h: 629 in ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr, osd_reqid_t, std::vector> &, ReplicatedPG*)() *** CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR) /osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)() 2065 while (p != proxyread_ops.end()) { 2066 cancel_proxy_read((p++)->second); 2067 } 2068 2069 if (requeue) { 2070 for (map >::iterator p = in_progress_proxy_reads.begin(); >>> CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR) >>> Using invalid iterator "p". 2071p != in_progress_proxy_reads.end(); p++) { 2072 list& ls = p->second; 2073 dout(10) << __func__ << " " << p->first << " requeuing " << ls.size() << " requests" << dendl; 2074 requeue_ops(ls); 2075 in_progress_proxy_reads.erase(p); 2076 } *** CID 1262558: Uninitialized scalar field (UNINIT_CTOR) /osd/ReplicatedPG.h: 629 in ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr, osd_reqid_t, std::vector> &, ReplicatedPG*)() 623 num_write(0), 624 copy_cb(NULL), 625 async_read_result(0), 626 inflightreads(0), 627 lock_to_release(NONE), 628 on_finish(NULL), >>> CID 1262558: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "ignore_cache" is not initialized in this >>> constructor nor in any functions that it calls. 629 release_snapset_obc(false) { } 630 void reset_obs(ObjectContextRef obc) { 631 new_obs = ObjectState(obc->obs.oi, obc->obs.exists); 632 if (obc->ssc) { 633 new_snapset = obc->ssc->snapset; 634 snapset = &obc->ssc->snapset; To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c . -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph
The first exception should be shadowed? And the second exception seemed strange, because other tests are follow this way On Sat, Jan 10, 2015 at 10:36 PM, wrote: > > Hi, > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > 2 new defect(s) introduced to ceph found with Coverity Scan. > > > New defect(s) Reported-by: Coverity Scan > Showing 2 of 2 defect(s) > > > ** CID 1260210: Resource leak (RESOURCE_LEAK) > /test/msgr/test_msgr.cc: 537 in > MessengerTest_ClientStandbyTest_Test::TestBody()() > > ** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) > /test/msgr/test_msgr.cc: 579 in main() > /test/msgr/test_msgr.cc: 579 in main() > /test/msgr/test_msgr.cc: 579 in main() > /test/msgr/test_msgr.cc: 579 in main() > /test/msgr/test_msgr.cc: 579 in main() > /test/msgr/test_msgr.cc: 579 in main() > > > > *** CID 1260210: Resource leak (RESOURCE_LEAK) > /test/msgr/test_msgr.cc: 537 in > MessengerTest_ClientStandbyTest_Test::TestBody()() > 531 usleep(300*1000); > 532 // client should be standby, so we use original connection > 533 { > 534 m = new MPing(); > 535 conn->send_keepalive(); > 536 CHECK_AND_WAIT_TRUE(conn->is_connected()); CID 1260210: Resource leak (RESOURCE_LEAK) Variable "m" going out of scope leaks the storage it points to. > 537 ASSERT_TRUE(conn->is_connected()); > 538 ASSERT_EQ(conn->send_message(m), 0); > 539 Mutex::Locker l(cli_dispatcher.lock); > 540 while (!cli_dispatcher.got_new) > 541 cli_dispatcher.cond.Wait(cli_dispatcher.lock); > 542 cli_dispatcher.got_new = false; > > > *** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) > /test/msgr/test_msgr.cc: 579 in main() > 573 // must be defined). This dummy test keeps gtest_main linked in. > 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) > {} > 575 > 576 #endif > 577 > 578 CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 579 int main(int argc, char **argv) { > 580 vector args; > 581 argv_to_vec(argc, (const char **)argv, args); > 582 > 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, > CODE_ENVIRONMENT_UTILITY, 0); > 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); > /test/msgr/test_msgr.cc: 579 in main() > 573 // must be defined). This dummy test keeps gtest_main linked in. > 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) > {} > 575 > 576 #endif > 577 > 578 CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 579 int main(int argc, char **argv) { > 580 vector args; > 581 argv_to_vec(argc, (const char **)argv, args); > 582 > 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, > CODE_ENVIRONMENT_UTILITY, 0); > 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); > /test/msgr/test_msgr.cc: 579 in main() > 573 // must be defined). This dummy test keeps gtest_main linked in. > 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) > {} > 575 > 576 #endif > 577 > 578 CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 579 int main(int argc, char **argv) { > 580 vector args; > 581 argv_to_vec(argc, (const char **)argv, args); > 582 > 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, > CODE_ENVIRONMENT_UTILITY, 0); > 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); > /test/msgr/test_msgr.cc: 579 in main() > 573 // must be defined). This dummy test keeps gtest_main linked in. > 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) > {} > 575 > 576 #endif > 577 > 578 CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught. > 579 int main(int argc, char **argv) { > 580 vector args; > 581 argv_to_vec(argc, (const char **)argv, args); > 582 > 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, > CODE_ENVIRONMENT_UTILITY, 0); > 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); > /test/msgr/test_msgr.cc: 579 in main() > 573 // must be defined). This dummy test keeps gtest_main linked in. > 574 TEST(DummyTest, ValueParameter
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 2 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1260210: Resource leak (RESOURCE_LEAK) /test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()() ** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() *** CID 1260210: Resource leak (RESOURCE_LEAK) /test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()() 531 usleep(300*1000); 532 // client should be standby, so we use original connection 533 { 534 m = new MPing(); 535 conn->send_keepalive(); 536 CHECK_AND_WAIT_TRUE(conn->is_connected()); >>> CID 1260210: Resource leak (RESOURCE_LEAK) >>> Variable "m" going out of scope leaks the storage it points to. 537 ASSERT_TRUE(conn->is_connected()); 538 ASSERT_EQ(conn->send_message(m), 0); 539 Mutex::Locker l(cli_dispatcher.lock); 540 while (!cli_dispatcher.got_new) 541 cli_dispatcher.cond.Wait(cli_dispatcher.lock); 542 cli_dispatcher.got_new = false; *** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580 vector args; 581 argv_to_vec(argc, (const char **)argv, args); 582 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580 vector args; 581 argv_to_vec(argc, (const char **)argv, args); 582 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580 vector args; 581 argv_to_vec(argc, (const char **)argv, args); 582 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580 vector args; 581 argv_to_vec(argc, (const char **)argv, args); 582 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none"); /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580
Re: New Defects reported by Coverity Scan for ceph
Am 09.01.2015 um 16:26 schrieb Sage Weil: > On Fri, 9 Jan 2015, scan-ad...@coverity.com wrote: >> ** CID 1262114: Uninitialized scalar field (UNINIT_CTOR) >> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() >> >> ** CID 1262115: Uninitialized scalar field (UNINIT_CTOR) >> /messages/MOSDRepOpReply.h: 97 in >> MOSDRepOpReply::MOSDRepOpReply()() >> >> >> >> >> *** CID 1262114: Uninitialized scalar field (UNINIT_CTOR) >> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() 101 >> ::encode(from, payload); 102 >> ::encode(updated_hit_set_history, payload); 103 >> ::encode(pg_trim_rollback_to, payload); 104 } 105 106 >> MOSDRepOp() > CID 1262114: Uninitialized scalar field (UNINIT_CTOR) > Non-static class member "acks_wanted" is not initialized in > this constructor nor in any functions that it calls. >> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, >> COMPAT_VERSION) { } 108 MOSDRepOp(osd_reqid_t r, pg_shard_t >> from, 109spg_t p, const hobject_t& po, int aw, 110 >> epoch_t mape, ceph_tid_t rtid, eversion_t v) 111 : >> Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION), 112 >> map_epoch(mape), >> >> >> >> *** CID 1262115: Uninitialized scalar field (UNINIT_CTOR) >> /messages/MOSDRepOpReply.h: 97 in >> MOSDRepOpReply::MOSDRepOpReply()() 91 from(from), 92 >> pgid(req->pgid.pgid, req->from.shard), 93 ack_type(at), >> 94 result(result_) { 95 set_tid(req->get_tid()); >> 96 } > CID 1262115: Uninitialized scalar field (UNINIT_CTOR) > Non-static class member "result" is not initialized in this > constructor nor in any functions that it calls. >> 97 MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {} 98 >> private: 99 ~MOSDRepOpReply() {} 100 101 public: 102 >> const char *get_type_name() const { return "osd_repop_reply"; } > > These are both warnings about the trivial constructors, > >> 106 MOSDRepOp() > CID 1262114: Uninitialized scalar field (UNINIT_CTOR) > Non-static class member "acks_wanted" is not initialized in > this constructor nor in any functions that it calls. >> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, >> COMPAT_VERSION) { } > > which are always followed by a ::decode. We don't initialize > fields in any of these so we probably have these coverity warnings > for every message. Perhaps we should add some annotations to > indicate that? Danny, are you familiar with those? > > (I don't think we want to initialize... unless we rely on the > optimizer to do magic it's inefficient to initialize the value and > then overwrite it during decode shortly after.) > > sage I will take a look into it. Danny -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph
On Fri, 9 Jan 2015, scan-ad...@coverity.com wrote: > ** CID 1262114: Uninitialized scalar field (UNINIT_CTOR) > /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() > > ** CID 1262115: Uninitialized scalar field (UNINIT_CTOR) > /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()() > > > > *** CID 1262114: Uninitialized scalar field (UNINIT_CTOR) > /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() > 101 ::encode(from, payload); > 102 ::encode(updated_hit_set_history, payload); > 103 ::encode(pg_trim_rollback_to, payload); > 104 } > 105 > 106 MOSDRepOp() > >>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR) > >>> Non-static class member "acks_wanted" is not initialized in this > >>> constructor nor in any functions that it calls. > 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { } > 108 MOSDRepOp(osd_reqid_t r, pg_shard_t from, > 109 spg_t p, const hobject_t& po, int aw, > 110 epoch_t mape, ceph_tid_t rtid, eversion_t v) > 111 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION), > 112 map_epoch(mape), > > > *** CID 1262115: Uninitialized scalar field (UNINIT_CTOR) > /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()() > 91 from(from), > 92 pgid(req->pgid.pgid, req->from.shard), > 93 ack_type(at), > 94 result(result_) { > 95 set_tid(req->get_tid()); > 96 } > >>> CID 1262115: Uninitialized scalar field (UNINIT_CTOR) > >>> Non-static class member "result" is not initialized in this > >>> constructor nor in any functions that it calls. > 97 MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {} > 98 private: > 99 ~MOSDRepOpReply() {} > 100 > 101 public: > 102 const char *get_type_name() const { return "osd_repop_reply"; } These are both warnings about the trivial constructors, > 106 MOSDRepOp() > >>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR) > >>> Non-static class member "acks_wanted" is not initialized in this > >>> constructor nor in any functions that it calls. > 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { } which are always followed by a ::decode. We don't initialize fields in any of these so we probably have these coverity warnings for every message. Perhaps we should add some annotations to indicate that? Danny, are you familiar with those? (I don't think we want to initialize... unless we rely on the optimizer to do magic it's inefficient to initialize the value and then overwrite it during decode shortly after.) sage -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 2 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1262114: Uninitialized scalar field (UNINIT_CTOR) /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() ** CID 1262115: Uninitialized scalar field (UNINIT_CTOR) /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()() *** CID 1262114: Uninitialized scalar field (UNINIT_CTOR) /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() 101 ::encode(from, payload); 102 ::encode(updated_hit_set_history, payload); 103 ::encode(pg_trim_rollback_to, payload); 104 } 105 106 MOSDRepOp() >>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "acks_wanted" is not initialized in this >>> constructor nor in any functions that it calls. 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { } 108 MOSDRepOp(osd_reqid_t r, pg_shard_t from, 109 spg_t p, const hobject_t& po, int aw, 110 epoch_t mape, ceph_tid_t rtid, eversion_t v) 111 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION), 112 map_epoch(mape), *** CID 1262115: Uninitialized scalar field (UNINIT_CTOR) /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()() 91 from(from), 92 pgid(req->pgid.pgid, req->from.shard), 93 ack_type(at), 94 result(result_) { 95 set_tid(req->get_tid()); 96 } >>> CID 1262115: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "result" is not initialized in this constructor >>> nor in any functions that it calls. 97 MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {} 98 private: 99 ~MOSDRepOpReply() {} 100 101 public: 102 const char *get_type_name() const { return "osd_repop_reply"; } To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c . -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 1 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1261633: Time of check time of use (TOCTOU) /mount/mtab.c: 275 in update_mtab_entry() *** CID 1261633: Time of check time of use (TOCTOU) /mount/mtab.c: 275 in update_mtab_entry() 269 mnt.mnt_freq = freq; 270 mnt.mnt_passno = pass; 271 272 FILE *fp; 273 274 lock_mtab(); >>> CID 1261633: Time of check time of use (TOCTOU) >>> Calling function "setmntent" that uses ""/etc/mtab"" after a check >>> function. This can cause a time-of-check, time-of-use race condition. 275 fp = setmntent(_PATH_MOUNTED, "a+"); 276 if (fp == NULL) { 277 int errsv = errno; 278 printf("mount: can't open %s: %s", _PATH_MOUNTED, 279strerror (errsv)); 280 } else { To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c . -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph
Haomai, may want to double-check the pointer arithmetic here (and/or add a cast to make coverity less suspicious). sage On Sat, 27 Dec 2014, scan-ad...@coverity.com wrote: > > Hi, > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > 1 new defect(s) introduced to ceph found with Coverity Scan. > 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the > recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan > Showing 1 of 1 defect(s) > > > ** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH) > /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, > std::tr1::shared_ptr)() > > > > *** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH) > /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, > std::tr1::shared_ptr)() > 117 } > 118 FileEvent *new_events = static_cast *>(realloc(file_events, sizeof(FileEvent)*new_size)); > 119 if (!new_events) { > 120 lderr(cct) << __func__ << " failed to realloc file_events" << > cpp_strerror(errno) << dendl; > 121 return -errno; > 122 } > >>> CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH) > >>> Adding "40UL /* sizeof (EventCenter::FileEvent) */ * this->nevent" to > >>> pointer "this->file_events" of type "EventCenter::FileEvent *" is > >>> suspicious because adding an integral value to this pointer automatically > >>> scales that value by the size, 40 bytes, of the pointed-to type, > >>> "EventCenter::FileEvent". Most likely, the multiplication by "sizeof > >>> (EventCenter::FileEvent)" in this expression is extraneous and should be > >>> eliminated. > 123 memset(file_events+sizeof(FileEvent)*nevent, 0, > sizeof(FileEvent)*(new_size-nevent)); > 124 file_events = new_events; > 125 nevent = new_size; > 126 } > 127 > 128 EventCenter::FileEvent *event = _get_file_event(fd); > > > > To view the defects in Coverity Scan visit, > http://scan.coverity.com/projects/25?tab=overview > > To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", > click > http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c > . > > -- > To unsubscribe from this list: send the line "unsubscribe ceph-devel" in > the body of a message to majord...@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > > -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 1 new defect(s) introduced to ceph found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH) /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, std::tr1::shared_ptr)() *** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH) /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, std::tr1::shared_ptr)() 117 } 118 FileEvent *new_events = static_cast(realloc(file_events, sizeof(FileEvent)*new_size)); 119 if (!new_events) { 120 lderr(cct) << __func__ << " failed to realloc file_events" << cpp_strerror(errno) << dendl; 121 return -errno; 122 } >>> CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH) >>> Adding "40UL /* sizeof (EventCenter::FileEvent) */ * this->nevent" to >>> pointer "this->file_events" of type "EventCenter::FileEvent *" is >>> suspicious because adding an integral value to this pointer automatically >>> scales that value by the size, 40 bytes, of the pointed-to type, >>> "EventCenter::FileEvent". Most likely, the multiplication by "sizeof >>> (EventCenter::FileEvent)" in this expression is extraneous and should be >>> eliminated. 123 memset(file_events+sizeof(FileEvent)*nevent, 0, sizeof(FileEvent)*(new_size-nevent)); 124 file_events = new_events; 125 nevent = new_size; 126 } 127 128 EventCenter::FileEvent *event = _get_file_event(fd); To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c . -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 1 new defect(s) introduced to ceph found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1260469: Unchecked return value from library (CHECKED_RETURN) /os/FileJournal.cc: 1083 in FileJournal::do_write(ceph::buffer::list &)() *** CID 1260469: Unchecked return value from library (CHECKED_RETURN) /os/FileJournal.cc: 1083 in FileJournal::do_write(ceph::buffer::list &)() 1077 ::fsync(fd); 1078 #else 1079 ::fdatasync(fd); 1080 #endif 1081 #ifdef HAVE_POSIX_FADVISE 1082 if (g_conf->filestore_fadvise) >>> CID 1260469: Unchecked return value from library (CHECKED_RETURN) >>> Calling "posix_fadvise(this->fd, 0L, 0L, 4)" without checking return >>> value. This library function may fail and return an error code. 1083 posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED); 1084 #endif 1085 } 1086 1087 utime_t lat = ceph_clock_now(g_ceph_context) - from; 1088 dout(20) << "do_write latency " << lat << dendl; To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c . -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 4 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1260393: Logically dead code (DEADCODE) /osd/osd_types.cc: 3427 in object_copy_data_t::decode(ceph::buffer::list::iterator &)() ** CID 1260394: Resource leak (RESOURCE_LEAK) /test/cls_refcount/test_cls_refcount.cc: 138 in cls_rgw_test_put_snap_Test::TestBody()() ** CID 1260395: Resource leak (RESOURCE_LEAK) /test/librados/snapshots.cc: 160 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()() /test/librados/snapshots.cc: 164 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()() ** CID 1260396: Dereference before null check (REVERSE_INULL) /librados/RadosClient.cc: 297 in librados::RadosClient::shutdown()() *** CID 1260393: Logically dead code (DEADCODE) /osd/osd_types.cc: 3427 in object_copy_data_t::decode(ceph::buffer::list::iterator &)() 3421 if (struct_v >= 2) 3422 ::decode(omap_header, bl); 3423 if (struct_v >= 3) { 3424 ::decode(snaps, bl); 3425 ::decode(snap_seq, bl); 3426 } else { >>> CID 1260393: Logically dead code (DEADCODE) >>> Execution cannot reach this statement "this->snaps.clear();". 3427 snaps.clear(); 3428 snap_seq = 0; 3429 } 3430 if (struct_v >= 4) { 3431 ::decode(flags, bl); 3432 ::decode(data_digest, bl); *** CID 1260394: Resource leak (RESOURCE_LEAK) /test/cls_refcount/test_cls_refcount.cc: 138 in cls_rgw_test_put_snap_Test::TestBody()() 132 133 ASSERT_EQ(0, ioctx.snap_create("snapbar")); 134 135 librados::ObjectWriteOperation *op = new_op(); 136 op->create(false); 137 cls_refcount_put(*op, "notag", true); >>> CID 1260394: Resource leak (RESOURCE_LEAK) >>> Variable "op" going out of scope leaks the storage it points to. 138 ASSERT_EQ(-ENOENT, ioctx.operate("foo", op)); 139 140 EXPECT_EQ(0, ioctx.snap_remove("snapfoo")); 141 EXPECT_EQ(0, ioctx.snap_remove("snapbar")); 142 143 delete op; *** CID 1260395: Resource leak (RESOURCE_LEAK) /test/librados/snapshots.cc: 160 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()() 154 ASSERT_EQ(0, ioctx.remove("foo")); 155 ASSERT_EQ(0, ioctx.snap_create("snapbar")); 156 157 librados::ObjectWriteOperation *op = new librados::ObjectWriteOperation(); 158 op->create(false); 159 op->remove(); >>> CID 1260395: Resource leak (RESOURCE_LEAK) >>> Variable "op" going out of scope leaks the storage it points to. 160 ASSERT_EQ(0, ioctx.operate("foo", op)); 161 162 EXPECT_EQ(0, ioctx.snap_remove("snapfoo")); 163 EXPECT_EQ(0, ioctx.snap_remove("snapbar")); 164 } 165 /test/librados/snapshots.cc: 164 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()() 158 op->create(false); 159 op->remove(); 160 ASSERT_EQ(0, ioctx.operate("foo", op)); 161 162 EXPECT_EQ(0, ioctx.snap_remove("snapfoo")); 163 EXPECT_EQ(0, ioctx.snap_remove("snapbar")); >>> CID 1260395: Resource leak (RESOURCE_LEAK) >>> Variable "op" going out of scope leaks the storage it points to. 164 } 165 166 TEST_F(LibRadosSnapshotsSelfManaged, Snap) { 167 std::vector my_snaps; 168 my_snaps.push_back(-2); 169 ASSERT_EQ(0, rados_ioctx_selfmanaged_snap_create(ioctx, &my_snaps.back())); *** CID 1260396: Dereference before null check (REVERSE_INULL) /librados/RadosClient.cc: 297 in librados::RadosClient::shutdown()() 291 return; 292 } 293 if (state == CONNECTED) { 294 finisher.stop(); 295 } 296 bool need_objecter = false; >>> CID 1260396: Dereference before null check (REVERSE_INULL) >>> Null-checking "this->objecter" suggests that it may be null, but it has >>> already been dereferenced on all paths leading to the check. 297 if (objecter && objecter->initialized.read()) { 298 need_objecter = true; 299 } 300 state = DISCONNECTED; 301 instance_id = 0; 302 timer.shutdown(); // will drop+retake lock To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org",
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 4 new defect(s) introduced to ceph found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1260211: Resource leak (RESOURCE_LEAK) /test/msgr/test_msgr.cc: 414 in MessengerTest_StatefulTest_Test::TestBody()() ** CID 1260210: Resource leak (RESOURCE_LEAK) /test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()() ** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() /test/msgr/test_msgr.cc: 579 in main() ** CID 1260213: Uninitialized scalar field (UNINIT_CTOR) /osd/ReplicatedPG.cc: 1242 in ReplicatedPG::ReplicatedPG(OSDService *, std::tr1::shared_ptr, const PGPool &, spg_t)() *** CID 1260211: Resource leak (RESOURCE_LEAK) /test/msgr/test_msgr.cc: 414 in MessengerTest_StatefulTest_Test::TestBody()() 408 } 409 CHECK_AND_WAIT_TRUE(conn->is_connected()); 410 ASSERT_TRUE(conn->is_connected()); 411 { 412 m = new MPing(); 413 Mutex::Locker l(cli_dispatcher.lock); >>> CID 1260211: Resource leak (RESOURCE_LEAK) >>> Variable "m" going out of scope leaks the storage it points to. 414 ASSERT_TRUE(conn->is_connected()); 415 ASSERT_EQ(conn->send_message(m), 0); 416 while (!cli_dispatcher.got_new) 417 cli_dispatcher.cond.Wait(cli_dispatcher.lock); 418 cli_dispatcher.got_new = false; 419 } *** CID 1260210: Resource leak (RESOURCE_LEAK) /test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()() 531 usleep(300*1000); 532 // client should be standby, so we use original connection 533 { 534 m = new MPing(); 535 conn->send_keepalive(); 536 CHECK_AND_WAIT_TRUE(conn->is_connected()); >>> CID 1260210: Resource leak (RESOURCE_LEAK) >>> Variable "m" going out of scope leaks the storage it points to. 537 ASSERT_TRUE(conn->is_connected()); 538 Mutex::Locker l(cli_dispatcher.lock); 539 ASSERT_EQ(conn->send_message(m), 0); 540 while (!cli_dispatcher.got_new) 541 cli_dispatcher.cond.Wait(cli_dispatcher.lock); 542 cli_dispatcher.got_new = false; *** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580 vector args; 581 argv_to_vec(argc, (const char **)argv, args); 582 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); 584 common_init_finish(g_ceph_context); /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580 vector args; 581 argv_to_vec(argc, (const char **)argv, args); 582 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); 584 common_init_finish(g_ceph_context); /test/msgr/test_msgr.cc: 579 in main() 573 // must be defined). This dummy test keeps gtest_main linked in. 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {} 575 576 #endif 577 578 >>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 579 int main(int argc, char **argv) { 580 vector args; 581 argv_to_vec(argc, (const char **)argv, args); 582 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); 584 common_init_finish(g_ceph_context); /test/msgr/test_msgr.cc: 579 in main() 573 // must be d
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 5 new defect(s) introduced to ceph found with Coverity Scan. 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 5 of 5 defect(s) ** CID 1258786: Unchecked dynamic_cast (FORWARD_NULL) /osd/ECBackend.cc: 839 in ECBackend::handle_sub_write(pg_shard_t, std::tr1::shared_ptr, ECSubWrite &, Context *)() ** CID 1258787: Resource leak (RESOURCE_LEAK) /osd/OSD.cc: 6118 in OSD::handle_osd_map(MOSDMap *)() ** CID 1258789: Uninitialized scalar field (UNINIT_CTOR) /messages/MClientCaps.h: 132 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, int, unsigned int)() ** CID 1258790: Uninitialized scalar field (UNINIT_CTOR) /messages/MClientCaps.h: 118 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, long, int, int, int, int, unsigned int)() ** CID 1258788: Uninitialized scalar field (UNINIT_CTOR) /librados/IoCtxImpl.cc: 44 in librados::IoCtxImpl::IoCtxImpl(librados::RadosClient *, Objecter *, int, const char *, snapid_t)() *** CID 1258786: Unchecked dynamic_cast (FORWARD_NULL) /osd/ECBackend.cc: 839 in ECBackend::handle_sub_write(pg_shard_t, std::tr1::shared_ptr, ECSubWrite &, Context *)() 833 op.updated_hit_set_history, 834 op.trim_to, 835 op.trim_rollback_to, 836 !(op.t.empty()), 837 localt); 838 >>> CID 1258786: Unchecked dynamic_cast (FORWARD_NULL) >>> Dynamic cast to pointer "dynamic_cast >> *>(this->get_parent())" can return "NULL". 839 if (!(dynamic_cast(get_parent())->is_undersized()) && 840 get_parent()->whoami_shard().shard >= ec_impl->get_data_chunk_count()) 841 op.t.set_fadvise_flag(CEPH_OSD_OP_FLAG_FADVISE_DONTNEED); 842 843 localt->append(op.t); 844 if (on_local_applied_sync) { *** CID 1258787: Resource leak (RESOURCE_LEAK) /osd/OSD.cc: 6118 in OSD::handle_osd_map(MOSDMap *)() 6112<< dendl; 6113clog->warn() << "failed to encode map e" << e << " with expected crc\n"; 6114MMonGetOSDMap *req = new MMonGetOSDMap; 6115req->request_full(e, last); 6116monc->send_mon_message(req); 6117last = e - 1; >>> CID 1258787: Resource leak (RESOURCE_LEAK) >>> Variable "o" going out of scope leaks the storage it points to. 6118break; 6119 } 6120 6121 6122 hobject_t fulloid = get_osdmap_pobject_name(e); 6123 t.write(META_COLL, fulloid, 0, fbl.length(), fbl); *** CID 1258789: Uninitialized scalar field (UNINIT_CTOR) /messages/MClientCaps.h: 132 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, int, unsigned int)() 126 head.ino = ino; 127 head.realm = realm; 128 head.cap_id = id; 129 head.migrate_seq = mseq; 130 peer.cap_id = 0; 131 inline_version = 0; >>> CID 1258789: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member field "peer.flags" is not initialized in this >>> constructor nor in any functions that it calls. 132 } 133 private: 134 ~MClientCaps() {} 135 136 public: 137 const char *get_type_name() const { return "Cfcap";} *** CID 1258790: Uninitialized scalar field (UNINIT_CTOR) /messages/MClientCaps.h: 118 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, long, int, int, int, int, unsigned int)() 112 head.caps = caps; 113 head.wanted = wanted; 114 head.dirty = dirty; 115 head.migrate_seq = mseq; 116 peer.cap_id = 0; 117 inline_version = 0; >>> CID 1258790: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member field "peer.flags" is not initialized in this >>> constructor nor in any functions that it calls. 118 } 119 MClientCaps(int op, 120 inodeno_t ino, inodeno_t realm, 121 uint64_t id, int mseq, epoch_t oeb) 122 : Message(CEPH_MSG_CLIENT_CAPS, HEAD_VERSION, COMPAT_VERSION), 123 osd_epoch_barrier(oeb){ *** CID 1258788: Uninitialized scalar field (UNINIT_CTOR) /librados/IoCtxImpl.cc: 44 in librados::IoCtxImpl::IoCtxImpl(librados::RadosClient *, Objecter *, int, const char *, snapid_t)() 38 : ref_cnt(
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 4 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1258437: Wrong size argument (SIZEOF_MISMATCH) /test/librbd/test_librbd.cc: 956 in TestLibRBD_TestIOPP_Test::TestBody()() ** CID 1258438: Wrong size argument (SIZEOF_MISMATCH) /test/librbd/test_librbd.cc: 955 in TestLibRBD_TestIOPP_Test::TestBody()() ** CID 1258439: Copy into fixed size buffer (STRING_OVERFLOW) /common/blkdev.cc: 60 in get_block_device_base(const char *, char *, unsigned long)() ** CID 1258440: Time of check time of use (TOCTOU) /common/blkdev.cc: 75 in get_block_device_base(const char *, char *, unsigned long)() *** CID 1258437: Wrong size argument (SIZEOF_MISMATCH) /test/librbd/test_librbd.cc: 956 in TestLibRBD_TestIOPP_Test::TestBody()() 950 951 for (i = 5; i < 10; ++i) 952 ASSERT_PASSED(aio_read_test_data, image, test_data, strlen(test_data) * i, TEST_IO_SIZE); 953 954 // discard 2nd, 4th sections. 955 ASSERT_PASSED(discard_test_data, image, TEST_IO_SIZE, TEST_IO_SIZE); >>> CID 1258437: Wrong size argument (SIZEOF_MISMATCH) >>> Passing argument "&passed" of type "bool *" and argument "512UL" to >>> function "aio_discard_test_data" is suspicious because "sizeof (bool)" >>> /*1*/ is expected. 956 ASSERT_PASSED(aio_discard_test_data, image, TEST_IO_SIZE*3, TEST_IO_SIZE); 957 958 ASSERT_PASSED(read_test_data, image, test_data, 0, TEST_IO_SIZE); 959 ASSERT_PASSED(read_test_data, image, zero_data, TEST_IO_SIZE, TEST_IO_SIZE); 960 ASSERT_PASSED(read_test_data, image, test_data, TEST_IO_SIZE*2, TEST_IO_SIZE); 961 ASSERT_PASSED(read_test_data, image, zero_data, TEST_IO_SIZE*3, TEST_IO_SIZE); *** CID 1258438: Wrong size argument (SIZEOF_MISMATCH) /test/librbd/test_librbd.cc: 955 in TestLibRBD_TestIOPP_Test::TestBody()() 949 ASSERT_PASSED(read_test_data, image, test_data, strlen(test_data) * i, TEST_IO_SIZE); 950 951 for (i = 5; i < 10; ++i) 952 ASSERT_PASSED(aio_read_test_data, image, test_data, strlen(test_data) * i, TEST_IO_SIZE); 953 954 // discard 2nd, 4th sections. >>> CID 1258438: Wrong size argument (SIZEOF_MISMATCH) >>> Passing argument "&passed" of type "bool *" and argument "512UL" to >>> function "discard_test_data" is suspicious because "sizeof (bool)" /*1*/ is >>> expected. 955 ASSERT_PASSED(discard_test_data, image, TEST_IO_SIZE, TEST_IO_SIZE); 956 ASSERT_PASSED(aio_discard_test_data, image, TEST_IO_SIZE*3, TEST_IO_SIZE); 957 958 ASSERT_PASSED(read_test_data, image, test_data, 0, TEST_IO_SIZE); 959 ASSERT_PASSED(read_test_data, image, zero_data, TEST_IO_SIZE, TEST_IO_SIZE); 960 ASSERT_PASSED(read_test_data, image, test_data, TEST_IO_SIZE*2, TEST_IO_SIZE); *** CID 1258439: Copy into fixed size buffer (STRING_OVERFLOW) /common/blkdev.cc: 60 in get_block_device_base(const char *, char *, unsigned long)() 54 char devname[PATH_MAX], fn[PATH_MAX]; 55 char *p; 56 57 if (strncmp(dev, "/dev/", 5) != 0) 58 return -EINVAL; 59 >>> CID 1258439: Copy into fixed size buffer (STRING_OVERFLOW) >>> You might overrun the 4096 byte fixed-size string "devname" by copying >>> "dev + 5" without checking the length. 60 strcpy(devname, dev + 5); 61 for (p = devname; *p; ++p) 62 if (*p == '/') 63 *p = '!'; 64 65 snprintf(fn, sizeof(fn), "%s/sys/block/%s", sandbox_dir, devname); *** CID 1258440: Time of check time of use (TOCTOU) /common/blkdev.cc: 75 in get_block_device_base(const char *, char *, unsigned long)() 69 } 70 strncpy(out, devname, out_len); 71 return 0; 72 } 73 74 snprintf(fn, sizeof(fn), "%s/sys/block", sandbox_dir); >>> CID 1258440: Time of check time of use (TOCTOU) >>> Calling function "opendir" that uses "fn" after a check function. This >>> can cause a time-of-check, time-of-use race condition. 75 dir = opendir(fn); 76 if (!dir) 77 return -errno; 78 79 while (!::readdir_r(dir, reinterpret_cast(buf), &de)) { 80 if (!de) { To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?ta
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 2 new defect(s) introduced to ceph found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT) /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() ** CID 1257030: Uncaught exception (UNCAUGHT_EXCEPT) /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() *** CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT) /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() 244 245 void usage(const string &name) { 246 cerr << "Usage: " << name << " [times] " 247<< std::endl; 248 } 249 >>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 250 int main(int argc, char **argv) 251 { 252 vector args; 253 argv_to_vec(argc, (const char **)argv, args); 254 255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() 244 245 void usage(const string &name) { 246 cerr << "Usage: " << name << " [times] " 247<< std::endl; 248 } 249 >>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 250 int main(int argc, char **argv) 251 { 252 vector args; 253 argv_to_vec(argc, (const char **)argv, args); 254 255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() 244 245 void usage(const string &name) { 246 cerr << "Usage: " << name << " [times] " 247<< std::endl; 248 } 249 >>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 250 int main(int argc, char **argv) 251 { 252 vector args; 253 argv_to_vec(argc, (const char **)argv, args); 254 255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() 244 245 void usage(const string &name) { 246 cerr << "Usage: " << name << " [times] " 247<< std::endl; 248 } 249 >>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 250 int main(int argc, char **argv) 251 { 252 vector args; 253 argv_to_vec(argc, (const char **)argv, args); 254 255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() 244 245 void usage(const string &name) { 246 cerr << "Usage: " << name << " [times] " 247<< std::endl; 248 } 249 >>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 250 int main(int argc, char **argv) 251 { 252 vector args; 253 argv_to_vec(argc, (const char **)argv, args); 254 255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); *** CID 1257030: Uncaught exception (UNCAUGHT_EXCEPT) /test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main() 244 245 void usage(const string &name) { 246 cerr << "Usage: " << name << " [times] " 247<< std::endl; 248 } 249 >>> CID 1257030: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::buffer::end_of_buffer" is thrown and never caught. 250 int main(int argc, char **argv) 251 { 252 vector args; 253 argv_to_vec(argc, (const char **)argv, args); 254 255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0); ___
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 2 new defect(s) introduced to ceph found with Coverity Scan. 14 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1256941: Logically dead code (DEADCODE) /erasure-code/jerasure/gf-complete/src/gf_w32.c: 2309 in gf_w32_split_init() ** CID 1256942: Logically dead code (DEADCODE) /erasure-code/jerasure/gf-complete/src/gf_w8.c: 1147 in gf_w8_table_init() *** CID 1256941: Logically dead code (DEADCODE) /erasure-code/jerasure/gf-complete/src/gf_w32.c: 2309 in gf_w32_split_init() 2303 if ((h->arg1 == 4 && h->arg2 == 32) || (h->arg1 == 32 && h->arg2 == 4) || 2304 ((issse3 || isneon) && h->mult_type == GF_REGION_DEFAULT)) { 2305 ld4 = (struct gf_split_4_32_lazy_data *) h->private; 2306 ld4->last_value = 0; 2307 if ((h->region_type & GF_REGION_NOSIMD) || !(issse3 || isneon)) { 2308 gf->multiply_region.w32 = gf_w32_split_4_32_lazy_multiply_region; >>> CID 1256941: Logically dead code (DEADCODE) >>> Execution cannot reach this statement "if (isneon) { } else if (h-...". 2309 } else if (isneon) { 2310 #ifdef ARM_NEON 2311 gf_w32_neon_split_init(gf); 2312 #endif 2313 } else if (h->region_type & GF_REGION_ALTMAP) { 2314 gf->multiply_region.w32 = gf_w32_split_4_32_lazy_sse_altmap_multiply_region; *** CID 1256942: Logically dead code (DEADCODE) /erasure-code/jerasure/gf-complete/src/gf_w8.c: 1147 in gf_w8_table_init() 1141 use_simd = 1; 1142 #else 1143 use_simd = 0; 1144 #endif 1145 1146 if (h->mult_type == GF_MULT_DEFAULT && use_simd) { >>> CID 1256942: Logically dead code (DEADCODE) >>> Execution cannot reach this statement "dd = (struct gf_w8_default_...". 1147 dd = (struct gf_w8_default_data *)h->private; 1148 scase = 3; 1149 bzero(dd->high, sizeof(uint8_t) * GF_FIELD_SIZE * GF_HALF_SIZE); 1150 bzero(dd->low, sizeof(uint8_t) * GF_FIELD_SIZE * GF_HALF_SIZE); 1151 bzero(dd->divtable, sizeof(uint8_t) * GF_FIELD_SIZE * GF_FIELD_SIZE); 1152 bzero(dd->multtable, sizeof(uint8_t) * GF_FIELD_SIZE * GF_FIELD_SIZE); To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c . -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 1 new defect(s) introduced to ceph found with Coverity Scan. 9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1256511: Missing unlock (LOCK) /mds/MDLog.cc: 612 in MDLog::trim_all()() /mds/MDLog.cc: 612 in MDLog::trim_all()() *** CID 1256511: Missing unlock (LOCK) /mds/MDLog.cc: 612 in MDLog::trim_all()() 606 p = segments.lower_bound(last_seq + 1); 607 } 608 } 609 610 _trim_expired_segments(); 611 >>> CID 1256511: Missing unlock (LOCK) >>> Returning without unlocking "this->submit_mutex._m". 612 return 0; 613 } 614 615 616 void MDLog::try_expire(LogSegment *ls, int op_prio) 617 { /mds/MDLog.cc: 612 in MDLog::trim_all()() 606 p = segments.lower_bound(last_seq + 1); 607 } 608 } 609 610 _trim_expired_segments(); 611 >>> CID 1256511: Missing unlock (LOCK) >>> Returning without unlocking "this->submit_mutex._m". 612 return 0; 613 } 614 615 616 void MDLog::try_expire(LogSegment *ls, int op_prio) 617 { To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 5 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 5 of 5 defect(s) ** CID 1256098: Resource leak (RESOURCE_LEAK) /test/librados/tier.cc: 2792 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()() /test/librados/tier.cc: 2789 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()() ** CID 1256096: Resource leak (RESOURCE_LEAK) /test/librados/TestCase.cc: 336 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)() /test/librados/TestCase.cc: 333 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)() ** CID 1256097: Resource leak (RESOURCE_LEAK) /test/librados/tier.cc: 648 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()() /test/librados/tier.cc: 645 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()() ** CID 1256100: Uninitialized pointer read (UNINIT) /librados/librados.cc: 4516 in librados::ListObject::ListObject(const librados::ListObject&)() ** CID 1256099: Uninitialized pointer read (UNINIT) /librados/librados.cc: 650 in librados::NObjectIterator::NObjectIterator(const librados::NObjectIterator&)() *** CID 1256098: Resource leak (RESOURCE_LEAK) /test/librados/tier.cc: 2792 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()() 2786 ObjectWriteOperation op; 2787 op.remove(); 2788 librados::AioCompletion *completion = cluster.aio_create_completion(); 2789 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op, 2790 librados::OPERATION_IGNORE_CACHE)); 2791 completion->wait_for_safe(); >>> CID 1256098: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 2792 ASSERT_EQ(0, completion->get_return_value()); 2793 completion->release(); 2794 2795 NObjectIterator it = cache_ioctx.nobjects_begin(); 2796 ASSERT_TRUE(it != cache_ioctx.nobjects_end()); 2797 ASSERT_TRUE(it->get_oid() == string("foo")); /test/librados/tier.cc: 2789 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()() 2783 // delete a whiteout and verify it goes away 2784 ASSERT_EQ(-ENOENT, ioctx.remove("foo")); 2785 { 2786 ObjectWriteOperation op; 2787 op.remove(); 2788 librados::AioCompletion *completion = cluster.aio_create_completion(); >>> CID 1256098: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 2789 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op, 2790 librados::OPERATION_IGNORE_CACHE)); 2791 completion->wait_for_safe(); 2792 ASSERT_EQ(0, completion->get_return_value()); 2793 completion->release(); 2794 *** CID 1256096: Resource leak (RESOURCE_LEAK) /test/librados/TestCase.cc: 336 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)() 330 ObjectWriteOperation op; 331 op.remove(); 332 librados::AioCompletion *completion = s_cluster.aio_create_completion(); 333 ASSERT_EQ(0, ioctx.aio_operate(it->get_oid(), completion, &op, 334librados::OPERATION_IGNORE_CACHE)); 335 completion->wait_for_safe(); >>> CID 1256096: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 336 ASSERT_EQ(0, completion->get_return_value()); 337 completion->release(); 338 } 339 } 340 341 std::string RadosTestParamPP::pool_name; /test/librados/TestCase.cc: 333 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string, std::allocator>)() 327 for (NObjectIterator it = ioctx.nobjects_begin(); 328it != ioctx.nobjects_end(); ++it) { 329 ioctx.locator_set_key(it->get_locator()); 330 ObjectWriteOperation op; 331 op.remove(); 332 librados::AioCompletion *completion = s_cluster.aio_create_completion(); >>> CID 1256096: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 333 ASSERT_EQ(0, ioctx.aio_operate(it->get_oid(), completion, &op, 334librados::OPERATION_IGNORE_CACHE)); 335 completion->wait_for_safe(); 336 ASSERT_EQ(0, completion->get_return_value()); 337 completion->release(); 338 } *** CID 1256097: Resource leak (RESOURCE_LEAK) /test/librados/tie
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 1 new defect(s) introduced to ceph found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1255885: Ignoring number of bytes read (CHECKED_RETURN) /msg/async/Event.cc: 42 in C_handle_notify::do_request(int)() *** CID 1255885: Ignoring number of bytes read (CHECKED_RETURN) /msg/async/Event.cc: 42 in C_handle_notify::do_request(int)() 36 37 class C_handle_notify : public EventCallback { 38 public: 39 C_handle_notify() {} 40 void do_request(int fd_or_id) { 41 char c[100]; >>> CID 1255885: Ignoring number of bytes read (CHECKED_RETURN) >>> "read(int, void *, size_t)" returns the number of bytes read, but it is >>> ignored. 42 assert(read(fd_or_id, c, 100)); 43 } 44 }; 45 46 int EventCenter::init(int n) 47 { To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 1 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1255369: Copy into fixed size buffer (STRING_OVERFLOW) /common/blkdev.cc: 34 in block_device_support_discard(const char *)() *** CID 1255369: Copy into fixed size buffer (STRING_OVERFLOW) /common/blkdev.cc: 34 in block_device_support_discard(const char *)() 28 bool block_device_support_discard(const char *devname) 29 { 30 bool can_trim = false; 31 char *p = strstr((char *)devname, "sd"); 32 char name[32] = {0}; 33 >>> CID 1255369: Copy into fixed size buffer (STRING_OVERFLOW) >>> You might overrun the 32 byte fixed-size string "name" by copying "p" >>> without checking the length. 34 strcpy(name, p); 35 for (unsigned int i = 0; i < strlen(name); i++) { 36 if(isdigit(name[i])) { 37 name[i] = 0; 38 break; 39 } To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 8 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 8 of 8 defect(s) ** CID 1254376: Resource leak (RESOURCE_LEAK) /test/msgr/test_async_driver.cc: 212 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 219 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 220 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 230 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 231 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 227 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 233 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 210 in EventDriverTest_NetworkSocketTest_Test::TestBody()() ** CID 1254374: Argument cannot be negative (NEGATIVE_RETURNS) /test/msgr/test_async_driver.cc: 147 in echoclient(void *)() ** CID 1254375: Resource leak (RESOURCE_LEAK) /test/msgr/test_async_driver.cc: 169 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 166 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 171 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 185 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 187 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 194 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 196 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 201 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 205 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 206 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 210 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 212 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 219 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 220 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 227 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 230 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 231 in EventDriverTest_NetworkSocketTest_Test::TestBody()() /test/msgr/test_async_driver.cc: 233 in EventDriverTest_NetworkSocketTest_Test::TestBody()() ** CID 1254380: Uninitialized scalar variable (UNINIT) /test/msgr/test_async_driver.cc: 147 in echoclient(void *)() ** CID 1254379: Uninitialized scalar variable (UNINIT) /test/msgr/test_async_driver.cc: 116 in EventDriverTest_PipeTest_Test::TestBody()() ** CID 1254381: Uninitialized scalar field (UNINIT_CTOR) /msg/async/EventSelect.h: 34 in SelectDriver::SelectDriver(CephContext *)() ** CID 1254377: String not null terminated (STRING_NULL) /test/msgr/test_async_driver.cc: 232 in EventDriverTest_NetworkSocketTest_Test::TestBody()() ** CID 1254378: Uncaught exception (UNCAUGHT_EXCEPT) /test/msgr/test_async_driver.cc: 269 in main() /test/msgr/test_async_driver.cc: 269 in main() *** CID 1254376: Resource leak (RESOURCE_LEAK) /test/msgr/test_async_driver.cc: 212 in EventDriverTest_NetworkSocketTest_Test::TestBody()() 206 ASSERT_EQ(fired_events[0].fd, listen_sd); 207 208 fired_events.clear(); 209 int client_sd = ::accept(listen_sd, NULL, NULL); 210 ASSERT_TRUE(client_sd > 0); 211 r = driver->add_event(client_sd, EVENT_NONE, EVENT_READABLE); >>> CID 1254376: Resource leak (RESOURCE_LEAK) >>> Handle variable "client_sd" going out of scope leaks the handle. 212 ASSERT_EQ(r, 0); 213 214 do { 215 fired_events.clear(); 216 tv.tv_sec = 5; 217 tv.tv_usec = 0; /test/msgr/test_async_driver.cc: 219 in EventDriverTest_NetworkSocketTest_Test::TestBody()() 213 214 do { 215 fired_events.clear(); 216 tv.tv_sec = 5; 217 tv.tv_usec = 0; 218 r = driver->event_wait(fired_events, &tv); >>> CID 1254376: Resource leak (RESOURCE_LEAK) >>> Handle variable "client_sd" going out of scope leaks the handle. 219 ASSERT_EQ(r, 1); 220 ASSERT_EQ(fired_events[0].mask, EVENT_READABLE); 221 222 fired_events.clear(); 223 char data[100]; 224 r = ::read(client_sd, data, sizeof(data)); /test/msgr/test_
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 4 new defect(s) introduced to ceph found with Coverity Scan. 7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1251575: Dereference after null check (FORWARD_NULL) /test/librados/c_read_operations.cc: 106 in CReadOpsTest::compare_xattrs(const char *const *, const char *const *, const unsigned long *, unsigned long, void *)() ** CID 1251577: Resource leak (RESOURCE_LEAK) /tools/cephfs/Dumper.cc: 116 in Dumper::dump(const char *)() ** CID 1251576: Resource leak (RESOURCE_LEAK) /test/librbd/test_librbd.cc: 1994 in TestLibRBD_LargeCacheRead_Test::TestBody()() ** CID 717084: Resource leak (RESOURCE_LEAK) /tools/cephfs/Dumper.cc: 192 in Dumper::undump(const char *)() /tools/cephfs/Dumper.cc: 198 in Dumper::undump(const char *)() *** CID 1251575: Dereference after null check (FORWARD_NULL) /test/librados/c_read_operations.cc: 106 in CReadOpsTest::compare_xattrs(const char *const *, const char *const *, const unsigned long *, unsigned long, void *)() 100 size_t val_len = 0; 101 while (i < len) { 102 ASSERT_EQ(0, rados_getxattrs_next(iter, (const char**) &key, 103 (const char**) &val, &val_len)); 104 if (val_len == 0 && key == NULL && val == NULL) 105 break; >>> CID 1251575: Dereference after null check (FORWARD_NULL) >>> Passing null pointer "key" to "basic_string", which dereferences it. 106 EXPECT_EQ(std::string(keys[i]), std::string(key)); 107 EXPECT_EQ(0, memcmp(vals[i], val, val_len)); 108 EXPECT_EQ(lens[i], val_len); 109 ++i; 110 } 111 ASSERT_EQ(i, len); *** CID 1251577: Resource leak (RESOURCE_LEAK) /tools/cephfs/Dumper.cc: 116 in Dumper::dump(const char *)() 110 (unsigned long long)journaler.last_committed.stream_format, 111 (unsigned long long)journaler.last_committed.trimmed_pos, (unsigned long long)journaler.last_committed.trimmed_pos, 112 4); 113 r = safe_write(fd, buf, sizeof(buf)); 114 if (r) { 115 derr << "Error " << r << " (" << cpp_strerror(r) << ") writing journal file header" << dendl; >>> CID 1251577: Resource leak (RESOURCE_LEAK) >>> Handle variable "fd" going out of scope leaks the handle. 116 return r; 117 } 118 119 // write the data 120 off64_t seeked = ::lseek64(fd, start, SEEK_SET); 121 if (seeked == (off64_t)-1) { *** CID 1251576: Resource leak (RESOURCE_LEAK) /test/librbd/test_librbd.cc: 1994 in TestLibRBD_LargeCacheRead_Test::TestBody()() 1988 1989 uint64_t orig_cache_size = g_conf->rbd_cache_size; 1990 g_conf->set_val("rbd_cache_size", "16777216"); 1991 BOOST_SCOPE_EXIT( (orig_cache_size) ) { 1992 g_conf->set_val("rbd_cache_size", stringify(orig_cache_size).c_str()); 1993 } BOOST_SCOPE_EXIT_END; >>> CID 1251576: Resource leak (RESOURCE_LEAK) >>> Variable "ioctx" going out of scope leaks the storage it points to. 1994 ASSERT_EQ(16777216, g_conf->rbd_cache_size); 1995 1996 rbd_image_t image; 1997 int order = 0; 1998 const char *name = "testimg"; 1999 uint64_t size = g_conf->rbd_cache_size + 1; *** CID 717084: Resource leak (RESOURCE_LEAK) /tools/cephfs/Dumper.cc: 192 in Dumper::undump(const char *)() 186 trimmed_pos = start - (start % g_default_file_layout.fl_object_size); 187 } 188 189 if (trimmed_pos > start) { 190 derr << std::hex << "Invalid header (trimmed 0x" << trimmed_pos 191 << " > expire 0x" << start << std::dec << dendl; >>> CID 717084: Resource leak (RESOURCE_LEAK) >>> Handle variable "fd" going out of scope leaks the handle. 192 return -EINVAL; 193 } 194 195 if (start > write_pos) { 196 derr << std::hex << "Invalid header (expire 0x" << start 197 << " > write 0x" << write_pos << std::dec << dendl; /tools/cephfs/Dumper.cc: 198 in Dumper::undump(const char *)() 192 return -EINVAL; 193 } 194 195 if (start > write_pos) { 196 derr << std::hex << "Invalid header (expire 0x" << start 197 << " > write 0x" << write_pos << std::dec << dendl; >>> CID 717084: Resource leak (RESOURCE_LEAK) >>> Ha
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 19 new defect(s) introduced to ceph found with Coverity Scan. 5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 19 of 19 defect(s) ** CID 1251445: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1511 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string, std::allocator>&, std::map, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less, std::allocator>>, std::allocator, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_ &, std::basic_stringstream, std::allocator> &)() ** CID 1251446: Unchecked return value (CHECKED_RETURN) /osd/PGBackend.cc: 292 in PGBackend::build_pg_backend(const pg_pool_t &, std::tr1::shared_ptr, PGBackend::Listener *, coll_t, coll_t, ObjectStore *, CephContext *)() ** CID 1251447: Data race condition (MISSING_LOCK) /os/FileJournal.cc: 614 in FileJournal::start_writer()() ** CID 1251448: Resource leak (RESOURCE_LEAK) /test/librados/TestCase.cc: 282 in RadosTest::cleanup_namespace(void *, std::basic_string, std::allocator>)() /test/librados/TestCase.cc: 275 in RadosTest::cleanup_namespace(void *, std::basic_string, std::allocator>)() ** CID 1251449: Resource leak (RESOURCE_LEAK) /test/librados/TestCase.cc: 52 in RadosTestNS::cleanup_all_objects(void *)() /test/librados/TestCase.cc: 43 in RadosTestNS::cleanup_all_objects(void *)() ** CID 1251450: Resource leak (RESOURCE_LEAK) /test/librbd/test_librbd.cc: 177 in TestLibRBD_CreateAndStat_Test::TestBody()() ** CID 1251451: Resource leak (RESOURCE_LEAK) /test/librbd/test_librbd.cc: 1288 in TestLibRBD_ListChildren_Test::TestBody()() ** CID 1251452: Resource leak (RESOURCE_LEAK) /test/librbd/test_librbd.cc: 1388 in TestLibRBD_ListChildrenTiered_Test::TestBody()() ** CID 1251453: Resource leak (RESOURCE_LEAK) /test/system/st_rados_list_objects.cc: 72 in StRadosListObjects::run()() /test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()() ** CID 1251454: Resource leak (RESOURCE_LEAK) /test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()() ** CID 1251455: Uncaught exception (UNCAUGHT_EXCEPT) /test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main() /test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main() ** CID 1251456: Uncaught exception (UNCAUGHT_EXCEPT) /test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main() ** CID 1251457: Uncaught exception (UNCAUGHT_EXCEPT) /test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main() ** CID 1251458: Uncaught exception (UNCAUGHT_EXCEPT) /test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main() ** CID 1251459: Uninitialized pointer field (UNINIT_CTOR) /test/librados/TestCase.h: 24 in RadosTestNS::RadosTestNS()() ** CID 1251460: Uninitialized pointer field (UNINIT_CTOR) /test/librados/TestCase.h: 76 in RadosTestECNS::RadosTestECNS()() ** CID 1251461: Uninitialized scalar field (UNINIT_CTOR) /test/librados/TestCase.h: 93 in RadosTestECPPNS::RadosTestECPPNS()() ** CID 1251462: Use after free (USE_AFTER_FREE) /test/librbd/test_librbd.cc: 299 in test_ls(void *, unsigned long, ...)() ** CID 1251463: Missing varargs init or cleanup (VARARGS) /test/librbd/test_librbd.cc: 303 in test_ls(void *, unsigned long, ...)() *** CID 1251445: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1511 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string, std::allocator>&, std::map, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::all
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 2 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1251353: Big parameter passed by value (PASS_BY_VALUE) /mds/CInode.cc: 3544 in CInode::validate_disk_state(CInode::validated_data *, std::tr1::shared_ptr &)::ValidationContinuation::_backtrace(int)() ** CID 1251354: Structurally dead code (UNREACHABLE) /mds/mdstypes.cc: 440 in inode_t::compare(const inode_t&, bool *) const() *** CID 1251353: Big parameter passed by value (PASS_BY_VALUE) /mds/CInode.cc: 3544 in CInode::validate_disk_state(CInode::validated_data *, std::tr1::shared_ptr &)::ValidationContinuation::_backtrace(int)() 3538 } 3539 3540 // extract the backtrace, and compare it to a newly-constructed one 3541 try { 3542 bufferlist::iterator p = bl.begin(); 3543 ::decode(results->backtrace.ondisk_value, p); >>> CID 1251353: Big parameter passed by value (PASS_BY_VALUE) >>> Catching an exception object of size 264 bytes by value. 3544 } catch (buffer::malformed_input) { 3545 results->backtrace.passed = false; 3546 results->backtrace.error_str << "failed to decode on-disk backtrace!"; 3547 return true; 3548 } 3549 int64_t pool; *** CID 1251354: Structurally dead code (UNREACHABLE) /mds/mdstypes.cc: 440 in inode_t::compare(const inode_t&, bool *) const() 434 } else { 435 assert(version < other.version); 436 *divergent = !other.older_is_consistent(*this); 437 return -1; 438 } 439 assert(0 == "can't have reached this point"); >>> CID 1251354: Structurally dead code (UNREACHABLE) >>> This code cannot be reached: "*divergent = true;". 440 *divergent = true; 441 return 0; 442 } 443 444 bool inode_t::older_is_consistent(const inode_t &other) const 445 { To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph
On Thu, 30 Oct 2014, scan-ad...@coverity.com wrote: > > Hi, > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > 1 new defect(s) introduced to ceph found with Coverity Scan. > 25 defect(s), reported by Coverity Scan earlier, were marked fixed in the > recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan > Showing 1 of 1 defect(s) > > > ** CID 1250262: Dereference after null check (FORWARD_NULL) > /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, > bool)() > > > > *** CID 1250262: Dereference after null check (FORWARD_NULL) > /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, > bool)() > 2056 if (ret == -ENOENT) { > 2057 t->osd = -1; > 2058 return RECALC_OP_TARGET_POOL_DNE; > 2059 } > 2060 } > 2061 > >>> CID 1250262: Dereference after null check (FORWARD_NULL) > >>> Dereferencing null pointer "pi". > 2062 int min_size = pi->min_size; > 2063 unsigned pg_num = pi->get_pg_num(); > 2064 int up_primary, acting_primary; > 2065 vector up, acting; > 2066 osdmap->pg_to_up_acting_osds(pgid, &up, &up_primary, > 2067 &acting, &acting_primary); opened #9944 -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 1 new defect(s) introduced to ceph found with Coverity Scan. 25 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1250262: Dereference after null check (FORWARD_NULL) /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, bool)() *** CID 1250262: Dereference after null check (FORWARD_NULL) /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, bool)() 2056 if (ret == -ENOENT) { 2057 t->osd = -1; 2058 return RECALC_OP_TARGET_POOL_DNE; 2059 } 2060 } 2061 >>> CID 1250262: Dereference after null check (FORWARD_NULL) >>> Dereferencing null pointer "pi". 2062 int min_size = pi->min_size; 2063 unsigned pg_num = pi->get_pg_num(); 2064 int up_primary, acting_primary; 2065 vector up, acting; 2066 osdmap->pg_to_up_acting_osds(pgid, &up, &up_primary, 2067 &acting, &acting_primary); To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph
Hi, these can be ignored, they are caused by the ASSERT_* handling of the gtest framework. Danny Am 28.10.2014 um 14:16 schrieb scan-ad...@coverity.com: > > Hi, > > Please find the latest report on new defect(s) introduced to ceph > found with Coverity Scan. > > 2 new defect(s) introduced to ceph found with Coverity Scan. 5 > defect(s), reported by Coverity Scan earlier, were marked fixed in > the recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) > > > ** CID 1249779: Resource leak (RESOURCE_LEAK) > /test/libradosstriper/striping.cc: 56 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 59 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 52 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 55 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 47 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 50 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 51 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 45 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 46 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() > > ** CID 1249780: Resource leak (RESOURCE_LEAK) > /test/libradosstriper/striping.cc: 95 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 97 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 100 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 103 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() /test/libradosstriper/striping.cc: 145 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() > > > > > *** CID 1249779: Resource leak (RESOURCE_LEAK) > /test/libradosstriper/striping.cc: 56 in > StriperTestRT::checkObjectFromRados(const std::basic_string std::char_traits, std::allocator>&, ceph::buffer::list > &, unsigned long, unsigned long, unsigned long, unsigned long, > unsigned long)() 50 ASSERT_LT(0U, stripe_count); 51 > ASSERT_EQ(stripe_count, exp_stripe_count); 52 ASSERT_LT(0, > ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl)); > 53 s_xattr = std::string(xattrbl.c_str(), > xattrbl.length()); // adds 0 byte at the end 54 uint64_t > object_size = strtoll(s_xattr.c_str(), NULL, 10); 55 > ASSERT_EQ(object_size, exp_object_size); CID 1249779: Resource leak (RESOURCE_LEAK) Variable "firstOid" going out of scope leaks the storage it points to. > 56 ASSERT_LT(0, ioctx.ge
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 2 new defect(s) introduced to ceph found with Coverity Scan. 5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s) ** CID 1249779: Resource leak (RESOURCE_LEAK) /test/libradosstriper/striping.cc: 56 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 52 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 55 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 47 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 50 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 51 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 45 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 46 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() ** CID 1249780: Resource leak (RESOURCE_LEAK) /test/libradosstriper/striping.cc: 95 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 97 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 100 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 103 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 145 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() *** CID 1249779: Resource leak (RESOURCE_LEAK) /test/libradosstriper/striping.cc: 56 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() 50 ASSERT_LT(0U, stripe_count); 51 ASSERT_EQ(stripe_count, exp_stripe_count); 52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl)); 53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end 54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10); 55 ASSERT_EQ(object_size, exp_object_size); >>> CID 1249779: Resource leak (RESOURCE_LEAK) >>> Variable "firstOid" going out of scope leaks the storage it points to. 56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl)); 57 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end 58 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10); 59 ASSERT_EQ(xa_size, size); 60 // checking object content from rados point of view 61 // we will go stripe by stripe, read the content of each of them and /test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buff
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 77 new defect(s) introduced to ceph found with Coverity Scan. 74 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 20 of 77 defect(s) ** CID 717233: Uninitialized scalar field (UNINIT_CTOR) /mds/Capability.h: 253 in Capability::Capability(CInode *, unsigned long, client_t)() ** CID 1201388: Missing unlock (LOCK) /mon/Monitor.cc: 564 in Monitor::preinit()() ** CID 1213581: Dereference null return value (NULL_RETURNS) /osd/OSD.cc: 5523 in OSD::ms_fast_preprocess(Message *)() ** CID 1214678: Unchecked return value (CHECKED_RETURN) /osd/OSD.cc: 326 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr, std::tr1::shared_ptr, spg_t)() ** CID 1219460: Unchecked return value (CHECKED_RETURN) /tools/cephfs/JournalTool.cc: 104 in JournalTool::main(std::vector> &)() ** CID 1219463: Unchecked return value (CHECKED_RETURN) /client/SyntheticClient.cc: 1142 in SyntheticClient::play_trace(Trace &, std::basic_string, std::allocator>&, bool)() ** CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT) /tools/cephfs/cephfs-journal-tool.cc: 24 in main() /tools/cephfs/cephfs-journal-tool.cc: 24 in main() /tools/cephfs/cephfs-journal-tool.cc: 24 in main() /tools/cephfs/cephfs-journal-tool.cc: 24 in main() /tools/cephfs/cephfs-journal-tool.cc: 24 in main() ** CID 1219621: Uncaught exception (UNCAUGHT_EXCEPT) /tools/cephfs/cephfs-journal-tool.cc: 24 in main() ** CID 1219622: Uncaught exception (UNCAUGHT_EXCEPT) /tools/cephfs/cephfs-journal-tool.cc: 24 in main() ** CID 1219637: Uncaught exception (UNCAUGHT_EXCEPT) /test/filestore/TestFileStore.cc: 67 in main() /test/filestore/TestFileStore.cc: 67 in main() /test/filestore/TestFileStore.cc: 67 in main() /test/filestore/TestFileStore.cc: 67 in main() ** CID 1219650: Uninitialized scalar field (UNINIT_CTOR) /tools/cephfs/Resetter.h: 29 in Resetter::Resetter()() ** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR) /osd/PG.cc: 1000 in PG::calc_ec_acting(std::_Rb_tree_const_iterator>, unsigned int, const std::vector> &, pg_shard_t, const std::vector> &, pg_shard_t, const std::map, std::allocator>> &, bool, std::vector> *, std::set, std::allocator> *, std::set, std::allocator> *, pg_shard_t *, std::basic_ostream>&)() ** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO) /test/libradosstriper/striping.cc: 61 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() ** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO) /test/libradosstriper/striping.cc: 70 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() ** CID 1221525: Resource leak (RESOURCE_LEAK) /test/libradosstriper/striping.cc: 227 in StriperTestRT_StripedRoundtrip_Test::TestBody()() ** CID 1221526: Resource leak (RESOURCE_LEAK) /test/libradosstriper/striping.cc: 39 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 86 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() /test/libradosstriper/striping.cc: 140 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() ** CID 1221538: Uninitialized pointer field (UNINIT_CTOR) /test/libradosstriper/TestCase.h: 25 in StriperTest::StriperTest()() ** CID 1225099: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1523 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string, std::allocator>&, std::map, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less, std::allocator>>, std::allocator, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant:
Re: New Defects reported by Coverity Scan for ceph
Note: this is a run against firefly (vs the usual master). s On Fri, 24 Oct 2014, scan-ad...@coverity.com wrote: > > Hi, > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > 26 new defect(s) introduced to ceph found with Coverity Scan. > 114 defect(s), reported by Coverity Scan earlier, were marked fixed in the > recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan > Showing 20 of 26 defect(s) > > > ** CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH) > /test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)() > > ** CID 717147: Uncaught exception (UNCAUGHT_EXCEPT) > /ceph_mds.cc: 141 in main() > > ** CID 717246: Uninitialized scalar field (UNINIT_CTOR) > /mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const > std::basic_string, std::allocator>&, > snapid_t, snapid_t, unsigned long, bool)() > > ** CID 717248: Uninitialized scalar field (UNINIT_CTOR) > /mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const > std::basic_string, std::allocator>&, > snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)() > > ** CID 717264: Uninitialized scalar field (UNINIT_CTOR) > /messages/MClientReply.h: 129 in InodeStat::InodeStat()() > > ** CID 717270: Uninitialized scalar field (UNINIT_CTOR) > /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, > std::set, std::allocator> &, filepath &, bool)() > > ** CID 717275: Uninitialized scalar field (UNINIT_CTOR) > /messages/MExportDirDiscover.h: 36 in > MExportDirDiscover::MExportDirDiscover()() > > ** CID 717289: Uninitialized scalar field (UNINIT_CTOR) > /messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()() > > ** CID 1026810: Uninitialized pointer field (UNINIT_CTOR) > /mds/MDCache.h: 332 in MDCache::umaster::umaster()() > > ** CID 1026811: Uninitialized scalar field (UNINIT_CTOR) > /mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const > std::basic_string, std::allocator>&, > snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const > std::map, > std::allocator>, ceph::buffer::ptr, std::less std::char_traits, std::allocator>>, > std::allocator std::char_traits, std::allocator>, ceph::buffer::ptr>>> &, const > std::basic_string, std::allocator>&, const > ceph::buffer::list &, unsigned char, std::map std::less, std::allocator old_inode_t>>>*)() > > ** CID 1128407: Dereference before null check (REVERSE_INULL) > /client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)() > > ** CID 1128412: Resource leak (RESOURCE_LEAK) > /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() > /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() > /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() > /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() > > ** CID 1160849: Uninitialized scalar field (UNINIT_CTOR) > /mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const > std::basic_string, std::allocator>&)() > > ** CID 1188129: Logically dead code (DEADCODE) > /client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, > char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, > unsigned int)() > > ** CID 1188130: Logically dead code (DEADCODE) > /client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, > char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, > unsigned int)() > > ** CID 1192611: Uncaught exception (UNCAUGHT_EXCEPT) > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > /tools/ceph_filestore_dump.cc: 1076 in main() > > ** CID 1192612: Uncaught exception (UNCAUGHT_EXCEPT) > /tools/ceph_filestore_dump.cc: 1076 in main() > > ** CID 1192613: Uncaught exception (UNCAUGHT_EXCEPT) > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc: 48 in main() > /tools/ceph_filestore_tool.cc:
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 26 new defect(s) introduced to ceph found with Coverity Scan. 114 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 20 of 26 defect(s) ** CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH) /test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)() ** CID 717147: Uncaught exception (UNCAUGHT_EXCEPT) /ceph_mds.cc: 141 in main() ** CID 717246: Uninitialized scalar field (UNINIT_CTOR) /mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const std::basic_string, std::allocator>&, snapid_t, snapid_t, unsigned long, bool)() ** CID 717248: Uninitialized scalar field (UNINIT_CTOR) /mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const std::basic_string, std::allocator>&, snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)() ** CID 717264: Uninitialized scalar field (UNINIT_CTOR) /messages/MClientReply.h: 129 in InodeStat::InodeStat()() ** CID 717270: Uninitialized scalar field (UNINIT_CTOR) /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, std::set, std::allocator> &, filepath &, bool)() ** CID 717275: Uninitialized scalar field (UNINIT_CTOR) /messages/MExportDirDiscover.h: 36 in MExportDirDiscover::MExportDirDiscover()() ** CID 717289: Uninitialized scalar field (UNINIT_CTOR) /messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()() ** CID 1026810: Uninitialized pointer field (UNINIT_CTOR) /mds/MDCache.h: 332 in MDCache::umaster::umaster()() ** CID 1026811: Uninitialized scalar field (UNINIT_CTOR) /mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const std::basic_string, std::allocator>&, snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const std::map, std::allocator>, ceph::buffer::ptr, std::less, std::allocator>>, std::allocator, std::allocator>, ceph::buffer::ptr>>> &, const std::basic_string, std::allocator>&, const ceph::buffer::list &, unsigned char, std::map, std::allocator>>*)() ** CID 1128407: Dereference before null check (REVERSE_INULL) /client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)() ** CID 1128412: Resource leak (RESOURCE_LEAK) /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)() ** CID 1160849: Uninitialized scalar field (UNINIT_CTOR) /mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const std::basic_string, std::allocator>&)() ** CID 1188129: Logically dead code (DEADCODE) /client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)() ** CID 1188130: Logically dead code (DEADCODE) /client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)() ** CID 1192611: Uncaught exception (UNCAUGHT_EXCEPT) /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() /tools/ceph_filestore_dump.cc: 1076 in main() ** CID 1192612: Uncaught exception (UNCAUGHT_EXCEPT) /tools/ceph_filestore_dump.cc: 1076 in main() ** CID 1192613: Uncaught exception (UNCAUGHT_EXCEPT) /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() /tools/ceph_filestore_tool.cc: 48 in main() ** CID 1192614: Uncaught exception (UNCAUGHT_EXCEPT) /tools/ceph_filestore_tool.cc: 48 in main() ** CID 1201374: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 4 new defect(s) introduced to ceph found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1247718: Explicit null dereferenced (FORWARD_NULL) /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() ** CID 1247719: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) /osdc/Striper.cc: 221 in Striper::get_num_objects(const ceph_file_layout &, unsigned long)() ** CID 1247720: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) /osdc/Striper.cc: 225 in Striper::get_num_objects(const ceph_file_layout &, unsigned long)() ** CID 1247721: Uncaught exception (UNCAUGHT_EXCEPT) /rbd.cc: 2071 in main() /rbd.cc: 2071 in main() *** CID 1247718: Explicit null dereferenced (FORWARD_NULL) /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() 3178 set_lock.pid = req->head.args.filelock_change.pid; 3179 set_lock.type = req->head.args.filelock_change.type; 3180 bool will_wait = req->head.args.filelock_change.wait; 3181 3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl; 3183 >>> CID 1247718: Explicit null dereferenced (FORWARD_NULL) >>> Assigning: "lock_state" = "NULL". 3184 ceph_lock_state_t *lock_state = NULL; 3185 bool interrupt = false; 3186 3187 // get the appropriate lock state 3188 switch (req->head.args.filelock_change.rule) { 3189 case CEPH_LOCK_FLOCK_INTR: /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() 3178 set_lock.pid = req->head.args.filelock_change.pid; 3179 set_lock.type = req->head.args.filelock_change.type; 3180 bool will_wait = req->head.args.filelock_change.wait; 3181 3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl; 3183 >>> CID 1247718: Explicit null dereferenced (FORWARD_NULL) >>> Assigning: "lock_state" = "NULL". 3184 ceph_lock_state_t *lock_state = NULL; 3185 bool interrupt = false; 3186 3187 // get the appropriate lock state 3188 switch (req->head.args.filelock_change.rule) { 3189 case CEPH_LOCK_FLOCK_INTR: /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() 3178 set_lock.pid = req->head.args.filelock_change.pid; 3179 set_lock.type = req->head.args.filelock_change.type; 3180 bool will_wait = req->head.args.filelock_change.wait; 3181 3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl; 3183 >>> CID 1247718: Explicit null dereferenced (FORWARD_NULL) >>> Assigning: "lock_state" = "NULL". 3184 ceph_lock_state_t *lock_state = NULL; 3185 bool interrupt = false; 3186 3187 // get the appropriate lock state 3188 switch (req->head.args.filelock_change.rule) { 3189 case CEPH_LOCK_FLOCK_INTR: /mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr &)() 3178 set_lock.pid = req->head.args.filelock_change.pid; 3179 set_lock.type = req->head.args.filelock_change.type; 3180 bool will_wait = req->head.args.filelock_change.wait; 3181 3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl; 3183 >>> CID 1247718: Explicit null dereferenced (FORWARD_NULL) >>> Assigning: "lock_state" = "NULL". 3184 ceph_lock_state_t *lock_state = NULL; 3185 bool interrupt = false; 3186 3187 // get the appropriate lock state 3188 switch (req->head.args.filelock_change.rule) { 3189 case CEPH_LOCK_FLOCK_INTR: *** CID 1247719: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) /osdc/Striper.cc: 221 in Striper::get_num_objects(const ceph_file_layout &, unsigned long)() 215 } 216 uint64_t Striper::get_num_objects(const ceph_file_layout& layout, uint64_t size) 217 { 218 __u32 object_size = layout.fl_object_size; 219 __u32 stripe_unit = layout.fl_stripe_unit; 220 __u32 stripe_count = layout.fl_stripe_count; >>> CID 1247719: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "stripe_count * object_size" with >>> type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit >>> arithmetic before being used in a context which expects an expression of >>> type "uint64_t" (64 bits, unsigned). To av
Re: [Ceph-qa] New Defects reported by Coverity Scan for ceph
On Thu, Oct 9, 2014 at 6:23 AM, wrote: > > Hi, > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > 3 new defect(s) introduced to ceph found with Coverity Scan. > 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the > recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan > Showing 3 of 3 defect(s) > > > ** CID 1244227: Dereference after null check (FORWARD_NULL) > /mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, > mds_rank_t, std::tr1::shared_ptr &, bool)() > /mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, > mds_rank_t, std::tr1::shared_ptr &, bool)() These lines are if (in && in->is_dir() && srcdn->authority().first != whoami) ... and } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) { ... Coverity is complaining about the srcdn dereference, and I've dug into it a bit but I think this might actually be an issue. Well, more accurately, I think maybe if srcdn is NULL we've failed somehow and should have given up, but the code looks to be not failing on purpose, so I'm missing something. We should dig into this and either fix or promote the if (in && in->is_dir()) assert(srcdn && destdn); which we have nested inside of a check for rollback.orig_src.ino (ie, we were auth/primary for the srcdn at rename time). The other two I've sent in an (untested) PR for: https://github.com/ceph/ceph/pull/2677 > > ** CID 1244228: Uninitialized scalar field (UNINIT_CTOR) > /mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()() The "read" cap bool is indeed uninitialized; easy enough to default-fill it to false. > ** CID 1244229: Uninitialized scalar field (UNINIT_CTOR) > /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, > int, std::set, std::allocator> &, filepath &, bool)() "discover" is indeed uninitialized by default (although it looks like the only caller overrides that default). The PR sets it to 0, which appears to be the correct default from my reading of the code. -Greg -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph
Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 3 new defect(s) introduced to ceph found with Coverity Scan. 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 1244227: Dereference after null check (FORWARD_NULL) /mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr &, bool)() /mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr &, bool)() ** CID 1244228: Uninitialized scalar field (UNINIT_CTOR) /mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()() ** CID 1244229: Uninitialized scalar field (UNINIT_CTOR) /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, int, std::set, std::allocator> &, filepath &, bool)() *** CID 1244227: Dereference after null check (FORWARD_NULL) /mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr &, bool)() 7005 // slave 7006 assert(!destdn || destdn->authority().first != whoami); 7007 assert(!straydn || straydn->authority().first != whoami); 7008 7009 bool force_journal_src = false; 7010 bool force_journal_dest = false; >>> CID 1244227: Dereference after null check (FORWARD_NULL) >>> Passing null pointer "srcdn" to "authority", which dereferences it. >>> (The dereference happens because this is a virtual function call.) 7011 if (in && in->is_dir() && srcdn->authority().first != whoami) 7012 force_journal_src = _need_force_journal(in, false); 7013 if (in && target && target->is_dir()) 7014 force_journal_dest = _need_force_journal(in, true); 7015 7016 version_t srcdnpv = 0; /mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr &, bool)() 7124 le->commit.add_primary_dentry(target->get_projected_parent_dn(), target, true); 7125 } 7126 7127 if (force_journal_dest) { 7128 dout(10) << " noting rename target ino " << target->ino() << " in metablob" << dendl; 7129 le->commit.renamed_dirino = target->ino(); >>> CID 1244227: Dereference after null check (FORWARD_NULL) >>> Passing null pointer "srcdn" to "authority", which dereferences it. >>> (The dereference happens because this is a virtual function call.) 7130 } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) { 7131 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl; 7132 le->commit.renamed_dirino = in->ino(); 7133 } 7134 7135 if (target && target->is_dir()) { *** CID 1244228: Uninitialized scalar field (UNINIT_CTOR) /mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()() 23 24 struct MDSCapSpec { 25 bool read; 26 bool write; 27 bool any; 28 >>> CID 1244228: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "read" is not initialized in this constructor >>> nor in any functions that it calls. 29 MDSCapSpec() : write(false), any(false) {} 30 MDSCapSpec(bool r_, bool w_, bool a_) : read(r_), write(w_), any(a_) {} 31 32 bool allow_all() const {return any;} 33 }; 34 *** CID 1244229: Uninitialized scalar field (UNINIT_CTOR) /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, int, std::set, std::allocator> &, filepath &, bool)() 49 this->from_mds = f; 50 this->dirfrag = dirfrag; 51 this->dir_rep = dir_rep; 52 this->dir_rep_by = dir_rep_by; 53 if (discover) this->discover = 5; 54 this->path = path; >>> CID 1244229: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "discover" is not initialized in this >>> constructor nor in any functions that it calls. 55 } 56 private: 57 ~MDirUpdate() {} 58 59 public: 60 const char *get_type_name() const { return "dir_update"; } To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vg
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. 6 new defect(s) introduced to ceph found with Coverity Scan. 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 6 of 6 defect(s) ** CID 1244195: Dereference after null check (FORWARD_NULL) /mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)() ** CID 1244196: Data race condition (MISSING_LOCK) /test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()() ** CID 1244197: Dereference before null check (REVERSE_INULL) /mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)() ** CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT) /test/mon/test-mon-msg.cc: 322 in main() /test/mon/test-mon-msg.cc: 322 in main() /test/mon/test-mon-msg.cc: 322 in main() ** CID 1244200: Uninitialized pointer field (UNINIT_CTOR) /test/mon/test-mon-msg.cc: 67 in MonClientHelper::MonClientHelper(CephContext *)() ** CID 1244199: Uninitialized pointer field (UNINIT_CTOR) /test/mon/test-mon-msg.cc: 225 in MonMsgTest::MonMsgTest()() *** CID 1244195: Dereference after null check (FORWARD_NULL) /mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)() 3104 if (s && s->closed) { 3105 caps = s->caps; 3106 reuse_caps = true; 3107 s->put(); 3108 s = NULL; 3109 } >>> CID 1244195: Dereference after null check (FORWARD_NULL) >>> Comparing "s" to null implies that "s" might be null. 3110 if (!s) { 3111 // if the sender is not a monitor, make sure their first message for a 3112 // session is an MAuth. If it is not, assume it's a stray message, 3113 // and considering that we are creating a new session it is safe to 3114 // assume that the sender hasn't authenticated yet, so we have no way 3115 // of assessing whether we should handle it or not. *** CID 1244196: Data race condition (MISSING_LOCK) /test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()() 223 MonMsgTest() : 224 MonClientHelper(g_ceph_context), 225 lock("lock") { } 226 227 public: 228 virtual void SetUp() { >>> CID 1244196: Data race condition (MISSING_LOCK) >>> Accessing "this->reply_type" without holding lock "Mutex._m". >>> Elsewhere, "MonMsgTest.reply_type" is accessed with "Mutex._m" held 1 out >>> of 2 times (1 of these accesses strongly imply that it is necessary). 229 reply_type = -1; 230 if (reply_msg) { 231 reply_msg->put(); 232 reply_msg = NULL; 233 } 234 ASSERT_EQ(init(), 0); *** CID 1244197: Dereference before null check (REVERSE_INULL) /mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)() 3360 } 3361 break; 3362 3363 // elector messages 3364 case MSG_MON_ELECTION: 3365 //check privileges here for simplicity >>> CID 1244197: Dereference before null check (REVERSE_INULL) >>> Null-checking "s" suggests that it may be null, but it has already been >>> dereferenced on all paths leading to the check. 3366 if (s && 3367 !s->is_capable("mon", MON_CAP_X)) { 3368 dout(0) << "MMonElection received from entity without enough caps!" 3369 << s->caps << dendl; 3370 m->put(); 3371 break; *** CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT) /test/mon/test-mon-msg.cc: 322 in main() 316 317 int r = monc.get_monmap(); 318 ASSERT_EQ(r, 0); 319 ASSERT_FALSE(monc.monmap.contains("client")); 320 } 321 >>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 322 int main(int argc, char *argv[]) 323 { 324 vector def_args; 325 vector args; 326 argv_to_vec(argc, (const char **)argv, args); 327 /test/mon/test-mon-msg.cc: 322 in main() 316 317 int r = monc.get_monmap(); 318 ASSERT_EQ(r, 0); 319 ASSERT_FALSE(monc.monmap.contains("client")); 320 } 321 >>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT) >>> In function "main(int, char **)" an exception of type >>> "ceph::FailedAssertion" is thrown and never caught. 322 int main(int argc, char *argv[]) 323 { 324 vector def_args; 325 vector args; 326 argv_to
Re: New Defects reported by Coverity Scan for ceph (fwd)
On 09/30/2014 01:38 PM, Sage Weil wrote: On Tue, 30 Sep 2014, Gregory Farnum wrote: On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil wrote: Looks like recent changes from Greg, Loic, and I. -- Forwarded message -- From: scan-ad...@coverity.com To: undisclosed-recipients:; Cc: Date: Tue, 30 Sep 2014 06:21:08 -0700 Subject: New Defects reported by Coverity Scan for ceph Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1242019: Data race condition (MISSING_LOCK) /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() ** CID 1242021: Resource leak (RESOURCE_LEAK) /test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() /test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() /test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() /test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() ** CID 1242020: Resource leak (RESOURCE_LEAK) /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()() ** CID 1242018: Resource leak (RESOURCE_LEAK) /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()() /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()() /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()() *** CID 1242019: Data race condition (MISSING_LOCK) /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() 224 if (flush_count > 0) { 225 --flush_count; 226 active_flush = true; 227 } 228 if (pipe->in_q->can_fast_dispatch(m)) { 229 if (!stop_fast_dispatching_flag) { CID 1242019: Data race condition (MISSING_LOCK) Accessing "this->delay_dispatching" without holding lock "Mutex._m". Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary). 230 delay_dispatching = true; 231 delay_lock.Unlock(); 232 pipe->in_q->fast_dispatch(m); 233 delay_lock.Lock(); 234 delay_dispatching = false; 235 if (stop_fast_dispatching_flag) { This one's a false positive. (delay_dispatching is protected by the delay_lock, but I think it's picking up on the Pipe::lock which is held when DelayedDelivery is constructed and initialized.) Is there a way I should annotate this, or is it something we need to adjust in the Coverity web interface? There are annotations but I don't know how they work. I've been marking them through the web interface... sage Jeff and Kaleb (last I remember) had more expertise in coverity magic - they might know how to annotate those false positives... ric -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph (fwd)
On Tue, 30 Sep 2014, Gregory Farnum wrote: > On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil wrote: > > Looks like recent changes from Greg, Loic, and I. > > > > -- Forwarded message -- > > From: scan-ad...@coverity.com > > To: undisclosed-recipients:; > > Cc: > > Date: Tue, 30 Sep 2014 06:21:08 -0700 > > Subject: New Defects reported by Coverity Scan for ceph > > > > > > Hi, > > > > > > Please find the latest report on new defect(s) introduced to ceph found > > with Coverity Scan. > > > > Defect(s) Reported-by: Coverity Scan > > Showing 4 of 4 defect(s) > > > > > > ** CID 1242019: Data race condition (MISSING_LOCK) > > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() > > > > ** CID 1242021: Resource leak (RESOURCE_LEAK) > > /test/librados/tier.cc: 1026 in > > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > > /test/librados/tier.cc: 1022 in > > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > > /test/librados/tier.cc: 1040 in > > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > > /test/librados/tier.cc: 1037 in > > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > > > > ** CID 1242020: Resource leak (RESOURCE_LEAK) > > /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()() > > > > ** CID 1242018: Resource leak (RESOURCE_LEAK) > > /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()() > > /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()() > > /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()() > > > > > > > > *** CID 1242019: Data race condition (MISSING_LOCK) > > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() > > 224 if (flush_count > 0) { > > 225 --flush_count; > > 226 active_flush = true; > > 227 } > > 228 if (pipe->in_q->can_fast_dispatch(m)) { > > 229 if (!stop_fast_dispatching_flag) { > >>>> CID 1242019: Data race condition (MISSING_LOCK) > >>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". > >>>> Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed > >>>> with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly > >>>> imply that it is necessary). > > 230 delay_dispatching = true; > > 231 delay_lock.Unlock(); > > 232 pipe->in_q->fast_dispatch(m); > > 233 delay_lock.Lock(); > > 234 delay_dispatching = false; > > 235 if (stop_fast_dispatching_flag) { > > This one's a false positive. (delay_dispatching is protected by the > delay_lock, but I think it's picking up on the Pipe::lock which is > held when DelayedDelivery is constructed and initialized.) Is there a > way I should annotate this, or is it something we need to adjust in > the Coverity web interface? There are annotations but I don't know how they work. I've been marking them through the web interface... sage -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph (fwd)
On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil wrote: > Looks like recent changes from Greg, Loic, and I. > > -- Forwarded message -- > From: scan-ad...@coverity.com > To: undisclosed-recipients:; > Cc: > Date: Tue, 30 Sep 2014 06:21:08 -0700 > Subject: New Defects reported by Coverity Scan for ceph > > > Hi, > > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > Defect(s) Reported-by: Coverity Scan > Showing 4 of 4 defect(s) > > > ** CID 1242019: Data race condition (MISSING_LOCK) > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() > > ** CID 1242021: Resource leak (RESOURCE_LEAK) > /test/librados/tier.cc: 1026 in > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > /test/librados/tier.cc: 1022 in > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > /test/librados/tier.cc: 1040 in > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > /test/librados/tier.cc: 1037 in > LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() > > ** CID 1242020: Resource leak (RESOURCE_LEAK) > /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()() > > ** CID 1242018: Resource leak (RESOURCE_LEAK) > /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()() > /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()() > /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()() > > > > *** CID 1242019: Data race condition (MISSING_LOCK) > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() > 224 if (flush_count > 0) { > 225 --flush_count; > 226 active_flush = true; > 227 } > 228 if (pipe->in_q->can_fast_dispatch(m)) { > 229 if (!stop_fast_dispatching_flag) { >>>> CID 1242019: Data race condition (MISSING_LOCK) >>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". >>>> Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with >>>> "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that >>>> it is necessary). > 230 delay_dispatching = true; > 231 delay_lock.Unlock(); > 232 pipe->in_q->fast_dispatch(m); > 233 delay_lock.Lock(); > 234 delay_dispatching = false; > 235 if (stop_fast_dispatching_flag) { This one's a false positive. (delay_dispatching is protected by the delay_lock, but I think it's picking up on the Pipe::lock which is held when DelayedDelivery is constructed and initialized.) Is there a way I should annotate this, or is it something we need to adjust in the Coverity web interface? -Greg -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph (fwd)
I'll fix the aio.cc problems, thanks ! On 30/09/2014 15:59, Sage Weil wrote: > Looks like recent changes from Greg, Loic, and I. > -- Loïc Dachary, Artisan Logiciel Libre signature.asc Description: OpenPGP digital signature
New Defects reported by Coverity Scan for ceph (fwd)
Looks like recent changes from Greg, Loic, and I.--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1242019: Data race condition (MISSING_LOCK) /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() ** CID 1242021: Resource leak (RESOURCE_LEAK) /test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() /test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() /test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() /test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() ** CID 1242020: Resource leak (RESOURCE_LEAK) /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()() ** CID 1242018: Resource leak (RESOURCE_LEAK) /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()() /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()() /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()() *** CID 1242019: Data race condition (MISSING_LOCK) /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()() 224 if (flush_count > 0) { 225 --flush_count; 226 active_flush = true; 227 } 228 if (pipe->in_q->can_fast_dispatch(m)) { 229 if (!stop_fast_dispatching_flag) { >>> CID 1242019: Data race condition (MISSING_LOCK) >>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". >>> Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with >>> "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that >>> it is necessary). 230 delay_dispatching = true; 231 delay_lock.Unlock(); 232 pipe->in_q->fast_dispatch(m); 233 delay_lock.Lock(); 234 delay_dispatching = false; 235 if (stop_fast_dispatching_flag) { *** CID 1242021: Resource leak (RESOURCE_LEAK) /test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() 1020 op.cache_evict(); 1021 librados::AioCompletion *completion = cluster.aio_create_completion(); 1022 ASSERT_EQ(0, cache_ioctx.aio_operate( 1023 "foo", completion, &op, 1024 librados::OPERATION_IGNORE_CACHE, NULL)); 1025 completion->wait_for_safe(); >>> CID 1242021: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 1026 ASSERT_EQ(0, completion->get_return_value()); 1027 completion->release(); 1028 } 1029 1030 // verify the snapdir is not present in the cache pool 1031 { /test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() 1016 1017 // evict 1018 { 1019 ObjectReadOperation op; 1020 op.cache_evict(); 1021 librados::AioCompletion *completion = cluster.aio_create_completion(); >>> CID 1242021: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 1022 ASSERT_EQ(0, cache_ioctx.aio_operate( 1023 "foo", completion, &op, 1024 librados::OPERATION_IGNORE_CACHE, NULL)); 1025 completion->wait_for_safe(); 1026 ASSERT_EQ(0, completion->get_return_value()); 1027 completion->release(); /test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() 1034 op.list_snaps(&snapset, NULL); 1035 ioctx.snap_set_read(librados::SNAP_DIR); 1036 librados::AioCompletion *completion = cluster.aio_create_completion(); 1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op, 1038 librados::OPERATION_IGNORE_CACHE, NULL)); 1039 completion->wait_for_safe(); >>> CID 1242021: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 1040 ASSERT_EQ(-ENOENT, completion->get_return_value()); 1041 completion->release(); 1042 } 1043 } 1044 1045 TEST_F(LibRadosTwoPoolsPP, TryFlush) { /test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()() 1031 { 1032 ObjectReadOperation op; 1033 librados::snap_set_t snapset; 1034 op.list_snaps(&snapset, NULL); 1035 ioctx.snap_set_read(librados::SNAP_DIR); 1036 librados::AioCompletion *completion = cluster.aio_create_completion(); >>> CID 1242021: Resource leak (RESOURCE_LEAK) >>> Variable "completion" going out of scope leaks the storage it points to. 1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op, 1038
Re: New Defects reported by Coverity Scan for ceph (fwd)
Nice to see that coverity and lockdep agree :-) This should go away with the fix for #9562. John On Thu, Sep 25, 2014 at 4:02 PM, Sage Weil wrote: > > > -- Forwarded message -- > From: scan-ad...@coverity.com > To: undisclosed-recipients:; > Cc: > Date: Thu, 25 Sep 2014 06:18:46 -0700 > Subject: New Defects reported by Coverity Scan for ceph > > > Hi, > > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > Defect(s) Reported-by: Coverity Scan > Showing 1 of 1 defect(s) > > > ** CID 1241497: Thread deadlock (ORDER_REVERSAL) > > > > > *** CID 1241497: Thread deadlock (ORDER_REVERSAL) > /osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)() > 308 return; > 309 } > 310 > 311 int max = 10 - pr->uncommitted; > 312 while (pr->num > 0 && max > 0) { > 313 object_t oid = file_object_t(pr->ino, pr->first); >>>> CID 1241497: Thread deadlock (ORDER_REVERSAL) >>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock >>>> "Mutex._m" (count: 15 / 30). > 314 const OSDMap *osdmap = objecter->get_osdmap_read(); > 315 object_locator_t oloc = > osdmap->file_to_object_locator(pr->layout); > 316 objecter->put_osdmap_read(); > 317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags, > 318 NULL, new C_PurgeRange(this, pr)); > 319 pr->uncommitted++; > > > > To view the defects in Coverity Scan visit, > http://scan.coverity.com/projects/25?tab=overview > > To unsubscribe from the email notification for new defects, > http://scan5.coverity.com/cgi-bin/unsubscribe.py > > > > -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1241497: Thread deadlock (ORDER_REVERSAL) *** CID 1241497: Thread deadlock (ORDER_REVERSAL) /osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)() 308 return; 309 } 310 311 int max = 10 - pr->uncommitted; 312 while (pr->num > 0 && max > 0) { 313 object_t oid = file_object_t(pr->ino, pr->first); >>> CID 1241497: Thread deadlock (ORDER_REVERSAL) >>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock >>> "Mutex._m" (count: 15 / 30). 314 const OSDMap *osdmap = objecter->get_osdmap_read(); 315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout); 316 objecter->put_osdmap_read(); 317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags, 318 NULL, new C_PurgeRange(this, pr)); 319 pr->uncommitted++; To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py --- End Message ---
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 20 of 38 defect(s) ** CID 717233: Uninitialized scalar field (UNINIT_CTOR) /mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)() ** CID 1238869: Value not atomically updated (ATOMICITY) /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() ** CID 1238870: Unchecked return value (CHECKED_RETURN) /test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()() ** CID 1238871: Dereference after null check (FORWARD_NULL) /mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr &, bool)() /mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr &, bool)() ** CID 1238872: Unchecked return value (CHECKED_RETURN) /tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string, std::allocator>)() ** CID 1238873: Unchecked return value (CHECKED_RETURN) /rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string, std::allocator>&)() ** CID 1238874: Missing unlock (LOCK) /osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)() ** CID 1238875: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7737 in () ** CID 1238876: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7735 in () ** CID 1238877: Missing unlock (LOCK) /common/Timer.cc: 240 in RWTimer::shutdown()() ** CID 1238878: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7734 in () ** CID 1238879: Thread deadlock (ORDER_REVERSAL) ** CID 1238880: Thread deadlock (ORDER_REVERSAL) ** CID 1238881: Thread deadlock (ORDER_REVERSAL) ** CID 1238882: Thread deadlock (ORDER_REVERSAL) ** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS) /mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)() ** CID 1238884: Unrecoverable parse warning (PARSE_ERROR) /client/Client.cc: 7733 in () ** CID 1238885: Thread deadlock (ORDER_REVERSAL) ** CID 1238886: Thread deadlock (ORDER_REVERSAL) ** CID 1238887: Thread deadlock (ORDER_REVERSAL) *** CID 717233: Uninitialized scalar field (UNINIT_CTOR) /mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)() 243 suppress(0), state(0), 244 client_follows(0), client_xattr_version(0), 245 client_inline_version(0), 246 item_session_caps(this), item_snaprealm_caps(this), item_revoking_caps(this) { 247 g_num_cap++; 248 g_num_capa++; >>> CID 717233: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "num_revoke_warnings" is not initialized in >>> this constructor nor in any functions that it calls. 249 } 250 ~Capability() { 251 g_num_cap--; 252 g_num_caps++; 253 } 254 *** CID 1238869: Value not atomically updated (ATOMICITY) /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() 3049 if (!rwlock.is_wlocked()) { 3050 rwlock.unlock(); 3051 rwlock.get_write(); 3052 } 3053 iter = pool_ops.find(tid); 3054 if (iter != pool_ops.end()) { >>> CID 1238869: Value not atomically updated (ATOMICITY) >>> Using an unreliable value of "op" inside the second locked section. If >>> the data that "op" depends on was changed by another thread, this use might >>> be incorrect. 3055 _finish_pool_op(op); 3056 } 3057 } else { 3058 ldout(cct, 10) << "unknown request " << tid << dendl; 3059 } 3060 rwlock.unlock(); /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() 3049 if (!rwlock.is_wlocked()) { 3050 rwlock.unlock(); 3051 rwlock.get_write(); 3052 } 3053 iter = pool_ops.find(tid); 3054 if (iter != pool_ops.end()) { >>> CID 1238869: Value not atomically updated (ATOMICITY) >>> Using an unreliable value of "op" inside the second locked section. If >>> the data that "op" depends on was changed by another thread, this use might >>> be incorrect. 3055 _finish_pool_op(op); 3056 } 3057 } else { 3058 ldout(cct, 10) << "unknown request " << tid << dendl; 3059 } 3060 rwlock.unlock(); /osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)() 3049 if (!rwlock.is_wlocked()) { 3050 rwlock.unlock(); 3051
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 9 of 9 defect(s) ** CID 1232599: Bad bit shift operation (BAD_SHIFT) /os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned long)() ** CID 1232600: Bad bit shift operation (BAD_SHIFT) /os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned long)() ** CID 1232601: Unchecked return value (CHECKED_RETURN) /rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(std::basic_string, std::allocator>)() ** CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO) /mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, std::basic_string, std::allocator>&, bool, const std::set, std::allocator> *)() ** CID 1232603: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) /test/objectstore/store_test.cc: 138 in StoreTest_SimpleColPreHashTest_Test::TestBody()() ** CID 1232604: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) /os/HashIndex.cc: 378 in HashIndex::pre_split_folder(unsigned int, unsigned long)() ** CID 1232605: Uncaught exception (UNCAUGHT_EXCEPT) /rbd_replay/rbd-replay.cc: 51 in main() ** CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT) /rbd_replay/rbd-replay.cc: 51 in main() /rbd_replay/rbd-replay.cc: 51 in main() /rbd_replay/rbd-replay.cc: 51 in main() /rbd_replay/rbd-replay.cc: 51 in main() /rbd_replay/rbd-replay.cc: 51 in main() /rbd_replay/rbd-replay.cc: 51 in main() ** CID 1232607: Uninitialized pointer field (UNINIT_CTOR) /rbd_replay/Replayer.cc: 141 in rbd_replay::Replayer::Replayer(int)() *** CID 1232599: Bad bit shift operation (BAD_SHIFT) /os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned long)() 427 leavies /= subs; 428 while (leavies > 1) { 429 ++level; 430 leavies = leavies >> 4; 431 } 432 for (uint32_t i = 0; i < subs; ++i) { >>> CID 1232599: Bad bit shift operation (BAD_SHIFT) >>> In expression "i << (4 - split_bits) % 4", shifting by a negative >>> amount has undefined behavior. The shift amount, "(4 - split_bits) % 4", >>> is -1. 433 int v = tmp_id | (i << ((4 - split_bits) % 4)); 434 paths.push_back(to_hex(v)); 435 ret = create_path(paths); 436 if (ret < 0 && ret != -EEXIST) 437 return ret; 438 ret = recursive_create_path(paths, level); *** CID 1232600: Bad bit shift operation (BAD_SHIFT) /os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned long)() 415 // this variable denotes how many bits (for this level) that can be 416 // used for sub folder splitting 417 int split_bits = 4 - left_bits; 418 // the below logic is inspired by rados.h#ceph_stable_mod, 419 // it basically determines how many sub-folders should we 420 // create for splitting >>> CID 1232600: Bad bit shift operation (BAD_SHIFT) >>> In expression "1 << pg_num_bits - 1", shifting by a negative amount has >>> undefined behavior. The shift amount, "pg_num_bits - 1", is -1. 421 if (((1 << (pg_num_bits - 1)) | ps) >= pg_num) { 422 ++split_bits; 423 } 424 const uint32_t subs = (1 << split_bits); 425 // Calculate how many levels we create starting from here 426 int level = 0; *** CID 1232601: Unchecked return value (CHECKED_RETURN) /rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(std::basic_string, std::allocator>)() 148 return m_action_trackers[id % m_num_action_trackers]; 149 } 150 151 void Replayer::run(const std::string replay_file) { 152 { 153 librados::Rados rados; >>> CID 1232601: Unchecked return value (CHECKED_RETURN) >>> Calling "init" without checking return value (as is done elsewhere 10 >>> out of 11 times). 154 rados.init(NULL); 155 int r = rados.init_with_context(g_ceph_context); 156 if (r) { 157 cerr << "Unable to read conf file: " << r << std::endl; 158 goto out; 159 } *** CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO) /mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, std::basic_string, std::allocator>&, bool, const std::set, std::allocator> *)() 484 } 485 ++pgs_by_osd[*q]; 486 ++num_pg_copies; 487 } 488 } 489 >>> CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO) >>> In expression "num_p
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 5 of 5 defect(s) ** CID 1201388: Missing unlock (LOCK) /mon/Monitor.cc: 438 in Monitor::preinit()() ** CID 1225099: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string, std::allocator>&, std::map, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less, std::allocator>>, std::allocator, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_ &, std::basic_stringstream, std::allocator> &, int &)() ** CID 1225100: Missing unlock (LOCK) /mds/MDLog.cc: 511 in MDLog::trim(int)() /mds/MDLog.cc: 511 in MDLog::trim(int)() ** CID 1225101: Missing unlock (LOCK) /mds/MDLog.cc: 394 in MDLog::shutdown()() ** CID 1225102: Dereference before null check (REVERSE_INULL) /mon/Monitor.cc: 746 in Monitor::shutdown()() *** CID 1201388: Missing unlock (LOCK) /mon/Monitor.cc: 438 in Monitor::preinit()() 432 433 dout(1) << "preinit fsid " << monmap->fsid << dendl; 434 435 int r = sanitize_options(); 436 if (r < 0) { 437 derr << "option sanitization failed!" << dendl; >>> CID 1201388: Missing unlock (LOCK) >>> Returning without unlocking "this->lock._m". 438 return r; 439 } 440 441 assert(!logger); 442 { 443 PerfCountersBuilder pcb(g_ceph_context, "mon", l_mon_first, l_mon_last); *** CID 1225099: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string, std::allocator>&, std::map, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less, std::allocator>>, std::allocator, std::allocator>, boost::variant, std::allocator>, bool, long, double, std::vector, std::allocator>, std::allocator, std::allocator>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_ &, std::basic_stringstream, std::allocator> &, int &)() 1403 r = -EINVAL; 1404 poolid = -1; 1405 ss << "cannot remove default data pool"; 1406 } 1407 1408 if (poolid >= 0) { >>> CID 1225099: Unchecked return value (CHECKED_RETURN) >>> Calling "cmd_getval" without checking return value (as is done >>> elsewhere 22 out of 25 times). 1409 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid); 1410 r = pending_mdsmap.remove_data_pool(poolid); 1411 if (r == -ENOENT) 1412r = 0; 1413 if (r == 0) 1414ss << "removed data pool " << poolid << " f
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO) /tools/rados/rados.cc: 1368 in rados_tool_common(const std::map, std::allocator>, std::basic_string, std::allocator>, std::less, std::allocator>>, std::allocator, std::allocator>, std::basic_string, std::allocator &, std::vector> &)() *** CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO) /tools/rados/rados.cc: 1368 in rados_tool_common(const std::map, std::allocator>, std::basic_string, std::allocator>, std::less, std::allocator>>, std::allocator, std::allocator>, std::basic_string, std::allocator &, std::vector> &)() 1362 } 1363 1364 // align op_size 1365 if (io_ctx.pool_requires_alignment()) { 1366 const uint64_t align = io_ctx.pool_required_alignment(); 1367 const bool wrn = (op_size != (1<<22)); >>> CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO) >>> In expression "(op_size + align - 1UL) / align", division by expression >>> "align" which may be zero has undefined behavior. 1368 op_size = uint64_t((op_size + align - 1) / align) * align; 1369 if (wrn) 1370 cerr << "INFO: op_size has been rounded to " << op_size << std::endl; 1371 } 1372 1373 // snapname? To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py --- End Message ---
Re: New Defects reported by Coverity Scan for ceph (fwd)
I've now looked at the defects. And according to me, there are mostly irrelevant. There are 2 cases : - the 2 "division by zero" will never happen because we will never run the test with a zero parameter. Still, I've added an ASSERT to avoid their report. - all the rest is a clash between gtest and coverity : whenever you allocate something via the C API and you have an assert between this allocation and the deallocation, you have a potential resource leak if the assert fails. However, avoiding it means wrapping all the C API in a kind of autoPtr interface. I do not believe it's worth it for test code. By the way, the rados tests must have the same leaks a priori and I suppose they are ignored. So is it ok to commit the 2 new asserts and ignore the other defects ? Cheers, Sebastien On Sat, 2014-06-07 at 09:12 -0700, Sage Weil wrote: > Mostly stuff in teh new libradosstriper code, it looks like. -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph (fwd)
Not surprising, this was just integrated and I did not have the possibility to run a coverity scan myself. I'll fix all this. Sebastien On Sat, 2014-06-07 at 09:12 -0700, Sage Weil wrote: > Mostly stuff in teh new libradosstriper code, it looks like. -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph (fwd)
Mostly stuff in teh new libradosstriper code, it looks like.--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 20 of 41 defect(s) ** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO) /test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() ** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO) /test/libradosstriper/striping.cc: 68 in StriperTestRT::checkObjectFromRados(const std::basic_string, std::allocator>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)() ** CID 1221500: Resource leak (RESOURCE_LEAK) /test/libradosstriper/io.cc: 341 in StriperTest_XattrIter_Test::TestBody()() /test/libradosstriper/io.cc: 335 in StriperTest_XattrIter_Test::TestBody()() ** CID 1221501: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 513 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()() ** CID 1221502: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 537 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()() /test/libradosstriper/aio.cc: 538 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()() /test/libradosstriper/aio.cc: 532 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()() ** CID 1221503: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()() /test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()() /test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()() ** CID 1221504: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 428 in StriperTest_Flush_Test::TestBody()() /test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()() /test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()() /test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()() /test/libradosstriper/aio.cc: 424 in StriperTest_Flush_Test::TestBody()() ** CID 1221505: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()() /test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()() /test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()() ** CID 1221506: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()() /test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()() /test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()() /test/libradosstriper/aio.cc: 285 in StriperTest_IsSafe_Test::TestBody()() /test/libradosstriper/aio.cc: 281 in StriperTest_IsSafe_Test::TestBody()() ** CID 1221507: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 453 in StriperTestPP_FlushPP_Test::TestBody()() /test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()() /test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()() ** CID 1221508: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()() /test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()() ** CID 1221509: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()() /test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()() /test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()() ** CID 1221510: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 108 in StriperTest_RoundTrip_Test::TestBody()() /test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()() /test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()() /test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()() /test/libradosstriper/aio.cc: 104 in StriperTest_RoundTrip_Test::TestBody()() ** CID 1221511: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()() /test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()() /test/libradosstriper/aio.cc: 319 in StriperTestPP_IsSafePP_Test::TestBody()() ** CID 1221512: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()() /test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()() ** CID 1221513: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()() /test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()() /test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()() ** CID 1221514: Resource leak (RESOURCE_LEAK) /test/libradosstriper/aio.cc: 218 in StriperTest_IsComplete_Test::TestBody()() /test/li
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR) /osd/PG.cc: 981 in PG::calc_ec_acting(std::_Rb_tree_const_iterator>, unsigned int, const std::vector> &, pg_shard_t, const std::vector> &, pg_shard_t, const std::map, std::allocator>> &, bool, std::vector> *, std::set, std::allocator> *, std::set, std::allocator> *, pg_shard_t *, std::basic_ostream>&)() *** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR) /osd/PG.cc: 981 in PG::calc_ec_acting(std::_Rb_tree_const_iterator>, unsigned int, const std::vector> &, pg_shard_t, const std::vector> &, pg_shard_t, const std::map, std::allocator>> &, bool, std::vector> *, std::set, std::allocator> *, std::set, std::allocator> *, pg_shard_t *, std::basic_ostream>&)() 975 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >= 976 auth_log_shard->second.log_tail) { 977 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl; 978 want[i] = acting[i]; 979 ++usable; 980 } else { >>> CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR) >>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to >>> "all_info_by_shard[shard_id_t(i)]->end()" from >>> "all_info_by_shard[shard_id_t(i)]". 981 for (set::iterator j = all_info_by_shard[shard_id_t(i)].begin(); 982j != all_info_by_shard[shard_id_t(i)].end(); 983++j) { 984 assert(j->shard == i); 985 if (!all_info.find(*j)->second.is_incomplete() && 986 all_info.find(*j)->second.last_update >= To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py --- End Message ---
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1214678: Unchecked return value (CHECKED_RETURN) /osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr, std::tr1::shared_ptr, spg_t)() *** CID 1214678: Unchecked return value (CHECKED_RETURN) /osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr, std::tr1::shared_ptr, spg_t)() 312 OSDMapRef new_map, 313 spg_t pgid) 314 { 315 assert(old_map->have_pg_pool(pgid.pool())); 316 if (pgid.ps() < static_cast(old_map->get_pg_num(pgid.pool( { 317 set children; >>> CID 1214678: Unchecked return value (CHECKED_RETURN) >>> No check of the return value of >>> "pgid.is_split(old_map->get_pg_num(pgid.pool()), >>> new_map->get_pg_num(pgid.pool()), &children)". 318 pgid.is_split(old_map->get_pg_num(pgid.pool()), 319 new_map->get_pg_num(pgid.pool()), &children); 320 _start_split(pgid, children); 321 } else { 322 assert(pgid.ps() < static_cast(new_map->get_pg_num(pgid.pool(; 323 } To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py --- End Message ---
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 8 of 8 defect(s) ** CID 717008: Dereference null return value (NULL_RETURNS) ** CID 1128417: Dereference null return value (NULL_RETURNS) /mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)() ** CID 1213580: Dereference null return value (NULL_RETURNS) /osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr, std::tr1::shared_ptr)() ** CID 1213581: Dereference null return value (NULL_RETURNS) /osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)() ** CID 1213582: Dereference null return value (NULL_RETURNS) /osd/Watch.cc: 359 in Watch::discard_state()() ** CID 1213583: Dereference null return value (NULL_RETURNS) /osd/Watch.cc: 321 in Watch::connect(boost::intrusive_ptr)() ** CID 1213584: Thread deadlock (ORDER_REVERSAL) ** CID 1213585: Thread deadlock (ORDER_REVERSAL) *** CID 717008: Dereference null return value (NULL_RETURNS) /osd/ReplicatedPG.cc: 4962 in ReplicatedPG::do_osd_op_effects(ReplicatedPG::OpContext *)() 4956 4957 void ReplicatedPG::do_osd_op_effects(OpContext *ctx) 4958 { 4959 ConnectionRef conn(ctx->op->get_req()->get_connection()); 4960 boost::intrusive_ptr session( 4961 (OSD::Session *)conn->get_priv()); >>> CID 717008: Dereference null return value (NULL_RETURNS) >>> Dereferencing a pointer that might be null "session" when calling >>> "RefCountedObject::put()". 4962 session->put(); // get_priv() takes a ref, and so does the intrusive_ptr 4963 entity_name_t entity = ctx->reqid.name; 4964 4965 dout(15) << "do_osd_op_effects on session " << session.get() << dendl; 4966 4967 for (list::iterator i = ctx->watch_connects.begin(); *** CID 1128417: Dereference null return value (NULL_RETURNS) /mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)() 9980 } else { 9981 // note: this can only happen our first way around this loop. 9982 if (p.end() && m->is_flag_error_dn()) { 9983fg = cur->pick_dirfrag(m->get_error_dentry()); 9984curdir = cur->get_dirfrag(fg); 9985 } else >>> CID 1128417: Dereference null return value (NULL_RETURNS) >>> Assigning: "curdir" = null return value from >>> "CInode::get_dirfrag(frag_t)". 9986curdir = cur->get_dirfrag(m->get_base_dir_frag()); 9987 } 9988 9989 if (p.end()) 9990 break; 9991 *** CID 1213580: Dereference null return value (NULL_RETURNS) /osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr, std::tr1::shared_ptr)() 5144 // we're shutting down, so drop the op 5145 return true; 5146 } 5147 5148 epoch_t msg_epoch(op_required_epoch(op)); 5149 if (msg_epoch > osdmap->get_epoch()) { >>> CID 1213580: Dereference null return value (NULL_RETURNS) >>> Assigning: "s" = null return value from "Connection::get_priv()". 5150 Session *s = static_cast(op->get_req()-> 5151 get_connection()->get_priv()); 5152 s->received_map_lock.Lock(); 5153 epoch_t received_epoch = s->received_map_epoch; 5154 s->received_map_lock.Unlock(); 5155 if (received_epoch < msg_epoch) { *** CID 1213581: Dereference null return value (NULL_RETURNS) /osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)() 4938 4939 void OSD::ms_fast_preprocess(Message *m) 4940 { 4941 if (m->get_connection()->get_peer_type() == CEPH_ENTITY_TYPE_OSD) { 4942 if (m->get_type() == CEPH_MSG_OSD_MAP) { 4943 MOSDMap *mm = static_cast(m); >>> CID 1213581: Dereference null return value (NULL_RETURNS) >>> Assigning: "s" = null return value from "Connection::get_priv()". 4944 Session *s = static_cast(m->get_connection()->get_priv()); 4945 s->received_map_lock.Lock(); 4946 s->received_map_epoch = mm->get_last(); 4947 s->received_map_lock.Unlock(); 4948 s->put(); 4949 } *** CID 1213582: Dereference null return value (NULL_RETURNS) /osd/Watch.cc: 359 in Watch::discard_state()() 353 assert(!discarded); 354 assert(obc); 355 in_progress_notifies.clear(); 356 unregister_cb(); 357 discarded
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING) /mds/MDS.cc: 1714 in MDS::respawn()() ** CID 1204294: Resource leak (RESOURCE_LEAK) /osd/ReplicatedPG.cc: 980 in ReplicatedPG::do_pg_op(std::tr1::shared_ptr)() ** CID 1204295: Uninitialized scalar field (UNINIT_CTOR) /osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()() ** CID 1204296: Uninitialized scalar field (UNINIT_CTOR) /osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector> &, int, Context *, Context *, unsigned long *)() /osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector> &, int, Context *, Context *, unsigned long *)() *** CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING) /mds/MDS.cc: 1714 in MDS::respawn()() 1708 char buf[PATH_MAX]; 1709 char *cwd = getcwd(buf, sizeof(buf)); 1710 assert(cwd); 1711 dout(1) << " cwd " << cwd << dendl; 1712 1713 /* Fall back to a best-effort: just running in our CWD */ >>> CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING) >>> Calling strncpy with a maximum size argument of 4096 bytes on >>> destination array "exe_path" of size 4096 bytes might leave the destination >>> string unterminated. 1714 strncpy(exe_path, orig_argv[0], sizeof(exe_path)); 1715 } 1716 1717 dout(1) << " exe_path " << exe_path << dendl; 1718 1719 unblock_all_signals(NULL); *** CID 1204294: Resource leak (RESOURCE_LEAK) /osd/ReplicatedPG.cc: 980 in ReplicatedPG::do_pg_op(std::tr1::shared_ptr)() 974 // FIXME: EC not supported yet 975 result = -EOPNOTSUPP; 976 break; 977 } 978 if (is_unreadable_object(oid)) { 979 wait_for_unreadable_object(oid, op); >>> CID 1204294: Resource leak (RESOURCE_LEAK) >>> Variable "filter" going out of scope leaks the storage it points to. 980 return; 981 } 982 result = osd->store->read(coll, oid, 0, 0, osd_op.outdata); 983 } 984 } 985 break; *** CID 1204295: Uninitialized scalar field (UNINIT_CTOR) /osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()() 2710 /// if set, restart backfill when we can get a read lock 2711 bool backfill_read_marker; 2712 2713 /// if set, requeue snaptrim on lock release 2714 bool snaptrimmer_write_marker; 2715 >>> CID 1204295: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "snaptrimmer_write_marker" is not initialized >>> in this constructor nor in any functions that it calls. 2716 RWState() : state(RWNONE), count(0), backfill_read_marker(false) {} 2717 bool get_read(OpRequestRef op) { 2718 if (get_read_lock()) { 2719return true; 2720 } // else 2721 waiters.push_back(op); *** CID 1204296: Uninitialized scalar field (UNINIT_CTOR) /osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector> &, int, Context *, Context *, unsigned long *)() 1159out_handler[i] = NULL; 1160out_rval[i] = NULL; 1161 } 1162 1163 if (target.base_oloc.key == o) 1164target.base_oloc.key.clear(); >>> CID 1204296: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "used_replica" is not initialized in this >>> constructor nor in any functions that it calls. 1165 } 1166 ~Op() { 1167 while (!out_handler.empty()) { 1168delete out_handler.back(); 1169out_handler.pop_back(); 1170 } /osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector> &, int, Context *, Context *, unsigned long *)() 1159out_handler[i] = NULL; 1160out_rval[i] = NULL; 1161 } 1162 1163 if (target.base_oloc.key == o) 1164target.base_oloc.key.clear(); >>> CID 1204296: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "used_replica" is not initialized in this >>> constructor nor in any functions that it calls. 1165 } 1166 ~Op() { 1167 while (!out_handler.
Re: New Defects reported by Coverity Scan for ceph (fwd)
I'll deal with the problems found in gf-complete: http://tracker.ceph.com/issues/8083 On 12/04/2014 06:06, Sage Weil wrote: > Several new defects. This wasn't running for the last couple of weeks > because the submodules didn't update on the test checkout. > -- Loïc Dachary, Artisan Logiciel Libre signature.asc Description: OpenPGP digital signature
New Defects reported by Coverity Scan for ceph (fwd)
Several new defects. This wasn't running for the last couple of weeks because the submodules didn't update on the test checkout. --- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 20 of 41 defect(s) ** CID 1201374: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)() ** CID 1201375: Unchecked return value (CHECKED_RETURN) /osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, std::vector, std::allocator>, std::allocator, std::allocator>>> &, ceph::buffer::list &)() ** CID 1201376: Unchecked return value (CHECKED_RETURN) /test/system/rados_list_parallel.cc: 333 in main() ** CID 1201377: Unchecked return value (CHECKED_RETURN) /test/system/rados_list_parallel.cc: 335 in main() ** CID 1201378: Unchecked return value (CHECKED_RETURN) /test/system/rados_list_parallel.cc: 330 in main() ** CID 1201379: Copy-paste error (COPY_PASTE_ERROR) /mds/Server.cc: 7119 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr &, bool)() ** CID 1201380: Logically dead code (DEADCODE) /erasure-code/jerasure/gf-complete/src/gf.c: 291 in gf_error_check() ** CID 1201381: Logically dead code (DEADCODE) /erasure-code/jerasure/gf-complete/src/gf.c: 376 in gf_error_check() /erasure-code/jerasure/gf-complete/src/gf.c: 377 in gf_error_check() ** CID 1201382: Dereference after null check (FORWARD_NULL) /mds/Server.cc: 6073 in Server::_rename_prepare(std::tr1::shared_ptr &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)() ** CID 1201383: Dereference after null check (FORWARD_NULL) /mds/Server.cc: 7112 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr &, bool)() ** CID 1201384: Dereference after null check (FORWARD_NULL) /mds/Server.cc: 7154 in Server::_rename_rollback_finish(std::tr1::shared_ptr &, std::tr1::shared_ptr &, CDentry *, unsigned long, CDentry *, CDentry *, bool)() ** CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR) /mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr &, std::set, std::allocator> &, std::set, std::allocator> &, std::set, std::allocator> &, std::map, std::allocator>> *, CInode *, bool)() /mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr &, std::set, std::allocator> &, std::set, std::allocator> &, std::set, std::allocator> &, std::map, std::allocator>> *, CInode *, bool)() ** CID 1201386: Using invalid iterator (INVALIDATE_ITERATOR) /test/librados/lock.cc: 371 in LibRadosLockECPP_BreakLockPP_Test::TestBody()() ** CID 1201387: Using invalid iterator (INVALIDATE_ITERATOR) /test/librados/lock.cc: 330 in LibRadosLockECPP_ListLockersPP_Test::TestBody()() ** CID 1201388: Missing unlock (LOCK) /mon/Monitor.cc: 462 in Monitor::preinit()() ** CID 1201389: Out-of-bounds access (OVERRUN) /test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()() ** CID 1201390: Out-of-bounds access (OVERRUN_DYNAMIC) /test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()() ** CID 1201391: Out-of-bounds write (OVERRUN_STATIC) /erasure-code/jerasure/gf-complete/src/gf_w8.c: 1267 in gf_w8_table_init() ** CID 1201392: Resource leak (RESOURCE_LEAK) /test/librados/TestCase.cc: 134 in RadosTestEC::cleanup_default_namespace(void *)() /test/librados/TestCase.cc: 139 in RadosTestEC::cleanup_default_namespace(void *)() /test/librados/TestCase.cc: 141 in RadosTestEC::cleanup_default_namespace(void *)() ** CID 1201393: Resource leak (RESOURCE_LEAK) /test/librados/aio.cc: 1881 in LibRadosAioEC_RoundTripAppend_Test::TestBody()() /test/librados/aio.cc: 1883 in LibRadosAioEC_RoundTripAppend_Test::TestBody()() *** CID 1201374: Unchecked return value (CHECKED_RETURN) /mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)() 1091 r = -EINVAL; 1092 poolid = -1; 1093 ss << "cannot remove default data pool"; 1094 } 1095 1096 if (poolid >= 0) { >>> CID 1201374: Unchecked return value (CHECKED_RETURN) >>> No check of the return value of "cmd_getval(g_ceph_context, cmdmap, >>> std::string("poolid", std::allocator()), poolid)". 1097 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid); 1098 r = pending_mdsmap.remove_data_pool(poolid); 1099 if (r == -ENOENT) 1100r = 0; 1101 if (r == 0) 1102ss << "removed data pool " << poolid << " from mdsmap"; *** CID 1201375: Unchecked return value (CHECKED_RETURN) /osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, std::vector, std::allocator>
Re: New Defects reported by Coverity Scan for ceph (fwd)
Then it seems that Coverity is only able to perform intra-procedure check, is there any inter-procedure check option to turn on? On 2014/3/4 6:53, John Spray wrote: On Mon, Mar 3, 2014 at 10:23 PM, Sage Weil wrote: ** CID 1188299: Data race condition (MISSING_LOCK) /mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)() Is there a trick to getting coverity to realise that the lock is held, but by the calling function? Does it recognise assertions that the lock is held? Cheers, John -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: New Defects reported by Coverity Scan for ceph (fwd)
On Mon, Mar 3, 2014 at 10:23 PM, Sage Weil wrote: > ** CID 1188299: Data race condition (MISSING_LOCK) > /mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)() Is there a trick to getting coverity to realise that the lock is held, but by the calling function? Does it recognise assertions that the lock is held? Cheers, John -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 15 of 15 defect(s) ** CID 1188299: Data race condition (MISSING_LOCK) /mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)() ** CID 717359: Uninitialized scalar field (UNINIT_CTOR) /rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)() ** CID 1188131: Division or modulo by zero (DIVIDE_BY_ZERO) /common/histogram.h: 97 in pow2_hist_t::get_position_micro(int, unsigned long *, unsigned long *)() ** CID 716921: Dereference after null check (FORWARD_NULL) /mds/MDCache.cc: 6950 in MDCache::handle_cache_expire(MCacheExpire *)() ** CID 1188134: Unchecked dynamic_cast (FORWARD_NULL) /osd/ReplicatedBackend.cc: 428 in RPGTransaction::append(PGBackend::PGTransaction *)() ** CID 1188135: Unchecked dynamic_cast (FORWARD_NULL) /osd/ReplicatedBackend.cc: 494 in ReplicatedBackend::submit_transaction(const hobject_t &, const eversion_t &, PGBackend::PGTransaction *, const eversion_t &, std::vector> &, Context *, Context *, Context *, unsigned long, osd_reqid_t, std::tr1::shared_ptr)() ** CID 716990: Dereference null return value (NULL_RETURNS) /mds/MDCache.cc: 10098 in MDCache::handle_discover(MDiscover *)() ** CID 1135931: Resource leak (RESOURCE_LEAK) /os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list> &, std::tr1::shared_ptr, ThreadPool::TPHandle *)() ** CID 1135933: Resource leak (RESOURCE_LEAK) /os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list> &, std::tr1::shared_ptr, ThreadPool::TPHandle *)() ** CID 1188126: Unchecked return value (CHECKED_RETURN) /test/objectstore/store_test.cc: 564 in SyntheticWorkloadState::stat()() ** CID 1188145: Resource leak (RESOURCE_LEAK) /osd/ReplicatedPG.cc: 5231 in ReplicatedPG::fill_in_copy_get(ReplicatedPG::OpContext *, ceph::buffer::list::iterator &, OSDOp &, std::tr1::shared_ptr &, bool)() ** CID 1188156: Resource leak (RESOURCE_LEAK) /test/librados/c_write_operations.cc: 131 in LibRadosCWriteOps_Exec_Test::TestBody()() /test/librados/c_write_operations.cc: 134 in LibRadosCWriteOps_Exec_Test::TestBody()() /test/librados/c_write_operations.cc: 136 in LibRadosCWriteOps_Exec_Test::TestBody()() /test/librados/c_write_operations.cc: 138 in LibRadosCWriteOps_Exec_Test::TestBody()() /test/librados/c_write_operations.cc: 139 in LibRadosCWriteOps_Exec_Test::TestBody()() ** CID 1160848: Uninitialized scalar variable (UNINIT) /osdc/Objecter.cc: 1519 in Objecter::recalc_op_target(Objecter::Op *)() ** CID 1030132: Uninitialized scalar variable (UNINIT) /mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream, std::allocator> &, ceph::Formatter *, int, std::vector, std::allocator>, std::allocator, std::allocator>>> &) const() /mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream, std::allocator> &, ceph::Formatter *, int, std::vector, std::allocator>, std::allocator, std::allocator>>> &) const() ** CID 1135932: Resource leak (RESOURCE_LEAK) /os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list> &, std::tr1::shared_ptr, ThreadPool::TPHandle *)() *** CID 1188299: Data race condition (MISSING_LOCK) /mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)() 136 137 void MDSUtility::handle_mds_map(MMDSMap* m) 138 { 139 mdsmap->decode(m->get_encoded()); 140 if (waiting_for_mds_map) { 141 waiting_for_mds_map->complete(0); >>> CID 1188299: Data race condition (MISSING_LOCK) >>> Accessing "this->waiting_for_mds_map" >>> ("MDSUtility.waiting_for_mds_map") requires the "Mutex._m" lock. 142 waiting_for_mds_map = NULL; 143 } 144 } 145 146 147 bool MDSUtility::ms_get_authorizer(int dest_type, AuthAuthorizer **authorizer, *** CID 717359: Uninitialized scalar field (UNINIT_CTOR) /rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)() 155 length = NULL; 156 copy_source = NULL; 157 http_auth = NULL; 158 local_source = false; 159 160 obj_ctx = NULL; >>> CID 717359: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "bucket_exists" is not initialized in this >>> constructor nor in any functions that it calls. 161 } 162 163 req_state::~req_state() { 164 delete formatter; 165 delete bucket_acl; 166 delete object_acl; *** CID 1188131: Division or modulo by zero (DIVIDE
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 7 of 13 defect(s) ** CID 1138583: Dereference null return value (NULL_RETURNS) /mds/MDCache.cc: 5074 in MDCache::process_imported_caps()() ** CID 1138584: Dereference null return value (NULL_RETURNS) /mds/Migrator.cc: 2480 in Migrator::import_finish(CDir *, bool, bool)() ** CID 1138585: Dereference null return value (NULL_RETURNS) /mds/Migrator.cc: 2289 in Migrator::import_reverse(CDir *)() ** CID 1138586: Dereference null return value (NULL_RETURNS) /mds/Migrator.cc: 2297 in Migrator::import_reverse(CDir *)() ** CID 1138587: Out-of-bounds access (OVERRUN) /messages/MClientCaps.h: 170 in MClientCaps::decode_payload()() /messages/MClientCaps.h: 170 in MClientCaps::decode_payload()() /messages/MClientCaps.h: 170 in MClientCaps::decode_payload()() ** CID 1138588: Out-of-bounds access (OVERRUN) /messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)() /messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)() /messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)() ** CID 739602: Dereference null return value (NULL_RETURNS) /mds/Server.cc: 707 in Server::reconnect_tick()() To view the defects in Coverity Scan visit, http://scan.coverity.com To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py --- End Message ---
Re: New Defects reported by Coverity Scan for ceph (fwd)
On Mon, Dec 16, 2013 at 6:07 PM, Sage Weil wrote: > > > -- Forwarded message -- > From: scan-ad...@coverity.com > To: undisclosed-recipients:; > Cc: > Date: Mon, 16 Dec 2013 00:57:57 -0800 > Subject: New Defects reported by Coverity Scan for ceph > > > Hi, > > > Please find the latest report on new defect(s) introduced to ceph found with > Coverity Scan. > > Defect(s) Reported-by: Coverity Scan > Showing 4 of 4 defect(s) > > > ** CID 1138366: Resource leak (RESOURCE_LEAK) > /test/librados/tier.cc: 96 in LibRadosMisc_HitSetNone_Test::TestBody()() > /test/librados/tier.cc: 98 in LibRadosMisc_HitSetNone_Test::TestBody()() > /test/librados/tier.cc: 99 in LibRadosMisc_HitSetNone_Test::TestBody()() > > ** CID 1138367: Time of check time of use (TOCTOU) > /rbd.cc: 2024 in do_kernel_rm(const char *)() > > ** CID 1138368: Time of check time of use (TOCTOU) > /rbd.cc: 1735 in do_kernel_add(const char *, const char *, const char *)() Look like these two refer to my recent work on rbd: 2019 const char *fname = "/sys/bus/rbd/remove_single_major"; 2020 if (stat(fname, &sbuf)) { 2021 fname = "/sys/bus/rbd/remove"; 2022 } 2023 2024 int fd = open(fname, O_WRONLY); <--- 2025 if (fd < 0) { This is not a TOCTOU as there is no race here, so technically annotations are in order, but I'll redo it as two open()s instead. Thanks, Ilya -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s) ** CID 1138366: Resource leak (RESOURCE_LEAK) /test/librados/tier.cc: 96 in LibRadosMisc_HitSetNone_Test::TestBody()() /test/librados/tier.cc: 98 in LibRadosMisc_HitSetNone_Test::TestBody()() /test/librados/tier.cc: 99 in LibRadosMisc_HitSetNone_Test::TestBody()() ** CID 1138367: Time of check time of use (TOCTOU) /rbd.cc: 2024 in do_kernel_rm(const char *)() ** CID 1138368: Time of check time of use (TOCTOU) /rbd.cc: 1735 in do_kernel_add(const char *, const char *, const char *)() ** CID 1138369: Uncaught exception (UNCAUGHT_EXCEPT) /test/librados/tier.cc: 369 in main() /test/librados/tier.cc: 369 in main() To view the defects in Coverity Scan visit, http://scan.coverity.com To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py --- End Message ---
New Defects reported by Coverity Scan for ceph (fwd)
Coverity picked up some issues with the filestore code. These are mostly old issues that appear new becuase code moved around, but this is probably a good opportunity to fix them... :) sage--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan Defect(s) Reported-by: Coverity Scan Showing 7 of 9 defects ** CID 1063704: Uninitialized scalar field (UNINIT_CTOR) /os/BtrfsFileStoreBackend.cc: 57 ** CID 1063703: Time of check time of use (TOCTOU) /os/GenericFileStoreBackend.cc: 170 ** CID 1063702: Time of check time of use (TOCTOU) /os/BtrfsFileStoreBackend.cc: 246 ** CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW) /os/BtrfsFileStoreBackend.cc: 458 ** CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW) /os/BtrfsFileStoreBackend.cc: 370 ** CID 1063699: Resource leak (RESOURCE_LEAK) /os/BtrfsFileStoreBackend.cc: 345 ** CID 1063698: Improper use of negative value (NEGATIVE_RETURNS) CID 1063704: Uninitialized scalar field (UNINIT_CTOR) /os/BtrfsFileStoreBackend.h: 25 ( member_decl) 22private: 23 bool has_clone_range; ///< clone range ioctl is supported 24 bool has_snap_create; ///< snap create ioctl is supported >>> Class member declaration for "has_snap_destroy". 25 bool has_snap_destroy; ///< snap destroy ioctl is supported 26 bool has_snap_create_v2;///< snap create v2 ioctl (async!) is supported 27 bool has_wait_sync; ///< wait sync ioctl is supported 28 bool stable_commits; 29 bool m_filestore_btrfs_clone_range; /os/BtrfsFileStoreBackend.cc: 57 ( uninit_member) 54GenericFileStoreBackend(fs), has_clone_range(false), has_snap_create(false), 55has_snap_create_v2(false), has_wait_sync(false), stable_commits(false), 56m_filestore_btrfs_clone_range(g_conf->filestore_btrfs_clone_range), >>> CID 1063704: Uninitialized scalar field (UNINIT_CTOR) >>> Non-static class member "has_snap_destroy" is not initialized in this >>> constructor nor in any functions that it calls. 57m_filestore_btrfs_snap (g_conf->filestore_btrfs_snap) { } 58 59int BtrfsFileStoreBackend::detect_features() 60{ 61 int r; CID 1063703: Time of check time of use (TOCTOU) /os/GenericFileStoreBackend.cc: 170 ( fs_check_call) 167int GenericFileStoreBackend::create_current() 168{ 169 struct stat st; >>> CID 1063703: Time of check time of use (TOCTOU) >>> Calling function "stat(char const *, stat *)" to perform check on >>> "this->get_current_path()->c_str()". 170 int ret = ::stat(get_current_path().c_str(), &st); 171 if (ret == 0) { 172// current/ exists 173if (!S_ISDIR(st.st_mode)) { 174 dout(0) << "_create_current: current/ exists but is not a directory" << dendl; /os/GenericFileStoreBackend.cc: 178 ( toctou) 175 ret = -EINVAL; 176} 177 } else { >>> Calling function "mkdir(char const *, __mode_t)" that uses >>> "this->get_current_path()->c_str()" after a check function. This can cause >>> a time-of-check, time-of-use race condition. 178ret = ::mkdir(get_current_path().c_str(), 0755); 179if (ret < 0) { 180 ret = -errno; 181 dout(0) << "_create_current: mkdir " << get_current_path() << " failed: "<< cpp_strerror(ret) << dendl; 182} CID 1063702: Time of check time of use (TOCTOU) /os/BtrfsFileStoreBackend.cc: 246 ( fs_check_call) 243int BtrfsFileStoreBackend::create_current() 244{ 245 struct stat st; >>> CID 1063702: Time of check time of use (TOCTOU) >>> Calling function "stat(char const *, stat *)" to perform check on >>> "this->get_current_path()->c_str()". 246 int ret = ::stat(get_current_path().c_str(), &st); 247 if (ret == 0) { 248// current/ exists 249if (!S_ISDIR(st.st_mode)) { 250 dout(0) << "create_current: current/ exists but is not a directory" << dendl; /os/BtrfsFileStoreBackend.cc: 288 ( toctou) 285 } 286 287 dout(2) << "create_current: created btrfs subvol " << get_current_path() << dendl; >>> Calling function "chmod(char const *, __mode_t)" that uses >>> "this->get_current_path()->c_str()" after a check function. This can cause >>> a time-of-check, time-of-use race condition. 288 if (::chmod(get_current_path().c_str(), 0755) < 0) { 289ret = -errno; 290dout(0) << "create_current: failed to chmod " << get_current_path() << " to 0755: " 291 << cpp_strerror(ret) << dendl; 292return ret; ___
New Defects reported by Coverity Scan for ceph (fwd)
--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan Defect(s) Reported-by: Coverity Scan ** CID 1057291: Resource leak (RESOURCE_LEAK) /rgw/rgw_rados.cc: 2643 CID 1057291: Resource leak (RESOURCE_LEAK) /rgw/rgw_rados.cc: 2641 ( alloc_arg) 2638 2639RGWRESTStreamWriteRequest *out_stream_req; 2640 >>> "RGWRESTConn::put_obj_init(std::string const &, rgw_obj &, uint64_t, >>> std::map, >>> std::allocator >, ceph::buffer::list, >>> std::less, >>> std::allocator > >, std::allocator>> std::char_traits, std::allocator > const, ceph::buffer::list> > >>> > &, RGWRESTStreamWriteRequest **)" allocates memory that is stored into >>> "out_stream_req". 2641int ret = rest_master_conn->put_obj_init(user_id, dest_obj, astate->size, src_attrs, &out_stream_req); 2642if (ret < 0) 2643 return ret; 2644 2645ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 1, out_stream_req->get_out_cb()); /rgw/rgw_rados.cc: 2643 ( leaked_storage) 2640 2641int ret = rest_master_conn->put_obj_init(user_id, dest_obj, astate->size, src_attrs, &out_stream_req); 2642if (ret < 0) >>> CID 1057291: Resource leak (RESOURCE_LEAK) >>> Variable "out_stream_req" going out of scope leaks the storage it points to. 2643 return ret; 2644 2645ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 1, out_stream_req->get_out_cb()); 2646if (ret < 0) 2647 return ret; To view the defects in Coverity Scan visit, http://scan.coverity.com To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py --- End Message ---
New Defects reported by Coverity Scan for ceph (fwd)
Several new rgw issues from the recent merge...--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan Defect(s) Reported-by: Coverity Scan Showing 7 of 61 defects ** CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE) /rgw/rgw_rest_replica_log.h: 79 ** CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE) /rgw/rgw_rest_replica_log.h: 59 ** CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE) /rgw/rgw_rest_replica_log.h: 39 ** CID 1049249: Missing varargs init or cleanup (VARARGS) /test/librbd/test_librbd.cc: 315 ** CID 1049248: Use after free (USE_AFTER_FREE) /test/test_rgw_admin_log.cc: 782 ** CID 1049247: Use after free (USE_AFTER_FREE) /test/cls_version/test_cls_version.cc: 79 ** CID 1049246: Use after free (USE_AFTER_FREE) /rgw/rgw_rest_s3.cc: 415 CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE) /rgw/rgw_rest_replica_log.h: 79 ( escape) 76string s = "replica"; 77s.append(obj_type); 78s.append("_deletebound"); >>> CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE) >>> The internal representation of "s" escapes, but is destroyed when it exits >>> scope. 79return s.c_str(); 80 } 81}; 82 83class RGWOp_BILog_GetBounds : public RGWRESTOp { CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE) /rgw/rgw_rest_replica_log.h: 59 ( escape) 56string s = "replica"; 57s.append(obj_type); 58s.append("_updatebounds"); >>> CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE) >>> The internal representation of "s" escapes, but is destroyed when it exits >>> scope. 59return s.c_str(); 60 } 61}; 62 63class RGWOp_OBJLog_DeleteBounds : public RGWRESTOp { CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE) /rgw/rgw_rest_replica_log.h: 39 ( escape) 36string s = "replica"; 37s.append(obj_type); 38s.append("_getbounds"); >>> CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE) >>> The internal representation of "s" escapes, but is destroyed when it exits >>> scope. 39return s.c_str(); 40 } 41}; 42 43class RGWOp_OBJLog_SetBounds : public RGWRESTOp { CID 1049249: Missing varargs init or cleanup (VARARGS) /test/librbd/test_librbd.cc: 305 ( va_init) 302cout << "image: " << names[i] << endl; 303 } 304 >>> Initializing va_list "ap". 305 va_start(ap, num_expected); 306 for (i = num_expected; i > 0; i--) { 307char *expected = va_arg(ap, char *); 308cout << "expected = " << expected << endl; 309vector::iterator listed_name = find(names.begin(), names.end(), string(expected)); /test/librbd/test_librbd.cc: 315 ( missing_va_end) 312 } 313 assert(names.empty()); 314 >>> CID 1049249: Missing varargs init or cleanup (VARARGS) >>> va_end was not called for "ap". 315 return num; 316} 317 318TEST(LibRBD, TestCreateLsDeletePP) 319{ CID 1049248: Use after free (USE_AFTER_FREE) /test/test_rgw_admin_log.cc: 750 ( freed_arg) 747 char *bucket_obj = (char *)malloc(TEST_BUCKET_OBJECT_SIZE); 748 ASSERT_TRUE(bucket_obj != NULL); 749 EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, TEST_BUCKET_OBJECT_SIZE), 0); >>> "free(void *)" frees "bucket_obj". 750 free(bucket_obj); 751 sleep(1); 752 ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << start_time; 753 rest_req = ss.str(); 754 g_test->send_request(string("GET"), rest_req); /test/test_rgw_admin_log.cc: 782 ( pass_freed_arg) 779 } 780 781 sleep(1); >>> CID 1049248: Use after free (USE_AFTER_FREE) >>> Passing freed pointer "bucket_obj" as an argument to function >>> "put_bucket_obj(char const *, char *, unsigned int)". 782 EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, TEST_BUCKET_OBJECT_SIZE), 0); 783 sleep(20); 784 ss.str(""); 785 ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << start_time; 786 rest_req = ss.str(); CID 1049247: Use after free (USE_AFTER_FREE) /test/cls_version/test_cls_version.cc: 68 ( freed_arg) 65 ASSERT_GT((long long)ver2.ver, (long long)ver.ver); 66 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag)); 67 >>> "operator delete(void *)
Re: New Defects reported by Coverity Scan for ceph (fwd)
Hi Sage, I believe https://github.com/ceph/ceph/pull/366 fixes the issue. It was introduced by https://github.com/ceph/ceph/commit/b16fdf23e5325623874ee1a02e134f577c5a7dcd#L0R364 which was merged in master yesterday. Cheers On 06/19/2013 09:36 PM, Sage Weil wrote: > Dereferencing iterator "p" though it is already past the end of its container. -- Loïc Dachary, Artisan Logiciel Libre All that is necessary for the triumph of evil is that good people do nothing. signature.asc Description: OpenPGP digital signature
New Defects reported by Coverity Scan for ceph (fwd)
Hi Loic, Do you mind looking at the PGLog.cc iterator issue coverity picked up on? sage--- Begin Message --- Hi, Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan Defect(s) Reported-by: Coverity Scan ** CID 1035577: Resource leak (RESOURCE_LEAK) /test/libcephfs/multiclient.cc: 67 ** CID 1035576: Resource leak (RESOURCE_LEAK) /test/libcephfs/multiclient.cc: 32 ** CID 1035575: Resource leak (RESOURCE_LEAK) /test/libcephfs/multiclient.cc: 27 ** CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR) /osd/PGLog.cc: 369 CID 1035577: Resource leak (RESOURCE_LEAK) /test/libcephfs/multiclient.cc: 67 ( alloc_arg) 64 65TEST(LibCephFS, MulticlientHoleEOF) { 66 struct ceph_mount_info *ca, *cb; >>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is >>> stored into "ca". 67 ASSERT_EQ(ceph_create(&ca, NULL), 0); 68 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL)); 69 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0); 70 ASSERT_EQ(ceph_mount(ca, NULL), 0); 71 /test/libcephfs/multiclient.cc: 67 ( leaked_storage) 64 65TEST(LibCephFS, MulticlientHoleEOF) { 66 struct ceph_mount_info *ca, *cb; >>> CID 1035577: Resource leak (RESOURCE_LEAK) >>> Variable "ca" going out of scope leaks the storage it points to. 67 ASSERT_EQ(ceph_create(&ca, NULL), 0); 68 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL)); 69 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0); 70 ASSERT_EQ(ceph_mount(ca, NULL), 0); 71 CID 1035576: Resource leak (RESOURCE_LEAK) /test/libcephfs/multiclient.cc: 32 ( alloc_arg) 29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0); 30 ASSERT_EQ(ceph_mount(ca, NULL), 0); 31 >>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is >>> stored into "cb". 32 ASSERT_EQ(ceph_create(&cb, NULL), 0); 33 ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL)); 34 ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0); 35 ASSERT_EQ(ceph_mount(cb, NULL), 0); 36 /test/libcephfs/multiclient.cc: 32 ( leaked_storage) 29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0); 30 ASSERT_EQ(ceph_mount(ca, NULL), 0); 31 >>> CID 1035576: Resource leak (RESOURCE_LEAK) >>> Variable "cb" going out of scope leaks the storage it points to. 32 ASSERT_EQ(ceph_create(&cb, NULL), 0); 33 ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL)); 34 ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0); 35 ASSERT_EQ(ceph_mount(cb, NULL), 0); 36 CID 1035575: Resource leak (RESOURCE_LEAK) /test/libcephfs/multiclient.cc: 27 ( alloc_arg) 24 25TEST(LibCephFS, MulticlientSimple) { 26 struct ceph_mount_info *ca, *cb; >>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is >>> stored into "ca". 27 ASSERT_EQ(ceph_create(&ca, NULL), 0); 28 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL)); 29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0); 30 ASSERT_EQ(ceph_mount(ca, NULL), 0); 31 /test/libcephfs/multiclient.cc: 27 ( leaked_storage) 24 25TEST(LibCephFS, MulticlientSimple) { 26 struct ceph_mount_info *ca, *cb; >>> CID 1035575: Resource leak (RESOURCE_LEAK) >>> Variable "ca" going out of scope leaks the storage it points to. 27 ASSERT_EQ(ceph_create(&ca, NULL), 0); 28 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL)); 29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0); 30 ASSERT_EQ(ceph_mount(ca, NULL), 0); 31 CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR) /osd/PGLog.cc: 361 ( past_the_end) 358 dout(10) << "rewind_divergent_log truncate divergent future " << newhead << dendl; 359 assert(newhead > log.tail); 360 >>> Function "end" creates an iterator. 361 list::iterator p = log.log.end(); 362 list divergent; 363 while (true) { 364if (p == log.log.begin()) { 365 // yikes, the whole thing is divergent! /osd/PGLog.cc: 361 ( assign_var) 358 dout(10) << "rewind_divergent_log truncate divergent future " << newhead << dendl; 359 assert(newhead > log.tail); 360 >>> Assigning: "p" = "this->log.log.end()". 361 list::iterator p = log.log.end(); 362 list divergent; 363 while (true) { 364if (p == log.log.begin()) { 365 // yikes, the whole thing is divergent! /osd/PGLog.cc: 369 ( deref_iterator) 366 divergent.swap(log.log); 367 break; 368} >>> CID 1035574: Using invalid iterator (INVALIDATE_I