* New Defects reported by Coverity Scan for ceph
@ 2017-03-23 7:58 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-03-23 7:58 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
18 new defect(s) introduced to ceph found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 18 of 18 defect(s)
** CID 1401434: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/internal.cc: 905 in librbd::clone(librados::IoCtx &, const char *, const char *, librados::IoCtx &, const char *, unsigned long, int *, unsigned long, int)()
________________________________________________________________________________________________________
*** CID 1401434: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/internal.cc: 905 in librbd::clone(librados::IoCtx &, const char *, const char *, librados::IoCtx &, const char *, unsigned long, int *, unsigned long, int)()
899 opts.set(RBD_IMAGE_OPTION_FEATURES, features);
900 opts.set(RBD_IMAGE_OPTION_ORDER, order);
901 opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit);
902 opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count);
903
904 int r = clone(p_ioctx, p_name, p_snap_name, c_ioctx, c_name, opts);
>>> CID 1401434: Error handling issues (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 20 out of 25 times).
905 opts.get(RBD_IMAGE_OPTION_ORDER, &order);
906 *c_order = order;
907 return r;
908 }
909
910 int clone(IoCtx& p_ioctx, const char *p_name, const char *p_snap_name,
** CID 1401436: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 156 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 157 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
________________________________________________________________________________________________________
*** CID 1401436: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 156 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
150 m_features = util::get_rbd_default_features(m_cct);
151 m_negotiate_features = true;
152 }
153
154 uint64_t features_clear = 0;
155 uint64_t features_set = 0;
>>> CID 1401436: (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 20 out of 25 times).
156 image_options.get(RBD_IMAGE_OPTION_FEATURES_CLEAR, &features_clear);
157 image_options.get(RBD_IMAGE_OPTION_FEATURES_SET, &features_set);
158
159 uint64_t features_conflict = features_clear & features_set;
160 features_clear &= ~features_conflict;
161 features_set &= ~features_conflict;
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 157 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
151 m_negotiate_features = true;
152 }
153
154 uint64_t features_clear = 0;
155 uint64_t features_set = 0;
156 image_options.get(RBD_IMAGE_OPTION_FEATURES_CLEAR, &features_clear);
>>> CID 1401436: (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 20 out of 25 times).
157 image_options.get(RBD_IMAGE_OPTION_FEATURES_SET, &features_set);
158
159 uint64_t features_conflict = features_clear & features_set;
160 features_clear &= ~features_conflict;
161 features_set &= ~features_conflict;
162 m_features |= features_set;
** CID 1403241: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 412 in librbd::image::CloneRequest<librbd::ImageCtx>::get_mirror_mode()()
________________________________________________________________________________________________________
*** CID 1403241: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 412 in librbd::image::CloneRequest<librbd::ImageCtx>::get_mirror_mode()()
406 cls_client::mirror_mode_get_start(&op);
407
408 using klass = CloneRequest<I>;
409 librados::AioCompletion *comp =
410 create_rados_callback<klass, &klass::handle_get_mirror_mode>(this);
411 m_out_bl.clear();
>>> CID 1403241: Error handling issues (CHECKED_RETURN)
>>> Calling "aio_operate" without checking return value (as is done elsewhere 56 out of 68 times).
412 m_imctx->md_ctx.aio_operate(RBD_MIRRORING,
413 comp, &op, &m_out_bl);
414 comp->release();
415 }
416
417 template <typename I>
** CID 1403242: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 343 in librbd::image::CloneRequest<librbd::ImageCtx>::send_metadata_list()()
________________________________________________________________________________________________________
*** CID 1403242: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 343 in librbd::image::CloneRequest<librbd::ImageCtx>::send_metadata_list()()
337 cls_client::metadata_list_start(&op, "", 0);
338
339 using klass = CloneRequest<I>;
340 librados::AioCompletion *comp =
341 create_rados_callback<klass, &klass::handle_metadata_list>(this);
342 m_out_bl.clear();
>>> CID 1403242: Error handling issues (CHECKED_RETURN)
>>> Calling "aio_operate" without checking return value (as is done elsewhere 56 out of 68 times).
343 m_p_imctx->md_ctx.aio_operate(m_p_imctx->header_oid,
344 comp, &op, &m_out_bl);
345 comp->release();
346 }
347
348 template <typename I>
** CID 1403243: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 66 in librbd::image::CloneRequest<librbd::ImageCtx>::validate_options()()
________________________________________________________________________________________________________
*** CID 1403243: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 66 in librbd::image::CloneRequest<librbd::ImageCtx>::validate_options()()
60
61 template <typename I>
62 void CloneRequest<I>::validate_options() {
63 ldout(m_cct, 20) << this << " " << __func__ << dendl;
64
65 uint64_t format = 0;
>>> CID 1403243: Error handling issues (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 20 out of 25 times).
66 m_opts.get(RBD_IMAGE_OPTION_FORMAT, &format);
67 if (format < 2) {
68 lderr(m_cct) << "format 2 or later required for clone" << dendl;
69 return complete(-EINVAL);
70 }
71
** CID 1403244: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/osd/PGLog.cc: 141 in PGLog::proc_replica_log(pg_info_t &, const pg_log_t &, pg_missing_set<(bool)0> &, pg_shard_t) const()
________________________________________________________________________________________________________
*** CID 1403244: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/osd/PGLog.cc: 141 in PGLog::proc_replica_log(pg_info_t &, const pg_log_t &, pg_missing_set<(bool)0> &, pg_shard_t) const()
135 pg_missing_t& omissing,
136 pg_shard_t from) const
137 {
138 dout(10) << "proc_replica_log for osd." << from << ": "
139 << oinfo << " " << olog << " " << omissing << dendl;
140
>>> CID 1403244: Incorrect expression (COPY_PASTE_ERROR)
>>> "head" in "olog.head" looks like a copy-paste error.
141 if (olog.head < log.tail) {
142 dout(10) << __func__ << ": osd." << from << " does not overlap, not looking "
143 << "for divergent objects" << dendl;
144 return;
145 }
146 if (olog.head == log.head) {
** CID 1403245: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI32bluestore_deferred_transaction_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1403245: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI32bluestore_deferred_transaction_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1403245: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1403246: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI23bluestore_deferred_op_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1403246: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI23bluestore_deferred_op_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1403246: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1403247: Concurrent data access violations (MISSING_LOCK)
/usr/include/c++/6.2.1/bits/std_mutex.h: 340 in std::unique_lock<std::recursive_mutex>::release()()
________________________________________________________________________________________________________
*** CID 1403247: Concurrent data access violations (MISSING_LOCK)
/usr/include/c++/6.2.1/bits/std_mutex.h: 340 in std::unique_lock<std::recursive_mutex>::release()()
334
335 mutex_type*
336 release() noexcept
337 {
338 mutex_type* __ret = _M_device;
339 _M_device = 0;
>>> CID 1403247: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->_M_owns" without holding lock "std::unique_lock<std::recursive_mutex>._M_device". Elsewhere, "_ZSt11unique_lockISt15recursive_mutexE._M_owns" is accessed with "std::unique_lock<std::recursive_mutex>._M_device" held 2 out of 3 times (2 of these accesses strongly imply that it is necessary).
340 _M_owns = false;
341 return __ret;
342 }
343
344 bool
345 owns_lock() const noexcept
** CID 1403248: Program hangs (SLEEP)
/home/brad/working/src/ceph/src/os/bluestore/KernelDevice.cc: 208 in KernelDevice::flush()()
________________________________________________________________________________________________________
*** CID 1403248: Program hangs (SLEEP)
/home/brad/working/src/ceph/src/os/bluestore/KernelDevice.cc: 208 in KernelDevice::flush()()
202 dout(10) << __func__ << " start" << dendl;
203 if (cct->_conf->bdev_inject_crash) {
204 ++injecting_crash;
205 // sleep for a moment to give other threads a chance to submit or
206 // wait on io that races with a flush.
207 derr << __func__ << " injecting crash. first we sleep..." << dendl;
>>> CID 1403248: Program hangs (SLEEP)
>>> Call to "sleep" might sleep while holding lock "this->flush_mutex".
208 sleep(cct->_conf->bdev_inject_crash_flush_delay);
209 derr << __func__ << " and now we die" << dendl;
210 cct->_log->flush();
211 _exit(1);
212 }
213 utime_t start = ceph_clock_now();
** CID 1403249: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 324 in librbd::image::CloneRequest<librbd::ImageCtx>::handle_refresh(int)()
________________________________________________________________________________________________________
*** CID 1403249: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 324 in librbd::image::CloneRequest<librbd::ImageCtx>::handle_refresh(int)()
318 if (r == 0) {
319 m_p_imctx->snap_lock.get_read();
320 r = m_p_imctx->is_snap_protected(m_p_imctx->snap_id, &snap_protected);
321 m_p_imctx->snap_lock.put_read();
322 }
323
>>> CID 1403249: Uninitialized variables (UNINIT)
>>> Using uninitialized value "snap_protected".
324 if (r < 0 || !snap_protected) {
325 m_r_saved = -EINVAL;
326 return send_close();
327 }
328
329 send_metadata_list();
** CID 1403250: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/KernelDevice.cc: 48 in KernelDevice::KernelDevice(CephContext *, void (*)(void *, void *), void *)()
________________________________________________________________________________________________________
*** CID 1403250: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/KernelDevice.cc: 48 in KernelDevice::KernelDevice(CephContext *, void (*)(void *, void *), void *)()
42 aio_callback(cb),
43 aio_callback_priv(cbpriv),
44 aio_stop(false),
45 aio_thread(this),
46 injecting_crash(0)
47 {
>>> CID 1403250: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "io_since_flush._M_base" is not initialized in this constructor nor in any functions that it calls.
48 }
49
50 int KernelDevice::_lock()
51 {
52 struct flock l;
53 memset(&l, 0, sizeof(l));
** CID 1403251: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotUnprotectRequest.cc: 159 in librbd::operation::SnapshotUnprotectRequest<librbd::MockImageCtx>::SnapshotUnprotectRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
/home/brad/working/src/ceph/src/librbd/operation/SnapshotUnprotectRequest.cc: 159 in librbd::operation::SnapshotUnprotectRequest<librbd::ImageCtx>::SnapshotUnprotectRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1403251: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotUnprotectRequest.cc: 159 in librbd::operation::SnapshotUnprotectRequest<librbd::MockImageCtx>::SnapshotUnprotectRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
153 SnapshotUnprotectRequest<I>::SnapshotUnprotectRequest(I &image_ctx,
154 Context *on_finish,
155 const cls::rbd::SnapshotNamespace &snap_namespace,
156 const std::string &snap_name)
157 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace),
158 m_snap_name(snap_name), m_ret_val(0), m_snap_id(CEPH_NOSNAP) {
>>> CID 1403251: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
159 }
160
161 template <typename I>
162 void SnapshotUnprotectRequest<I>::send_op() {
163 send_unprotect_snap_start();
164 }
/home/brad/working/src/ceph/src/librbd/operation/SnapshotUnprotectRequest.cc: 159 in librbd::operation::SnapshotUnprotectRequest<librbd::ImageCtx>::SnapshotUnprotectRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
153 SnapshotUnprotectRequest<I>::SnapshotUnprotectRequest(I &image_ctx,
154 Context *on_finish,
155 const cls::rbd::SnapshotNamespace &snap_namespace,
156 const std::string &snap_name)
157 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace),
158 m_snap_name(snap_name), m_ret_val(0), m_snap_id(CEPH_NOSNAP) {
>>> CID 1403251: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
159 }
160
161 template <typename I>
162 void SnapshotUnprotectRequest<I>::send_op() {
163 send_unprotect_snap_start();
164 }
** CID 1403252: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::MockImageCtx>::SnapshotRemoveRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::ImageCtx>::SnapshotRemoveRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
________________________________________________________________________________________________________
*** CID 1403252: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::MockImageCtx>::SnapshotRemoveRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
50 Context *on_finish,
51 const cls::rbd::SnapshotNamespace &snap_namespace,
52 const std::string &snap_name,
53 uint64_t snap_id)
54 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace),
55 m_snap_name(snap_name), m_snap_id(snap_id) {
>>> CID 1403252: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
56 }
57
58 template <typename I>
59 void SnapshotRemoveRequest<I>::send_op() {
60 send_remove_object_map();
61 }
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::ImageCtx>::SnapshotRemoveRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
50 Context *on_finish,
51 const cls::rbd::SnapshotNamespace &snap_namespace,
52 const std::string &snap_name,
53 uint64_t snap_id)
54 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace),
55 m_snap_name(snap_name), m_snap_id(snap_id) {
>>> CID 1403252: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
56 }
57
58 template <typename I>
59 void SnapshotRemoveRequest<I>::send_op() {
60 send_remove_object_map();
61 }
** CID 1403253: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::MockImageCtx>::SnapshotProtectRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::ImageCtx>::SnapshotProtectRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1403253: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::MockImageCtx>::SnapshotProtectRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
31 template <typename I>
32 SnapshotProtectRequest<I>::SnapshotProtectRequest(I &image_ctx,
33 Context *on_finish,
34 const cls::rbd::SnapshotNamespace &snap_namespace,
35 const std::string &snap_name)
36 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace), m_snap_name(snap_name) {
>>> CID 1403253: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
37 }
38
39 template <typename I>
40 void SnapshotProtectRequest<I>::send_op() {
41 send_protect_snap();
42 }
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::ImageCtx>::SnapshotProtectRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
31 template <typename I>
32 SnapshotProtectRequest<I>::SnapshotProtectRequest(I &image_ctx,
33 Context *on_finish,
34 const cls::rbd::SnapshotNamespace &snap_namespace,
35 const std::string &snap_name)
36 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace), m_snap_name(snap_name) {
>>> CID 1403253: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
37 }
38
39 template <typename I>
40 void SnapshotProtectRequest<I>::send_op() {
41 send_protect_snap();
42 }
** CID 1403254: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::MockImageCtx>::SnapshotCreateRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::ImageCtx>::SnapshotCreateRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
________________________________________________________________________________________________________
*** CID 1403254: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::MockImageCtx>::SnapshotCreateRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
29 const std::string &snap_name,
30 uint64_t journal_op_tid,
31 bool skip_object_map)
32 : Request<I>(image_ctx, on_finish, journal_op_tid),
33 m_snap_namespace(snap_namespace), m_snap_name(snap_name),
34 m_skip_object_map(skip_object_map), m_ret_val(0), m_snap_id(CEPH_NOSNAP) {
>>> CID 1403254: (UNINIT_CTOR)
>>> Non-static class member "m_size" is not initialized in this constructor nor in any functions that it calls.
35 }
36
37 template <typename I>
38 void SnapshotCreateRequest<I>::send_op() {
39 send_suspend_requests();
40 }
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::ImageCtx>::SnapshotCreateRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
29 const std::string &snap_name,
30 uint64_t journal_op_tid,
31 bool skip_object_map)
32 : Request<I>(image_ctx, on_finish, journal_op_tid),
33 m_snap_namespace(snap_namespace), m_snap_name(snap_name),
34 m_skip_object_map(skip_object_map), m_ret_val(0), m_snap_id(CEPH_NOSNAP) {
>>> CID 1403254: (UNINIT_CTOR)
>>> Non-static class member "m_size" is not initialized in this constructor nor in any functions that it calls.
35 }
36
37 template <typename I>
38 void SnapshotCreateRequest<I>::send_op() {
39 send_suspend_requests();
40 }
** CID 1403255: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 303 in rbd::mirror::ImageReplayer<librbd::ImageCtx>::ImageReplayer(rbd::mirror::Threads<librbd::ImageCtx> *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::ImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 303 in rbd::mirror::ImageReplayer<librbd::<unnamed>::MockTestImageCtx>::ImageReplayer(rbd::mirror::Threads<librbd::ImageCtx> *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::<unnamed>::MockTestImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1403255: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 303 in rbd::mirror::ImageReplayer<librbd::ImageCtx>::ImageReplayer(rbd::mirror::Threads<librbd::ImageCtx> *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::ImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
297 }
298
299 m_name = pool_name + "/" + m_global_image_id;
300 dout(20) << "registered asok hook: " << m_name << dendl;
301 m_asok_hook = new ImageReplayerAdminSocketHook<I>(g_ceph_context, m_name,
302 this);
>>> CID 1403255: (UNINIT_CTOR)
>>> Non-static class member "m_do_resync" is not initialized in this constructor nor in any functions that it calls.
303 }
304
305 template <typename I>
306 ImageReplayer<I>::~ImageReplayer()
307 {
308 assert(m_event_preprocessor == nullptr);
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 303 in rbd::mirror::ImageReplayer<librbd::<unnamed>::MockTestImageCtx>::ImageReplayer(rbd::mirror::Threads<librbd::ImageCtx> *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::<unnamed>::MockTestImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
297 }
298
299 m_name = pool_name + "/" + m_global_image_id;
300 dout(20) << "registered asok hook: " << m_name << dendl;
301 m_asok_hook = new ImageReplayerAdminSocketHook<I>(g_ceph_context, m_name,
302 this);
>>> CID 1403255: (UNINIT_CTOR)
>>> Non-static class member "m_do_resync" is not initialized in this constructor nor in any functions that it calls.
303 }
304
305 template <typename I>
306 ImageReplayer<I>::~ImageReplayer()
307 {
308 assert(m_event_preprocessor == nullptr);
** CID 1403256: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 52 in librbd::image::CloneRequest<librbd::ImageCtx>::CloneRequest(librbd::ImageCtx *, librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librbd::ImageOptions, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ContextWQ *, Context *)()
________________________________________________________________________________________________________
*** CID 1403256: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 52 in librbd::image::CloneRequest<librbd::ImageCtx>::CloneRequest(librbd::ImageCtx *, librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librbd::ImageOptions, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ContextWQ *, Context *)()
46 m_opts.set(RBD_IMAGE_OPTION_FORMAT, static_cast<uint64_t>(2));
47 }
48
49 ldout(m_cct, 20) << "clone " << &m_p_imctx->md_ctx << " name " << m_p_imctx->name
50 << " snap " << m_p_imctx->snap_name << " to child " << &m_ioctx
51 << " name " << m_name << " opts = " << &m_opts << dendl;
>>> CID 1403256: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_force_non_primary" is not initialized in this constructor nor in any functions that it calls.
52 return;
53 }
54
55 template <typename I>
56 void CloneRequest<I>::send() {
57 ldout(m_cct, 20) << this << " " << __func__ << dendl;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GuxiXIDzB9wYnV1qJnKgnNTWe101tX7f4On-2BUcpPsgauX-2F1QxOBhz7Hs95AjKEPItoBZVOVmwIUKkQ0mU7dlm58Ya6jXjshb3ngf1-2FgNDGxpB67C9ncFTBcmxWEEo6Mwf5czP4d91NEl80NmFJZMjjAW66G9KQcpg7WO2RNcs9yOia8Y0Hf98e4-2BstHZebfCc-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GuxiXIDzB9wYnV1qJnKgnNTWe101tX7f4On-2BUcpPsgagAsjKHMT62nib0JrWIE2LyWZWd02f3PvUIU0NglY8yMRTMPSE6KqdX84lxdsqCjP9QuH3wYPr4dERg5cc0j7QdiWcy8tNtxmeWyoZG3Tn-2Bj-2BQOEWNX8Y5E37mm1D5pZcTVlzu4FCV00-2FmBf0Ot9mzY-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2022-08-22 3:54 ` Brad Hubbard
@ 2022-08-23 12:52 ` Jeff Layton
0 siblings, 0 replies; 124+ messages in thread
From: Jeff Layton @ 2022-08-23 12:52 UTC (permalink / raw)
To: Brad Hubbard; +Cc: dev, ceph-devel
On Mon, 2022-08-22 at 13:54 +1000, Brad Hubbard wrote:
> On Sat, Aug 20, 2022 at 11:19 PM Jeff Layton <jlayton@kernel.org> wrote:
> >
> > This mailing list is for the ceph kernel client, but the report below is
> > for the userland ceph project. Can you change where these alerts get
> > mailed to dev@ceph.io?
>
> Sorry Jeff,
>
> I'm pretty sure I've changed this but let me know if you get anything else.
No problem. I just want to make sure that the right eyeballs see these.
--
Jeff Layton <jlayton@kernel.org>
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2022-08-20 13:17 ` Jeff Layton
@ 2022-08-22 3:54 ` Brad Hubbard
2022-08-23 12:52 ` Jeff Layton
0 siblings, 1 reply; 124+ messages in thread
From: Brad Hubbard @ 2022-08-22 3:54 UTC (permalink / raw)
To: Jeff Layton; +Cc: dev, ceph-devel
On Sat, Aug 20, 2022 at 11:19 PM Jeff Layton <jlayton@kernel.org> wrote:
>
> This mailing list is for the ceph kernel client, but the report below is
> for the userland ceph project. Can you change where these alerts get
> mailed to dev@ceph.io?
Sorry Jeff,
I'm pretty sure I've changed this but let me know if you get anything else.
>
> Thanks,
> Jeff
>
> On Sat, 2022-08-20 at 12:22 +0000, scan-admin@coverity.com wrote:
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
> >
> > 293 new defect(s) introduced to ceph found with Coverity Scan.
> > 2803 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
> >
> > New defect(s) Reported-by: Coverity Scan
> > Showing 20 of 293 defect(s)
> >
> >
> > ** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
> > /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
> > /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
> > 1035 a.set_type(entity_addr_t::TYPE_MSGR2); // anything but NONE; learned_addr ignores this
> > 1036 a.set_port(0);
> > 1037 connection->lock.unlock();
> > 1038 messenger->learned_addr(a);
> > 1039 if (cct->_conf->ms_inject_internal_delays &&
> > 1040 cct->_conf->ms_inject_socket_failures) {
> > > > > CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
> > > > > "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
> > 1041 if (rand() % cct->_conf->ms_inject_socket_failures == 0) {
> > 1042 ldout(cct, 10) << __func__ << " sleep for "
> > 1043 << cct->_conf->ms_inject_internal_delays << dendl;
> > 1044 utime_t t;
> > 1045 t.set_from_double(cct->_conf->ms_inject_internal_delays);
> > 1046 t.sleep();
> >
> > ** CID 1509768: Control flow issues (UNREACHABLE)
> > /src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509768: Control flow issues (UNREACHABLE)
> > /src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
> > 30838 * if name]
> > 30839 * finally:
> > 30840 * free(c_names) # <<<<<<<<<<<<<<
> > 30841 *
> > 30842 * def group_rename(self, ioctx, src, dest):
> > 30843 */
> > > > > CID 1509768: Control flow issues (UNREACHABLE)
> > > > > This code cannot be reached: "{
> > __pyx_L4_error:
> > ;
> > {...".
> > 30844 /*finally:*/ {
> > 30845 __pyx_L4_error:;
> > 30846 /*exception exit:*/{
> > 30847 __Pyx_PyThreadState_declare
> > 30848 __Pyx_PyThreadState_assign
> > 30849 __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0; __pyx_t_20 = 0;
> >
> > ** CID 1509767: (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509767: (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> > 542 * something for multiple seconds without calling into the VFS (where we could
> > 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> > 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> > 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> > 546 */
> > > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> > 547 void SimpleRADOSStriper::lock_keeper_main(void)
> > 548 {
> > 549 d(20) << dendl;
> > 550 const auto ext = get_first_extent();
> > 551 while (!shutdown) {
> > 552 d(20) << "tick" << dendl;
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> > 542 * something for multiple seconds without calling into the VFS (where we could
> > 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> > 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> > 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> > 546 */
> > > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> > 547 void SimpleRADOSStriper::lock_keeper_main(void)
> > 548 {
> > 549 d(20) << dendl;
> > 550 const auto ext = get_first_extent();
> > 551 while (!shutdown) {
> > 552 d(20) << "tick" << dendl;
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> > 542 * something for multiple seconds without calling into the VFS (where we could
> > 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> > 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> > 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> > 546 */
> > > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> > 547 void SimpleRADOSStriper::lock_keeper_main(void)
> > 548 {
> > 549 d(20) << dendl;
> > 550 const auto ext = get_first_extent();
> > 551 while (!shutdown) {
> > 552 d(20) << "tick" << dendl;
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> > 542 * something for multiple seconds without calling into the VFS (where we could
> > 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> > 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> > 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> > 546 */
> > > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> > 547 void SimpleRADOSStriper::lock_keeper_main(void)
> > 548 {
> > 549 d(20) << dendl;
> > 550 const auto ext = get_first_extent();
> > 551 while (!shutdown) {
> > 552 d(20) << "tick" << dendl;
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> > 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> > 542 * something for multiple seconds without calling into the VFS (where we could
> > 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> > 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> > 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> > 546 */
> > > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> > 547 void SimpleRADOSStriper::lock_keeper_main(void)
> > 548 {
> > 549 d(20) << dendl;
> > 550 const auto ext = get_first_extent();
> > 551 while (!shutdown) {
> > 552 d(20) << "tick" << dendl;
> >
> > ** CID 1509766: Uninitialized members (UNINIT_CTOR)
> > /home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509766: Uninitialized members (UNINIT_CTOR)
> > /home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
> > 26 inodeno_t get_ino() const { return ino; }
> > 27 int get_snap_op() const { return snap_op; }
> > 28
> > 29 ceph::buffer::list snap_blob;
> > 30
> > 31 protected:
> > > > > CID 1509766: Uninitialized members (UNINIT_CTOR)
> > > > > Non-static class member "snap_op" is not initialized in this constructor nor in any functions that it calls.
> > 32 MMDSSnapUpdate() : MMDSOp{MSG_MDS_SNAPUPDATE} {}
> > 33 MMDSSnapUpdate(inodeno_t i, version_t tid, int op) :
> > 34 MMDSOp{MSG_MDS_SNAPUPDATE}, ino(i), snap_op(op) {
> > 35 set_tid(tid);
> > 36 }
> > 37 ~MMDSSnapUpdate() final {}
> >
> > ** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
> > /home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
> > /home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
> > 928 break;
> > 929 case JSONFormattable::FMT_ARRAY:
> > 930 ::encode_json(name, arr, f);
> > 931 break;
> > 932 case JSONFormattable::FMT_OBJ:
> > 933 f->open_object_section(name);
> > > > > CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
> > > > > Using the "auto" keyword without an "&" causes the copy of an object of type pair.
> > 934 for (auto iter : obj) {
> > 935 ::encode_json(iter.first.c_str(), iter.second, f);
> > 936 }
> > 937 f->close_section();
> > 938 break;
> > 939 case JSONFormattable::FMT_NONE:
> >
> > ** CID 1509764: Concurrent data access violations (MISSING_LOCK)
> > /home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509764: Concurrent data access violations (MISSING_LOCK)
> > /home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
> > 87 }
> > 88 // If we are exiting, we signal the thread waiting in stop(),
> > 89 // otherwise it would never unblock
> > 90 finisher_empty_cond.notify_all();
> > 91
> > 92 ldout(cct, 10) << "finisher_thread stop" << dendl;
> > > > > CID 1509764: Concurrent data access violations (MISSING_LOCK)
> > > > > Accessing "this->finisher_stop" without holding lock "ceph::mutex_debug_detail::mutex_debug_impl<false>.m". Elsewhere, "Finisher.finisher_stop" is accessed with "mutex_debug_impl.m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
> > 93 finisher_stop = false;
> > 94 return 0;
> >
> > ** CID 1509763: (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> > /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509763: (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> > 1249 delete cq;
> > 1250 return NULL;
> > 1251 }
> > 1252 return cq;
> > 1253 }
> > 1254
> > > > > CID 1509763: (UNCAUGHT_EXCEPT)
> > > > > An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> > 1255 Infiniband::QueuePair::~QueuePair()
> > 1256 {
> > 1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
> > 1258 if (qp) {
> > 1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
> > 1260 ceph_assert(!ibv_destroy_qp(qp));
> > /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> > 1249 delete cq;
> > 1250 return NULL;
> > 1251 }
> > 1252 return cq;
> > 1253 }
> > 1254
> > > > > CID 1509763: (UNCAUGHT_EXCEPT)
> > > > > An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> > 1255 Infiniband::QueuePair::~QueuePair()
> > 1256 {
> > 1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
> > 1258 if (qp) {
> > 1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
> > 1260 ceph_assert(!ibv_destroy_qp(qp));
> >
> > ** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> > 1249 delete cq;
> > 1250 return NULL;
> > 1251 }
> > 1252 return cq;
> > 1253 }
> > 1254
> > > > > CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
> > > > > An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> > 1255 Infiniband::QueuePair::~QueuePair()
> > 1256 {
> > 1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
> > 1258 if (qp) {
> > 1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
> > 1260 ceph_assert(!ibv_destroy_qp(qp));
> >
> > ** CID 1509761: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509761: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
> > 56258 __Pyx_RaiseArgtupleInvalid("watch", 0, 2, 4, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3314, __pyx_L3_error)
> > 56259 __pyx_L3_error:;
> > 56260 __Pyx_AddTraceback("rados.Ioctx.watch", __pyx_clineno, __pyx_lineno, __pyx_filename);
> > 56261 __Pyx_RefNannyFinishContext();
> > 56262 return NULL;
> > 56263 __pyx_L4_argument_unpacking_done:;
> > > > > CID 1509761: Error handling issues (CHECKED_RETURN)
> > > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
> > 56264 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_obj), (&PyUnicode_Type), 1, "obj", 1))) __PYX_ERR(0, 3314, __pyx_L1_error)
> > 56265 __pyx_r = __pyx_pf_5rados_5Ioctx_86watch(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_obj, __pyx_v_callback, __pyx_v_error_callback, __pyx_v_timeout);
> > 56266
> > 56267 /* "rados.pyx":3314
> > 56268 * return completion
> > 56269 *
> >
> > ** CID 1509760: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509760: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
> > 47058 __Pyx_RaiseArgtupleInvalid("aio_remove", 0, 1, 3, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 2640, __pyx_L3_error)
> > 47059 __pyx_L3_error:;
> > 47060 __Pyx_AddTraceback("rados.Ioctx.aio_remove", __pyx_clineno, __pyx_lineno, __pyx_filename);
> > 47061 __Pyx_RefNannyFinishContext();
> > 47062 return NULL;
> > 47063 __pyx_L4_argument_unpacking_done:;
> > > > > CID 1509760: Error handling issues (CHECKED_RETURN)
> > > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
> > 47064 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_object_name), (&PyUnicode_Type), 1, "object_name", 1))) __PYX_ERR(0, 2640, __pyx_L1_error)
> > 47065 __pyx_r = __pyx_pf_5rados_5Ioctx_36aio_remove(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_object_name, __pyx_v_oncomplete, __pyx_v_onsafe);
> > 47066
> > 47067 /* "rados.pyx":2640
> > 47068 * return completion
> > 47069 *
> >
> > ** CID 1509759: Program hangs (SLEEP)
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509759: Program hangs (SLEEP)
> > /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
> > 697 } else if (rc == -EBUSY) {
> > 698 if ((slept % 500000) == 0) {
> > 699 d(-1) << "waiting for locks: ";
> > 700 print_lockers(*_dout);
> > 701 *_dout << dendl;
> > 702 }
> > > > > CID 1509759: Program hangs (SLEEP)
> > > > > Call to "usleep" might sleep while holding lock "lock._M_device".
> > 703 usleep(5000);
> > 704 slept += 5000;
> > 705 continue;
> > 706 } else if (rc == -ECANCELED) {
> > 707 /* CMPXATTR failed, a locker didn't cleanup. Try to recover! */
> > 708 if (rc = recover_lock(); rc < 0) {
> >
> > ** CID 1509758: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509758: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
> > 81562 __Pyx_RaiseArgtupleInvalid("__init__", 1, 1, 1, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 5773, __pyx_L3_error)
> > 81563 __pyx_L3_error:;
> > 81564 __Pyx_AddTraceback("rbd.GroupSnapIterator.__init__", __pyx_clineno, __pyx_lineno, __pyx_filename);
> > 81565 __Pyx_RefNannyFinishContext();
> > 81566 return -1;
> > 81567 __pyx_L4_argument_unpacking_done:;
> > > > > CID 1509758: Error handling issues (CHECKED_RETURN)
> > > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 8 out of 8 times).
> > 81568 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_group), __pyx_ptype_3rbd_Group, 1, "group", 0))) __PYX_ERR(0, 5773, __pyx_L1_error)
> > 81569 __pyx_r = __pyx_pf_3rbd_17GroupSnapIterator___init__(((struct __pyx_obj_3rbd_GroupSnapIterator *)__pyx_v_self), __pyx_v_group);
> > 81570
> > 81571 /* function exit code */
> > 81572 goto __pyx_L0;
> > 81573 __pyx_L1_error:;
> >
> > ** CID 1509757: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509757: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
> > 47521 int __pyx_lineno = 0;
> > 47522 const char *__pyx_filename = NULL;
> > 47523 int __pyx_clineno = 0;
> > 47524 PyObject *__pyx_r = 0;
> > 47525 __Pyx_RefNannyDeclarations
> > 47526 __Pyx_RefNannySetupContext("set_locator_key (wrapper)", 0);
> > > > > CID 1509757: Error handling issues (CHECKED_RETURN)
> > > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
> > 47527 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_loc_key), (&PyUnicode_Type), 1, "loc_key", 1))) __PYX_ERR(0, 2680, __pyx_L1_error)
> > 47528 __pyx_r = __pyx_pf_5rados_5Ioctx_40set_locator_key(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), ((PyObject*)__pyx_v_loc_key));
> > 47529
> > 47530 /* function exit code */
> > 47531 goto __pyx_L0;
> > 47532 __pyx_L1_error:;
> >
> > ** CID 1509756: (CHECKED_RETURN)
> > /src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
> > /src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
> > /src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
> > /src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509756: (CHECKED_RETURN)
> > /src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
> > 29526 char_pos = 0;
> > 29527 for (i=0; i < value_count; i++) {
> > 29528 int ukind;
> > 29529 Py_ssize_t ulength;
> > 29530 void *udata;
> > 29531 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > > CID 1509756: (CHECKED_RETURN)
> > > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> > 29532 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> > 29533 goto bad;
> > 29534 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> > 29535 if (unlikely(!ulength))
> > 29536 continue;
> > 29537 if (unlikely(char_pos + ulength < 0))
> > /src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
> > 44808 char_pos = 0;
> > 44809 for (i=0; i < value_count; i++) {
> > 44810 int ukind;
> > 44811 Py_ssize_t ulength;
> > 44812 void *udata;
> > 44813 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > > CID 1509756: (CHECKED_RETURN)
> > > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> > 44814 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> > 44815 goto bad;
> > 44816 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> > 44817 if (unlikely(!ulength))
> > 44818 continue;
> > 44819 if (unlikely(char_pos + ulength < 0))
> > /src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
> > 99750 char_pos = 0;
> > 99751 for (i=0; i < value_count; i++) {
> > 99752 int ukind;
> > 99753 Py_ssize_t ulength;
> > 99754 void *udata;
> > 99755 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > > CID 1509756: (CHECKED_RETURN)
> > > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> > 99756 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> > 99757 goto bad;
> > 99758 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> > 99759 if (unlikely(!ulength))
> > 99760 continue;
> > 99761 if (unlikely(char_pos + ulength < 0))
> > /src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
> > 89355 char_pos = 0;
> > 89356 for (i=0; i < value_count; i++) {
> > 89357 int ukind;
> > 89358 Py_ssize_t ulength;
> > 89359 void *udata;
> > 89360 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > > CID 1509756: (CHECKED_RETURN)
> > > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> > 89361 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> > 89362 goto bad;
> > 89363 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> > 89364 if (unlikely(!ulength))
> > 89365 continue;
> > 89366 if (unlikely(char_pos + ulength < 0))
> >
> > ** CID 1509755: Control flow issues (UNREACHABLE)
> > /src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509755: Control flow issues (UNREACHABLE)
> > /src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
> > 72239 * }
> > 72240 * finally:
> > 72241 * free(_name) # <<<<<<<<<<<<<<
> > 72242 *
> > 72243 * @requires_not_closed
> > 72244 */
> > > > > CID 1509755: Control flow issues (UNREACHABLE)
> > > > > This code cannot be reached: "{
> > __pyx_L4_error:
> > ;
> > {...".
> > 72245 /*finally:*/ {
> > 72246 __pyx_L4_error:;
> > 72247 /*exception exit:*/{
> > 72248 __Pyx_PyThreadState_declare
> > 72249 __Pyx_PyThreadState_assign
> > 72250 __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0;
> >
> > ** CID 1509754: Uninitialized members (UNINIT_CTOR)
> > /home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509754: Uninitialized members (UNINIT_CTOR)
> > /home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
> > 13 static constexpr int COMPAT_VERSION = 1;
> > 14 public:
> > 15 version_t seq;
> > 16
> > 17 protected:
> > 18 MMDSPing() : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION) {
> > > > > CID 1509754: Uninitialized members (UNINIT_CTOR)
> > > > > Non-static class member "seq" is not initialized in this constructor nor in any functions that it calls.
> > 19 }
> > 20 MMDSPing(version_t seq)
> > 21 : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION), seq(seq) {
> > 22 }
> > 23 ~MMDSPing() final {}
> > 24
> >
> > ** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
> > 4999 Dispatcher(cct), messenger(m), monc(mc), service(service)
> > 5000 {
> > 5001 mon_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_mon_op_timeout");
> > 5002 osd_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_osd_op_timeout");
> > 5003 }
> > 5004
> > > > > CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
> > > > > An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> > 5005 Objecter::~Objecter()
> > 5006 {
> > 5007 ceph_assert(homeless_session->get_nref() == 1);
> > 5008 ceph_assert(num_homeless_ops == 0);
> > 5009 homeless_session->put();
> > 5010
> >
> > ** CID 1509752: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509752: Error handling issues (CHECKED_RETURN)
> > /src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
> > 63063 __Pyx_RaiseArgtupleInvalid("remove_omap_keys", 1, 2, 2, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3821, __pyx_L3_error)
> > 63064 __pyx_L3_error:;
> > 63065 __Pyx_AddTraceback("rados.Ioctx.remove_omap_keys", __pyx_clineno, __pyx_lineno, __pyx_filename);
> > 63066 __Pyx_RefNannyFinishContext();
> > 63067 return NULL;
> > 63068 __pyx_L4_argument_unpacking_done:;
> > > > > CID 1509752: Error handling issues (CHECKED_RETURN)
> > > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 19 out of 19 times).
> > 63069 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_write_op), __pyx_ptype_5rados_WriteOp, 1, "write_op", 0))) __PYX_ERR(0, 3821, __pyx_L1_error)
> > 63070 __pyx_r = __pyx_pf_5rados_5Ioctx_138remove_omap_keys(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_write_op, __pyx_v_keys);
> > 63071
> > 63072 /* function exit code */
> > 63073 goto __pyx_L0;
> > 63074 __pyx_L1_error:;
> >
> > ** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
> > /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
> > /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
> > 1393 ldout(cct, 1) << __func__ << " decode message failed " << dendl;
> > 1394 return _fault();
> > 1395 } else {
> > 1396 state = READ_MESSAGE_COMPLETE;
> > 1397 }
> > 1398
> > > > > CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
> > > > > Using freed pointer "this->connection".
> > 1399 INTERCEPT(17);
> > 1400
> > 1401 message->set_byte_throttler(connection->policy.throttler_bytes);
> > 1402 message->set_message_throttler(connection->policy.throttler_messages);
> > 1403
> > 1404 // store reservation size in message, so we don't get confused
> >
> > ** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
> > /home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
> > 49 }
> > 50 void PerfCountersCollection::with_counters(std::function<void(const PerfCountersCollectionImpl::CounterMap &)> fn) const
> > 51 {
> > 52 std::lock_guard lck(m_lock);
> > 53 perf_impl.with_counters(fn);
> > 54 }
> > > > > CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
> > > > > An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> > 55 void PerfCountersDeleter::operator()(PerfCounters* p) noexcept
> > 56 {
> > 57 if (cct)
> > 58 cct->get_perfcounters_collection()->remove(p);
> > 59 delete p;
> > 60 }
> > 61
> >
> >
> > ________________________________________________________________________________________________________
> > To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yojIR8ODHcGVd1JcCGjvdH5QZ17VgLZQT3XYfB8Bhzp4w-3D-3Dapsi_yvgqM0IBcPiStiVTuWpgYFnMA4H-2BJYqMHWw4jQPoaoo-2BtqsVYKtfl9A0JRaS-2FbbUsKzdvQMj2WBidmXXDYpXO5qx9Y4cnFn0p-2FQkZWWe5JHh8ejaBgEwaUzBM3x-2FyM-2FOpvKqhT-2BCzg-2FNUNemZtHf5voIH7BYbWLrdioyp5fcmOVIoUi-2FywPSoY8zfzN1w6jANMlnLaDKN7b-2BOFQMLI5WK5wsImAoh9oNG6AqvJrylMM-3D
> >
>
> --
> Jeff Layton <jlayton@kernel.org>
>
--
Cheers,
Brad
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2022-08-20 12:22 scan-admin
@ 2022-08-20 13:17 ` Jeff Layton
2022-08-22 3:54 ` Brad Hubbard
0 siblings, 1 reply; 124+ messages in thread
From: Jeff Layton @ 2022-08-20 13:17 UTC (permalink / raw)
To: scan-admin; +Cc: dev, ceph-devel
This mailing list is for the ceph kernel client, but the report below is
for the userland ceph project. Can you change where these alerts get
mailed to dev@ceph.io?
Thanks,
Jeff
On Sat, 2022-08-20 at 12:22 +0000, scan-admin@coverity.com wrote:
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 293 new defect(s) introduced to ceph found with Coverity Scan.
> 2803 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 20 of 293 defect(s)
>
>
> ** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
> /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
> /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
> 1035 a.set_type(entity_addr_t::TYPE_MSGR2); // anything but NONE; learned_addr ignores this
> 1036 a.set_port(0);
> 1037 connection->lock.unlock();
> 1038 messenger->learned_addr(a);
> 1039 if (cct->_conf->ms_inject_internal_delays &&
> 1040 cct->_conf->ms_inject_socket_failures) {
> > > > CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
> > > > "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
> 1041 if (rand() % cct->_conf->ms_inject_socket_failures == 0) {
> 1042 ldout(cct, 10) << __func__ << " sleep for "
> 1043 << cct->_conf->ms_inject_internal_delays << dendl;
> 1044 utime_t t;
> 1045 t.set_from_double(cct->_conf->ms_inject_internal_delays);
> 1046 t.sleep();
>
> ** CID 1509768: Control flow issues (UNREACHABLE)
> /src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509768: Control flow issues (UNREACHABLE)
> /src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
> 30838 * if name]
> 30839 * finally:
> 30840 * free(c_names) # <<<<<<<<<<<<<<
> 30841 *
> 30842 * def group_rename(self, ioctx, src, dest):
> 30843 */
> > > > CID 1509768: Control flow issues (UNREACHABLE)
> > > > This code cannot be reached: "{
> __pyx_L4_error:
> ;
> {...".
> 30844 /*finally:*/ {
> 30845 __pyx_L4_error:;
> 30846 /*exception exit:*/{
> 30847 __Pyx_PyThreadState_declare
> 30848 __Pyx_PyThreadState_assign
> 30849 __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0; __pyx_t_20 = 0;
>
> ** CID 1509767: (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509767: (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> 542 * something for multiple seconds without calling into the VFS (where we could
> 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> 546 */
> > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> 547 void SimpleRADOSStriper::lock_keeper_main(void)
> 548 {
> 549 d(20) << dendl;
> 550 const auto ext = get_first_extent();
> 551 while (!shutdown) {
> 552 d(20) << "tick" << dendl;
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> 542 * something for multiple seconds without calling into the VFS (where we could
> 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> 546 */
> > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> 547 void SimpleRADOSStriper::lock_keeper_main(void)
> 548 {
> 549 d(20) << dendl;
> 550 const auto ext = get_first_extent();
> 551 while (!shutdown) {
> 552 d(20) << "tick" << dendl;
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> 542 * something for multiple seconds without calling into the VFS (where we could
> 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> 546 */
> > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> 547 void SimpleRADOSStriper::lock_keeper_main(void)
> 548 {
> 549 d(20) << dendl;
> 550 const auto ext = get_first_extent();
> 551 while (!shutdown) {
> 552 d(20) << "tick" << dendl;
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> 542 * something for multiple seconds without calling into the VFS (where we could
> 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> 546 */
> > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> 547 void SimpleRADOSStriper::lock_keeper_main(void)
> 548 {
> 549 d(20) << dendl;
> 550 const auto ext = get_first_extent();
> 551 while (!shutdown) {
> 552 d(20) << "tick" << dendl;
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
> 541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
> 542 * something for multiple seconds without calling into the VFS (where we could
> 543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
> 544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
> 545 * not use the sqlite3 database connection for an indeterminate amount of time.
> 546 */
> > > > CID 1509767: (UNCAUGHT_EXCEPT)
> > > > In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
> 547 void SimpleRADOSStriper::lock_keeper_main(void)
> 548 {
> 549 d(20) << dendl;
> 550 const auto ext = get_first_extent();
> 551 while (!shutdown) {
> 552 d(20) << "tick" << dendl;
>
> ** CID 1509766: Uninitialized members (UNINIT_CTOR)
> /home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509766: Uninitialized members (UNINIT_CTOR)
> /home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
> 26 inodeno_t get_ino() const { return ino; }
> 27 int get_snap_op() const { return snap_op; }
> 28
> 29 ceph::buffer::list snap_blob;
> 30
> 31 protected:
> > > > CID 1509766: Uninitialized members (UNINIT_CTOR)
> > > > Non-static class member "snap_op" is not initialized in this constructor nor in any functions that it calls.
> 32 MMDSSnapUpdate() : MMDSOp{MSG_MDS_SNAPUPDATE} {}
> 33 MMDSSnapUpdate(inodeno_t i, version_t tid, int op) :
> 34 MMDSOp{MSG_MDS_SNAPUPDATE}, ino(i), snap_op(op) {
> 35 set_tid(tid);
> 36 }
> 37 ~MMDSSnapUpdate() final {}
>
> ** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
> /home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
> /home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
> 928 break;
> 929 case JSONFormattable::FMT_ARRAY:
> 930 ::encode_json(name, arr, f);
> 931 break;
> 932 case JSONFormattable::FMT_OBJ:
> 933 f->open_object_section(name);
> > > > CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
> > > > Using the "auto" keyword without an "&" causes the copy of an object of type pair.
> 934 for (auto iter : obj) {
> 935 ::encode_json(iter.first.c_str(), iter.second, f);
> 936 }
> 937 f->close_section();
> 938 break;
> 939 case JSONFormattable::FMT_NONE:
>
> ** CID 1509764: Concurrent data access violations (MISSING_LOCK)
> /home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509764: Concurrent data access violations (MISSING_LOCK)
> /home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
> 87 }
> 88 // If we are exiting, we signal the thread waiting in stop(),
> 89 // otherwise it would never unblock
> 90 finisher_empty_cond.notify_all();
> 91
> 92 ldout(cct, 10) << "finisher_thread stop" << dendl;
> > > > CID 1509764: Concurrent data access violations (MISSING_LOCK)
> > > > Accessing "this->finisher_stop" without holding lock "ceph::mutex_debug_detail::mutex_debug_impl<false>.m". Elsewhere, "Finisher.finisher_stop" is accessed with "mutex_debug_impl.m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
> 93 finisher_stop = false;
> 94 return 0;
>
> ** CID 1509763: (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509763: (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> 1249 delete cq;
> 1250 return NULL;
> 1251 }
> 1252 return cq;
> 1253 }
> 1254
> > > > CID 1509763: (UNCAUGHT_EXCEPT)
> > > > An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> 1255 Infiniband::QueuePair::~QueuePair()
> 1256 {
> 1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
> 1258 if (qp) {
> 1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
> 1260 ceph_assert(!ibv_destroy_qp(qp));
> /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> 1249 delete cq;
> 1250 return NULL;
> 1251 }
> 1252 return cq;
> 1253 }
> 1254
> > > > CID 1509763: (UNCAUGHT_EXCEPT)
> > > > An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> 1255 Infiniband::QueuePair::~QueuePair()
> 1256 {
> 1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
> 1258 if (qp) {
> 1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
> 1260 ceph_assert(!ibv_destroy_qp(qp));
>
> ** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
> 1249 delete cq;
> 1250 return NULL;
> 1251 }
> 1252 return cq;
> 1253 }
> 1254
> > > > CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
> > > > An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> 1255 Infiniband::QueuePair::~QueuePair()
> 1256 {
> 1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
> 1258 if (qp) {
> 1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
> 1260 ceph_assert(!ibv_destroy_qp(qp));
>
> ** CID 1509761: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509761: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
> 56258 __Pyx_RaiseArgtupleInvalid("watch", 0, 2, 4, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3314, __pyx_L3_error)
> 56259 __pyx_L3_error:;
> 56260 __Pyx_AddTraceback("rados.Ioctx.watch", __pyx_clineno, __pyx_lineno, __pyx_filename);
> 56261 __Pyx_RefNannyFinishContext();
> 56262 return NULL;
> 56263 __pyx_L4_argument_unpacking_done:;
> > > > CID 1509761: Error handling issues (CHECKED_RETURN)
> > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
> 56264 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_obj), (&PyUnicode_Type), 1, "obj", 1))) __PYX_ERR(0, 3314, __pyx_L1_error)
> 56265 __pyx_r = __pyx_pf_5rados_5Ioctx_86watch(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_obj, __pyx_v_callback, __pyx_v_error_callback, __pyx_v_timeout);
> 56266
> 56267 /* "rados.pyx":3314
> 56268 * return completion
> 56269 *
>
> ** CID 1509760: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509760: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
> 47058 __Pyx_RaiseArgtupleInvalid("aio_remove", 0, 1, 3, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 2640, __pyx_L3_error)
> 47059 __pyx_L3_error:;
> 47060 __Pyx_AddTraceback("rados.Ioctx.aio_remove", __pyx_clineno, __pyx_lineno, __pyx_filename);
> 47061 __Pyx_RefNannyFinishContext();
> 47062 return NULL;
> 47063 __pyx_L4_argument_unpacking_done:;
> > > > CID 1509760: Error handling issues (CHECKED_RETURN)
> > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
> 47064 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_object_name), (&PyUnicode_Type), 1, "object_name", 1))) __PYX_ERR(0, 2640, __pyx_L1_error)
> 47065 __pyx_r = __pyx_pf_5rados_5Ioctx_36aio_remove(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_object_name, __pyx_v_oncomplete, __pyx_v_onsafe);
> 47066
> 47067 /* "rados.pyx":2640
> 47068 * return completion
> 47069 *
>
> ** CID 1509759: Program hangs (SLEEP)
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509759: Program hangs (SLEEP)
> /home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
> 697 } else if (rc == -EBUSY) {
> 698 if ((slept % 500000) == 0) {
> 699 d(-1) << "waiting for locks: ";
> 700 print_lockers(*_dout);
> 701 *_dout << dendl;
> 702 }
> > > > CID 1509759: Program hangs (SLEEP)
> > > > Call to "usleep" might sleep while holding lock "lock._M_device".
> 703 usleep(5000);
> 704 slept += 5000;
> 705 continue;
> 706 } else if (rc == -ECANCELED) {
> 707 /* CMPXATTR failed, a locker didn't cleanup. Try to recover! */
> 708 if (rc = recover_lock(); rc < 0) {
>
> ** CID 1509758: Error handling issues (CHECKED_RETURN)
> /src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509758: Error handling issues (CHECKED_RETURN)
> /src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
> 81562 __Pyx_RaiseArgtupleInvalid("__init__", 1, 1, 1, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 5773, __pyx_L3_error)
> 81563 __pyx_L3_error:;
> 81564 __Pyx_AddTraceback("rbd.GroupSnapIterator.__init__", __pyx_clineno, __pyx_lineno, __pyx_filename);
> 81565 __Pyx_RefNannyFinishContext();
> 81566 return -1;
> 81567 __pyx_L4_argument_unpacking_done:;
> > > > CID 1509758: Error handling issues (CHECKED_RETURN)
> > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 8 out of 8 times).
> 81568 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_group), __pyx_ptype_3rbd_Group, 1, "group", 0))) __PYX_ERR(0, 5773, __pyx_L1_error)
> 81569 __pyx_r = __pyx_pf_3rbd_17GroupSnapIterator___init__(((struct __pyx_obj_3rbd_GroupSnapIterator *)__pyx_v_self), __pyx_v_group);
> 81570
> 81571 /* function exit code */
> 81572 goto __pyx_L0;
> 81573 __pyx_L1_error:;
>
> ** CID 1509757: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509757: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
> 47521 int __pyx_lineno = 0;
> 47522 const char *__pyx_filename = NULL;
> 47523 int __pyx_clineno = 0;
> 47524 PyObject *__pyx_r = 0;
> 47525 __Pyx_RefNannyDeclarations
> 47526 __Pyx_RefNannySetupContext("set_locator_key (wrapper)", 0);
> > > > CID 1509757: Error handling issues (CHECKED_RETURN)
> > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
> 47527 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_loc_key), (&PyUnicode_Type), 1, "loc_key", 1))) __PYX_ERR(0, 2680, __pyx_L1_error)
> 47528 __pyx_r = __pyx_pf_5rados_5Ioctx_40set_locator_key(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), ((PyObject*)__pyx_v_loc_key));
> 47529
> 47530 /* function exit code */
> 47531 goto __pyx_L0;
> 47532 __pyx_L1_error:;
>
> ** CID 1509756: (CHECKED_RETURN)
> /src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
> /src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
> /src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
> /src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509756: (CHECKED_RETURN)
> /src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
> 29526 char_pos = 0;
> 29527 for (i=0; i < value_count; i++) {
> 29528 int ukind;
> 29529 Py_ssize_t ulength;
> 29530 void *udata;
> 29531 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > CID 1509756: (CHECKED_RETURN)
> > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> 29532 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> 29533 goto bad;
> 29534 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> 29535 if (unlikely(!ulength))
> 29536 continue;
> 29537 if (unlikely(char_pos + ulength < 0))
> /src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
> 44808 char_pos = 0;
> 44809 for (i=0; i < value_count; i++) {
> 44810 int ukind;
> 44811 Py_ssize_t ulength;
> 44812 void *udata;
> 44813 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > CID 1509756: (CHECKED_RETURN)
> > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> 44814 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> 44815 goto bad;
> 44816 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> 44817 if (unlikely(!ulength))
> 44818 continue;
> 44819 if (unlikely(char_pos + ulength < 0))
> /src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
> 99750 char_pos = 0;
> 99751 for (i=0; i < value_count; i++) {
> 99752 int ukind;
> 99753 Py_ssize_t ulength;
> 99754 void *udata;
> 99755 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > CID 1509756: (CHECKED_RETURN)
> > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> 99756 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> 99757 goto bad;
> 99758 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> 99759 if (unlikely(!ulength))
> 99760 continue;
> 99761 if (unlikely(char_pos + ulength < 0))
> /src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
> 89355 char_pos = 0;
> 89356 for (i=0; i < value_count; i++) {
> 89357 int ukind;
> 89358 Py_ssize_t ulength;
> 89359 void *udata;
> 89360 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
> > > > CID 1509756: (CHECKED_RETURN)
> > > > Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
> 89361 if (unlikely(__Pyx_PyUnicode_READY(uval)))
> 89362 goto bad;
> 89363 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
> 89364 if (unlikely(!ulength))
> 89365 continue;
> 89366 if (unlikely(char_pos + ulength < 0))
>
> ** CID 1509755: Control flow issues (UNREACHABLE)
> /src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509755: Control flow issues (UNREACHABLE)
> /src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
> 72239 * }
> 72240 * finally:
> 72241 * free(_name) # <<<<<<<<<<<<<<
> 72242 *
> 72243 * @requires_not_closed
> 72244 */
> > > > CID 1509755: Control flow issues (UNREACHABLE)
> > > > This code cannot be reached: "{
> __pyx_L4_error:
> ;
> {...".
> 72245 /*finally:*/ {
> 72246 __pyx_L4_error:;
> 72247 /*exception exit:*/{
> 72248 __Pyx_PyThreadState_declare
> 72249 __Pyx_PyThreadState_assign
> 72250 __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0;
>
> ** CID 1509754: Uninitialized members (UNINIT_CTOR)
> /home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509754: Uninitialized members (UNINIT_CTOR)
> /home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
> 13 static constexpr int COMPAT_VERSION = 1;
> 14 public:
> 15 version_t seq;
> 16
> 17 protected:
> 18 MMDSPing() : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION) {
> > > > CID 1509754: Uninitialized members (UNINIT_CTOR)
> > > > Non-static class member "seq" is not initialized in this constructor nor in any functions that it calls.
> 19 }
> 20 MMDSPing(version_t seq)
> 21 : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION), seq(seq) {
> 22 }
> 23 ~MMDSPing() final {}
> 24
>
> ** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
> 4999 Dispatcher(cct), messenger(m), monc(mc), service(service)
> 5000 {
> 5001 mon_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_mon_op_timeout");
> 5002 osd_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_osd_op_timeout");
> 5003 }
> 5004
> > > > CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
> > > > An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> 5005 Objecter::~Objecter()
> 5006 {
> 5007 ceph_assert(homeless_session->get_nref() == 1);
> 5008 ceph_assert(num_homeless_ops == 0);
> 5009 homeless_session->put();
> 5010
>
> ** CID 1509752: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509752: Error handling issues (CHECKED_RETURN)
> /src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
> 63063 __Pyx_RaiseArgtupleInvalid("remove_omap_keys", 1, 2, 2, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3821, __pyx_L3_error)
> 63064 __pyx_L3_error:;
> 63065 __Pyx_AddTraceback("rados.Ioctx.remove_omap_keys", __pyx_clineno, __pyx_lineno, __pyx_filename);
> 63066 __Pyx_RefNannyFinishContext();
> 63067 return NULL;
> 63068 __pyx_L4_argument_unpacking_done:;
> > > > CID 1509752: Error handling issues (CHECKED_RETURN)
> > > > Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 19 out of 19 times).
> 63069 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_write_op), __pyx_ptype_5rados_WriteOp, 1, "write_op", 0))) __PYX_ERR(0, 3821, __pyx_L1_error)
> 63070 __pyx_r = __pyx_pf_5rados_5Ioctx_138remove_omap_keys(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_write_op, __pyx_v_keys);
> 63071
> 63072 /* function exit code */
> 63073 goto __pyx_L0;
> 63074 __pyx_L1_error:;
>
> ** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
> /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
> /home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
> 1393 ldout(cct, 1) << __func__ << " decode message failed " << dendl;
> 1394 return _fault();
> 1395 } else {
> 1396 state = READ_MESSAGE_COMPLETE;
> 1397 }
> 1398
> > > > CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
> > > > Using freed pointer "this->connection".
> 1399 INTERCEPT(17);
> 1400
> 1401 message->set_byte_throttler(connection->policy.throttler_bytes);
> 1402 message->set_message_throttler(connection->policy.throttler_messages);
> 1403
> 1404 // store reservation size in message, so we don't get confused
>
> ** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
> /home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
> 49 }
> 50 void PerfCountersCollection::with_counters(std::function<void(const PerfCountersCollectionImpl::CounterMap &)> fn) const
> 51 {
> 52 std::lock_guard lck(m_lock);
> 53 perf_impl.with_counters(fn);
> 54 }
> > > > CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
> > > > An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
> 55 void PerfCountersDeleter::operator()(PerfCounters* p) noexcept
> 56 {
> 57 if (cct)
> 58 cct->get_perfcounters_collection()->remove(p);
> 59 delete p;
> 60 }
> 61
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yojIR8ODHcGVd1JcCGjvdH5QZ17VgLZQT3XYfB8Bhzp4w-3D-3Dapsi_yvgqM0IBcPiStiVTuWpgYFnMA4H-2BJYqMHWw4jQPoaoo-2BtqsVYKtfl9A0JRaS-2FbbUsKzdvQMj2WBidmXXDYpXO5qx9Y4cnFn0p-2FQkZWWe5JHh8ejaBgEwaUzBM3x-2FyM-2FOpvKqhT-2BCzg-2FNUNemZtHf5voIH7BYbWLrdioyp5fcmOVIoUi-2FywPSoY8zfzN1w6jANMlnLaDKN7b-2BOFQMLI5WK5wsImAoh9oNG6AqvJrylMM-3D
>
--
Jeff Layton <jlayton@kernel.org>
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2022-08-20 12:22 scan-admin
2022-08-20 13:17 ` Jeff Layton
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2022-08-20 12:22 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
293 new defect(s) introduced to ceph found with Coverity Scan.
2803 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 293 defect(s)
** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
________________________________________________________________________________________________________
*** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
1035 a.set_type(entity_addr_t::TYPE_MSGR2); // anything but NONE; learned_addr ignores this
1036 a.set_port(0);
1037 connection->lock.unlock();
1038 messenger->learned_addr(a);
1039 if (cct->_conf->ms_inject_internal_delays &&
1040 cct->_conf->ms_inject_socket_failures) {
>>> CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
1041 if (rand() % cct->_conf->ms_inject_socket_failures == 0) {
1042 ldout(cct, 10) << __func__ << " sleep for "
1043 << cct->_conf->ms_inject_internal_delays << dendl;
1044 utime_t t;
1045 t.set_from_double(cct->_conf->ms_inject_internal_delays);
1046 t.sleep();
** CID 1509768: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
________________________________________________________________________________________________________
*** CID 1509768: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
30838 * if name]
30839 * finally:
30840 * free(c_names) # <<<<<<<<<<<<<<
30841 *
30842 * def group_rename(self, ioctx, src, dest):
30843 */
>>> CID 1509768: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
__pyx_L4_error:
;
{...".
30844 /*finally:*/ {
30845 __pyx_L4_error:;
30846 /*exception exit:*/{
30847 __Pyx_PyThreadState_declare
30848 __Pyx_PyThreadState_assign
30849 __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0; __pyx_t_20 = 0;
** CID 1509767: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
________________________________________________________________________________________________________
*** CID 1509767: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
** CID 1509766: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
________________________________________________________________________________________________________
*** CID 1509766: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
26 inodeno_t get_ino() const { return ino; }
27 int get_snap_op() const { return snap_op; }
28
29 ceph::buffer::list snap_blob;
30
31 protected:
>>> CID 1509766: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "snap_op" is not initialized in this constructor nor in any functions that it calls.
32 MMDSSnapUpdate() : MMDSOp{MSG_MDS_SNAPUPDATE} {}
33 MMDSSnapUpdate(inodeno_t i, version_t tid, int op) :
34 MMDSOp{MSG_MDS_SNAPUPDATE}, ino(i), snap_op(op) {
35 set_tid(tid);
36 }
37 ~MMDSSnapUpdate() final {}
** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
/home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
________________________________________________________________________________________________________
*** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
/home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
928 break;
929 case JSONFormattable::FMT_ARRAY:
930 ::encode_json(name, arr, f);
931 break;
932 case JSONFormattable::FMT_OBJ:
933 f->open_object_section(name);
>>> CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
>>> Using the "auto" keyword without an "&" causes the copy of an object of type pair.
934 for (auto iter : obj) {
935 ::encode_json(iter.first.c_str(), iter.second, f);
936 }
937 f->close_section();
938 break;
939 case JSONFormattable::FMT_NONE:
** CID 1509764: Concurrent data access violations (MISSING_LOCK)
/home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
________________________________________________________________________________________________________
*** CID 1509764: Concurrent data access violations (MISSING_LOCK)
/home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
87 }
88 // If we are exiting, we signal the thread waiting in stop(),
89 // otherwise it would never unblock
90 finisher_empty_cond.notify_all();
91
92 ldout(cct, 10) << "finisher_thread stop" << dendl;
>>> CID 1509764: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->finisher_stop" without holding lock "ceph::mutex_debug_detail::mutex_debug_impl<false>.m". Elsewhere, "Finisher.finisher_stop" is accessed with "mutex_debug_impl.m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
93 finisher_stop = false;
94 return 0;
** CID 1509763: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
________________________________________________________________________________________________________
*** CID 1509763: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
1249 delete cq;
1250 return NULL;
1251 }
1252 return cq;
1253 }
1254
>>> CID 1509763: (UNCAUGHT_EXCEPT)
>>> An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
1255 Infiniband::QueuePair::~QueuePair()
1256 {
1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
1258 if (qp) {
1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
1260 ceph_assert(!ibv_destroy_qp(qp));
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
1249 delete cq;
1250 return NULL;
1251 }
1252 return cq;
1253 }
1254
>>> CID 1509763: (UNCAUGHT_EXCEPT)
>>> An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
1255 Infiniband::QueuePair::~QueuePair()
1256 {
1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
1258 if (qp) {
1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
1260 ceph_assert(!ibv_destroy_qp(qp));
** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
________________________________________________________________________________________________________
*** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
1249 delete cq;
1250 return NULL;
1251 }
1252 return cq;
1253 }
1254
>>> CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
1255 Infiniband::QueuePair::~QueuePair()
1256 {
1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
1258 if (qp) {
1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
1260 ceph_assert(!ibv_destroy_qp(qp));
** CID 1509761: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
________________________________________________________________________________________________________
*** CID 1509761: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
56258 __Pyx_RaiseArgtupleInvalid("watch", 0, 2, 4, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3314, __pyx_L3_error)
56259 __pyx_L3_error:;
56260 __Pyx_AddTraceback("rados.Ioctx.watch", __pyx_clineno, __pyx_lineno, __pyx_filename);
56261 __Pyx_RefNannyFinishContext();
56262 return NULL;
56263 __pyx_L4_argument_unpacking_done:;
>>> CID 1509761: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
56264 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_obj), (&PyUnicode_Type), 1, "obj", 1))) __PYX_ERR(0, 3314, __pyx_L1_error)
56265 __pyx_r = __pyx_pf_5rados_5Ioctx_86watch(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_obj, __pyx_v_callback, __pyx_v_error_callback, __pyx_v_timeout);
56266
56267 /* "rados.pyx":3314
56268 * return completion
56269 *
** CID 1509760: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
________________________________________________________________________________________________________
*** CID 1509760: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
47058 __Pyx_RaiseArgtupleInvalid("aio_remove", 0, 1, 3, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 2640, __pyx_L3_error)
47059 __pyx_L3_error:;
47060 __Pyx_AddTraceback("rados.Ioctx.aio_remove", __pyx_clineno, __pyx_lineno, __pyx_filename);
47061 __Pyx_RefNannyFinishContext();
47062 return NULL;
47063 __pyx_L4_argument_unpacking_done:;
>>> CID 1509760: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
47064 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_object_name), (&PyUnicode_Type), 1, "object_name", 1))) __PYX_ERR(0, 2640, __pyx_L1_error)
47065 __pyx_r = __pyx_pf_5rados_5Ioctx_36aio_remove(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_object_name, __pyx_v_oncomplete, __pyx_v_onsafe);
47066
47067 /* "rados.pyx":2640
47068 * return completion
47069 *
** CID 1509759: Program hangs (SLEEP)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
________________________________________________________________________________________________________
*** CID 1509759: Program hangs (SLEEP)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
697 } else if (rc == -EBUSY) {
698 if ((slept % 500000) == 0) {
699 d(-1) << "waiting for locks: ";
700 print_lockers(*_dout);
701 *_dout << dendl;
702 }
>>> CID 1509759: Program hangs (SLEEP)
>>> Call to "usleep" might sleep while holding lock "lock._M_device".
703 usleep(5000);
704 slept += 5000;
705 continue;
706 } else if (rc == -ECANCELED) {
707 /* CMPXATTR failed, a locker didn't cleanup. Try to recover! */
708 if (rc = recover_lock(); rc < 0) {
** CID 1509758: Error handling issues (CHECKED_RETURN)
/src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
________________________________________________________________________________________________________
*** CID 1509758: Error handling issues (CHECKED_RETURN)
/src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
81562 __Pyx_RaiseArgtupleInvalid("__init__", 1, 1, 1, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 5773, __pyx_L3_error)
81563 __pyx_L3_error:;
81564 __Pyx_AddTraceback("rbd.GroupSnapIterator.__init__", __pyx_clineno, __pyx_lineno, __pyx_filename);
81565 __Pyx_RefNannyFinishContext();
81566 return -1;
81567 __pyx_L4_argument_unpacking_done:;
>>> CID 1509758: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 8 out of 8 times).
81568 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_group), __pyx_ptype_3rbd_Group, 1, "group", 0))) __PYX_ERR(0, 5773, __pyx_L1_error)
81569 __pyx_r = __pyx_pf_3rbd_17GroupSnapIterator___init__(((struct __pyx_obj_3rbd_GroupSnapIterator *)__pyx_v_self), __pyx_v_group);
81570
81571 /* function exit code */
81572 goto __pyx_L0;
81573 __pyx_L1_error:;
** CID 1509757: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
________________________________________________________________________________________________________
*** CID 1509757: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
47521 int __pyx_lineno = 0;
47522 const char *__pyx_filename = NULL;
47523 int __pyx_clineno = 0;
47524 PyObject *__pyx_r = 0;
47525 __Pyx_RefNannyDeclarations
47526 __Pyx_RefNannySetupContext("set_locator_key (wrapper)", 0);
>>> CID 1509757: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
47527 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_loc_key), (&PyUnicode_Type), 1, "loc_key", 1))) __PYX_ERR(0, 2680, __pyx_L1_error)
47528 __pyx_r = __pyx_pf_5rados_5Ioctx_40set_locator_key(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), ((PyObject*)__pyx_v_loc_key));
47529
47530 /* function exit code */
47531 goto __pyx_L0;
47532 __pyx_L1_error:;
** CID 1509756: (CHECKED_RETURN)
/src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
/src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
/src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
/src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
________________________________________________________________________________________________________
*** CID 1509756: (CHECKED_RETURN)
/src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
29526 char_pos = 0;
29527 for (i=0; i < value_count; i++) {
29528 int ukind;
29529 Py_ssize_t ulength;
29530 void *udata;
29531 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
29532 if (unlikely(__Pyx_PyUnicode_READY(uval)))
29533 goto bad;
29534 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
29535 if (unlikely(!ulength))
29536 continue;
29537 if (unlikely(char_pos + ulength < 0))
/src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
44808 char_pos = 0;
44809 for (i=0; i < value_count; i++) {
44810 int ukind;
44811 Py_ssize_t ulength;
44812 void *udata;
44813 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
44814 if (unlikely(__Pyx_PyUnicode_READY(uval)))
44815 goto bad;
44816 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
44817 if (unlikely(!ulength))
44818 continue;
44819 if (unlikely(char_pos + ulength < 0))
/src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
99750 char_pos = 0;
99751 for (i=0; i < value_count; i++) {
99752 int ukind;
99753 Py_ssize_t ulength;
99754 void *udata;
99755 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
99756 if (unlikely(__Pyx_PyUnicode_READY(uval)))
99757 goto bad;
99758 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
99759 if (unlikely(!ulength))
99760 continue;
99761 if (unlikely(char_pos + ulength < 0))
/src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
89355 char_pos = 0;
89356 for (i=0; i < value_count; i++) {
89357 int ukind;
89358 Py_ssize_t ulength;
89359 void *udata;
89360 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
89361 if (unlikely(__Pyx_PyUnicode_READY(uval)))
89362 goto bad;
89363 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
89364 if (unlikely(!ulength))
89365 continue;
89366 if (unlikely(char_pos + ulength < 0))
** CID 1509755: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
________________________________________________________________________________________________________
*** CID 1509755: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
72239 * }
72240 * finally:
72241 * free(_name) # <<<<<<<<<<<<<<
72242 *
72243 * @requires_not_closed
72244 */
>>> CID 1509755: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
__pyx_L4_error:
;
{...".
72245 /*finally:*/ {
72246 __pyx_L4_error:;
72247 /*exception exit:*/{
72248 __Pyx_PyThreadState_declare
72249 __Pyx_PyThreadState_assign
72250 __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0;
** CID 1509754: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
________________________________________________________________________________________________________
*** CID 1509754: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
13 static constexpr int COMPAT_VERSION = 1;
14 public:
15 version_t seq;
16
17 protected:
18 MMDSPing() : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION) {
>>> CID 1509754: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "seq" is not initialized in this constructor nor in any functions that it calls.
19 }
20 MMDSPing(version_t seq)
21 : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION), seq(seq) {
22 }
23 ~MMDSPing() final {}
24
** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
________________________________________________________________________________________________________
*** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
4999 Dispatcher(cct), messenger(m), monc(mc), service(service)
5000 {
5001 mon_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_mon_op_timeout");
5002 osd_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_osd_op_timeout");
5003 }
5004
>>> CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
5005 Objecter::~Objecter()
5006 {
5007 ceph_assert(homeless_session->get_nref() == 1);
5008 ceph_assert(num_homeless_ops == 0);
5009 homeless_session->put();
5010
** CID 1509752: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
________________________________________________________________________________________________________
*** CID 1509752: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
63063 __Pyx_RaiseArgtupleInvalid("remove_omap_keys", 1, 2, 2, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3821, __pyx_L3_error)
63064 __pyx_L3_error:;
63065 __Pyx_AddTraceback("rados.Ioctx.remove_omap_keys", __pyx_clineno, __pyx_lineno, __pyx_filename);
63066 __Pyx_RefNannyFinishContext();
63067 return NULL;
63068 __pyx_L4_argument_unpacking_done:;
>>> CID 1509752: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 19 out of 19 times).
63069 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_write_op), __pyx_ptype_5rados_WriteOp, 1, "write_op", 0))) __PYX_ERR(0, 3821, __pyx_L1_error)
63070 __pyx_r = __pyx_pf_5rados_5Ioctx_138remove_omap_keys(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_write_op, __pyx_v_keys);
63071
63072 /* function exit code */
63073 goto __pyx_L0;
63074 __pyx_L1_error:;
** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
________________________________________________________________________________________________________
*** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
1393 ldout(cct, 1) << __func__ << " decode message failed " << dendl;
1394 return _fault();
1395 } else {
1396 state = READ_MESSAGE_COMPLETE;
1397 }
1398
>>> CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
>>> Using freed pointer "this->connection".
1399 INTERCEPT(17);
1400
1401 message->set_byte_throttler(connection->policy.throttler_bytes);
1402 message->set_message_throttler(connection->policy.throttler_messages);
1403
1404 // store reservation size in message, so we don't get confused
** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
________________________________________________________________________________________________________
*** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
49 }
50 void PerfCountersCollection::with_counters(std::function<void(const PerfCountersCollectionImpl::CounterMap &)> fn) const
51 {
52 std::lock_guard lck(m_lock);
53 perf_impl.with_counters(fn);
54 }
>>> CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
55 void PerfCountersDeleter::operator()(PerfCounters* p) noexcept
56 {
57 if (cct)
58 cct->get_perfcounters_collection()->remove(p);
59 delete p;
60 }
61
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yojIR8ODHcGVd1JcCGjvdH5QZ17VgLZQT3XYfB8Bhzp4w-3D-3Dapsi_yvgqM0IBcPiStiVTuWpgYFnMA4H-2BJYqMHWw4jQPoaoo-2BtqsVYKtfl9A0JRaS-2FbbUsKzdvQMj2WBidmXXDYpXO5qx9Y4cnFn0p-2FQkZWWe5JHh8ejaBgEwaUzBM3x-2FyM-2FOpvKqhT-2BCzg-2FNUNemZtHf5voIH7BYbWLrdioyp5fcmOVIoUi-2FywPSoY8zfzN1w6jANMlnLaDKN7b-2BOFQMLI5WK5wsImAoh9oNG6AqvJrylMM-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2018-01-04 3:32 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2018-01-04 3:32 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1427159: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/include/scope_guard.h: 34 in scope_guard<ceph::DNSResolver::resolve_ip_addr(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, entity_addr_t *)::[lambda() (instance 1)]>::~scope_guard()()
________________________________________________________________________________________________________
*** CID 1427159: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/include/scope_guard.h: 34 in scope_guard<ceph::DNSResolver::resolve_ip_addr(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, entity_addr_t *)::[lambda() (instance 1)]>::~scope_guard()()
28 scope_guard & operator=(const scope_guard &) = delete;
29 scope_guard & operator=(scope_guard &&) = default;
30 scope_guard(const F& f) : f(f) {}
31 scope_guard(F &&f) : f(std::move(f)) {}
32 template<typename... Args>
33 scope_guard(ceph::in_place_t, Args&& ...args) : f(std::forward<Args>(args)...) {}
>>> CID 1427159: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
34 ~scope_guard() {
35 std::move(f)(); // Support at-most-once functions
36 }
37 };
38
39 template <typename F>
** CID 1427160: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_cache.h: 160 in ObjectCache::ObjectCache()()
________________________________________________________________________________________________________
*** CID 1427160: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_cache.h: 160 in ObjectCache::ObjectCache()()
154 std::deque<string>::iterator& lru_iter);
155 void remove_lru(string& name, std::deque<string>::iterator& lru_iter);
156 void invalidate_lru(ObjectCacheEntry& entry);
157
158 void do_invalidate_all();
159 public:
>>> CID 1427160: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "expiry.__r" is not initialized in this constructor nor in any functions that it calls.
160 ObjectCache() : lru_size(0), lru_counter(0), lru_window(0), lock("ObjectCache"), cct(NULL), enabled(false) { }
161 int get(std::string& name, ObjectCacheInfo& bl, uint32_t mask, rgw_cache_entry_info *cache_info);
162 void put(std::string& name, ObjectCacheInfo& bl, rgw_cache_entry_info *cache_info);
163 void remove(std::string& name);
164 void set_ctx(CephContext *_cct) {
165 cct = _cct;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GeY66q3Z-2BiIfD-2FWF-2B1y4fthe2aV5C5glhCTArXxMAf4Yx53JgeiJO-2FnVss9zfoZ-2BIQ7dB9PSt-2BmwWtXS2Ih-2BgFocKqcKMWIT5CiTIsr6eYmz47feaFMS8SlJcHvHdgYSpqHvXdFnWtlcAZsHx7GuEwS5tAnMYMir4ko3VJgN5Zfxh8pbygH3KsgfxpmemwxlU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GeY66q3Z-2BiIfD-2FWF-2B1y4fthe2aV5C5glhCTArXxMAf4TOy6PDjWkrr6uxqj7nh7NWntyEvTs5ozVAjOyJp1cMBsHFm8zb-2BrkBtTgdyI1-2Br14TxtepwH0-2BUS53f1jEHMzCsGtYVRH2TyO6aZ1GDB-2BWs-2F6eDL64i0Wpg-2FvILa5PPq4ynlilnhHcRdK3mTSrWKCU-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-12-28 1:57 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-12-28 1:57 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
3 new defect(s) introduced to ceph found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1426995: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1426995: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/librbd/trash_watcher/Types.cc: 72 in librbd::trash_watcher::NotifyMessage::encode(ceph::buffer::list &) const()
66 }
67
68 void UnknownPayload::dump(Formatter *f) const {
69 }
70
71 void NotifyMessage::encode(bufferlist& bl) const {
>>> CID 1426995: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
72 ENCODE_START(1, 1, bl);
73 boost::apply_visitor(watcher::util::EncodePayloadVisitor(bl), payload);
74 ENCODE_FINISH(bl);
75 }
76
77 void NotifyMessage::decode(bufferlist::iterator& iter) {
** CID 1426996: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/librbd/internal.cc: 994 in librbd::rename(librados::IoCtx &, const char *, const char *)::boost_se_guard_t_994::~boost_se_guard_t_994()()
________________________________________________________________________________________________________
*** CID 1426996: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/librbd/internal.cc: 994 in librbd::rename(librados::IoCtx &, const char *, const char *)::boost_se_guard_t_994::~boost_se_guard_t_994()()
988 ImageCtx *ictx = new ImageCtx(srcname, "", "", io_ctx, false);
989 int r = ictx->state->open(false);
990 if (r < 0) {
991 lderr(cct) << "error opening source image: " << cpp_strerror(r) << dendl;
992 return r;
993 }
>>> CID 1426996: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "ceph::buffer::end_of_buffer" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
994 BOOST_SCOPE_EXIT((ictx)) {
995 ictx->state->close();
996 } BOOST_SCOPE_EXIT_END
997
998 return ictx->operations->rename(dstname);
999 }
** CID 1426997: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/PoolReplayer.cc: 187 in rbd::mirror::<unnamed>::PoolReplayerAdminSocketHook::~PoolReplayerAdminSocketHook()()
________________________________________________________________________________________________________
*** CID 1426997: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/PoolReplayer.cc: 187 in rbd::mirror::<unnamed>::PoolReplayerAdminSocketHook::~PoolReplayerAdminSocketHook()()
181 "release rbd mirror leader " + name);
182 if (r == 0) {
183 commands[command] = new LeaderReleaseCommand(pool_replayer);
184 }
185 }
186
>>> CID 1426997: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown but the throw list "throw()" doesn't allow it to be thrown. This will cause a call to unexpected() which usually calls terminate().
187 ~PoolReplayerAdminSocketHook() override {
188 for (Commands::const_iterator i = commands.begin(); i != commands.end();
189 ++i) {
190 (void)admin_socket->unregister_command(i->first);
191 delete i->second;
192 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GMWy0YeE5eJH0rPzK6A-2BTFQSvV2yEgiPICHbqweeYATl-2FI-2BaZcSqixT7Y5Tx5dSFWyhe5blkK8i6NAFaL5qRqoHtDgYlzD-2BIQmuBRVGIiy0KeDk-2FP0xngE3vJfz00ghRHd-2BFWinQWCK2Iq1bKjeWN54gOs0R8TkrfRDVNksqKRg88ovleS6D6KHfK2bcepN4E-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GMWy0YeE5eJH0rPzK6A-2BTFQSvV2yEgiPICHbqweeYATknZ8oYX4VBVrwSHvtIAlxsc7okjveriAFolv-2Bh5XswQjjrv5SCc3cHvB9LPXYbLNds5AxAGi-2BQEGaxZy-2Bw-2FC-2BKfD1TS8B237lxhjeseHwWun8HAwGOyq4f293YKtLFdtXbAbTdAhSlNPTPvhsfBYP4-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2017-12-21 3:34 ` Jos Collin
@ 2017-12-21 4:03 ` Brad Hubbard
0 siblings, 0 replies; 124+ messages in thread
From: Brad Hubbard @ 2017-12-21 4:03 UTC (permalink / raw)
To: Ceph Devel
On Thu, Dec 21, 2017 at 1:34 PM, Jos Collin <jcollin@redhat.com> wrote:
>
>
> On Thursday 21 December 2017 07:24 AM, scan-admin@coverity.com wrote:
>>
>>
>> Hi,
>>
>> Please find the latest report on new defect(s) introduced to ceph found
>> with Coverity Scan.
>>
>> 3 new defect(s) introduced to ceph found with Coverity Scan.
>> 11 defect(s), reported by Coverity Scan earlier, were marked fixed in the
>> recent build analyzed by Coverity Scan.
>>
>> New defect(s) Reported-by: Coverity Scan
>> Showing 3 of 3 defect(s)
>>
>>
>> ** CID 1426746: Null pointer dereferences (REVERSE_INULL)
>> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1270 in
>> MDBalancer::dump_loads(ceph::Formatter *)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1426746: Null pointer dereferences (REVERSE_INULL)
>> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1270 in
>> MDBalancer::dump_loads(ceph::Formatter *)()
>> 1264
>> 1265 f->open_array_section("dirfrags");
>> 1266 while (!dfs.empty()) {
>> 1267 CDir *dir = dfs.front();
>> 1268 dfs.pop_front();
>> 1269
>>>>>
>>>>> CID 1426746: Null pointer dereferences (REVERSE_INULL)
>>>>> Null-checking "f" suggests that it may be null, but it has already
>>>>> been dereferenced on all paths leading to the check.
>>
>> 1270 if (f) {
This check for f being null is redundant since if it were null we
would have segfaulted on line 1263 or 1265.
I'd suggest it can be removed. We could put an assert put at the start
of the function if necessary/desirable to check the Formatter
argument being passed in but I haven't looked into it that deeply and
I'm not sure that's necessary. I'd also suggest taking a look at
similar functions that take a "Formatter" argument and see how they
handle the possibility of the Formatter being null.
>> 1271 f->open_object_section("dir");
>> 1272 dir->dump_load(f, now, decayrate);
>> 1273 f->close_section();
>> 1274 }
>> 1275
>>
>> ** CID 1426747: Null pointer dereferences (FORWARD_NULL)
>> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1290 in
>> MDBalancer::dump_loads(ceph::Formatter *)()
>
>
> There is a possibility that `f` might be NULL. But it is not NULL.
>
> Please see:
> https://github.com/ceph/ceph/blob/f33ab7e03a13e18c8c883284033d511f1b43df12/src/mds/MDSDaemon.cc#L135
>
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1426747: Null pointer dereferences (FORWARD_NULL)
>> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1290 in
>> MDBalancer::dump_loads(ceph::Formatter *)()
>> 1284 if (subdir->pop_nested.meta_load() < .001)
>> 1285 continue;
>> 1286 dfs.push_back(subdir);
>> 1287 }
>> 1288 }
>> 1289 }
>>>>>
>>>>> CID 1426747: Null pointer dereferences (FORWARD_NULL)
>>>>> Passing null pointer "f" to "close_section", which dereferences
>>>>> it. (The dereference happens because this is a virtual function call.)
>>
>> 1290 f->close_section(); // dirfrags array
>> 1291
>> 1292 f->open_object_section("mds_load");
>> 1293 {
>> 1294
>> 1295 auto dump_mds_load = [this, f, now](mds_load_t& load) {
>>
>> ** CID 1426748: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/osd/ECBackend.h: 511 in
>> ECBackend::Op::Op()()
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Cheers,
Brad
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2017-12-21 1:54 scan-admin
@ 2017-12-21 3:34 ` Jos Collin
2017-12-21 4:03 ` Brad Hubbard
0 siblings, 1 reply; 124+ messages in thread
From: Jos Collin @ 2017-12-21 3:34 UTC (permalink / raw)
To: Ceph Devel
On Thursday 21 December 2017 07:24 AM, scan-admin@coverity.com wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 3 new defect(s) introduced to ceph found with Coverity Scan.
> 11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1426746: Null pointer dereferences (REVERSE_INULL)
> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1270 in MDBalancer::dump_loads(ceph::Formatter *)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1426746: Null pointer dereferences (REVERSE_INULL)
> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1270 in MDBalancer::dump_loads(ceph::Formatter *)()
> 1264
> 1265 f->open_array_section("dirfrags");
> 1266 while (!dfs.empty()) {
> 1267 CDir *dir = dfs.front();
> 1268 dfs.pop_front();
> 1269
>>>> CID 1426746: Null pointer dereferences (REVERSE_INULL)
>>>> Null-checking "f" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
> 1270 if (f) {
> 1271 f->open_object_section("dir");
> 1272 dir->dump_load(f, now, decayrate);
> 1273 f->close_section();
> 1274 }
> 1275
>
> ** CID 1426747: Null pointer dereferences (FORWARD_NULL)
> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1290 in MDBalancer::dump_loads(ceph::Formatter *)()
There is a possibility that `f` might be NULL. But it is not NULL.
Please see:
https://github.com/ceph/ceph/blob/f33ab7e03a13e18c8c883284033d511f1b43df12/src/mds/MDSDaemon.cc#L135
>
>
> ________________________________________________________________________________________________________
> *** CID 1426747: Null pointer dereferences (FORWARD_NULL)
> /home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1290 in MDBalancer::dump_loads(ceph::Formatter *)()
> 1284 if (subdir->pop_nested.meta_load() < .001)
> 1285 continue;
> 1286 dfs.push_back(subdir);
> 1287 }
> 1288 }
> 1289 }
>>>> CID 1426747: Null pointer dereferences (FORWARD_NULL)
>>>> Passing null pointer "f" to "close_section", which dereferences it. (The dereference happens because this is a virtual function call.)
> 1290 f->close_section(); // dirfrags array
> 1291
> 1292 f->open_object_section("mds_load");
> 1293 {
> 1294
> 1295 auto dump_mds_load = [this, f, now](mds_load_t& load) {
>
> ** CID 1426748: Uninitialized members (UNINIT_CTOR)
> /home/brad/working/src/ceph/src/osd/ECBackend.h: 511 in ECBackend::Op::Op()()
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-12-21 1:54 scan-admin
2017-12-21 3:34 ` Jos Collin
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2017-12-21 1:54 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
3 new defect(s) introduced to ceph found with Coverity Scan.
11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1426746: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1270 in MDBalancer::dump_loads(ceph::Formatter *)()
________________________________________________________________________________________________________
*** CID 1426746: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1270 in MDBalancer::dump_loads(ceph::Formatter *)()
1264
1265 f->open_array_section("dirfrags");
1266 while (!dfs.empty()) {
1267 CDir *dir = dfs.front();
1268 dfs.pop_front();
1269
>>> CID 1426746: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "f" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1270 if (f) {
1271 f->open_object_section("dir");
1272 dir->dump_load(f, now, decayrate);
1273 f->close_section();
1274 }
1275
** CID 1426747: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1290 in MDBalancer::dump_loads(ceph::Formatter *)()
________________________________________________________________________________________________________
*** CID 1426747: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/MDBalancer.cc: 1290 in MDBalancer::dump_loads(ceph::Formatter *)()
1284 if (subdir->pop_nested.meta_load() < .001)
1285 continue;
1286 dfs.push_back(subdir);
1287 }
1288 }
1289 }
>>> CID 1426747: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "f" to "close_section", which dereferences it. (The dereference happens because this is a virtual function call.)
1290 f->close_section(); // dirfrags array
1291
1292 f->open_object_section("mds_load");
1293 {
1294
1295 auto dump_mds_load = [this, f, now](mds_load_t& load) {
** CID 1426748: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/ECBackend.h: 511 in ECBackend::Op::Op()()
________________________________________________________________________________________________________
*** CID 1426748: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/ECBackend.h: 511 in ECBackend::Op::Op()()
505
506 /// Callbacks
507 Context *on_local_applied_sync = nullptr;
508 Context *on_all_applied = nullptr;
509 Context *on_all_commit = nullptr;
510
>>> CID 1426748: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "tid" is not initialized in this constructor nor in any functions that it calls.
511 Op() {}
512 Op(ceph_tid_t t, std::function<void(void)>&& cb)
513 : tid(t), on_write(cb) { }
514 ~Op() {
515 delete on_local_applied_sync;
516 delete on_all_applied;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EZdAaNMzjj2ZRPbkDolmkD-2Bsw3Hr011ofOuYtMXk6reD-2BdSKexT7q2Lt0OAh2jGrzg5SQMuoaqwHui6R1Zr4V9s2n1khNXR-2FUeSt-2FeK-2B8v7UHTFIirasRrOH0JyfLd8WCYYi5sLFX2EAqp5kTELhe3kZHHMhtNJs7ZBbbIoEKfYvFJxz-2FLyjjWgmpPsj9xT30-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EZdAaNMzjj2ZRPbkDolmkD-2Bsw3Hr011ofOuYtMXk6rePtmPVLUO0YE0KkkhvPsamW9f4ux9mKJ6oIQSTiuTnvSysxvaxtXyro961jYTmEV3Oe8sHZyvIhTe43-2FO7AgOe6JpQ6-2BED8iIth7JGE7yjz1-2ByVpjkES0rcqDlDhDaRFpbhpoNxZUgFSCw7hA7ntjrM-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-12-14 6:49 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-12-14 6:49 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
3 new defect(s) introduced to ceph found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1426118: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 831 in dump_attrs(ceph::Formatter *, ghobject_t, ceph::buffer::list &)()
________________________________________________________________________________________________________
*** CID 1426118: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 831 in dump_attrs(ceph::Formatter *, ghobject_t, ceph::buffer::list &)()
825 cerr << "\tdata: offset " << ds.offset << " len " << ds.len << std::endl;
826 t->write(coll, hoid, ds.offset, ds.len, ds.databl);
827 return 0;
828 }
829
830 int dump_attrs(
>>> CID 1426118: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter hoid of type "ghobject_t" (size 144 bytes) by value.
831 Formatter *formatter, ghobject_t hoid,
832 bufferlist &bl)
833 {
834 bufferlist::iterator ebliter = bl.begin();
835 attr_section as;
836 as.decode(ebliter);
** CID 1426119: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/Server.cc: 7141 in Server::_rename_prepare(boost::intrusive_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
________________________________________________________________________________________________________
*** CID 1426119: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/Server.cc: 7141 in Server::_rename_prepare(boost::intrusive_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
7135 force_journal_dest = true;
7136 } else
7137 force_journal_dest = _need_force_journal(srci, false);
7138 }
7139
7140 bool force_journal_stray = false;
>>> CID 1426119: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "oldin" to null implies that "oldin" might be null.
7141 if (oldin && oldin->is_dir() && straydn && !straydn->is_auth())
7142 force_journal_stray = _need_force_journal(oldin, true);
7143
7144 if (linkmerge)
7145 dout(10) << " merging remote and primary links to the same inode" << dendl;
7146 if (silent)
** CID 1426120: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 87 in main()
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 87 in main()
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 87 in main()
________________________________________________________________________________________________________
*** CID 1426120: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 87 in main()
81 if (r < 0) {
82 cerr << "error writing output: " << cpp_strerror(r) << std::endl;
83 exit(1);
84 }
85 }
86
>>> CID 1426120: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::length_error" is thrown and never caught.
87 int main(int argc, const char **argv)
88 {
89 vector<const char*> args;
90 argv_to_vec(argc, argv, args);
91 env_to_vec(args);
92
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 87 in main()
81 if (r < 0) {
82 cerr << "error writing output: " << cpp_strerror(r) << std::endl;
83 exit(1);
84 }
85 }
86
>>> CID 1426120: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::length_error" is thrown and never caught.
87 int main(int argc, const char **argv)
88 {
89 vector<const char*> args;
90 argv_to_vec(argc, argv, args);
91 env_to_vec(args);
92
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 87 in main()
81 if (r < 0) {
82 cerr << "error writing output: " << cpp_strerror(r) << std::endl;
83 exit(1);
84 }
85 }
86
>>> CID 1426120: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::length_error" is thrown and never caught.
87 int main(int argc, const char **argv)
88 {
89 vector<const char*> args;
90 argv_to_vec(argc, argv, args);
91 env_to_vec(args);
92
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E6x734IutrIY1GtLSiPLVFA94P-2FiabRJ3vrnlk8h3cFZPilPWknxysPBhqbNlnBYUO5jDV8murCl-2B0h2BDzwxMYi-2B2ectnbhQ-2BJmSdVSs05dulJH43gd-2BDJwedI-2B0U7gGR8i13XVH7LWUSgHXeUl62llJ0PpG5kq26Z7-2FBLGeY7Kgi1rdKcWQsYvYMRvOkrE4-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E6x734IutrIY1GtLSiPLVFA94P-2FiabRJ3vrnlk8h3cFdA3WxOSvi-2BD3fVZC-2B4Xtx3YqKYb5-2BsKzBekY-2FznzFfqhaKNjIbH7yHfAfzSm0ooqGebXPB7hAPb8LU7azhtETBuDWB19YQ-2F0NeB6IgZHGb2HseJBU-2BpCppkEptq2vGME5Ww9rty2-2BZ7bojv5Uvh20E-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-12-01 2:25 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-12-01 2:25 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
347 new defect(s) introduced to ceph found with Coverity Scan.
880 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 347 defect(s)
** CID 716914: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/CInode.cc: 450 in CInode::project_past_snaprealm_parent(SnapRealm *)()
________________________________________________________________________________________________________
*** CID 716914: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/CInode.cc: 450 in CInode::project_past_snaprealm_parent(SnapRealm *)()
444 if parent DNE, we need to find what the parent actually is and fill that in */
445 void CInode::project_past_snaprealm_parent(SnapRealm *newparent)
446 {
447 sr_t *new_snap = project_snaprealm();
448 SnapRealm *oldparent;
449 if (!snaprealm) {
>>> CID 716914: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "oldparent" = "this->find_snaprealm()".
450 oldparent = find_snaprealm();
451 new_snap->seq = oldparent->get_newest_seq();
452 }
453 else
454 oldparent = snaprealm->parent;
455
** CID 1192618: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
________________________________________________________________________________________________________
*** CID 1192618: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1192618: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
** CID 1219627: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
________________________________________________________________________________________________________
*** CID 1219627: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 749 in main()
743 if ((r = update_mgrmap(st))) {
744 return r;
745 }
746 return 0;
747 }
748
>>> CID 1219627: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
749 int main(int argc, char **argv) {
750 int err = 0;
751 po::options_description desc("Allowed options");
752 string store_path, cmd;
753 vector<string> subcmds;
754 desc.add_options()
** CID 1225100: (LOCK)
/home/brad/working/src/ceph/src/mds/MDLog.cc: 662 in MDLog::trim(int)()
/home/brad/working/src/ceph/src/mds/MDLog.cc: 662 in MDLog::trim(int)()
________________________________________________________________________________________________________
*** CID 1225100: (LOCK)
/home/brad/working/src/ceph/src/mds/MDLog.cc: 662 in MDLog::trim(int)()
656 p = segments.lower_bound(last_seq + 1);
657 }
658 }
659
660 // discard expired segments and unlock submit_mutex
661 _trim_expired_segments();
>>> CID 1225100: (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
662 }
663
664 class C_MaybeExpiredSegment : public MDSInternalContext {
665 MDLog *mdlog;
666 LogSegment *ls;
667 int op_prio;
/home/brad/working/src/ceph/src/mds/MDLog.cc: 662 in MDLog::trim(int)()
656 p = segments.lower_bound(last_seq + 1);
657 }
658 }
659
660 // discard expired segments and unlock submit_mutex
661 _trim_expired_segments();
>>> CID 1225100: (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
662 }
663
664 class C_MaybeExpiredSegment : public MDSInternalContext {
665 MDLog *mdlog;
666 LogSegment *ls;
667 int op_prio;
** CID 1225101: (LOCK)
/home/brad/working/src/ceph/src/mds/MDLog.cc: 528 in MDLog::shutdown()()
/home/brad/working/src/ceph/src/mds/MDLog.cc: 528 in MDLog::shutdown()()
/home/brad/working/src/ceph/src/mds/MDLog.cc: 528 in MDLog::shutdown()()
________________________________________________________________________________________________________
*** CID 1225101: (LOCK)
/home/brad/working/src/ceph/src/mds/MDLog.cc: 528 in MDLog::shutdown()()
522
523 if (recovery_thread.is_started() && !recovery_thread.am_self()) {
524 mds->mds_lock.Unlock();
525 recovery_thread.join();
526 mds->mds_lock.Lock();
527 }
>>> CID 1225101: (LOCK)
>>> Returning without unlocking "this->mds->mds_lock._m".
528 }
529
530
531 // -----------------------------
532 // segments
533
/home/brad/working/src/ceph/src/mds/MDLog.cc: 528 in MDLog::shutdown()()
522
523 if (recovery_thread.is_started() && !recovery_thread.am_self()) {
524 mds->mds_lock.Unlock();
525 recovery_thread.join();
526 mds->mds_lock.Lock();
527 }
>>> CID 1225101: (LOCK)
>>> Returning without unlocking "this->mds->mds_lock._m".
528 }
529
530
531 // -----------------------------
532 // segments
533
/home/brad/working/src/ceph/src/mds/MDLog.cc: 528 in MDLog::shutdown()()
522
523 if (recovery_thread.is_started() && !recovery_thread.am_self()) {
524 mds->mds_lock.Unlock();
525 recovery_thread.join();
526 mds->mds_lock.Lock();
527 }
>>> CID 1225101: (LOCK)
>>> Returning without unlocking "this->mds->mds_lock._m".
528 }
529
530
531 // -----------------------------
532 // segments
533
** CID 1238895: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
________________________________________________________________________________________________________
*** CID 1238895: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238895: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::malformed_input" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238895: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::malformed_input" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238895: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::malformed_input" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
** CID 1238897: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
________________________________________________________________________________________________________
*** CID 1238897: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238897: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
** CID 1238898: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
________________________________________________________________________________________________________
*** CID 1238898: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238898: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_lexical_cast> >" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238898: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_lexical_cast> >" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
** CID 1238899: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
________________________________________________________________________________________________________
*** CID 1238899: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238899: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238899: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238899: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238899: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238899: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
** CID 1238900: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
________________________________________________________________________________________________________
*** CID 1238900: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 2584 in main()
2578 }
2579
2580 cerr << "Finished " << total << "/" << total << " collections" << "\r" << std::endl;
2581 return r;
2582 }
2583
>>> CID 1238900: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2584 int main(int argc, char **argv)
2585 {
2586 string dpath, jpath, pgidstr, op, file, mountpoint, mon_store_path, object;
2587 string target_data_path, fsid;
2588 string objcmd, arg1, arg2, type, format, argnspace, pool;
2589 boost::optional<std::string> nspace;
** CID 1256511: (LOCK)
/home/brad/working/src/ceph/src/mds/MDLog.cc: 730 in MDLog::trim_all()()
/home/brad/working/src/ceph/src/mds/MDLog.cc: 730 in MDLog::trim_all()()
________________________________________________________________________________________________________
*** CID 1256511: (LOCK)
/home/brad/working/src/ceph/src/mds/MDLog.cc: 730 in MDLog::trim_all()()
724 p = segments.lower_bound(next_seq);
725 }
726 }
727
728 _trim_expired_segments();
729
>>> CID 1256511: (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
730 return 0;
731 }
732
733
734 void MDLog::try_expire(LogSegment *ls, int op_prio)
735 {
/home/brad/working/src/ceph/src/mds/MDLog.cc: 730 in MDLog::trim_all()()
724 p = segments.lower_bound(next_seq);
725 }
726 }
727
728 _trim_expired_segments();
729
>>> CID 1256511: (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
730 return 0;
731 }
732
733
734 void MDLog::try_expire(LogSegment *ls, int op_prio)
735 {
** CID 1297739: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mon/Session.h: 160 in MonSessionMap::get_random_osd_session(OSDMap *)()
________________________________________________________________________________________________________
*** CID 1297739: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mon/Session.h: 160 in MonSessionMap::get_random_osd_session(OSDMap *)()
154
155 MonSession *get_random_osd_session(OSDMap *osdmap) {
156 // ok, this isn't actually random, but close enough.
157 if (by_osd.empty())
158 return 0;
159 int n = by_osd.rbegin()->first + 1;
>>> CID 1297739: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
160 int r = rand() % n;
161
162 multimap<int,MonSession*>::iterator p = by_osd.lower_bound(r);
163 if (p == by_osd.end())
164 --p;
165
** CID 1297760: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 1261 in main()
________________________________________________________________________________________________________
*** CID 1297760: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/ceph_monstore_tool.cc: 1261 in main()
1255 string prefix;
1256 prefix.push_back((i%26)+'a');
1257 for (unsigned j = 0; j < tsize; ++j) {
1258 stringstream os;
1259 os << num;
1260 bufferlist bl;
>>> CID 1297760: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1261 for (unsigned k = 0; k < tvalsize; ++k) bl.append(rand());
1262 t->put(prefix, os.str(), bl);
1263 ++num;
1264 }
1265 t->compact_prefix(prefix);
1266 st.apply_transaction(t);
** CID 1297796: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/MDCache.h: 1191 in MDCache::hack_pick_random_inode()()
________________________________________________________________________________________________________
*** CID 1297796: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/MDCache.h: 1191 in MDCache::hack_pick_random_inode()()
1185 public:
1186 void show_cache();
1187 void show_subtrees(int dbl=10);
1188
1189 CInode *hack_pick_random_inode() {
1190 assert(!inode_map.empty());
>>> CID 1297796: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1191 int n = rand() % inode_map.size();
1192 auto p = inode_map.begin();
1193 while (n--) ++p;
1194 return p->second;
1195 }
1196
** CID 1297802: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 1917 in Objecter::wait_for_osd_map()()
________________________________________________________________________________________________________
*** CID 1297802: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 1917 in Objecter::wait_for_osd_map()()
1911 Cond cond;
1912 bool done;
1913 lock.Lock();
1914 C_SafeCond *context = new C_SafeCond(&lock, &cond, &done, NULL);
1915 waiting_for_map[0].push_back(pair<Context*, int>(context, 0));
1916 l.unlock();
>>> CID 1297802: Program hangs (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
1917 while (!done)
1918 cond.Wait(lock);
1919 lock.Unlock();
1920 }
1921
1922 struct C_Objecter_GetVersion : public Context {
** CID 1297895: Incorrect expression (USELESS_CALL)
________________________________________________________________________________________________________
*** CID 1297895: Incorrect expression (USELESS_CALL)
/home/brad/working/src/ceph/src/mds/MDCache.cc: 5716 in MDCache::do_cap_import(Session *, CInode *, Capability *, unsigned long, unsigned int, unsigned int, int, int)()
5710 } else {
5711 dout(10) << "do_cap_import missing past snap parents, delaying " << session->info.inst.name << " mseq "
5712 << cap->get_mseq() << " on " << *in << dendl;
5713 in->auth_pin(this);
5714 cap->inc_suppress();
5715 delayed_imported_caps[client].insert(in);
>>> CID 1297895: Incorrect expression (USELESS_CALL)
>>> Calling "this->missing_snap_parents[in]->size()" is only useful for its return value, which is ignored.
5716 missing_snap_parents[in].size();
5717 }
5718 }
5719
5720 void MDCache::do_delayed_cap_imports()
5721 {
** CID 1313369: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/osd/OSD.cc: 3606 in OSD::clear_temp_objects()()
________________________________________________________________________________________________________
*** CID 1313369: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/osd/OSD.cc: 3606 in OSD::clear_temp_objects()()
3600 }
3601
3602 void OSD::clear_temp_objects()
3603 {
3604 dout(10) << __func__ << dendl;
3605 vector<coll_t> ls;
>>> CID 1313369: Error handling issues (CHECKED_RETURN)
>>> Calling "list_collections" without checking return value (as is done elsewhere 9 out of 11 times).
3606 store->list_collections(ls);
3607 for (vector<coll_t>::iterator p = ls.begin(); p != ls.end(); ++p) {
3608 spg_t pgid;
3609 if (!p->is_pg(&pgid))
3610 continue;
3611
** CID 1316228: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 606 in MDSRank::_dispatch(Message *, bool)()
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 615 in MDSRank::_dispatch(Message *, bool)()
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 640 in MDSRank::_dispatch(Message *, bool)()
________________________________________________________________________________________________________
*** CID 1316228: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 606 in MDSRank::_dispatch(Message *, bool)()
600 CInode *in = mdcache->hack_pick_random_inode();
601
602 list<CDir*> ls;
603 in->get_dirfrags(ls);
604 if (!ls.empty()) { // must be an open dir.
605 list<CDir*>::iterator p = ls.begin();
>>> CID 1316228: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
606 int n = rand() % ls.size();
607 while (n--)
608 ++p;
609 CDir *dir = *p;
610 if (!dir->get_parent_dir()) continue; // must be linked.
611 if (!dir->is_auth()) continue; // must be auth.
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 615 in MDSRank::_dispatch(Message *, bool)()
609 CDir *dir = *p;
610 if (!dir->get_parent_dir()) continue; // must be linked.
611 if (!dir->is_auth()) continue; // must be auth.
612
613 mds_rank_t dest;
614 do {
>>> CID 1316228: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
615 int k = rand() % s.size();
616 set<mds_rank_t>::iterator p = s.begin();
617 while (k--) ++p;
618 dest = *p;
619 } while (dest == whoami);
620 mdcache->migrator->export_dir_nicely(dir,dest);
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 640 in MDSRank::_dispatch(Message *, bool)()
634 if (ls.empty()) continue; // must be an open dir.
635 CDir *dir = ls.front();
636 if (!dir->get_parent_dir()) continue; // must be linked.
637 if (!dir->is_auth()) continue; // must be auth.
638 frag_t fg = dir->get_frag();
639 if (mdsmap->allows_dirfrags()) {
>>> CID 1316228: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
640 if ((fg == frag_t() || (rand() % (1 << fg.bits()) == 0))) {
641 mdcache->split_dir(dir, 1);
642 } else {
643 balancer->queue_merge(dir);
644 }
645 }
** CID 1316243: API usage errors (STREAM_FORMAT_STATE)
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 2382 in MDSRank::_command_dirfrag_get(const std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, std::vector<long, std::allocator<long>>, std::vector<double, std::allocator<double>>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::__cxx1
1::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allo
cator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, std::vector<long, std::allocator<long>>, std::vector<double, std::allocator<double>>>>>> &, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1316243: API usage errors (STREAM_FORMAT_STATE)
/home/brad/working/src/ceph/src/mds/MDSRank.cc: 2382 in MDSRank::_command_dirfrag_get(const std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, std::vector<long, std::allocator<long>>, std::vector<double, std::allocator<double>>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::__cxx1
1::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allo
cator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, std::vector<long, std::allocator<long>>, std::vector<double, std::allocator<double>>>>>> &, std::basic_ostream<char, std::char_traits<char>>&)()
2376 }
2377
2378 CDir *dir = in->get_dirfrag(fg);
2379 if (!dir) {
2380 ss << "frag 0x" << std::hex << in->ino() << "/" << fg << " not in cache ("
2381 "use `dirfrag ls` to see if it should exist)";
>>> CID 1316243: API usage errors (STREAM_FORMAT_STATE)
>>> Changing format state of stream "ss" for category basefield without later restoring it.
2382 return NULL;
2383 }
2384
2385 if (!dir->is_auth()) {
2386 ss << "frag " << dir->dirfrag() << " not auth (auth = "
2387 << dir->authority() << ")";
** CID 1322426: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1322426: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/tools/RadosDump.h: 311 in metadata_section::encode(ceph::buffer::list &) const()
305 missing(missing) {}
306 metadata_section()
307 : struct_ver(0),
308 map_epoch(0) { }
309
310 void encode(bufferlist& bl) const {
>>> CID 1322426: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
311 ENCODE_START(6, 6, bl);
312 ::encode(struct_ver, bl);
313 ::encode(map_epoch, bl);
314 ::encode(info, bl);
315 ::encode(log, bl);
316 ::encode(past_intervals, bl);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FvArpa8jgG32m9fJAAGhJmWRBU-2B7ohJQkqagyg2FmYgO3f0ismPYBrNT8JkMs7OePVeIgMsIY-2B2ghIecvO75iFy-2Fyu51pjUyrxFyAD65XADCROa0ktimYyVtovlwMCVDnicZHdUtcECAdPPk-2BEWn-2F3m4cpM58rd1fw16DSiFNzQi-2BQzCgLiEfZytLdVAMTiBU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FvArpa8jgG32m9fJAAGhJmWRBU-2B7ohJQkqagyg2FmYgNOtAH3V9ZBIOKgqBm4JITsXN5PSHRmYKxp9uoZKV7Dpjnb3YANzr2Vm2wmu-2BRw7zc8JJf6VMsDuMm-2FEYr1oBYw2FOIlrolHTv6UXf4kmG33wln-2F-2B-2FDz-2BHkH0krRMnmoOm2-2FnPB67Ts-2FlTbZJxLwepU-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-11-23 0:19 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-11-23 0:19 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
200 new defect(s) introduced to ceph found with Coverity Scan.
24 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 200 defect(s)
** CID 200825: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/ixgbe/base/ixgbe_common.c: 4655 in ixgbe_set_fw_drv_ver_generic()
________________________________________________________________________________________________________
*** CID 200825: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/ixgbe/base/ixgbe_common.c: 4655 in ixgbe_set_fw_drv_ver_generic()
4649 * semaphore or IXGBE_ERR_HOST_INTERFACE_COMMAND when command fails.
4650 **/
4651 s32 ixgbe_set_fw_drv_ver_generic(struct ixgbe_hw *hw, u8 maj, u8 min,
4652 u8 build, u8 sub, u16 len,
4653 const char *driver_ver)
4654 {
>>> CID 200825: Uninitialized variables (UNINIT)
>>> Declaring variable "fw_cmd" without initializer.
4655 struct ixgbe_hic_drv_info fw_cmd;
4656 int i;
4657 s32 ret_val = IXGBE_SUCCESS;
4658
4659 DEBUGFUNC("ixgbe_set_fw_drv_ver_generic");
4660 UNREFERENCED_2PARAMETER(len, driver_ver);
** CID 611045: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_vf.c: 494 in e1000_promisc_set_vf()
________________________________________________________________________________________________________
*** CID 611045: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_vf.c: 494 in e1000_promisc_set_vf()
488 switch (type) {
489 case e1000_promisc_multicast:
490 msgbuf |= E1000_VF_SET_PROMISC_MULTICAST;
491 break;
492 case e1000_promisc_enabled:
493 msgbuf |= E1000_VF_SET_PROMISC_MULTICAST;
>>> CID 611045: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
494 case e1000_promisc_unicast:
495 msgbuf |= E1000_VF_SET_PROMISC_UNICAST;
496 case e1000_promisc_disabled:
497 break;
498 default:
499 return -E1000_ERR_MAC_INIT;
** CID 1008498: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/spdk/lib/nvme/nvme_ctrlr.c: 698 in nvme_ctrlr_set_num_qpairs()
________________________________________________________________________________________________________
*** CID 1008498: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/spdk/lib/nvme/nvme_ctrlr.c: 698 in nvme_ctrlr_set_num_qpairs()
692 rc = nvme_ctrlr_cmd_set_num_queues(ctrlr, ctrlr->opts.num_io_queues,
693 nvme_completion_poll_cb, &status);
694 if (rc != 0) {
695 return rc;
696 }
697
>>> CID 1008498: Program hangs (INFINITE_LOOP)
>>> If "status.done == 0" is initially true then it will remain true.
698 while (status.done == false) {
699 spdk_nvme_qpair_process_completions(ctrlr->adminq, 0);
700 }
701 if (spdk_nvme_cpl_is_error(&status.cpl)) {
702 SPDK_ERRLOG("nvme_set_num_queues failed!\n");
703 return -ENXIO;
** CID 1008499: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/spdk/lib/nvme/nvme_ctrlr.c: 650 in nvme_ctrlr_identify()
________________________________________________________________________________________________________
*** CID 1008499: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/spdk/lib/nvme/nvme_ctrlr.c: 650 in nvme_ctrlr_identify()
644 rc = nvme_ctrlr_cmd_identify_controller(ctrlr, &ctrlr->cdata,
645 nvme_completion_poll_cb, &status);
646 if (rc != 0) {
647 return rc;
648 }
649
>>> CID 1008499: Program hangs (INFINITE_LOOP)
>>> If "status.done == 0" is initially true then it will remain true.
650 while (status.done == false) {
651 spdk_nvme_qpair_process_completions(ctrlr->adminq, 0);
652 }
653 if (spdk_nvme_cpl_is_error(&status.cpl)) {
654 SPDK_ERRLOG("nvme_identify_controller failed!\n");
655 return -ENXIO;
** CID 1107249: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/spdk/lib/nvme/nvme_ctrlr.c: 925 in nvme_ctrlr_configure_aer()
________________________________________________________________________________________________________
*** CID 1107249: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/spdk/lib/nvme/nvme_ctrlr.c: 925 in nvme_ctrlr_configure_aer()
919 state.bits.reserved = 0;
920 rc = nvme_ctrlr_cmd_set_async_event_config(ctrlr, state, nvme_completion_poll_cb, &status);
921 if (rc != 0) {
922 return rc;
923 }
924
>>> CID 1107249: Program hangs (INFINITE_LOOP)
>>> If "status.done == 0" is initially true then it will remain true.
925 while (status.done == false) {
926 spdk_nvme_qpair_process_completions(ctrlr->adminq, 0);
927 }
928 if (spdk_nvme_cpl_is_error(&status.cpl)) {
929 SPDK_ERRLOG("nvme_ctrlr_cmd_set_async_event_config failed!\n");
930 return 0;
** CID 1192229: Integer handling issues (BAD_SHIFT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_vf.c: 377 in e1000_hash_mc_addr_vf()
________________________________________________________________________________________________________
*** CID 1192229: Integer handling issues (BAD_SHIFT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_vf.c: 377 in e1000_hash_mc_addr_vf()
371 * The bit_shift is the number of left-shifts
372 * where 0xFF would still fall within the hash mask.
373 */
374 while (hash_mask >> bit_shift != 0xFF)
375 bit_shift++;
376
>>> CID 1192229: Integer handling issues (BAD_SHIFT)
>>> In expression "mc_addr[4] >> 8 - bit_shift", right shifting "mc_addr[4]" by more than 7 bits always yields zero. The shift amount, "8 - bit_shift", is 8.
377 hash_value = hash_mask & (((mc_addr[4] >> (8 - bit_shift)) |
378 (((u16) mc_addr[5]) << bit_shift)));
379
380 return hash_value;
381 }
382
** CID 1194315: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/sfc/base/efx_ev.c: 416 in efx_ev_qpoll()
________________________________________________________________________________________________________
*** CID 1194315: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/sfc/base/efx_ev.c: 416 in efx_ev_qpoll()
410 /* Read up until the end of the batch period */
411 batch = EFX_EV_BATCH - (count & (EFX_EV_BATCH - 1));
412 offset = (count & eep->ee_mask) * sizeof (efx_qword_t);
413 for (total = 0; total < batch; ++total) {
414 EFSYS_MEM_READQ(eep->ee_esmp, offset, &(ev[total]));
415
>>> CID 1194315: Uninitialized variables (UNINIT)
>>> Using uninitialized element of array "ev[total].eq_u64".
416 if (!EFX_EV_PRESENT(ev[total]))
417 break;
418
419 EFSYS_PROBE3(event, unsigned int, eep->ee_index,
420 uint32_t, EFX_QWORD_FIELD(ev[total], EFX_DWORD_1),
421 uint32_t, EFX_QWORD_FIELD(ev[total], EFX_DWORD_0));
** CID 1198913: Integer handling issues (BAD_SHIFT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_mac.c: 566 in e1000_hash_mc_addr_generic()
________________________________________________________________________________________________________
*** CID 1198913: Integer handling issues (BAD_SHIFT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_mac.c: 566 in e1000_hash_mc_addr_generic()
560 break;
561 case 3:
562 bit_shift += 4;
563 break;
564 }
565
>>> CID 1198913: Integer handling issues (BAD_SHIFT)
>>> In expression "mc_addr[4] >> 8 - bit_shift", right shifting "mc_addr[4]" by more than 7 bits always yields zero. The shift amount, "8 - bit_shift", is 8.
566 hash_value = hash_mask & (((mc_addr[4] >> (8 - bit_shift)) |
567 (((u16) mc_addr[5]) << bit_shift)));
568
569 return hash_value;
570 }
571
** CID 1226963: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_ich8lan.c: 999 in e1000_set_eee_pchlan()
________________________________________________________________________________________________________
*** CID 1226963: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_ich8lan.c: 999 in e1000_set_eee_pchlan()
993 ret_val = e1000_read_emi_reg_locked(hw, I82579_LPI_PLL_SHUT,
994 &data);
995 if (ret_val)
996 goto release;
997
998 data &= ~I82579_LPI_100_PLL_SHUT;
>>> CID 1226963: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "e1000_write_emi_reg_locked(hw, 17426, data)" to "ret_val" here, but that stored value is overwritten before it can be used.
999 ret_val = e1000_write_emi_reg_locked(hw, I82579_LPI_PLL_SHUT,
1000 data);
1001 }
1002
1003 /* R/Clr IEEE MMD 3.1 bits 11:10 - Tx/Rx LPI Received */
1004 ret_val = e1000_read_emi_reg_locked(hw, pcs_status, &data);
** CID 1234611: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/i40e/base/i40e_common.c: 336 in i40e_debug_aq()
________________________________________________________________________________________________________
*** CID 1234611: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/i40e/base/i40e_common.c: 336 in i40e_debug_aq()
330 {
331 struct i40e_aq_desc *aq_desc = (struct i40e_aq_desc *)desc;
332 u16 len = LE16_TO_CPU(aq_desc->datalen);
333 u8 *buf = (u8 *)buffer;
334 u16 i = 0;
335
>>> CID 1234611: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "desc" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
336 if ((!(mask & hw->debug_mask)) || (desc == NULL))
337 return;
338
339 i40e_debug(hw, mask,
340 "AQ CMD: opcode 0x%04X, flags 0x%04X, datalen 0x%04X, retval 0x%04X\n",
341 LE16_TO_CPU(aq_desc->opcode),
** CID 1237013: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/spdk/lib/iscsi/iscsi.c: 184 in arc4random()
/home/brad/working/src/ceph/src/spdk/lib/iscsi/iscsi.c: 185 in arc4random()
________________________________________________________________________________________________________
*** CID 1237013: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/spdk/lib/iscsi/iscsi.c: 184 in arc4random()
178 uint32_t r1, r2;
179
180 if (!spdk_arc4random_initialized) {
181 srandomdev();
182 spdk_arc4random_initialized = 1;
183 }
>>> CID 1237013: (DC.WEAK_CRYPTO)
>>> "random" should not be used for security related applications, as linear congruential algorithms are too easy to break.
184 r1 = (uint32_t)(random() & 0xffff);
185 r2 = (uint32_t)(random() & 0xffff);
186 r = (r1 << 16) | r2;
187 return r;
188 }
189 #endif /* HAVE_ARC4RANDOM */
/home/brad/working/src/ceph/src/spdk/lib/iscsi/iscsi.c: 185 in arc4random()
179
180 if (!spdk_arc4random_initialized) {
181 srandomdev();
182 spdk_arc4random_initialized = 1;
183 }
184 r1 = (uint32_t)(random() & 0xffff);
>>> CID 1237013: (DC.WEAK_CRYPTO)
>>> "random" should not be used for security related applications, as linear congruential algorithms are too easy to break.
185 r2 = (uint32_t)(random() & 0xffff);
186 r = (r1 << 16) | r2;
187 return r;
188 }
189 #endif /* HAVE_ARC4RANDOM */
190
** CID 1260045: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/cxgbe/base/t4_hw.c: 3497 in t4_bar2_sge_qregs()
________________________________________________________________________________________________________
*** CID 1260045: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/cxgbe/base/t4_hw.c: 3497 in t4_bar2_sge_qregs()
3491 /*
3492 * Calculate the basics of the BAR2 SGE Queue register area:
3493 * o The BAR2 page the Queue registers will be in.
3494 * o The BAR2 Queue ID.
3495 * o The BAR2 Queue ID Offset into the BAR2 page.
3496 */
>>> CID 1260045: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "(qid >> qpp_shift) << page_shift" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "u64" (64 bits, unsigned).
3497 bar2_page_offset = ((qid >> qpp_shift) << page_shift);
3498 bar2_qid = qid & qpp_mask;
3499 bar2_qid_offset = bar2_qid * SGE_UDB_SIZE;
3500
3501 /*
3502 * If the BAR2 Queue ID Offset is less than the Page Size, then the
** CID 1260094: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/ixgbe/base/ixgbe_x550.c: 3227 in ixgbe_read_ee_hostif_buffer_X550()
________________________________________________________________________________________________________
*** CID 1260094: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/ixgbe/base/ixgbe_x550.c: 3227 in ixgbe_read_ee_hostif_buffer_X550()
3221 * Reads a 16 bit word(s) from the EEPROM using the hostif.
3222 **/
3223 s32 ixgbe_read_ee_hostif_buffer_X550(struct ixgbe_hw *hw,
3224 u16 offset, u16 words, u16 *data)
3225 {
3226 const u32 mask = IXGBE_GSSR_SW_MNG_SM | IXGBE_GSSR_EEP_SM;
>>> CID 1260094: Uninitialized variables (UNINIT)
>>> Declaring variable "buffer" without initializer.
3227 struct ixgbe_hic_read_shadow_ram buffer;
3228 u32 current_word = 0;
3229 u16 words_to_read;
3230 s32 status;
3231 u32 i;
3232
** CID 1288953: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/ixgbe/base/ixgbe_82599.c: 2027 in ixgbe_fdir_add_perfect_filter_82599()
________________________________________________________________________________________________________
*** CID 1288953: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/ixgbe/base/ixgbe_82599.c: 2027 in ixgbe_fdir_add_perfect_filter_82599()
2021 case IXGBE_ATR_FLOW_TYPE_SCTPV4:
2022 case IXGBE_ATR_FLOW_TYPE_TUNNELED_SCTPV4:
2023 if (input->formatted.dst_port || input->formatted.src_port) {
2024 DEBUGOUT(" Error on src/dst port\n");
2025 return IXGBE_ERR_CONFIG;
2026 }
>>> CID 1288953: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2027 case IXGBE_ATR_FLOW_TYPE_TCPV4:
2028 case IXGBE_ATR_FLOW_TYPE_TUNNELED_TCPV4:
2029 case IXGBE_ATR_FLOW_TYPE_UDPV4:
2030 case IXGBE_ATR_FLOW_TYPE_TUNNELED_UDPV4:
2031 input_mask->formatted.flow_type = IXGBE_ATR_L4TYPE_IPV6_MASK |
2032 IXGBE_ATR_L4TYPE_MASK;
** CID 1296016: Incorrect expression (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_ich8lan.c: 4145 in e1000_update_nvm_checksum_spt()
________________________________________________________________________________________________________
*** CID 1296016: Incorrect expression (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_ich8lan.c: 4145 in e1000_update_nvm_checksum_spt()
4139
4140 /* And invalidate the previously valid segment by setting
4141 * its signature word (0x13) high_byte to 0b. This can be
4142 * done without an erase because flash erase sets all bits
4143 * to 1's. We can write 1's to 0's without an erase
4144 */
>>> CID 1296016: Incorrect expression (UNUSED_VALUE)
>>> Assigning value from "(old_bank_offset + 19U) * 2U + 1U" to "act_offset" here, but that stored value is overwritten before it can be used.
4145 act_offset = (old_bank_offset + E1000_ICH_NVM_SIG_WORD) * 2 + 1;
4146
4147 /* offset in words but we read dword*/
4148 act_offset = old_bank_offset + E1000_ICH_NVM_SIG_WORD - 1;
4149 ret_val = e1000_read_flash_dword_ich8lan(hw, act_offset, &dword);
4150
** CID 1304883: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_ich8lan.c: 2620 in e1000_hv_phy_workarounds_ich8lan()
________________________________________________________________________________________________________
*** CID 1304883: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_ich8lan.c: 2620 in e1000_hv_phy_workarounds_ich8lan()
2614 if (hw->phy.type == e1000_phy_82578) {
2615 /* Return registers to default by doing a soft reset then
2616 * writing 0x3140 to the control register.
2617 */
2618 if (hw->phy.revision < 2) {
2619 e1000_phy_sw_reset_generic(hw);
>>> CID 1304883: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "(*hw->phy.ops.write_reg)(hw, 0U, 12608)" to "ret_val" here, but that stored value is overwritten before it can be used.
2620 ret_val = hw->phy.ops.write_reg(hw, PHY_CONTROL,
2621 0x3140);
2622 }
2623 }
2624
2625 /* Select page 0 */
** CID 1304926: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_82543.c: 1233 in e1000_check_for_copper_link_82543()
________________________________________________________________________________________________________
*** CID 1304926: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/e1000/base/e1000_82543.c: 1233 in e1000_check_for_copper_link_82543()
1227 * interrupt state to its previous value except for the link
1228 * status change interrupt which will happened due to the
1229 * execution of this workaround.
1230 */
1231 if (mac->forced_speed_duplex & E1000_ALL_10_SPEED) {
1232 E1000_WRITE_REG(hw, E1000_IMC, 0xFFFFFFFF);
>>> CID 1304926: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "e1000_polarity_reversal_workaround_82543(hw)" to "ret_val" here, but that stored value is overwritten before it can be used.
1233 ret_val = e1000_polarity_reversal_workaround_82543(hw);
1234 icr = E1000_READ_REG(hw, E1000_ICR);
1235 E1000_WRITE_REG(hw, E1000_ICS, (icr & ~E1000_ICS_LSC));
1236 E1000_WRITE_REG(hw, E1000_IMS, IMS_ENABLE_MASK);
1237 }
1238
** CID 1349648: Control flow issues (UNREACHABLE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/sfc/base/efx_mon.c: 106 in efx_mon_init()
________________________________________________________________________________________________________
*** CID 1349648: Control flow issues (UNREACHABLE)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/sfc/base/efx_mon.c: 106 in efx_mon_init()
100 #endif
101 default:
102 rc = ENOTSUP;
103 goto fail2;
104 }
105
>>> CID 1349648: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "emp->em_emop = emop;".
106 emp->em_emop = emop;
107 return (0);
108
109 fail2:
110 EFSYS_PROBE(fail2);
111
** CID 1349672: Memory - illegal accesses (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________
*** CID 1349672: Memory - illegal accesses (INCOMPATIBLE_CAST)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/sfc/base/ef10_filter.c: 429 in ef10_filter_hash()
423
424 /*
425 * As the area of the efx_filter_spec_t we need to hash is DWORD
426 * aligned and an exact number of DWORDs in size we can use the
427 * optimised efx_hash_dwords() rather than efx_hash_bytes()
428 */
>>> CID 1349672: Memory - illegal accesses (INCOMPATIBLE_CAST)
>>> Pointer "&spec->efs_outer_vid" points to an object whose effective type is "unsigned short" (16 bits, unsigned) but is dereferenced as a wider "unsigned int" (32 bits, unsigned). This may lead to memory corruption.
429 return (efx_hash_dwords((const uint32_t *)&spec->efs_outer_vid,
430 (sizeof (efx_filter_spec_t) -
431 EFX_FIELD_OFFSET(efx_filter_spec_t, efs_outer_vid)) /
432 sizeof (uint32_t), 0));
433 }
434
** CID 1364784: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/qede/qede_rxtx.c: 495 in qede_update_rx_prod()
________________________________________________________________________________________________________
*** CID 1364784: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/spdk/dpdk/drivers/net/qede/qede_rxtx.c: 495 in qede_update_rx_prod()
489 /* Make sure that the BD and SGE data is updated before updating the
490 * producers since FW might read the BD/SGE right after the producer
491 * is updated.
492 */
493 rte_wmb();
494
>>> CID 1364784: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Taking address with "&rx_prods" yields a singleton pointer.
495 internal_ram_wr(rxq->hw_rxq_prod_addr, sizeof(rx_prods),
496 (uint32_t *)&rx_prods);
497
498 /* mmiowb is needed to synchronize doorbell writes from more than one
499 * processor. It guarantees that the write arrives to the device before
500 * the napi lock is released and another qede_poll is called (possibly
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EJnbTgmGI20h61Gmhr-2B3djZK7C-2BMZLryNGk-2FdDTdX-2BMTwtn8TTU-2BuZYFJjIL1jXwBLqBKJIgRp79YQI8zclVcSP9K6tHj-2BhKaOqtIYUbcUTykRQAJmUjWyFxEuaj6WztNSvJR91UZ6-2FLeqZhGBN4C6d5hHmPMfjF1MbGEDSTOKLsGF2We71rn7r1dzakErvKo-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EJnbTgmGI20h61Gmhr-2B3djZK7C-2BMZLryNGk-2FdDTdX-2BMfZvgbh1Z5PnO7m1UWL28GyahAicsdZkWdouYY0Myo8GRS9Mx3HTdYM2bQ8zPP5QfFGa8-2BzvT9CULCKMvRut2yPO-2F7Pla9-2F4at3wJjdknGz1-2BC-2Bnd9254ixLLWSt38SO3elS9oGIf9f0NjodqleFTBE-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-11-16 11:35 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-11-16 11:35 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
68 new defect(s) introduced to ceph found with Coverity Scan.
17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 68 defect(s)
** CID 1421246: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29004 in __pyx_pw_3rbd_5Image_129aio_read()
________________________________________________________________________________________________________
*** CID 1421246: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29004 in __pyx_pw_3rbd_5Image_129aio_read()
28998 }
28999 kw_args = PyDict_Size(__pyx_kwds);
29000 switch (pos_args) {
29001 case 0:
29002 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
29003 else goto __pyx_L5_argtuple_error;
>>> CID 1421246: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
29004 case 1:
29005 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
29006 else {
29007 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 1); __PYX_ERR(0, 2538, __pyx_L3_error)
29008 }
29009 case 2:
** CID 1421247: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/ceph_crypto.cc: 148 in main()
________________________________________________________________________________________________________
*** CID 1421247: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/ceph_crypto.cc: 148 in main()
142 #if GTEST_HAS_DEATH_TEST
143 TEST_F(ForkDeathTest, MD5) {
144 ASSERT_EXIT(do_simple_crypto(), ::testing::ExitedWithCode(0), "^$");
145 }
146 #endif //GTEST_HAS_DEATH_TEST
147
>>> CID 1421247: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
148 int main(int argc, char **argv) {
149 std::vector<const char*> args(argv, argv + argc);
150 env_to_vec(args);
151 auto cct = global_init(NULL, args,
152 CEPH_ENTITY_TYPE_CLIENT,
153 CODE_ENVIRONMENT_UTILITY,
** CID 1421248: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_authtool.cc: 53 in main()
________________________________________________________________________________________________________
*** CID 1421248: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_authtool.cc: 53 in main()
47 << " --caps CAPSFILE will set all of capabilities associated with a\n"
48 << " given key, for all subsystems"
49 << std::endl;
50 exit(1);
51 }
52
>>> CID 1421248: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
53 int main(int argc, const char **argv)
54 {
55 vector<const char*> args;
56 argv_to_vec(argc, argv, args);
57 env_to_vec(args);
58
** CID 1421249: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/random_write.cc: 153 in main()
________________________________________________________________________________________________________
*** CID 1421249: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/random_write.cc: 153 in main()
147 }
148 b.wait_for(0);
149 }
150
151 } // anonymous namespace
152
>>> CID 1421249: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
153 int main(int argc, const char **argv)
154 {
155 std::vector<const char*> args;
156 argv_to_vec(argc, argv, args);
157 env_to_vec(args);
158
** CID 1421250: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_conf.cc: 164 in main()
/home/brad/working/src/ceph/src/tools/ceph_conf.cc: 164 in main()
/home/brad/working/src/ceph/src/tools/ceph_conf.cc: 164 in main()
________________________________________________________________________________________________________
*** CID 1421250: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_conf.cc: 164 in main()
158 cerr << "format '" << format << "' not recognized." << std::endl;
159 usage();
160 return 1;
161 }
162 }
163
>>> CID 1421250: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
164 int main(int argc, const char **argv)
165 {
166 vector<const char*> args;
167 deque<std::string> sections;
168 bool resolve_search = false;
169 std::string action;
/home/brad/working/src/ceph/src/tools/ceph_conf.cc: 164 in main()
158 cerr << "format '" << format << "' not recognized." << std::endl;
159 usage();
160 return 1;
161 }
162 }
163
>>> CID 1421250: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
164 int main(int argc, const char **argv)
165 {
166 vector<const char*> args;
167 deque<std::string> sections;
168 bool resolve_search = false;
169 std::string action;
/home/brad/working/src/ceph/src/tools/ceph_conf.cc: 164 in main()
158 cerr << "format '" << format << "' not recognized." << std::endl;
159 usage();
160 return 1;
161 }
162 }
163
>>> CID 1421250: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
164 int main(int argc, const char **argv)
165 {
166 vector<const char*> args;
167 deque<std::string> sections;
168 bool resolve_search = false;
169 std::string action;
** CID 1421251: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 26567 in __pyx_pw_3rbd_5Image_109lock_shared()
________________________________________________________________________________________________________
*** CID 1421251: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 26567 in __pyx_pw_3rbd_5Image_109lock_shared()
26561 }
26562 kw_args = PyDict_Size(__pyx_kwds);
26563 switch (pos_args) {
26564 case 0:
26565 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
26566 else goto __pyx_L5_argtuple_error;
>>> CID 1421251: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
26567 case 1:
26568 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_tag)) != 0)) kw_args--;
26569 else {
26570 __Pyx_RaiseArgtupleInvalid("lock_shared", 1, 2, 2, 1); __PYX_ERR(0, 2370, __pyx_L3_error)
26571 }
26572 }
** CID 1421252: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29741 in __pyx_pw_3rbd_5Image_131aio_write()
________________________________________________________________________________________________________
*** CID 1421252: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29741 in __pyx_pw_3rbd_5Image_131aio_write()
29735 }
29736 case 2:
29737 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
29738 else {
29739 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 2); __PYX_ERR(0, 2593, __pyx_L3_error)
29740 }
>>> CID 1421252: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
29741 case 3:
29742 if (kw_args > 0) {
29743 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fadvise_flags);
29744 if (value) { values[3] = value; kw_args--; }
29745 }
29746 }
** CID 1421253: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_mutate.cc: 41 in main()
________________________________________________________________________________________________________
*** CID 1421253: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_mutate.cc: 41 in main()
35 static void usage(void)
36 {
37 cerr << "--oid set object id to 'operate' on" << std::endl;
38 cerr << "--pool set pool to 'operate' on" << std::endl;
39 }
40
>>> CID 1421253: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
41 int main(int argc, const char **argv)
42 {
43 int ret = 0;
44 vector<const char*> args;
45 argv_to_vec(argc, argv, args);
46 env_to_vec(args);
** CID 1421254: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_syn.cc: 39 in main()
________________________________________________________________________________________________________
*** CID 1421254: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_syn.cc: 39 in main()
33
34 #include <sys/types.h>
35 #include <fcntl.h>
36
37 extern int syn_filer_flags;
38
>>> CID 1421254: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
39 int main(int argc, const char **argv, char *envp[])
40 {
41 //cerr << "ceph-syn starting" << std::endl;
42 vector<const char*> args;
43 argv_to_vec(argc, argv, args);
44
** CID 1421255: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_nfsns.cc: 1110 in main()
________________________________________________________________________________________________________
*** CID 1421255: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_nfsns.cc: 1110 in main()
1104 }
1105
1106 TEST(LibRGW, SHUTDOWN) {
1107 librgw_shutdown(rgw_h);
1108 }
1109
>>> CID 1421255: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
1110 int main(int argc, char *argv[])
1111 {
1112 char *v{nullptr};
1113 string val;
1114 vector<const char*> args;
1115
** CID 1421256: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_aw.cc: 359 in main()
________________________________________________________________________________________________________
*** CID 1421256: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_aw.cc: 359 in main()
353 }
354
355 TEST(LibRGW, SHUTDOWN) {
356 librgw_shutdown(rgw);
357 }
358
>>> CID 1421256: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
359 int main(int argc, char *argv[])
360 {
361 char *v{nullptr};
362 string val;
363 vector<const char*> args;
364
** CID 1421257: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_token.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 1421257: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_token.cc: 60 in main()
54 << std::endl;
55 cout << "\t <token type> := ad | ldap" << std::endl;
56 cout << "\n";
57 generic_client_usage();
58 }
59
>>> CID 1421257: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
60 int main(int argc, char **argv)
61 {
62 std::string val;
63 vector<const char*> args;
64 argv_to_vec(argc, (const char **)argv, args);
65 env_to_vec(args);
** CID 1421258: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 88 in main()
________________________________________________________________________________________________________
*** CID 1421258: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/osdmaptool.cc: 88 in main()
82 if (r < 0) {
83 cerr << "error writing output: " << cpp_strerror(r) << std::endl;
84 exit(1);
85 }
86 }
87
>>> CID 1421258: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
88 int main(int argc, const char **argv)
89 {
90 vector<const char*> args;
91 argv_to_vec(argc, argv, args);
92 env_to_vec(args);
93
** CID 1421259: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
________________________________________________________________________________________________________
*** CID 1421259: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1421259: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1421260: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29731 in __pyx_pw_3rbd_5Image_131aio_write()
________________________________________________________________________________________________________
*** CID 1421260: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29731 in __pyx_pw_3rbd_5Image_131aio_write()
29725 }
29726 kw_args = PyDict_Size(__pyx_kwds);
29727 switch (pos_args) {
29728 case 0:
29729 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
29730 else goto __pyx_L5_argtuple_error;
>>> CID 1421260: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
29731 case 1:
29732 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
29733 else {
29734 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 1); __PYX_ERR(0, 2593, __pyx_L3_error)
29735 }
29736 case 2:
** CID 1421261: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/messenger/simple_server.cc: 35 in main()
________________________________________________________________________________________________________
*** CID 1421261: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/messenger/simple_server.cc: 35 in main()
29 #include "common/address_helper.h"
30 #include "simple_dispatcher.h"
31
32 #define dout_subsys ceph_subsys_simple_server
33
34
>>> CID 1421261: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
35 int main(int argc, const char **argv)
36 {
37 vector<const char*> args;
38 Messenger *messenger;
39 Dispatcher *dispatcher;
40 std::vector<const char*>::iterator arg_iter;
** CID 1421262: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/messenger/simple_client.cc: 48 in main()
________________________________________________________________________________________________________
*** CID 1421262: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/messenger/simple_client.cc: 48 in main()
42 " --msgs X\n"
43 " --dsize X\n"
44 ;
45 }
46
47
>>> CID 1421262: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
48 int main(int argc, const char **argv)
49 {
50 vector<const char*> args;
51 Messenger* messenger;
52 SimpleDispatcher *dispatcher;
53 std::vector<const char*>::iterator arg_iter;
** CID 1421263: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
________________________________________________________________________________________________________
*** CID 1421263: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1421263: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 env_to_vec(args);
36 argv_to_vec(argc, argv, args);
37
** CID 1421264: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file.cc: 241 in main()
________________________________________________________________________________________________________
*** CID 1421264: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file.cc: 241 in main()
235 }
236
237 TEST(LibRGW, SHUTDOWN) {
238 librgw_shutdown(rgw);
239 }
240
>>> CID 1421264: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
241 int main(int argc, char *argv[])
242 {
243 char *v{nullptr};
244 string val;
245 vector<const char*> args;
246
** CID 1421265: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/cephfs/cephfs-data-scan.cc: 11 in main()
________________________________________________________________________________________________________
*** CID 1421265: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/cephfs/cephfs-data-scan.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "DataScan.h"
9
10
>>> CID 1421265: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::out_of_range> >" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E0j-2FN8CctULgZy2RrAHjEqZmSoWrOeixNfRuq8H7eDNDULdzrTmjr2ShEAP-2F1kxV1qUeN12jlMD2Bo-2Bgls51n8gDcFArajccoJV52TbNC7TEDfQpDivNYJJIPQq7RBmiFwEfLInRswHm6kCExdXPd5IX2SLR-2Bzozs34Aa0SF-2Fj2MALav-2FClrlmXK7k15-2BV52E-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E0j-2FN8CctULgZy2RrAHjEqZmSoWrOeixNfRuq8H7eDNItC9jVBzs6SgHsgvIYltywTX6rGxNjRgxVa3vG3GC3T6o65wwVuJxRMKH2WxVTR6treM1JrVxZPRHTgS6ycTIxFugxNigpSLhH7s-2F6CqUx49L15Lf83nIBG4QoV81gp-2FQQlOhnPednO9tdU7hQb9XE-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-11-09 11:36 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-11-09 11:36 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
27 new defect(s) introduced to ceph found with Coverity Scan.
21 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 27 defect(s)
** CID 1420670: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 56 in librbd::deep_copy::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
________________________________________________________________________________________________________
*** CID 1420670: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 56 in librbd::deep_copy::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
50
51 namespace {
52
53 void scribble(librbd::ImageCtx *image_ctx, int num_ops, size_t max_size,
54 interval_set<uint64_t> *what)
55 {
>>> CID 1420670: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << image_ctx->order" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
56 uint64_t object_size = 1 << image_ctx->order;
57 for (int i = 0; i < num_ops; i++) {
58 uint64_t off = rand() % (object_size - max_size + 1);
59 uint64_t len = 1 + rand() % max_size;
60 std::cout << __func__ << ": off=" << off << ", len=" << len << std::endl;
61
** CID 1420671: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 771 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest_Remove_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420671: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 771 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest_Remove_Test::TestBody()()
765 interval_set<uint64_t> one;
766 scribble(m_src_image_ctx, 10, 102400, &one);
767 ASSERT_EQ(0, create_snap("one"));
768 ASSERT_EQ(0, create_snap("two"));
769
770 // remove the object
>>> CID 1420671: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << this->m_src_image_ctx->order" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
771 uint64_t object_size = 1 << m_src_image_ctx->order;
772 ASSERT_LE(0, m_src_image_ctx->io_work_queue->discard(0, object_size, m_src_image_ctx->skip_partial_discard));
773 ASSERT_EQ(0, create_snap("copy"));
774 librbd::MockTestImageCtx mock_src_image_ctx(*m_src_image_ctx);
775 librbd::MockTestImageCtx mock_dst_image_ctx(*m_dst_image_ctx);
776
** CID 1420672: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 58 in librbd::deep_copy::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 59 in librbd::deep_copy::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
________________________________________________________________________________________________________
*** CID 1420672: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 58 in librbd::deep_copy::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
52
53 void scribble(librbd::ImageCtx *image_ctx, int num_ops, size_t max_size,
54 interval_set<uint64_t> *what)
55 {
56 uint64_t object_size = 1 << image_ctx->order;
57 for (int i = 0; i < num_ops; i++) {
>>> CID 1420672: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
58 uint64_t off = rand() % (object_size - max_size + 1);
59 uint64_t len = 1 + rand() % max_size;
60 std::cout << __func__ << ": off=" << off << ", len=" << len << std::endl;
61
62 bufferlist bl;
63 bl.append(std::string(len, '1'));
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 59 in librbd::deep_copy::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
53 void scribble(librbd::ImageCtx *image_ctx, int num_ops, size_t max_size,
54 interval_set<uint64_t> *what)
55 {
56 uint64_t object_size = 1 << image_ctx->order;
57 for (int i = 0; i < num_ops; i++) {
58 uint64_t off = rand() % (object_size - max_size + 1);
>>> CID 1420672: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
59 uint64_t len = 1 + rand() % max_size;
60 std::cout << __func__ << ": off=" << off << ", len=" << len << std::endl;
61
62 bufferlist bl;
63 bl.append(std::string(len, '1'));
64
** CID 1420673: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 1036 in __event_prepare_filter_stack__librbd___deep_copy_enter()
________________________________________________________________________________________________________
*** CID 1420673: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 1036 in __event_prepare_filter_stack__librbd___deep_copy_enter()
1030 int, retval),
1031 TP_FIELDS(
1032 ctf_integer(int, retval, retval)
1033 )
1034 )
1035
>>> CID 1420673: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
1036 TRACEPOINT_EVENT(librbd, deep_copy_enter,
1037 TP_ARGS(
1038 void*, src_imagectx,
1039 const char*, src_name,
1040 const char*, src_snap_name,
1041 char, src_read_only,
** CID 1420674: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 306 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest::create_snap(const char *)()
________________________________________________________________________________________________________
*** CID 1420674: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 306 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest::create_snap(const char *)()
300 return r;
301 }
302
303 // collection of all existing snaps in dst image
304 SnapIds dst_snap_ids({dst_snap_id});
305 if (!m_snap_map.empty()) {
>>> CID 1420674: Memory - corruptions (MISMATCHED_ITERATOR)
>>> Using iterator "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second.end()" from "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second" with "dst_snap_ids".
306 dst_snap_ids.insert(dst_snap_ids.end(),
307 m_snap_map.rbegin()->second.begin(),
308 m_snap_map.rbegin()->second.end());
309 }
310 m_snap_map[src_snap_id] = dst_snap_ids;
311 m_src_snap_ids.push_back(src_snap_id);
** CID 1420675: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ImageCopyRequest.cc: 188 in librbd::deep_copy::TestMockDeepCopyImageCopyRequest::create_snap(const char *, unsigned long *)()
________________________________________________________________________________________________________
*** CID 1420675: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ImageCopyRequest.cc: 188 in librbd::deep_copy::TestMockDeepCopyImageCopyRequest::create_snap(const char *, unsigned long *)()
182 return r;
183 }
184
185 // collection of all existing snaps in dst image
186 SnapIds dst_snap_ids({dst_snap_id});
187 if (!m_snap_map.empty()) {
>>> CID 1420675: Memory - corruptions (MISMATCHED_ITERATOR)
>>> Using iterator "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second.begin()" from "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second" with "dst_snap_ids".
188 dst_snap_ids.insert(dst_snap_ids.end(),
189 m_snap_map.rbegin()->second.begin(),
190 m_snap_map.rbegin()->second.end());
191 }
192 m_snap_map[src_snap_id] = dst_snap_ids;
193 m_snap_seqs[src_snap_id] = dst_snap_id;
** CID 1420676: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/test_mock_DeepCopyRequest.cc: 82 in librbd::deep_copy::MetadataCopyRequest<librbd::<unnamed>::MockTestImageCtx>::MetadataCopyRequest()()
________________________________________________________________________________________________________
*** CID 1420676: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/test_mock_DeepCopyRequest.cc: 82 in librbd::deep_copy::MetadataCopyRequest<librbd::<unnamed>::MockTestImageCtx>::MetadataCopyRequest()()
76 s_instance->on_finish = on_finish;
77 return s_instance;
78 }
79
80 MetadataCopyRequest() {
81 s_instance = this;
>>> CID 1420676: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "on_finish" is not initialized in this constructor nor in any functions that it calls.
82 }
83
84 MOCK_METHOD0(send, void());
85 };
86
87 template <>
** CID 1420677: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 397 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 398 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 399 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420677: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 397 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
391 }
392
393 TEST_F(TestDeepCopy, Stress_StrippingSmallerDstObjSize)
394 {
395 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
396
>>> CID 1420677: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
397 uint64_t order = m_src_ictx->order - 1 - rand() % 2;
398 uint64_t stripe_unit = 1 << (order - rand() % 4);
399 uint64_t stripe_count = 2 + rand() % 14;
400 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
401 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
402 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
403
404 test_stress();
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 398 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
392
393 TEST_F(TestDeepCopy, Stress_StrippingSmallerDstObjSize)
394 {
395 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
396
397 uint64_t order = m_src_ictx->order - 1 - rand() % 2;
>>> CID 1420677: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
398 uint64_t stripe_unit = 1 << (order - rand() % 4);
399 uint64_t stripe_count = 2 + rand() % 14;
400 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
401 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
402 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
403
404 test_stress();
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 399 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
393 TEST_F(TestDeepCopy, Stress_StrippingSmallerDstObjSize)
394 {
395 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
396
397 uint64_t order = m_src_ictx->order - 1 - rand() % 2;
398 uint64_t stripe_unit = 1 << (order - rand() % 4);
>>> CID 1420677: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
399 uint64_t stripe_count = 2 + rand() % 14;
400 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
401 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
402 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
403
404 test_stress();
** CID 1420678: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 398 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420678: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 398 in TestDeepCopy_Stress_StrippingSmallerDstObjSize_Test::TestBody()()
392
393 TEST_F(TestDeepCopy, Stress_StrippingSmallerDstObjSize)
394 {
395 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
396
397 uint64_t order = m_src_ictx->order - 1 - rand() % 2;
>>> CID 1420678: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << order - rand() % 4" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
398 uint64_t stripe_unit = 1 << (order - rand() % 4);
399 uint64_t stripe_count = 2 + rand() % 14;
400 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
401 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
402 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
403
404 test_stress();
** CID 1420679: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 384 in TestDeepCopy_Snaps_StrippingSmallerDstObjSize_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420679: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 384 in TestDeepCopy_Snaps_StrippingSmallerDstObjSize_Test::TestBody()()
378
379 TEST_F(TestDeepCopy, Snaps_StrippingSmallerDstObjSize)
380 {
381 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
382
383 uint64_t order = m_src_ictx->order - 1;
>>> CID 1420679: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << order - 2UL" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
384 uint64_t stripe_unit = 1 << (order - 2);
385 uint64_t stripe_count = 4;
386 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
387 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
388 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
389
** CID 1420680: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/test_mock_DeepCopyRequest.cc: 54 in librbd::deep_copy::ImageCopyRequest<librbd::<unnamed>::MockTestImageCtx>::ImageCopyRequest()()
________________________________________________________________________________________________________
*** CID 1420680: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/test_mock_DeepCopyRequest.cc: 54 in librbd::deep_copy::ImageCopyRequest<librbd::<unnamed>::MockTestImageCtx>::ImageCopyRequest()()
48 s_instance->on_finish = on_finish;
49 return s_instance;
50 }
51
52 ImageCopyRequest() {
53 s_instance = this;
>>> CID 1420680: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "on_finish" is not initialized in this constructor nor in any functions that it calls.
54 }
55
56 void put() {
57 }
58
59 void get() {
** CID 1420681: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 342 in TestDeepCopy_Snaps_StrippingLargerDstObjSize_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420681: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 342 in TestDeepCopy_Snaps_StrippingLargerDstObjSize_Test::TestBody()()
336
337 TEST_F(TestDeepCopy, Snaps_StrippingLargerDstObjSize)
338 {
339 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
340
341 uint64_t order = m_src_ictx->order + 1;
>>> CID 1420681: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << order - 2UL" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
342 uint64_t stripe_unit = 1 << (order - 2);
343 uint64_t stripe_count = 4;
344 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
345 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
346 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
347
** CID 1420682: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 355 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 356 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 357 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420682: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 355 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
349 }
350
351 TEST_F(TestDeepCopy, Stress_StrippingLargerDstObjSize)
352 {
353 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
354
>>> CID 1420682: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
355 uint64_t order = m_src_ictx->order + 1 + rand() % 2;
356 uint64_t stripe_unit = 1 << (order - rand() % 4);
357 uint64_t stripe_count = 2 + rand() % 14;
358 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
359 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
360 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 356 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
350
351 TEST_F(TestDeepCopy, Stress_StrippingLargerDstObjSize)
352 {
353 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
354
355 uint64_t order = m_src_ictx->order + 1 + rand() % 2;
>>> CID 1420682: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
356 uint64_t stripe_unit = 1 << (order - rand() % 4);
357 uint64_t stripe_count = 2 + rand() % 14;
358 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
359 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
360 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
361
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 357 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
351 TEST_F(TestDeepCopy, Stress_StrippingLargerDstObjSize)
352 {
353 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
354
355 uint64_t order = m_src_ictx->order + 1 + rand() % 2;
356 uint64_t stripe_unit = 1 << (order - rand() % 4);
>>> CID 1420682: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
357 uint64_t stripe_count = 2 + rand() % 14;
358 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
359 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
360 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
361
362 test_stress();
** CID 1420683: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 315 in TestDeepCopy_Stress_SmallerDstObjSize_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420683: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 315 in TestDeepCopy_Stress_SmallerDstObjSize_Test::TestBody()()
309
310 test_snaps();
311 }
312
313 TEST_F(TestDeepCopy, Stress_SmallerDstObjSize)
314 {
>>> CID 1420683: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
315 uint64_t order = m_src_ictx->order - 1 - rand() % 2;
316 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
317 uint64_t stripe_unit = m_src_ictx->stripe_unit >> 2;
318 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
319
320 test_stress();
** CID 1420684: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/test_mock_DeepCopyRequest.cc: 126 in librbd::deep_copy::SnapshotCopyRequest<librbd::<unnamed>::MockTestImageCtx>::SnapshotCopyRequest()()
________________________________________________________________________________________________________
*** CID 1420684: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/test_mock_DeepCopyRequest.cc: 126 in librbd::deep_copy::SnapshotCopyRequest<librbd::<unnamed>::MockTestImageCtx>::SnapshotCopyRequest()()
120 s_instance->on_finish = on_finish;
121 return s_instance;
122 }
123
124 SnapshotCopyRequest() {
125 s_instance = this;
>>> CID 1420684: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "on_finish" is not initialized in this constructor nor in any functions that it calls.
126 }
127
128 void put() {
129 }
130
131 void get() {
** CID 1420685: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ImageCopyRequest.cc: 188 in librbd::deep_copy::TestMockDeepCopyImageCopyRequest::create_snap(const char *, unsigned long *)()
________________________________________________________________________________________________________
*** CID 1420685: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ImageCopyRequest.cc: 188 in librbd::deep_copy::TestMockDeepCopyImageCopyRequest::create_snap(const char *, unsigned long *)()
182 return r;
183 }
184
185 // collection of all existing snaps in dst image
186 SnapIds dst_snap_ids({dst_snap_id});
187 if (!m_snap_map.empty()) {
>>> CID 1420685: Memory - corruptions (MISMATCHED_ITERATOR)
>>> Using iterator "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second.end()" from "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second" with "dst_snap_ids".
188 dst_snap_ids.insert(dst_snap_ids.end(),
189 m_snap_map.rbegin()->second.begin(),
190 m_snap_map.rbegin()->second.end());
191 }
192 m_snap_map[src_snap_id] = dst_snap_ids;
193 m_snap_seqs[src_snap_id] = dst_snap_id;
** CID 1420686: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 718 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest_Trim_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420686: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 718 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest_Trim_Test::TestBody()()
712 // scribble some data
713 interval_set<uint64_t> one;
714 scribble(m_src_image_ctx, 10, 102400, &one);
715 ASSERT_EQ(0, create_snap("one"));
716
717 // trim the object
>>> CID 1420686: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
718 uint64_t trim_offset = rand() % one.range_end();
719 ASSERT_LE(0, m_src_image_ctx->io_work_queue->discard(
720 trim_offset, one.range_end() - trim_offset, m_src_image_ctx->skip_partial_discard));
721 ASSERT_EQ(0, create_snap("copy"));
722
723 librbd::MockTestImageCtx mock_src_image_ctx(*m_src_image_ctx);
** CID 1420687: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 356 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420687: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 356 in TestDeepCopy_Stress_StrippingLargerDstObjSize_Test::TestBody()()
350
351 TEST_F(TestDeepCopy, Stress_StrippingLargerDstObjSize)
352 {
353 REQUIRE_FEATURE(RBD_FEATURE_STRIPINGV2);
354
355 uint64_t order = m_src_ictx->order + 1 + rand() % 2;
>>> CID 1420687: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << order - rand() % 4" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
356 uint64_t stripe_unit = 1 << (order - rand() % 4);
357 uint64_t stripe_count = 2 + rand() % 14;
358 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_ORDER, order));
359 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit));
360 ASSERT_EQ(0, m_opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count));
361
** CID 1420688: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 306 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest::create_snap(const char *)()
________________________________________________________________________________________________________
*** CID 1420688: Memory - corruptions (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/test/librbd/deep_copy/test_mock_ObjectCopyRequest.cc: 306 in librbd::deep_copy::TestMockDeepCopyObjectCopyRequest::create_snap(const char *)()
300 return r;
301 }
302
303 // collection of all existing snaps in dst image
304 SnapIds dst_snap_ids({dst_snap_id});
305 if (!m_snap_map.empty()) {
>>> CID 1420688: Memory - corruptions (MISMATCHED_ITERATOR)
>>> Using iterator "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second.begin()" from "std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long> >, std::less<unsigned long>, std::allocator<std::pair<unsigned long const, std::vector<unsigned long, std::allocator<unsigned long> > > > >::reverse_iterator(this->m_snap_map.rbegin())->second" with "dst_snap_ids".
306 dst_snap_ids.insert(dst_snap_ids.end(),
307 m_snap_map.rbegin()->second.begin(),
308 m_snap_map.rbegin()->second.end());
309 }
310 m_snap_map[src_snap_id] = dst_snap_ids;
311 m_src_snap_ids.push_back(src_snap_id);
** CID 1420689: (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 198 in TestDeepCopy::test_stress()()
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 199 in TestDeepCopy::test_stress()()
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 187 in TestDeepCopy::test_stress()()
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 194 in TestDeepCopy::test_stress()()
________________________________________________________________________________________________________
*** CID 1420689: (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 198 in TestDeepCopy::test_stress()()
192 c = getenv("TEST_RBD_DEEPCOPY_STRESS_NWRITES");
193 if (c != NULL) {
194 std::stringstream ss(c);
195 ASSERT_TRUE(ss >> nwrites);
196 }
197
>>> CID 1420689: (TAINTED_SCALAR)
>>> Using tainted variable "nsnaps" as a loop boundary.
198 for (int i = 0; i < nsnaps; i++) {
199 for (int j = 0; j < nwrites; j++) {
200 size_t len = rand() % ((1 << m_src_ictx->order) * 2);
201 ASSERT_GT(size, len);
202 bufferlist bl;
203 bl.append(std::string(len, static_cast<char>('A' + i)));
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 199 in TestDeepCopy::test_stress()()
193 if (c != NULL) {
194 std::stringstream ss(c);
195 ASSERT_TRUE(ss >> nwrites);
196 }
197
198 for (int i = 0; i < nsnaps; i++) {
>>> CID 1420689: (TAINTED_SCALAR)
>>> Using tainted variable "nwrites" as a loop boundary.
199 for (int j = 0; j < nwrites; j++) {
200 size_t len = rand() % ((1 << m_src_ictx->order) * 2);
201 ASSERT_GT(size, len);
202 bufferlist bl;
203 bl.append(std::string(len, static_cast<char>('A' + i)));
204 uint64_t off = std::min(static_cast<uint64_t>(rand() % size),
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 187 in TestDeepCopy::test_stress()()
181 size = initial_size = m_src_ictx->get_image_size(CEPH_NOSNAP);
182 }
183
184 int nsnaps = 4;
185 const char *c = getenv("TEST_RBD_DEEPCOPY_STRESS_NSNAPS");
186 if (c != NULL) {
>>> CID 1420689: (TAINTED_SCALAR)
>>> Call to function "basic_string" with tainted argument "c" transitively taints "<temporary>". [Note: The source code implementation of the function has been overridden by a builtin model.]
187 std::stringstream ss(c);
188 ASSERT_TRUE(ss >> nsnaps);
189 }
190
191 int nwrites = 4;
192 c = getenv("TEST_RBD_DEEPCOPY_STRESS_NWRITES");
/home/brad/working/src/ceph/src/test/librbd/test_DeepCopy.cc: 194 in TestDeepCopy::test_stress()()
188 ASSERT_TRUE(ss >> nsnaps);
189 }
190
191 int nwrites = 4;
192 c = getenv("TEST_RBD_DEEPCOPY_STRESS_NWRITES");
193 if (c != NULL) {
>>> CID 1420689: (TAINTED_SCALAR)
>>> Call to function "basic_string" with tainted argument "c" transitively taints "<temporary>". [Note: The source code implementation of the function has been overridden by a builtin model.]
194 std::stringstream ss(c);
195 ASSERT_TRUE(ss >> nwrites);
196 }
197
198 for (int i = 0; i < nsnaps; i++) {
199 for (int j = 0; j < nwrites; j++) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E-2BDmhxL2X5vfGFRmxrHDORz2WmRgVkXxt4TRjbyA-2BA9vC1CZ5ojylUUXxogO-2BPzmlO8mwlFH5sc4E-2B3Dm39KoaDsfBj6kW2zdX3pJRKrML7KPiqWtvGEdOJcenAmrAnLO3f0DUy8gXwixB9L3ti6laEe7nqQlcGtH1JQWx-2FEXWWg9-2FYy0l30FQ2frmEhKoGkA-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E-2BDmhxL2X5vfGFRmxrHDORz2WmRgVkXxt4TRjbyA-2BA9s0FKCpP1blYdyDIACPvyCExDCDuyeNJo8LWkbm9KxpFNjWr5ssLdWGkTnsc1F5SpnT8Msqne0rAPmAjP7BSthIyUdbmFhZ24xo6Ya2RKZ9crgwyLFDqygpDntEZ7s-2Fqlwocroku0npHkAPT83kIU4o-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-11-02 2:11 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-11-02 2:11 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1322385: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/test/librados/tier.cc: 2210 in start_flush_read()()
________________________________________________________________________________________________________
*** CID 1322385: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/test/librados/tier.cc: 2210 in start_flush_read()()
2204 {
2205 //cout << " starting read" << std::endl;
2206 ObjectReadOperation op;
2207 op.stat(NULL, NULL, NULL);
2208 librados::AioCompletion *completion = completions.getCompletion();
2209 completion->set_complete_callback(0, flush_read_race_cb);
>>> CID 1322385: Error handling issues (CHECKED_RETURN)
>>> Calling "aio_operate" without checking return value (as is done elsewhere 61 out of 76 times).
2210 read_ioctx->aio_operate("foo", completion, &op, NULL);
2211 }
2212
2213 void flush_read_race_cb(completion_t cb, void *arg)
2214 {
2215 //cout << " finished read" << std::endl;
** CID 1420533: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/rbd_mirror/image_sync/test_mock_ObjectCopyRequest.cc: 59 in rbd::mirror::image_sync::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
/home/brad/working/src/ceph/src/test/rbd_mirror/image_sync/test_mock_ObjectCopyRequest.cc: 60 in rbd::mirror::image_sync::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
________________________________________________________________________________________________________
*** CID 1420533: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/rbd_mirror/image_sync/test_mock_ObjectCopyRequest.cc: 59 in rbd::mirror::image_sync::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
53
54 void scribble(librbd::ImageCtx *image_ctx, int num_ops, size_t max_size,
55 interval_set<uint64_t> *what)
56 {
57 uint64_t object_size = 1 << image_ctx->order;
58 for (int i=0; i<num_ops; i++) {
>>> CID 1420533: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
59 uint64_t off = rand() % (object_size - max_size + 1);
60 uint64_t len = 1 + rand() % max_size;
61
62 bufferlist bl;
63 bl.append(std::string(len, '1'));
64
/home/brad/working/src/ceph/src/test/rbd_mirror/image_sync/test_mock_ObjectCopyRequest.cc: 60 in rbd::mirror::image_sync::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
54 void scribble(librbd::ImageCtx *image_ctx, int num_ops, size_t max_size,
55 interval_set<uint64_t> *what)
56 {
57 uint64_t object_size = 1 << image_ctx->order;
58 for (int i=0; i<num_ops; i++) {
59 uint64_t off = rand() % (object_size - max_size + 1);
>>> CID 1420533: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
60 uint64_t len = 1 + rand() % max_size;
61
62 bufferlist bl;
63 bl.append(std::string(len, '1'));
64
65 int r = image_ctx->io_work_queue->write(off, len, std::move(bl), 0);
** CID 1420534: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/rbd_mirror/image_sync/test_mock_ObjectCopyRequest.cc: 57 in rbd::mirror::image_sync::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
________________________________________________________________________________________________________
*** CID 1420534: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/rbd_mirror/image_sync/test_mock_ObjectCopyRequest.cc: 57 in rbd::mirror::image_sync::<unnamed>::scribble(librbd::ImageCtx *, int, unsigned long, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
51
52 namespace {
53
54 void scribble(librbd::ImageCtx *image_ctx, int num_ops, size_t max_size,
55 interval_set<uint64_t> *what)
56 {
>>> CID 1420534: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << image_ctx->order" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
57 uint64_t object_size = 1 << image_ctx->order;
58 for (int i=0; i<num_ops; i++) {
59 uint64_t off = rand() % (object_size - max_size + 1);
60 uint64_t len = 1 + rand() % max_size;
61
62 bufferlist bl;
** CID 1420535: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3337 in scribble(librbd::Image &, int, int, bool, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3338 in scribble(librbd::Image &, int, int, bool, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3339 in scribble(librbd::Image &, int, int, bool, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
________________________________________________________________________________________________________
*** CID 1420535: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3337 in scribble(librbd::Image &, int, int, bool, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
3331 {
3332 uint64_t size;
3333 image.size(&size);
3334 interval_set<uint64_t> exists_at_start = *exists;
3335
3336 for (int i=0; i<n; i++) {
>>> CID 1420535: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3337 uint64_t off = rand() % (size - max + 1);
3338 uint64_t len = 1 + rand() % max;
3339 if (!skip_discard && rand() % 4 == 0) {
3340 ASSERT_EQ((int)len, image.discard(off, len));
3341 interval_set<uint64_t> w;
3342 w.insert(off, len);
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3338 in scribble(librbd::Image &, int, int, bool, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
3332 uint64_t size;
3333 image.size(&size);
3334 interval_set<uint64_t> exists_at_start = *exists;
3335
3336 for (int i=0; i<n; i++) {
3337 uint64_t off = rand() % (size - max + 1);
>>> CID 1420535: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3338 uint64_t len = 1 + rand() % max;
3339 if (!skip_discard && rand() % 4 == 0) {
3340 ASSERT_EQ((int)len, image.discard(off, len));
3341 interval_set<uint64_t> w;
3342 w.insert(off, len);
3343
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3339 in scribble(librbd::Image &, int, int, bool, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *, interval_set<unsigned long, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>>> *)()
3333 image.size(&size);
3334 interval_set<uint64_t> exists_at_start = *exists;
3335
3336 for (int i=0; i<n; i++) {
3337 uint64_t off = rand() % (size - max + 1);
3338 uint64_t len = 1 + rand() % max;
>>> CID 1420535: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3339 if (!skip_discard && rand() % 4 == 0) {
3340 ASSERT_EQ((int)len, image.discard(off, len));
3341 interval_set<uint64_t> w;
3342 w.insert(off, len);
3343
3344 // the zeroed bit no longer exists...
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HeCrD0Y0xkOU6LLITVBcFEFqYqLBS8hlnLxSJy2-2Bm832RFzT5wKhWaZI5NStxkqKm-2BlQQAscxS6kzKhDbumPkyGnnxMThiuZdv-2BIiSKVvKnNn3Fi7042Stusxgpz0ta9KFUiJi4RSRWnECmwQSl9jfc4eo1o9pyQskFmfqaP-2BWtbLmjm6wPL-2FW6fchHohYkNc-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HeCrD0Y0xkOU6LLITVBcFEFqYqLBS8hlnLxSJy2-2Bm837YtBikoQpRLd4ik-2B-2BR4QztMsBii3uiDdbr8Ix7BE9lbqlqdDiUFpUNjJBtA58LZPOuKx0upytuMSl3XWKLre-2BPBFT-2BETg598Dn6pUqjWFHb0AM2C3YYq-2FQNhUP3aMRbwDZCXwKDlbxRZxraCwYelnE-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-10-27 0:31 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-10-27 0:31 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
15 new defect(s) introduced to ceph found with Coverity Scan.
18 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 15 of 15 defect(s)
** CID 1420321: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 88 in StoreTool::StoreTool(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool)()
________________________________________________________________________________________________________
*** CID 1420321: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 88 in StoreTool::StoreTool(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool)()
82 cerr << "failed to open type " << type << " path " << path << ": "
83 << cpp_strerror(r) << std::endl;
84 exit(1);
85 }
86 db.reset(db_ptr);
87 }
>>> CID 1420321: Resource leaks (RESOURCE_LEAK)
>>> Variable "db_ptr" going out of scope leaks the storage it points to.
88 }
89 }
90
91 uint32_t traverse(const string &prefix,
92 const bool do_crc,
93 ostream *out) {
** CID 1420322: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_marker.cc: 421 in main()
________________________________________________________________________________________________________
*** CID 1420322: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_marker.cc: 421 in main()
415 }
416
417 TEST(LibRGW, SHUTDOWN) {
418 librgw_shutdown(rgw_h);
419 }
420
>>> CID 1420322: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::<unnamed>::ClassUniqueToAlwaysTrue" is thrown and never caught.
421 int main(int argc, char *argv[])
422 {
423 char *v{nullptr};
424 string val;
425 vector<const char*> args;
426
** CID 1420323: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/cover.c: 852 in COVER_tryParameters()
________________________________________________________________________________________________________
*** CID 1420323: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/cover.c: 852 in COVER_tryParameters()
846 BYTE *const dict = (BYTE * const)malloc(dictBufferCapacity);
847 U32 *freqs = (U32 *)malloc(ctx->suffixSize * sizeof(U32));
848 if (!COVER_map_init(&activeDmers, parameters.k - parameters.d + 1)) {
849 DISPLAYLEVEL(1, "Failed to allocate dmer map: out of memory\n");
850 goto _cleanup;
851 }
>>> CID 1420323: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "dict" to null implies that "dict" might be null.
852 if (!dict || !freqs) {
853 DISPLAYLEVEL(1, "Failed to allocate buffers: out of memory\n");
854 goto _cleanup;
855 }
856 /* Copy the frequencies because we need to modify them */
857 memcpy(freqs, ctx->freqs, ctx->suffixSize * sizeof(U32));
** CID 1420324: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/zstd/lib/decompress/zstd_decompress.c: 2085 in ZSTD_initDDict_internal()
________________________________________________________________________________________________________
*** CID 1420324: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/zstd/lib/decompress/zstd_decompress.c: 2085 in ZSTD_initDDict_internal()
2079
2080
2081 static size_t ZSTD_initDDict_internal(ZSTD_DDict* ddict, const void* dict, size_t dictSize, ZSTD_dictLoadMethod_e dictLoadMethod)
2082 {
2083 if ((dictLoadMethod == ZSTD_dlm_byRef) || (!dict) || (!dictSize)) {
2084 ddict->dictBuffer = NULL;
>>> CID 1420324: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "ddict->dictContent" = "dict".
2085 ddict->dictContent = dict;
2086 } else {
2087 void* const internalBuffer = ZSTD_malloc(dictSize, ddict->cMem);
2088 ddict->dictBuffer = internalBuffer;
2089 ddict->dictContent = internalBuffer;
2090 if (!internalBuffer) return ERROR(memory_allocation);
** CID 1420325: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/compressor/zstd/ZstdCompressor.h: 84 in ZstdCompressor::decompress(ceph::buffer::list::iterator &, unsigned long, ceph::buffer::list&)()
________________________________________________________________________________________________________
*** CID 1420325: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/compressor/zstd/ZstdCompressor.h: 84 in ZstdCompressor::decompress(ceph::buffer::list::iterator &, unsigned long, ceph::buffer::list&)()
78 outbuf.size = dstptr.length();
79 outbuf.pos = 0;
80 ZSTD_DStream *s = ZSTD_createDStream();
81 ZSTD_initDStream(s);
82 while (compressed_len > 0) {
83 if (p.end()) {
>>> CID 1420325: Resource leaks (RESOURCE_LEAK)
>>> Variable "s" going out of scope leaks the storage it points to.
84 return -1;
85 }
86 ZSTD_inBuffer_s inbuf;
87 inbuf.pos = 0;
88 inbuf.size = p.get_ptr_and_advance(compressed_len, (const char**)&inbuf.src);
89 ZSTD_decompressStream(s, &outbuf, &inbuf);
** CID 1420326: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstdmt_compress.c: 834 in ZSTDMT_initCStream_usingCDict()
________________________________________________________________________________________________________
*** CID 1420326: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstdmt_compress.c: 834 in ZSTDMT_initCStream_usingCDict()
828 ZSTD_frameParameters fParams,
829 unsigned long long pledgedSrcSize)
830 {
831 ZSTD_CCtx_params cctxParams = mtctx->params;
832 cctxParams.cParams = ZSTD_getCParamsFromCDict(cdict);
833 cctxParams.fParams = fParams;
>>> CID 1420326: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "cdict" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
834 if (cdict==NULL) return ERROR(dictionary_wrong); /* method incompatible with NULL cdict */
835 return ZSTDMT_initCStream_internal(mtctx, NULL, 0 /*dictSize*/, ZSTD_dm_auto, cdict,
836 cctxParams, pledgedSrcSize);
837 }
838
839
** CID 1420327: (OVERRUN)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_compress.c: 1366 in ZSTD_encodeSequences()
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_compress.c: 1398 in ZSTD_encodeSequences()
________________________________________________________________________________________________________
*** CID 1420327: (OVERRUN)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_compress.c: 1366 in ZSTD_encodeSequences()
1360 if (MEM_32bits()) BIT_flushBits(&blockStream);
1361 BIT_addBits(&blockStream, sequences[nbSeq-1].matchLength, ML_bits[mlCodeTable[nbSeq-1]]);
1362 if (MEM_32bits()) BIT_flushBits(&blockStream);
1363 if (longOffsets) {
1364 U32 const ofBits = ofCodeTable[nbSeq-1];
1365 int const extraBits = ofBits - MIN(ofBits, STREAM_ACCUMULATOR_MIN-1);
>>> CID 1420327: (OVERRUN)
>>> Checking "extraBits" implies that "extraBits" is 0 on the false branch.
1366 if (extraBits) {
1367 BIT_addBits(&blockStream, sequences[nbSeq-1].offset, extraBits);
1368 BIT_flushBits(&blockStream);
1369 }
1370 BIT_addBits(&blockStream, sequences[nbSeq-1].offset >> extraBits,
1371 ofBits - extraBits);
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_compress.c: 1398 in ZSTD_encodeSequences()
1392 BIT_addBits(&blockStream, sequences[n].litLength, llBits);
1393 if (MEM_32bits() && ((llBits+mlBits)>24)) BIT_flushBits(&blockStream);
1394 BIT_addBits(&blockStream, sequences[n].matchLength, mlBits);
1395 if (MEM_32bits() || (ofBits+mlBits+llBits > 56)) BIT_flushBits(&blockStream);
1396 if (longOffsets) {
1397 int const extraBits = ofBits - MIN(ofBits, STREAM_ACCUMULATOR_MIN-1);
>>> CID 1420327: (OVERRUN)
>>> Checking "extraBits" implies that "extraBits" is 0 on the false branch.
1398 if (extraBits) {
1399 BIT_addBits(&blockStream, sequences[n].offset, extraBits);
1400 BIT_flushBits(&blockStream); /* (7)*/
1401 }
1402 BIT_addBits(&blockStream, sequences[n].offset >> extraBits,
1403 ofBits - extraBits); /* 31 */
** CID 1420328: (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_log.cc: 360 in rgw_log_op(RGWRados *, RGWREST *, req_state *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, OpsLogSocket *)()
/home/brad/working/src/ceph/src/rgw/rgw_log.cc: 363 in rgw_log_op(RGWRados *, RGWREST *, req_state *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, OpsLogSocket *)()
/home/brad/working/src/ceph/src/rgw/rgw_log.cc: 372 in rgw_log_op(RGWRados *, RGWREST *, req_state *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, OpsLogSocket *)()
________________________________________________________________________________________________________
*** CID 1420328: (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_log.cc: 360 in rgw_log_op(RGWRados *, RGWREST *, req_state *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, OpsLogSocket *)()
354 // legacy apps are still using misspelling referer, such as curl -e option
355 if (s->info.env->exists("HTTP_REFERRER"))
356 set_param_str(s, "HTTP_REFERRER", entry.referrer);
357 else
358 set_param_str(s, "HTTP_REFERER", entry.referrer);
359
>>> CID 1420328: (FORWARD_NULL)
>>> Passing null pointer "s->info.env->get("REQUEST_METHOD", NULL)" to "basic_string", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
360 std::string uri(s->info.env->get("REQUEST_METHOD"));
361 uri.append(" ");
362
363 uri.append(s->info.env->get("REQUEST_URI"));
364 const char* qs = s->info.env->get("QUERY_STRING");
365 if(qs && (*qs != '\0')) {
/home/brad/working/src/ceph/src/rgw/rgw_log.cc: 363 in rgw_log_op(RGWRados *, RGWREST *, req_state *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, OpsLogSocket *)()
357 else
358 set_param_str(s, "HTTP_REFERER", entry.referrer);
359
360 std::string uri(s->info.env->get("REQUEST_METHOD"));
361 uri.append(" ");
362
>>> CID 1420328: (FORWARD_NULL)
>>> Passing null pointer "s->info.env->get("REQUEST_URI", NULL)" to "append", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
363 uri.append(s->info.env->get("REQUEST_URI"));
364 const char* qs = s->info.env->get("QUERY_STRING");
365 if(qs && (*qs != '\0')) {
366 uri.append("?");
367 uri.append(qs);
368 }
/home/brad/working/src/ceph/src/rgw/rgw_log.cc: 372 in rgw_log_op(RGWRados *, RGWREST *, req_state *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, OpsLogSocket *)()
366 uri.append("?");
367 uri.append(qs);
368 }
369
370 uri.append(" ");
371 uri.append("HTTP/");
>>> CID 1420328: (FORWARD_NULL)
>>> Passing null pointer "s->info.env->get("HTTP_VERSION", NULL)" to "append", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
372 uri.append(s->info.env->get("HTTP_VERSION"));
373
374 entry.uri = std::move(uri);
375
376 set_param_str(s, "REQUEST_METHOD", entry.op);
377
** CID 1420329: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/PGBackend.cc: 1043 in PGBackend::be_compare_scrubmaps(const std::map<pg_shard_t, ScrubMap *, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, ScrubMap *>>> &, const std::set<hobject_t, std::less<hobject_t>, std::allocator<hobject_t>> &, bool, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::__cxx11::li
st<pg_shard_t, std::allocator<pg_shard_t>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::__cxx11::list<pg_shard_t, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t
, std::pair<boost::optional<unsigned int>, boost::optional<unsigned int>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::pair<boost::optional<unsigned int>, boost::optional<unsigned int>>>>>&, int &, int &, Scrub::Store *, const spg_t &, const std::vector<int, std::allocator<int>> &, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1420329: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/PGBackend.cc: 1043 in PGBackend::be_compare_scrubmaps(const std::map<pg_shard_t, ScrubMap *, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, ScrubMap *>>> &, const std::set<hobject_t, std::less<hobject_t>, std::allocator<hobject_t>> &, bool, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::__cxx11::li
st<pg_shard_t, std::allocator<pg_shard_t>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::__cxx11::list<pg_shard_t, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t
, std::pair<boost::optional<unsigned int>, boost::optional<unsigned int>>, std::less<hobject_t>, std::allocator<std::pair<const hobject_t, std::pair<boost::optional<unsigned int>, boost::optional<unsigned int>>>>>&, int &, int &, Scrub::Store *, const spg_t &, const std::vector<int, std::allocator<int>> &, std::basic_ostream<char, std::char_traits<char>>&)()
1037 (!auth_oi.is_data_digest() || !auth_oi.is_omap_digest())) {
1038 dout(20) << __func__ << " missing digest on " << *k << dendl;
1039 update = MAYBE;
1040 }
1041 if (auth_object.digest_present && auth_object.omap_digest_present &&
1042 cct->_conf->osd_debug_scrub_chance_rewrite_digest &&
>>> CID 1420329: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1043 (((unsigned)rand() % 100) >
1044 cct->_conf->osd_debug_scrub_chance_rewrite_digest)) {
1045 dout(20) << __func__ << " randomly updating digest on " << *k << dendl;
1046 update = MAYBE;
1047 }
1048
** CID 1420330: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/zdict.c: 967 in ZDICT_trainFromBuffer_unsafe_legacy()
________________________________________________________________________________________________________
*** CID 1420330: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/zdict.c: 967 in ZDICT_trainFromBuffer_unsafe_legacy()
961 DISPLAYLEVEL(3, "list %u best segments \n", nb-1);
962 for (u=1; u<nb; u++) {
963 U32 const pos = dictList[u].pos;
964 U32 const length = dictList[u].length;
965 U32 const printedLength = MIN(40, length);
966 if ((pos > samplesBuffSize) || ((pos + length) > samplesBuffSize))
>>> CID 1420330: Resource leaks (RESOURCE_LEAK)
>>> Variable "dictList" going out of scope leaks the storage it points to.
967 return ERROR(GENERIC); /* should never happen */
968 DISPLAYLEVEL(3, "%3u:%3u bytes at pos %8u, savings %7u bytes |",
969 u, length, pos, dictList[u].savings);
970 ZDICT_printHex((const char*)samplesBuffer+pos, printedLength);
971 DISPLAYLEVEL(3, "| \n");
972 } }
** CID 1420331: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/librgw_file_marker.cc: 217 in LibRGW_MARKER1_SETUP_BUCKET_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1420331: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/librgw_file_marker.cc: 217 in LibRGW_MARKER1_SETUP_BUCKET_Test::TestBody()()
211 st.st_uid = owner_uid;
212 st.st_gid = owner_gid;
213 st.st_mode = 755;
214
215 (void) rgw_lookup(fs, fs->root_fh, bucket_name.c_str(), &bucket_fh,
216 RGW_LOOKUP_FLAG_NONE);
>>> CID 1420331: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "<unnamed>::bucket_fh" to null implies that "<unnamed>::bucket_fh" might be null.
217 if (! bucket_fh) {
218 if (do_create) {
219 struct stat st;
220
221 st.st_uid = owner_uid;
222 st.st_gid = owner_gid;
** CID 1420332: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/zstd/lib/decompress/zstd_decompress.c: 1415 in ZSTD_decompressBlock_internal()
________________________________________________________________________________________________________
*** CID 1420332: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/zstd/lib/decompress/zstd_decompress.c: 1415 in ZSTD_decompressBlock_internal()
1409 /* isLongOffset must be true if there are long offsets.
1410 * Offsets are long if they are larger than 2^STREAM_ACCUMULATOR_MIN.
1411 * We don't expect that to be the case in 64-bit mode.
1412 * If we are in block mode we don't know the window size, so we have to be
1413 * conservative.
1414 */
>>> CID 1420332: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "57" inside this statement: "isLongOffset = (ZSTD_longOf...".
1415 ZSTD_longOffset_e const isLongOffset = (ZSTD_longOffset_e)(MEM_32bits() && (!frame || dctx->fParams.windowSize > (1ULL << STREAM_ACCUMULATOR_MIN)));
1416 /* windowSize could be any value at this point, since it is only validated
1417 * in the streaming API.
1418 */
1419 DEBUGLOG(5, "ZSTD_decompressBlock_internal (size : %u)", (U32)srcSize);
1420
** CID 1420333: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_marker.cc: 421 in main()
________________________________________________________________________________________________________
*** CID 1420333: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librgw_file_marker.cc: 421 in main()
415 }
416
417 TEST(LibRGW, SHUTDOWN) {
418 librgw_shutdown(rgw_h);
419 }
420
>>> CID 1420333: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::GoogleTestFailureException" is thrown and never caught.
421 int main(int argc, char *argv[])
422 {
423 char *v{nullptr};
424 string val;
425 vector<const char*> args;
426
** CID 1420334: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1166 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, const std::vector<int, std::allocator<int>> &, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1420334: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1166 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, const std::vector<int, std::allocator<int>> &, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::basic_ostream<char, std::char_traits<char>>&)()
1160 !all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.is_incomplete() &&
1161 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >=
1162 auth_log_shard->second.log_tail) {
1163 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl;
1164 want[i] = acting[i];
1165 } else if (!restrict_to_up_acting) {
>>> CID 1420334: Control flow issues (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to "all_info_by_shard[shard_id_t(i)]->end()" from "all_info_by_shard[shard_id_t(i)]".
1166 for (set<pg_shard_t>::iterator j = all_info_by_shard[shard_id_t(i)].begin();
1167 j != all_info_by_shard[shard_id_t(i)].end();
1168 ++j) {
1169 assert(j->shard == i);
1170 if (!all_info.find(*j)->second.is_incomplete() &&
1171 all_info.find(*j)->second.last_update >=
** CID 1420335: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_compress.c: 890 in ZSTD_resetCCtx_internal()
________________________________________________________________________________________________________
*** CID 1420335: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_compress.c: 890 in ZSTD_resetCCtx_internal()
884
885 zc->workSpaceSize = 0;
886 ZSTD_free(zc->workSpace, zc->customMem);
887 zc->workSpace = ZSTD_malloc(neededSpace, zc->customMem);
888 if (zc->workSpace == NULL) return ERROR(memory_allocation);
889 zc->workSpaceSize = neededSpace;
>>> CID 1420335: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "zc->workSpace" to "ptr" here, but that stored value is overwritten before it can be used.
890 ptr = zc->workSpace;
891
892 /* entropy space */
893 assert(((size_t)zc->workSpace & 3) == 0); /* ensure correct alignment */
894 assert(zc->workSpaceSize >= sizeof(ZSTD_entropyCTables_t));
895 zc->entropy = (ZSTD_entropyCTables_t*)zc->workSpace;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gy1Hbdng86fSmZDL9jyxshdImPQ1FMiQYxMmP8DI4Txz7Y2fx1phrVnOJropkIhIZ1-2FOGbiEsEgwwF1m5W6-2FDacOyhDMwkSxAZVftCFlZGGJXh-2BWXbxHtDutzOkbJNSdaE5M9dCaR1Fc5eCxox2DOoXzpI7rcojbnoY0Eu-2FTfU2KzrHbUlx7lSPONYKptoonc-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gy1Hbdng86fSmZDL9jyxshdImPQ1FMiQYxMmP8DI4Tx0lIb1cj000l5U2W71KpZOKrvog3jBOKD-2FSLwGRctsQRAC7eSMh5NFUg-2FTNpEbiZravpq89wcQsrrQh6InKwQr5pSlemLwx2RVSzhYOKo2P69-2FhVs54jIEG1r-2F-2BUkyY8EY2pQJ7gaBYjABJsEpn55sg-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-10-19 3:54 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-10-19 3:54 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
13 new defect(s) introduced to ceph found with Coverity Scan.
46 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 13 of 13 defect(s)
** CID 1419851: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/db_iter.cc: 136 in rocksdb::DBIter::DBIter(rocksdb::Env *, const rocksdb::ReadOptions &, const rocksdb::ImmutableCFOptions &, const rocksdb::Comparator *, rocksdb::InternalIterator *, unsigned long, bool, unsigned long, rocksdb::ReadCallback *, bool)()
________________________________________________________________________________________________________
*** CID 1419851: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/db_iter.cc: 136 in rocksdb::DBIter::DBIter(rocksdb::Env *, const rocksdb::ReadOptions &, const rocksdb::ImmutableCFOptions &, const rocksdb::Comparator *, rocksdb::InternalIterator *, unsigned long, bool, unsigned long, rocksdb::ReadCallback *, bool)()
130 if (pin_thru_lifetime_) {
131 pinned_iters_mgr_.StartPinning();
132 }
133 if (iter_) {
134 iter_->SetPinnedItersMgr(&pinned_iters_mgr_);
135 }
>>> CID 1419851: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "is_blob_" is not initialized in this constructor nor in any functions that it calls.
136 }
137 virtual ~DBIter() {
138 // Release pinned data if any
139 if (pinned_iters_mgr_.PinningEnabled()) {
140 pinned_iters_mgr_.ReleasePinnedData();
141 }
** CID 1419852: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 276 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, rocksdb::EnvOptions, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, const rocksdb::SnapshotChecker *, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
________________________________________________________________________________________________________
*** CID 1419852: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 276 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, rocksdb::EnvOptions, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, const rocksdb::SnapshotChecker *, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
270 std::vector<SequenceNumber> existing_snapshots,
271 SequenceNumber earliest_write_conflict_snapshot,
272 const SnapshotChecker* snapshot_checker, std::shared_ptr<Cache> table_cache,
273 EventLogger* event_logger, bool paranoid_file_checks, bool measure_io_stats,
274 const std::string& dbname, CompactionJobStats* compaction_job_stats)
275 : job_id_(job_id),
>>> CID 1419852: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "compact_" of "rocksdb::CompactionJob" but the destructor and whatever functions it calls do not free it.
276 compact_(new CompactionState(compaction)),
277 compaction_job_stats_(compaction_job_stats),
278 compaction_stats_(1),
279 dbname_(dbname),
280 db_options_(db_options),
281 env_options_(env_options),
** CID 1419853: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/flush_job.cc: 93 in rocksdb::FlushJob::FlushJob(const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::ColumnFamilyData *, const rocksdb::ImmutableDBOptions &, const rocksdb::MutableCFOptions &, rocksdb::EnvOptions, rocksdb::VersionSet *, rocksdb::InstrumentedMutex *, std::atomic<bool> *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, rocksdb::SnapshotChecker *, rocksdb::JobContext *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::CompressionType, rocksdb::Statistics *, rocksdb::EventLogger *, bool)()
________________________________________________________________________________________________________
*** CID 1419853: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/flush_job.cc: 93 in rocksdb::FlushJob::FlushJob(const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::ColumnFamilyData *, const rocksdb::ImmutableDBOptions &, const rocksdb::MutableCFOptions &, rocksdb::EnvOptions, rocksdb::VersionSet *, rocksdb::InstrumentedMutex *, std::atomic<bool> *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, rocksdb::SnapshotChecker *, rocksdb::JobContext *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::CompressionType, rocksdb::Statistics *, rocksdb::EventLogger *, bool)()
87 event_logger_(event_logger),
88 measure_io_stats_(measure_io_stats),
89 pick_memtable_called(false) {
90 // Update the thread status to indicate flush.
91 ReportStartedFlush();
92 TEST_SYNC_POINT("FlushJob::FlushJob()");
>>> CID 1419853: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "base_" is not initialized in this constructor nor in any functions that it calls.
93 }
94
95 FlushJob::~FlushJob() {
96 ThreadStatusUtil::ResetThreadStatus();
97 }
98
** CID 1419854: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 399 in TestRawPipe_buffer_list_write_fd_zero_copy_Test::TestBody()()
/home/brad/working/src/ceph/src/test/bufferlist.cc: 403 in TestRawPipe_buffer_list_write_fd_zero_copy_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1419854: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 399 in TestRawPipe_buffer_list_write_fd_zero_copy_Test::TestBody()()
393 TEST_F(TestRawPipe, buffer_list_write_fd_zero_copy) {
394 ::unlink(FILENAME);
395 bufferlist bl;
396 EXPECT_EQ(0, bl.read_fd_zero_copy(fd, len));
397 EXPECT_TRUE(bl.can_zero_copy());
398 int out_fd = ::open(FILENAME, O_RDWR|O_CREAT|O_TRUNC, 0600);
>>> CID 1419854: (RESOURCE_LEAK)
>>> Handle variable "out_fd" going out of scope leaks the handle.
399 ASSERT_NE(-1, out_fd);
400 EXPECT_EQ(0, bl.write_fd_zero_copy(out_fd));
401 struct stat st;
402 memset(&st, 0, sizeof(st));
403 ASSERT_EQ(0, ::stat(FILENAME, &st));
404 EXPECT_EQ(len, st.st_size);
/home/brad/working/src/ceph/src/test/bufferlist.cc: 403 in TestRawPipe_buffer_list_write_fd_zero_copy_Test::TestBody()()
397 EXPECT_TRUE(bl.can_zero_copy());
398 int out_fd = ::open(FILENAME, O_RDWR|O_CREAT|O_TRUNC, 0600);
399 ASSERT_NE(-1, out_fd);
400 EXPECT_EQ(0, bl.write_fd_zero_copy(out_fd));
401 struct stat st;
402 memset(&st, 0, sizeof(st));
>>> CID 1419854: (RESOURCE_LEAK)
>>> Handle variable "out_fd" going out of scope leaks the handle.
403 ASSERT_EQ(0, ::stat(FILENAME, &st));
404 EXPECT_EQ(len, st.st_size);
405 char buf[len + 1];
406 EXPECT_EQ((int)len, safe_read(out_fd, buf, len + 1));
407 EXPECT_EQ(0, memcmp(buf, "ABC\n", len));
408 ::close(out_fd);
** CID 1419855: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 109 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, const rocksdb::SnapshotChecker *, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, std::unique_ptr<rocksdb::CompactionIterator::CompactionProxy, std::default_delete<rocksdb::CompactionIterator::CompactionProxy>>, const rocksdb::CompactionFilter *, rocksdb::CompactionEventListener *, const std::atomic<bool> *)()
________________________________________________________________________________________________________
*** CID 1419855: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 109 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, const rocksdb::SnapshotChecker *, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, std::unique_ptr<rocksdb::CompactionIterator::CompactionProxy, std::default_delete<rocksdb::CompactionIterator::CompactionProxy>>, const rocksdb::CompactionFilter *, rocksdb::CompactionEventListener *, const std::atomic<bool> *)()
103 ignore_snapshots_ = true;
104 }
105 } else {
106 ignore_snapshots_ = false;
107 }
108 input_->SetPinnedItersMgr(&pinned_iters_mgr_);
>>> CID 1419855: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "current_key_committed_" is not initialized in this constructor nor in any functions that it calls.
109 }
110
111 CompactionIterator::~CompactionIterator() {
112 // input_ Iteartor lifetime is longer than pinned_iters_mgr_ lifetime
113 input_->SetPinnedItersMgr(nullptr);
114 }
** CID 1419856: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 2601 in BufferList_write_fd_offset_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1419856: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 2601 in BufferList_write_fd_offset_Test::TestBody()()
2595 ::unlink(FILENAME);
2596 }
2597
2598 TEST(BufferList, write_fd_offset) {
2599 ::unlink(FILENAME);
2600 int fd = ::open(FILENAME, O_WRONLY|O_CREAT|O_TRUNC, 0600);
>>> CID 1419856: Resource leaks (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
2601 ASSERT_NE(-1, fd);
2602 bufferlist bl;
2603 for (unsigned i = 0; i < IOV_MAX * 2; i++) {
2604 bufferptr ptr("A", 1);
2605 bl.push_back(ptr);
2606 }
** CID 1419857: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/options/db_options.cc: 237 in rocksdb::MutableDBOptions::MutableDBOptions()()
________________________________________________________________________________________________________
*** CID 1419857: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/options/db_options.cc: 237 in rocksdb::MutableDBOptions::MutableDBOptions()()
231 max_background_compactions(-1),
232 avoid_flush_during_shutdown(false),
233 delayed_write_rate(2 * 1024U * 1024U),
234 max_total_wal_size(0),
235 delete_obsolete_files_period_micros(6ULL * 60 * 60 * 1000000),
236 stats_dump_period_sec(600),
>>> CID 1419857: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "wal_bytes_per_sync" is not initialized in this constructor nor in any functions that it calls.
237 max_open_files(-1) {}
238
239 MutableDBOptions::MutableDBOptions(const DBOptions& options)
240 : max_background_jobs(options.max_background_jobs),
241 base_background_compactions(options.base_background_compactions),
242 max_background_compactions(options.max_background_compactions),
** CID 1419858: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 2583 in BufferList_write_fd_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1419858: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 2583 in BufferList_write_fd_Test::TestBody()()
2577 ::unlink(FILENAME);
2578 }
2579
2580 TEST(BufferList, write_fd) {
2581 ::unlink(FILENAME);
2582 int fd = ::open(FILENAME, O_WRONLY|O_CREAT|O_TRUNC, 0600);
>>> CID 1419858: Resource leaks (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
2583 ASSERT_NE(-1, fd);
2584 bufferlist bl;
2585 for (unsigned i = 0; i < IOV_MAX * 2; i++) {
2586 bufferptr ptr("A", 1);
2587 bl.push_back(ptr);
2588 }
** CID 1419859: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 55 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, const rocksdb::SnapshotChecker *, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, const rocksdb::Compaction *, const rocksdb::CompactionFilter *, rocksdb::CompactionEventListener *, const std::atomic<bool> *)()
________________________________________________________________________________________________________
*** CID 1419859: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 55 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, const rocksdb::SnapshotChecker *, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, const rocksdb::Compaction *, const rocksdb::CompactionFilter *, rocksdb::CompactionEventListener *, const std::atomic<bool> *)()
49 : CompactionIterator(
50 input, cmp, merge_helper, last_sequence, snapshots,
51 earliest_write_conflict_snapshot, snapshot_checker, env,
52 expect_valid_internal_key, range_del_agg,
53 std::unique_ptr<CompactionProxy>(
54 compaction ? new CompactionProxy(compaction) : nullptr),
>>> CID 1419859: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "current_key_committed_" is not initialized in this constructor nor in any functions that it calls.
55 compaction_filter, compaction_listener, shutting_down) {}
56
57 CompactionIterator::CompactionIterator(
58 InternalIterator* input, const Comparator* cmp, MergeHelper* merge_helper,
59 SequenceNumber last_sequence, std::vector<SequenceNumber>* snapshots,
60 SequenceNumber earliest_write_conflict_snapshot,
** CID 1419860: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 2558 in BufferList_read_fd_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1419860: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/bufferlist.cc: 2558 in BufferList_read_fd_Test::TestBody()()
2552 snprintf(cmd, sizeof(cmd), "echo ABC > %s", FILENAME);
2553 EXPECT_EQ(0, ::system(cmd));
2554 int fd = -1;
2555 bufferlist bl;
2556 EXPECT_EQ(-EBADF, bl.read_fd(fd, len));
2557 fd = ::open(FILENAME, O_RDONLY);
>>> CID 1419860: Resource leaks (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
2558 ASSERT_NE(-1, fd);
2559 EXPECT_EQ(len, (unsigned)bl.read_fd(fd, len));
2560 //EXPECT_EQ(CEPH_BUFFER_APPEND_SIZE - len, bl.front().unused_tail_length());
2561 EXPECT_EQ(len, bl.length());
2562 ::close(fd);
2563 ::unlink(FILENAME);
** CID 1419861: Program hangs (SLEEP)
________________________________________________________________________________________________________
*** CID 1419861: Program hangs (SLEEP)
/home/brad/working/src/ceph/src/msg/async/AsyncConnection.cc: 2365 in AsyncConnection::DelayedDelivery::do_request(unsigned long)()
2359 m = delay_queue.front().second;
2360 string delay_msg_type = msgr->cct->_conf->ms_inject_delay_msg_type;
2361 utime_t now = ceph_clock_now();
2362 if ((release > now &&
2363 (delay_msg_type.empty() || m->get_type_name() == delay_msg_type))) {
2364 utime_t t = release - now;
>>> CID 1419861: Program hangs (SLEEP)
>>> Call to "sleep" might sleep while holding lock "this->delay_lock".
2365 t.sleep();
2366 }
2367 delay_queue.pop_front();
2368 }
2369 if (msgr->ms_can_fast_dispatch(m)) {
2370 dispatch_queue->fast_dispatch(m);
** CID 1419862: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/write_batch.cc: 940 in rocksdb::MemTableInserter::MemTableInserter(unsigned long, rocksdb::ColumnFamilyMemTables *, rocksdb::FlushScheduler *, bool, unsigned long, rocksdb::DB *, bool, bool *, bool)()
________________________________________________________________________________________________________
*** CID 1419862: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/write_batch.cc: 940 in rocksdb::MemTableInserter::MemTableInserter(unsigned long, rocksdb::ColumnFamilyMemTables *, rocksdb::FlushScheduler *, bool, unsigned long, rocksdb::DB *, bool, bool *, bool)()
934 seq_per_batch_(seq_per_batch),
935 // Write after commit currently uses one seq per key (instead of per
936 // batch). So seq_per_batch being false indicates write_after_commit
937 // approach.
938 write_after_commit_(!seq_per_batch) {
939 assert(cf_mems_);
>>> CID 1419862: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "rebuilding_trx_seq_" is not initialized in this constructor nor in any functions that it calls.
940 }
941
942 ~MemTableInserter() {
943 if (post_info_created_) {
944 reinterpret_cast<MemPostInfoMap*>
945 (&mem_post_info_map_)->~MemPostInfoMap();
** CID 1419863: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 304 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, rocksdb::EnvOptions, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, const rocksdb::SnapshotChecker *, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
________________________________________________________________________________________________________
*** CID 1419863: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 304 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, rocksdb::EnvOptions, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, const rocksdb::SnapshotChecker *, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
298 assert(log_buffer_ != nullptr);
299 const auto* cfd = compact_->compaction->column_family_data();
300 ThreadStatusUtil::SetColumnFamily(cfd, cfd->ioptions()->env,
301 db_options_.enable_thread_tracking);
302 ThreadStatusUtil::SetThreadOperation(ThreadStatus::OP_COMPACTION);
303 ReportStartedCompaction(compaction);
>>> CID 1419863: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "bottommost_level_" is not initialized in this constructor nor in any functions that it calls.
304 }
305
306 CompactionJob::~CompactionJob() {
307 assert(compact_ == nullptr);
308 ThreadStatusUtil::ResetThreadStatus();
309 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FFh10-2Fdq40-2FWwGIRvgJ7TlLS-2BzCkoP-2B9IdIBkJe92VJ1veYttNj8klI71oFxLvavCx0uov3kXkhI1AyrSWdLJv9k5AAtKbKM-2BiRB1ieGKg7btdOyyq-2FOgJNZM67lM-2BzWwOhQBD2HkpBVstDN3IrZqE1qI6M2IbxnDxFA5C8ZZbvz7GMHeDMp-2F3uF9gyfIIeww-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FFh10-2Fdq40-2FWwGIRvgJ7TlLS-2BzCkoP-2B9IdIBkJe92VJ8prbWzhKpt7jaAFGauPdv5fKXbonHjHe4du8Xynypzbsx-2F2NPNh2Bj0M7bDtrpnv-2FqneozwfUwlmeSB0Tv-2BojqrkO1d6yHof2L-2BeKTyM7HLC-2BvQvW73n1eKcp0YrqMGoFamb8P4xSc3O-2Bt60coZcBY-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-10-12 5:54 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-10-12 5:54 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
42 new defect(s) introduced to ceph found with Coverity Scan.
41 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 42 defect(s)
** CID 1316245: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/cephfs/cephfs-data-scan.cc: 11 in main()
________________________________________________________________________________________________________
*** CID 1316245: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/cephfs/cephfs-data-scan.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "DataScan.h"
9
10
>>> CID 1316245: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
** CID 1316246: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3588 in main()
________________________________________________________________________________________________________
*** CID 1316246: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3588 in main()
3582
3583 out:
3584 delete formatter;
3585 return (ret < 0) ? 1 : 0;
3586 }
3587
>>> CID 1316246: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
3588 int main(int argc, const char **argv)
3589 {
3590 vector<const char*> args;
3591 argv_to_vec(argc, argv, args);
3592 env_to_vec(args);
3593
** CID 1316247: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/scratchtoolpp.cc: 56 in main()
________________________________________________________________________________________________________
*** CID 1316247: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/scratchtoolpp.cc: 56 in main()
50 while ((c = getchar()) != EOF) {
51 if (c == '\n')
52 break;
53 }
54 }
55
>>> CID 1316247: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
56 int main(int argc, const char **argv)
57 {
58 Rados rados;
59 if (rados.init(NULL) < 0) {
60 cerr << "couldn't initialize rados!" << std::endl;
61 exit(1);
** CID 1316248: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
________________________________________________________________________________________________________
*** CID 1316248: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
547 } else {
548 err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
549 }
550 return err;
551 }
552
>>> CID 1316248: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
553 int main(int argc, const char** argv) {
554 KvStoreBench kvsb;
555 int err = kvsb.setup(argc, argv);
556 if (err == 0) cout << "setup successful" << std::endl;
557 else{
558 cout << "error " << err << std::endl;
** CID 1354457: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 728 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 727 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1354457: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 728 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
722 ioctx.unwatch2(handle);
723
724 std::cout << " flushing" << std::endl;
725 librados::AioCompletion *comp = cluster.aio_create_completion();
726 cluster.aio_watch_flush(comp);
727 ASSERT_EQ(0, comp->wait_for_complete());
>>> CID 1354457: (RESOURCE_LEAK)
>>> Variable "comp" going out of scope leaks the storage it points to.
728 ASSERT_EQ(0, comp->get_return_value());
729 std::cout << " flushed" << std::endl;
730 comp->release();
731 }
732
733 TEST_P(LibRadosWatchNotifyPP, WatchNotify3) {
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 727 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
721 ASSERT_GT(ioctx.watch_check(handle), 0);
722 ioctx.unwatch2(handle);
723
724 std::cout << " flushing" << std::endl;
725 librados::AioCompletion *comp = cluster.aio_create_completion();
726 cluster.aio_watch_flush(comp);
>>> CID 1354457: (RESOURCE_LEAK)
>>> Variable "comp" going out of scope leaks the storage it points to.
727 ASSERT_EQ(0, comp->wait_for_complete());
728 ASSERT_EQ(0, comp->get_return_value());
729 std::cout << " flushed" << std::endl;
730 comp->release();
731 }
732
** CID 1354459: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 689 in LibRadosWatchNotify_WatchNotify2Timeout_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1354459: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 689 in LibRadosWatchNotify_WatchNotify2Timeout_Test::TestBody()()
683 ASSERT_EQ(1u, notify_cookies.size());
684 ASSERT_GT(rados_watch_check(ioctx, handle), 0);
685
686 rados_unwatch2(ioctx, handle);
687
688 rados_completion_t comp;
>>> CID 1354459: Resource leaks (RESOURCE_LEAK)
>>> Variable "comp" going out of scope leaks the storage it points to.
689 ASSERT_EQ(0, rados_aio_create_completion(NULL, NULL, NULL, &comp));
690 rados_aio_watch_flush(cluster, comp);
691 ASSERT_EQ(0, rados_aio_wait_for_complete(comp));
692 ASSERT_EQ(0, rados_aio_get_return_value(comp));
693 rados_aio_release(comp);
694 rados_buffer_free(reply_buf);
** CID 1396032: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()
________________________________________________________________________________________________________
*** CID 1396032: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()
18 extern void register_test_object_map();
19 extern void register_test_operations();
20 extern void register_test_mirroring();
21 extern void register_test_mirroring_watcher();
22 #endif // TEST_LIBRBD_INTERNALS
23
>>> CID 1396032: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
24 int main(int argc, char **argv)
25 {
26 register_test_librbd();
27 #ifdef TEST_LIBRBD_INTERNALS
28 register_test_groups();
29 register_test_image_watcher();
** CID 1396041: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()
________________________________________________________________________________________________________
*** CID 1396041: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()
14 extern void register_test_instances();
15 extern void register_test_leader_watcher();
16 extern void register_test_pool_watcher();
17 extern void register_test_rbd_mirror();
18 extern void register_test_rbd_mirror_image_deleter();
19
>>> CID 1396041: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
20 int main(int argc, char **argv)
21 {
22 register_test_cluster_watcher();
23 register_test_image_sync();
24 register_test_instance_watcher();
25 register_test_instances();
** CID 1416366: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
________________________________________________________________________________________________________
*** CID 1416366: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1416366: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 env_to_vec(args);
36 argv_to_vec(argc, argv, args);
37
** CID 1419589: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1280 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
________________________________________________________________________________________________________
*** CID 1419589: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1280 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
1274 }
1275
1276 template <typename missing_type>
1277 static void read_log_and_missing(
1278 ObjectStore *store,
1279 coll_t pg_coll,
>>> CID 1419589: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter pgmeta_oid of type "ghobject_t" (size 144 bytes) by value.
1280 ghobject_t pgmeta_oid,
1281 const pg_info_t &info,
1282 IndexedLog &log,
1283 missing_type &missing,
1284 ostringstream &oss,
1285 bool tolerate_divergent_missing_log,
** CID 1419590: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 17416 in __pyx_pw_5rados_5Rados_59pg_command()
________________________________________________________________________________________________________
*** CID 1419590: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 17416 in __pyx_pw_5rados_5Rados_59pg_command()
17410 }
17411 kw_args = PyDict_Size(__pyx_kwds);
17412 switch (pos_args) {
17413 case 0:
17414 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_pgid)) != 0)) kw_args--;
17415 else goto __pyx_L5_argtuple_error;
>>> CID 1419590: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
17416 case 1:
17417 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cmd)) != 0)) kw_args--;
17418 else {
17419 __Pyx_RaiseArgtupleInvalid("pg_command", 0, 3, 4, 1); __PYX_ERR(0, 1368, __pyx_L3_error)
17420 }
17421 case 2:
** CID 1419591: Integer handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/os/bluestore/BlueRocksEnv.cc: 276 in BlueRocksWritableFile::Allocate(long, long)()
________________________________________________________________________________________________________
*** CID 1419591: Integer handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/os/bluestore/BlueRocksEnv.cc: 276 in BlueRocksWritableFile::Allocate(long, long)()
270 protected:
271 using rocksdb::WritableFile::Allocate;
272 /*
273 * Pre-allocate space for a file.
274 */
275 rocksdb::Status Allocate(off_t offset, off_t len) {
>>> CID 1419591: Integer handling issues (NEGATIVE_RETURNS)
>>> Assigning: signed variable "r" = "preallocate".
276 int r = fs->preallocate(h->file, offset, len);
277 return err_to_status(r);
278 }
279 };
280
281
** CID 1419592: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 15548 in __pyx_pw_5rados_5Rados_53mon_command()
________________________________________________________________________________________________________
*** CID 1419592: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 15548 in __pyx_pw_5rados_5Rados_53mon_command()
15542 }
15543 case 2:
15544 if (kw_args > 0) {
15545 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_timeout);
15546 if (value) { values[2] = value; kw_args--; }
15547 }
>>> CID 1419592: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
15548 case 3:
15549 if (kw_args > 0) {
15550 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_target);
15551 if (value) { values[3] = value; kw_args--; }
15552 }
15553 }
** CID 1419593: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 18463 in __pyx_pw_5rados_5Rados_65monitor_log()
________________________________________________________________________________________________________
*** CID 1419593: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 18463 in __pyx_pw_5rados_5Rados_65monitor_log()
18457 }
18458 kw_args = PyDict_Size(__pyx_kwds);
18459 switch (pos_args) {
18460 case 0:
18461 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_level)) != 0)) kw_args--;
18462 else goto __pyx_L5_argtuple_error;
>>> CID 1419593: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18463 case 1:
18464 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_callback)) != 0)) kw_args--;
18465 else {
18466 __Pyx_RaiseArgtupleInvalid("monitor_log", 1, 3, 3, 1); __PYX_ERR(0, 1440, __pyx_L3_error)
18467 }
18468 case 2:
** CID 1419594: Resource leaks (RESOURCE_LEAK)
/src/pybind/rados/rados.c: 16806 in __pyx_pf_5rados_5Rados_54osd_command()
________________________________________________________________________________________________________
*** CID 1419594: Resource leaks (RESOURCE_LEAK)
/src/pybind/rados/rados.c: 16806 in __pyx_pf_5rados_5Rados_54osd_command()
16800 __Pyx_XDECREF(__pyx_v_my_outs);
16801 __Pyx_XDECREF(__pyx_v_my_outbuf);
16802 __Pyx_XDECREF(__pyx_v_cmd);
16803 __Pyx_XDECREF(__pyx_v_inbuf);
16804 __Pyx_XGIVEREF(__pyx_r);
16805 __Pyx_RefNannyFinishContext();
>>> CID 1419594: Resource leaks (RESOURCE_LEAK)
>>> Variable "__pyx_v__cmd" going out of scope leaks the storage it points to.
16806 return __pyx_r;
16807 }
16808
16809 /* "rados.pyx":1327
16810 * free(_cmd)
16811 *
** CID 1419595: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 16734 in __pyx_pf_5rados_5Rados_54osd_command()
________________________________________________________________________________________________________
*** CID 1419595: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 16734 in __pyx_pf_5rados_5Rados_54osd_command()
16728 * return (ret, my_outbuf, my_outs)
16729 * finally:
16730 * free(_cmd) # <<<<<<<<<<<<<<
16731 *
16732 * def mgr_command(self, cmd, inbuf, timeout=0):
16733 */
>>> CID 1419595: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
PyThreadState *__...".
16734 /*finally:*/ {
16735 /*exception exit:*/{
16736 __Pyx_PyThreadState_declare
16737 __pyx_L4_error:;
16738 __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0;
16739 __Pyx_PyThreadState_assign
** CID 1419596: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 18179 in __pyx_pw_5rados_5Rados_63blacklist_add()
________________________________________________________________________________________________________
*** CID 1419596: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 18179 in __pyx_pw_5rados_5Rados_63blacklist_add()
18173 }
18174 kw_args = PyDict_Size(__pyx_kwds);
18175 switch (pos_args) {
18176 case 0:
18177 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_client_address)) != 0)) kw_args--;
18178 else goto __pyx_L5_argtuple_error;
>>> CID 1419596: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18179 case 1:
18180 if (kw_args > 0) {
18181 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_expire_seconds);
18182 if (value) { values[1] = value; kw_args--; }
18183 }
18184 }
** CID 1419597: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 17421 in __pyx_pw_5rados_5Rados_59pg_command()
________________________________________________________________________________________________________
*** CID 1419597: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 17421 in __pyx_pw_5rados_5Rados_59pg_command()
17415 else goto __pyx_L5_argtuple_error;
17416 case 1:
17417 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cmd)) != 0)) kw_args--;
17418 else {
17419 __Pyx_RaiseArgtupleInvalid("pg_command", 0, 3, 4, 1); __PYX_ERR(0, 1368, __pyx_L3_error)
17420 }
>>> CID 1419597: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
17421 case 2:
17422 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_inbuf)) != 0)) kw_args--;
17423 else {
17424 __Pyx_RaiseArgtupleInvalid("pg_command", 0, 3, 4, 2); __PYX_ERR(0, 1368, __pyx_L3_error)
17425 }
17426 case 3:
** CID 1419598: Resource leaks (RESOURCE_LEAK)
/src/pybind/rados/rados.c: 15495 in __pyx_pf_5rados_5Rados_50open_ioctx2()
________________________________________________________________________________________________________
*** CID 1419598: Resource leaks (RESOURCE_LEAK)
/src/pybind/rados/rados.c: 15495 in __pyx_pf_5rados_5Rados_50open_ioctx2()
15489 __Pyx_AddTraceback("rados.Rados.open_ioctx2", __pyx_clineno, __pyx_lineno, __pyx_filename);
15490 __pyx_r = NULL;
15491 __pyx_L0:;
15492 __Pyx_XDECREF((PyObject *)__pyx_v_io);
15493 __Pyx_XGIVEREF(__pyx_r);
15494 __Pyx_RefNannyFinishContext();
>>> CID 1419598: Resource leaks (RESOURCE_LEAK)
>>> Variable "__pyx_v_ioctx" going out of scope leaks the storage it points to.
15495 return __pyx_r;
15496 }
15497
15498 /* "rados.pyx":1227
15499 * return io
15500 *
** CID 1419599: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 17302 in __pyx_pf_5rados_5Rados_56mgr_command()
________________________________________________________________________________________________________
*** CID 1419599: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 17302 in __pyx_pf_5rados_5Rados_56mgr_command()
17296 * return (ret, my_outbuf, my_outs)
17297 * finally:
17298 * free(_cmd) # <<<<<<<<<<<<<<
17299 *
17300 * def pg_command(self, pgid, cmd, inbuf, timeout=0):
17301 */
>>> CID 1419599: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
PyThreadState *__...".
17302 /*finally:*/ {
17303 /*exception exit:*/{
17304 __Pyx_PyThreadState_declare
17305 __pyx_L4_error:;
17306 __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0;
17307 __Pyx_PyThreadState_assign
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FpQVpxf6iAfFYK9CqE8Bp8a6vktb-2BL-2FLohqNoNRJnz-2BwxxFcYe-2BvZ6uUBIH6-2FnU1Ys2ycENmvCoL5XAQA6gJunV8dHOcOQ17-2Fv1wJcNUBgJi7xMGp1kbucMloHJJtONUB7RuH6dmoqWuCOt1PfE40MjL-2BS4jZ-2FVJGuKzU34tvin9eHITLym8KVVzmggOcXGRg-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FpQVpxf6iAfFYK9CqE8Bp8a6vktb-2BL-2FLohqNoNRJnz-2B9uPnLuXej-2B7MQmcMDfBbSO5FDHDwLcqkZ-2FPMub3VWJFeLvNOn2c3KJ-2Fn-2Bet8bcegOhqFMQrYlyBc6rLeAtn22DgLguokZLyidUy4RFEb1NIBXzZc-2FJac9ILgy7CyPfU9mC0J-2FYmKfE2djHPjH7e-2FLo-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-10-05 5:08 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-10-05 5:08 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
22 new defect(s) introduced to ceph found with Coverity Scan.
36 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 22 defect(s)
** CID 1297802: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 1905 in Objecter::wait_for_osd_map()()
________________________________________________________________________________________________________
*** CID 1297802: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 1905 in Objecter::wait_for_osd_map()()
1899 Cond cond;
1900 bool done;
1901 lock.Lock();
1902 C_SafeCond *context = new C_SafeCond(&lock, &cond, &done, NULL);
1903 waiting_for_map[0].push_back(pair<Context*, int>(context, 0));
1904 l.unlock();
>>> CID 1297802: Program hangs (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
1905 while (!done)
1906 cond.Wait(lock);
1907 lock.Unlock();
1908 }
1909
1910 struct C_Objecter_GetVersion : public Context {
** CID 1351616: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::submit_command(Objecter::CommandOp *, unsigned long *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
________________________________________________________________________________________________________
*** CID 1351616: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::submit_command(Objecter::CommandOp *, unsigned long *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224 // Previously each event was a context, identified by a
225 // pointer, and each context to be called only once. Since you
226 // can queue the same function pointer, member function,
227 // lambda, or functor up multiple times, identifying things by
228 // function for the purposes of cancellation is no longer
229 // suitable. Thus:
>>> CID 1351616: Resource leaks (RESOURCE_LEAK)
>>> Variable "e" going out of scope leaks the storage it points to.
230 return e.id;
231 }
232
233 // Adjust the timeout of a currently-scheduled event (relative)
234 bool adjust_event(uint64_t id, typename TC::duration duration) {
235 return adjust_event(id, TC::now() + duration);
** CID 1351659: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()
________________________________________________________________________________________________________
*** CID 1351659: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()
112
113 cluster.wait_for_latest_osdmap();
114 test_loop(cluster, pool_name, obj_name);
115 return;
116 }
117
>>> CID 1351659: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
118 int main(int args, char **argv)
119 {
120 if (args != 3 && args != 4) {
121 std::cerr << "Error: " << argv[0] << " [ec|rep] pool_name obj_name" << std::endl;
122 return 1;
123 }
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 118 in main()
112
113 cluster.wait_for_latest_osdmap();
114 test_loop(cluster, pool_name, obj_name);
115 return;
116 }
117
>>> CID 1351659: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
118 int main(int args, char **argv)
119 {
120 if (args != 3 && args != 4) {
121 std::cerr << "Error: " << argv[0] << " [ec|rep] pool_name obj_name" << std::endl;
122 return 1;
123 }
** CID 1351672: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
________________________________________________________________________________________________________
*** CID 1351672: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
547 } else {
548 err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
549 }
550 return err;
551 }
552
>>> CID 1351672: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
553 int main(int argc, const char** argv) {
554 KvStoreBench kvsb;
555 int err = kvsb.setup(argc, argv);
556 if (err == 0) cout << "setup successful" << std::endl;
557 else{
558 cout << "error " << err << std::endl;
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
547 } else {
548 err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
549 }
550 return err;
551 }
552
>>> CID 1351672: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
553 int main(int argc, const char** argv) {
554 KvStoreBench kvsb;
555 int err = kvsb.setup(argc, argv);
556 if (err == 0) cout << "setup successful" << std::endl;
557 else{
558 cout << "error " << err << std::endl;
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 553 in main()
547 } else {
548 err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
549 }
550 return err;
551 }
552
>>> CID 1351672: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
553 int main(int argc, const char** argv) {
554 KvStoreBench kvsb;
555 int err = kvsb.setup(argc, argv);
556 if (err == 0) cout << "setup successful" << std::endl;
557 else{
558 cout << "error " << err << std::endl;
** CID 1355572: (INFINITE_LOOP)
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 58 in Resetter::reset(mds_role_t)()
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 96 in Resetter::reset(mds_role_t)()
________________________________________________________________________________________________________
*** CID 1355572: (INFINITE_LOOP)
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 58 in Resetter::reset(mds_role_t)()
52
53 lock.Lock();
54 journaler.recover(new C_SafeCond(&mylock, &cond, &done, &r));
55 lock.Unlock();
56
57 mylock.Lock();
>>> CID 1355572: (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
58 while (!done)
59 cond.Wait(mylock);
60 mylock.Unlock();
61
62 if (r != 0) {
63 if (r == -ENOENT) {
/home/brad/working/src/ceph/src/tools/cephfs/Resetter.cc: 96 in Resetter::reset(mds_role_t)()
90
91 cout << "writing journal head" << std::endl;
92 journaler.write_head(new C_SafeCond(&mylock, &cond, &done, &r));
93 lock.Unlock();
94
95 mylock.Lock();
>>> CID 1355572: (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
96 while (!done)
97 cond.Wait(mylock);
98 mylock.Unlock();
99
100 Mutex::Locker l(lock);
101 if (r != 0) {
** CID 1395778: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_pool_stats(std::__cxx11::list<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t>>> *, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long
, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_fs_stats(ceph_statfs &, boost::optional<long>, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
________________________________________________________________________________________________________
*** CID 1395778: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_pool_stats(std::__cxx11::list<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, pool_stat_t>>> *, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long
, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224 // Previously each event was a context, identified by a
225 // pointer, and each context to be called only once. Since you
226 // can queue the same function pointer, member function,
227 // lambda, or functor up multiple times, identifying things by
228 // function for the purposes of cancellation is no longer
229 // suitable. Thus:
>>> CID 1395778: (RESOURCE_LEAK)
>>> Variable "e" going out of scope leaks the storage it points to.
230 return e.id;
231 }
232
233 // Adjust the timeout of a currently-scheduled event (relative)
234 bool adjust_event(uint64_t id, typename TC::duration duration) {
235 return adjust_event(id, TC::now() + duration);
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::get_fs_stats(ceph_statfs &, boost::optional<long>, Context *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224 // Previously each event was a context, identified by a
225 // pointer, and each context to be called only once. Since you
226 // can queue the same function pointer, member function,
227 // lambda, or functor up multiple times, identifying things by
228 // function for the purposes of cancellation is no longer
229 // suitable. Thus:
>>> CID 1395778: (RESOURCE_LEAK)
>>> Variable "e" going out of scope leaks the storage it points to.
230 return e.id;
231 }
232
233 // Adjust the timeout of a currently-scheduled event (relative)
234 bool adjust_event(uint64_t id, typename TC::duration duration) {
235 return adjust_event(id, TC::now() + duration);
** CID 1396149: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/include/rados/rados_types.hpp: 186 in librados::inconsistent_obj_t::inconsistent_obj_t()()
________________________________________________________________________________________________________
*** CID 1396149: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/include/rados/rados_types.hpp: 186 in librados::inconsistent_obj_t::inconsistent_obj_t()()
180 bool has_deep_errors() const {
181 return errors & DEEP_ERRORS;
182 }
183 };
184
185 struct inconsistent_obj_t : obj_err_t {
>>> CID 1396149: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "version" is not initialized in this constructor nor in any functions that it calls.
186 inconsistent_obj_t() = default;
187 inconsistent_obj_t(const object_id_t& object)
188 : object{object}, version(0)
189 {}
190 object_id_t object;
191 uint64_t version; // XXX: Redundant with object info attr
** CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2892 in Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()
________________________________________________________________________________________________________
*** CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2892 in Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()
2886 if (acting_primary == -1) {
2887 t->osd = -1;
2888 } else {
2889 int osd;
2890 bool read = is_read && !is_write;
2891 if (read && (t->flags & CEPH_OSD_FLAG_BALANCE_READS)) {
>>> CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2892 int p = rand() % acting.size();
2893 if (p)
2894 t->used_replica = true;
2895 osd = acting[p];
2896 ldout(cct, 10) << " chose random osd." << osd << " of " << acting
2897 << dendl;
** CID 1402139: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 563 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 561 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 552 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 603 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 600 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 597 in LibRadosList_ListObjectsCursor_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1402139: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 563 in LibRadosList_ListObjectsCursor_Test::TestBody()()
557 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
558 cout << "> oid=" << oid << " cursor=" << ObjectCursor(cursor) << std::endl;
559 }
560 rados_nobjects_list_seek_cursor(ctx, first_cursor);
561 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
562 cout << "FIRST> seek to " << ObjectCursor(first_cursor) << " oid=" << string(entry) << std::endl;
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
563 }
564 rados_list_ctx_t ctx;
565 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
566
567 std::map<rados_object_list_cursor, string> cursor_to_obj;
568 int count = 0;
/home/brad/working/src/ceph/src/test/librados/list.cc: 561 in LibRadosList_ListObjectsCursor_Test::TestBody()()
555 while (rados_nobjects_list_next(ctx, &entry, NULL, NULL) == 0) {
556 string oid = entry;
557 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
558 cout << "> oid=" << oid << " cursor=" << ObjectCursor(cursor) << std::endl;
559 }
560 rados_nobjects_list_seek_cursor(ctx, first_cursor);
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
561 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
562 cout << "FIRST> seek to " << ObjectCursor(first_cursor) << " oid=" << string(entry) << std::endl;
563 }
564 rados_list_ctx_t ctx;
565 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
566
/home/brad/working/src/ceph/src/test/librados/list.cc: 552 in LibRadosList_ListObjectsCursor_Test::TestBody()()
546
547 {
548 rados_list_ctx_t ctx;
549 const char *entry;
550 rados_object_list_cursor cursor;
551 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
552 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
553 rados_object_list_cursor first_cursor = cursor;
554 cout << "x cursor=" << ObjectCursor(cursor) << std::endl;
555 while (rados_nobjects_list_next(ctx, &entry, NULL, NULL) == 0) {
556 string oid = entry;
557 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
/home/brad/working/src/ceph/src/test/librados/list.cc: 603 in LibRadosList_ListObjectsCursor_Test::TestBody()()
597 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598 cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599 // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
600 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601 cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602 cout << ": entry=" << entry << " expected=" << p->second << std::endl;
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
603 ASSERT_EQ(p->second, string(entry));
604
605 ++p;
606
607 rados_object_list_cursor_free(ctx, cursor);
608 }
/home/brad/working/src/ceph/src/test/librados/list.cc: 600 in LibRadosList_ListObjectsCursor_Test::TestBody()()
594 rados_object_list_cursor cursor;
595 rados_object_list_cursor oid(p->first);
596 rados_nobjects_list_seek_cursor(ctx, oid);
597 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598 cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599 // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
600 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601 cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602 cout << ": entry=" << entry << " expected=" << p->second << std::endl;
603 ASSERT_EQ(p->second, string(entry));
604
605 ++p;
/home/brad/working/src/ceph/src/test/librados/list.cc: 597 in LibRadosList_ListObjectsCursor_Test::TestBody()()
591 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
592 while (p != cursor_to_obj.rend()) {
593 cout << ": seek to " << ObjectCursor(p->first) << std::endl;
594 rados_object_list_cursor cursor;
595 rados_object_list_cursor oid(p->first);
596 rados_nobjects_list_seek_cursor(ctx, oid);
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
597 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598 cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599 // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
600 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601 cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602 cout << ": entry=" << entry << " expected=" << p->second << std::endl;
** CID 1405343: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()
________________________________________________________________________________________________________
*** CID 1405343: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()
14 extern void register_test_instances();
15 extern void register_test_leader_watcher();
16 extern void register_test_pool_watcher();
17 extern void register_test_rbd_mirror();
18 extern void register_test_rbd_mirror_image_deleter();
19
>>> CID 1405343: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
20 int main(int argc, char **argv)
21 {
22 register_test_cluster_watcher();
23 register_test_image_sync();
24 register_test_instance_watcher();
25 register_test_instances();
** CID 1405347: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()
________________________________________________________________________________________________________
*** CID 1405347: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()
18 extern void register_test_object_map();
19 extern void register_test_operations();
20 extern void register_test_mirroring();
21 extern void register_test_mirroring_watcher();
22 #endif // TEST_LIBRBD_INTERNALS
23
>>> CID 1405347: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
24 int main(int argc, char **argv)
25 {
26 register_test_librbd();
27 #ifdef TEST_LIBRBD_INTERNALS
28 register_test_groups();
29 register_test_image_watcher();
** CID 1405350: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
________________________________________________________________________________________________________
*** CID 1405350: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
356 out:
357 ceph_shutdown(admin);
358 return r;
359 }
360
361
>>> CID 1405350: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
362 int main(int argc, char **argv)
363 {
364 int r = update_root_mode();
365 if (r < 0)
366 exit(1);
367
** CID 1413801: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::_op_submit_with_budget(Objecter::Op *, ceph::shunique_lock<boost::shared_mutex> &, unsigned long *, int *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
________________________________________________________________________________________________________
*** CID 1413801: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/ceph_timer.h: 230 in ceph::timer_detail::timer<ceph::time_detail::mono_clock>::add_event<Objecter::_op_submit_with_budget(Objecter::Op *, ceph::shunique_lock<boost::shared_mutex> &, unsigned long *, int *)::[lambda() (instance 1)]>(std::chrono::time_point<ceph::time_detail::mono_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, T1 &&, T2 &&...)()
224 // Previously each event was a context, identified by a
225 // pointer, and each context to be called only once. Since you
226 // can queue the same function pointer, member function,
227 // lambda, or functor up multiple times, identifying things by
228 // function for the purposes of cancellation is no longer
229 // suitable. Thus:
>>> CID 1413801: Resource leaks (RESOURCE_LEAK)
>>> Variable "e" going out of scope leaks the storage it points to.
230 return e.id;
231 }
232
233 // Adjust the timeout of a currently-scheduled event (relative)
234 bool adjust_event(uint64_t id, typename TC::duration duration) {
235 return adjust_event(id, TC::now() + duration);
** CID 1418951: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 134 in rbd::action::bench::rbd_bencher::start_io(int, unsigned long, unsigned long, int, bool)()
________________________________________________________________________________________________________
*** CID 1418951: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 134 in rbd::action::bench::rbd_bencher::start_io(int, unsigned long, unsigned long, int, bool)()
128 }
129
130 void start_io(int max, uint64_t off, uint64_t len, int op_flags, bool read_flag)
131 {
132 {
133 Mutex::Locker l(lock);
>>> CID 1418951: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->in_flight" without holding lock "Mutex._m". Elsewhere, "_ZN3rbd6action5bench11rbd_bencherE.in_flight" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
134 in_flight++;
135 }
136
137 librbd::RBD::AioCompletion *c;
138 if (read_flag) {
139 bufferlist *read_bl = new bufferlist();
** CID 1418952: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 6882 in PrimaryLogPG::_rollback_to(PrimaryLogPG::OpContext *, ceph_osd_op &)()
________________________________________________________________________________________________________
*** CID 1418952: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 6882 in PrimaryLogPG::_rollback_to(PrimaryLogPG::OpContext *, ceph_osd_op &)()
6876 return -EAGAIN;
6877 case cache_result_t::BLOCKED_FULL:
6878 block_write_on_full_cache(soid, ctx->op);
6879 return -EAGAIN;
6880 case cache_result_t::REPLIED_WITH_EAGAIN:
6881 assert(0 == "this can't happen, no rollback on replica");
>>> CID 1418952: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
6882 default:
6883 assert(0 == "must promote was set, other values are not valid");
6884 return -EAGAIN;
6885 }
6886 }
6887
** CID 1418953: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 125 in rbd::action::bench::rbd_bencher::rbd_bencher(librbd::Image *, rbd::action::bench::<unnamed>::io_type_t, unsigned long)()
________________________________________________________________________________________________________
*** CID 1418953: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 125 in rbd::action::bench::rbd_bencher::rbd_bencher(librbd::Image *, rbd::action::bench::<unnamed>::io_type_t, unsigned long)()
119 in_flight(0),
120 io_type(io_type),
121 io_size(io_size)
122 {
123 if (io_type == IO_TYPE_WRITE || io_type == IO_TYPE_RW) {
124 bufferptr bp(io_size);
>>> CID 1418953: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
125 memset(bp.c_str(), rand() & 0xff, io_size);
126 write_bl.push_back(bp);
127 }
128 }
129
130 void start_io(int max, uint64_t off, uint64_t len, int op_flags, bool read_flag)
** CID 1418954: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 277 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
________________________________________________________________________________________________________
*** CID 1418954: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
229 uint64_t start_pos;
230
231 uint64_t unit_len = size/io_size/io_threads;
232 // disturb all thread's offset
233 for (i = 0; i < io_threads; i++) {
234 if (random) {
>>> CID 1418954: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
235 start_pos = (rand() % (size / io_size)) * io_size;
236 } else {
237 start_pos = unit_len * i * io_size;
238 }
239 thread_offset.push_back(start_pos);
240 }
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 277 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
271 bool read_flag = should_read(read_proportion);
272
273 b.wait_for(io_threads - 1);
274 b.start_io(io_threads, thread_offset[i], io_size, op_flags, read_flag);
275
276 if (random) {
>>> CID 1418954: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
277 thread_offset[i] = (rand() % (size / io_size)) * io_size;
278 } else {
279 thread_offset[i] += io_size;
280 if (thread_offset[i] + io_size > size)
281 thread_offset[i] = 0;
282 }
** CID 1418955: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/osdc/Journaler.cc: 562 in Journaler::append_entry(ceph::buffer::list &)()
________________________________________________________________________________________________________
*** CID 1418955: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/osdc/Journaler.cc: 562 in Journaler::append_entry(ceph::buffer::list &)()
556 l.lock();
557 }
558 ldout(cct, 20) << "write_buf_throttle get, delta " << delta << dendl;
559 size_t wrote = journal_stream.write(bl, &write_buf, write_pos);
560 ldout(cct, 10) << "append_entry len " << s << " to " << write_pos << "~"
561 << wrote << dendl;
>>> CID 1418955: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->write_pos" without holding lock "Journaler.lock". Elsewhere, "Journaler.write_pos" is accessed with "Journaler.lock" held 6 out of 8 times (1 of these accesses strongly imply that it is necessary).
562 write_pos += wrote;
563
564 // flush previous object?
565 uint64_t su = get_layout_period();
566 assert(su > 0);
567 uint64_t write_off = write_pos % su;
** CID 1418956: (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 231 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
________________________________________________________________________________________________________
*** CID 1418956: (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 231 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
225 unsigned ios = 0;
226
227 vector<uint64_t> thread_offset;
228 uint64_t i;
229 uint64_t start_pos;
230
>>> CID 1418956: (DIVIDE_BY_ZERO)
>>> In expression "size / io_size", division by expression "io_size" which may be zero has undefined behavior.
231 uint64_t unit_len = size/io_size/io_threads;
232 // disturb all thread's offset
233 for (i = 0; i < io_threads; i++) {
234 if (random) {
235 start_pos = (rand() % (size / io_size)) * io_size;
236 } else {
/home/brad/working/src/ceph/src/tools/rbd/action/Bench.cc: 235 in rbd::action::bench::do_bench(librbd::Image &, rbd::action::bench::<unnamed>::io_type_t, unsigned long, unsigned long, unsigned long, bool, unsigned long)()
229 uint64_t start_pos;
230
231 uint64_t unit_len = size/io_size/io_threads;
232 // disturb all thread's offset
233 for (i = 0; i < io_threads; i++) {
234 if (random) {
>>> CID 1418956: (DIVIDE_BY_ZERO)
>>> In expression "size / io_size", division by expression "io_size" which may be zero has undefined behavior.
235 start_pos = (rand() % (size / io_size)) * io_size;
236 } else {
237 start_pos = unit_len * i * io_size;
238 }
239 thread_offset.push_back(start_pos);
240 }
** CID 1418957: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_mock_ImageSync.cc: 107 in rbd::mirror::image_sync::MetadataCopyRequest<librbd::<unnamed>::MockTestImageCtx>::MetadataCopyRequest()()
________________________________________________________________________________________________________
*** CID 1418957: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_mock_ImageSync.cc: 107 in rbd::mirror::image_sync::MetadataCopyRequest<librbd::<unnamed>::MockTestImageCtx>::MetadataCopyRequest()()
101 s_instance->on_finish = on_finish;
102 return s_instance;
103 }
104
105 MetadataCopyRequest() {
106 s_instance = this;
>>> CID 1418957: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "on_finish" is not initialized in this constructor nor in any functions that it calls.
107 }
108
109 MOCK_METHOD0(send, void());
110 };
111
112 template <>
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FCBsNVyGXtBtUu5bDT7ItSJQjbRl2Ee4PG8K-2FycjN-2FryFBgcAdPnrk7XQ2BwD363FcC64gju3cTdVPd5CXN3UpGQ9pNaBVxW5DlJWx6FvI-2Fusuy8N7nHTMXyHFzu6ZE7DP2NfsqwknjJ-2BabyRng3m2F09WHzdfoBrvXBxXmzusZ2PNPiX8No6jOuoui1mYK-2Bg-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FCBsNVyGXtBtUu5bDT7ItSJQjbRl2Ee4PG8K-2FycjN-2Fr5NZ21oVA-2BuXJqzPU5-2FfcCwOcWCXSWNYGUmQzReV9wL9TmFx6aqZq59o87d2HGDOlnMeK5G0ScClfZtw3Frkfm01q34FqqL5GVMfthacoCk8Lmpr6XOPbICMdf5U9STR5M78EIdk8fWkfoPI7h5-2BEa4-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-09-28 5:09 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-09-28 5:09 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1418596: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1418596: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/tools/cephfs/Dumper.cc: 64 in Dumper::recover_journal(Journaler *)()
58
59
60 int Dumper::recover_journal(Journaler *journaler)
61 {
62 C_SaferCond cond;
63 lock.Lock();
>>> CID 1418596: Program hangs (ORDER_REVERSAL)
>>> Calling "recover" acquires lock "Journaler.lock" while holding lock "Mutex._m" (count: 1 / 6).
64 journaler->recover(&cond);
65 lock.Unlock();
66 const int r = cond.wait();
67
68 if (r < 0) { // Error
69 derr << "error on recovery: " << cpp_strerror(r) << dendl;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gm8nnXjGdSCg3Y3xJLzJka5OSmtSf-2BpUegs4H9v0CBigN85le6zVzYYwpgazONa6fU9p92NkrJbrUVT4aNO4guK9R6ITym49IktPI8IzeuyOQ7NY4AUM1lqvKPRmubM0kw0tXn90C3Ytd5iJ-2Boif1yj85E5vF2fOnU6QsJ0s5tIJdqN5a3DvwBDMY9w43Nwdg-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gm8nnXjGdSCg3Y3xJLzJka5OSmtSf-2BpUegs4H9v0CBilB9hnyE1u8H6YPr85gqxxRIYgD7GieCWnZKVoDvLULn9JV0oJDUW6HUoyHV2Eyp9wGGAkh4xLlxe0LuCzLREu30rbCGrbH6kxuDNkfPxJ47brJv8wMXUXTN1puP0hdVcKGDHWv23YvvEM8i6vD4KNg-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-09-21 6:44 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-09-21 6:44 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
35 new defect(s) introduced to ceph found with Coverity Scan.
40 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 35 defect(s)
** CID 1418233: Integer handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/common/lockdep.cc: 299 in lockdep_will_lock(const char *, int, bool)()
________________________________________________________________________________________________________
*** CID 1418233: Integer handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/common/lockdep.cc: 299 in lockdep_will_lock(const char *, int, bool)()
293 if (!g_lockdep) {
294 pthread_mutex_unlock(&lockdep_mutex);
295 return id;
296 }
297
298 if (id < 0)
>>> CID 1418233: Integer handling issues (NEGATIVE_RETURNS)
>>> Assigning: signed variable "id" = "_lockdep_register".
299 id = _lockdep_register(name);
300
301 lockdep_dout(20) << "_will_lock " << name << " (" << id << ")" << dendl;
302
303 // check dependency graph
304 map<int, BackTrace *> &m = held[p];
** CID 1418234: (LOCK)
/home/brad/working/src/ceph/src/librbd/io/ImageRequestWQ.cc: 584 in librbd::io::ImageRequestWQ<librbd::<unnamed>::MockTestImageCtx>::_void_dequeue()()
/home/brad/working/src/ceph/src/librbd/io/ImageRequestWQ.cc: 601 in librbd::io::ImageRequestWQ<librbd::<unnamed>::MockTestImageCtx>::_void_dequeue()()
/home/brad/working/src/ceph/src/librbd/io/ImageRequestWQ.cc: 597 in librbd::io::ImageRequestWQ<librbd::<unnamed>::MockTestImageCtx>::_void_dequeue()()
________________________________________________________________________________________________________
*** CID 1418234: (LOCK)
/home/brad/working/src/ceph/src/librbd/io/ImageRequestWQ.cc: 584 in librbd::io::ImageRequestWQ<librbd::<unnamed>::MockTestImageCtx>::_void_dequeue()()
578 lock_required = false;
579 }
580 m_image_ctx.owner_lock.put_read();
581 this->get_pool_lock().Lock();
582
583 if (lock_required) {
>>> CID 1418234: (LOCK)
>>> Returning without unlocking "this->get_pool_lock()._m".
584 return nullptr;
585 }
586 }
587
588 if (refresh_required) {
589 ldout(cct, 5) << "image refresh required: delaying IO " << item << dendl;
/home/brad/working/src/ceph/src/librbd/io/ImageRequestWQ.cc: 601 in librbd::io::ImageRequestWQ<librbd::<unnamed>::MockTestImageCtx>::_void_dequeue()()
595 m_image_ctx.state->refresh(new C_RefreshFinish(this, item));
596 this->get_pool_lock().Lock();
597 return nullptr;
598 }
599
600 item->start_op();
>>> CID 1418234: (LOCK)
>>> Returning without unlocking "this->get_pool_lock()._m".
601 return item;
602 }
603
604 template <typename I>
605 void ImageRequestWQ<I>::process(ImageRequest<I> *req) {
606 CephContext *cct = m_image_ctx.cct;
/home/brad/working/src/ceph/src/librbd/io/ImageRequestWQ.cc: 597 in librbd::io::ImageRequestWQ<librbd::<unnamed>::MockTestImageCtx>::_void_dequeue()()
591 // stall IO until the refresh completes
592 ++m_io_blockers;
593
594 this->get_pool_lock().Unlock();
595 m_image_ctx.state->refresh(new C_RefreshFinish(this, item));
596 this->get_pool_lock().Lock();
>>> CID 1418234: (LOCK)
>>> Returning without unlocking "this->get_pool_lock()._m".
597 return nullptr;
598 }
599
600 item->start_op();
601 return item;
602 }
** CID 1418235: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/rocksdb/utilities/transactions/pessimistic_transaction.cc: 522 in rocksdb::PessimisticTransaction::TryLock(rocksdb::ColumnFamilyHandle *, const rocksdb::Slice &, bool, bool, bool)()
________________________________________________________________________________________________________
*** CID 1418235: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/rocksdb/utilities/transactions/pessimistic_transaction.cc: 522 in rocksdb::PessimisticTransaction::TryLock(rocksdb::ColumnFamilyHandle *, const rocksdb::Slice &, bool, bool, bool)()
516
517 if (!s.ok()) {
518 // Failed to validate key
519 if (!previously_locked) {
520 // Unlock key we just locked
521 if (lock_upgrade) {
>>> CID 1418235: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "(s) = (rocksdb::Status(this->txn_db_impl_->TryLock(this, cfh_id, key_str, false)))" inside this statement: "(s) = (rocksdb::Status(this...".
522 s = txn_db_impl_->TryLock(this, cfh_id, key_str,
523 false /* exclusive */);
524 assert(s.ok());
525 } else {
526 txn_db_impl_->UnLock(this, cfh_id, key.ToString());
527 }
** CID 1418236: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/utilities/transactions/write_prepared_txn.cc: 30 in rocksdb::WritePreparedTxn::WritePreparedTxn(rocksdb::WritePreparedTxnDB *, const rocksdb::WriteOptions &, const rocksdb::TransactionOptions &)()
________________________________________________________________________________________________________
*** CID 1418236: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/utilities/transactions/write_prepared_txn.cc: 30 in rocksdb::WritePreparedTxn::WritePreparedTxn(rocksdb::WritePreparedTxnDB *, const rocksdb::WriteOptions &, const rocksdb::TransactionOptions &)()
24 WritePreparedTxn::WritePreparedTxn(WritePreparedTxnDB* txn_db,
25 const WriteOptions& write_options,
26 const TransactionOptions& txn_options)
27 : PessimisticTransaction(txn_db, write_options, txn_options),
28 wpt_db_(txn_db) {
29 PessimisticTransaction::Initialize(txn_options);
>>> CID 1418236: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "prepare_seq_" is not initialized in this constructor nor in any functions that it calls.
30 }
31
32 Status WritePreparedTxn::Get(const ReadOptions& read_options,
33 ColumnFamilyHandle* column_family,
34 const Slice& key, PinnableSlice* pinnable_val) {
35 auto snapshot = GetSnapshot();
** CID 1418237: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rocksdb/db/c.cc: 585 in rocksdb_checkpoint_object_create()
________________________________________________________________________________________________________
*** CID 1418237: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rocksdb/db/c.cc: 585 in rocksdb_checkpoint_object_create()
579 }
580
581 rocksdb_checkpoint_t* rocksdb_checkpoint_object_create(rocksdb_t* db,
582 char** errptr) {
583 Checkpoint* checkpoint;
584 if (SaveError(errptr, Checkpoint::Create(db->rep, &checkpoint))) {
>>> CID 1418237: Resource leaks (RESOURCE_LEAK)
>>> Variable "checkpoint" going out of scope leaks the storage it points to.
585 return nullptr;
586 }
587 rocksdb_checkpoint_t* result = new rocksdb_checkpoint_t;
588 result->rep = checkpoint;
589 return result;
590 }
** CID 1418238: Control flow issues (UNREACHABLE)
/home/brad/working/src/ceph/src/rocksdb/utilities/transactions/write_prepared_txn.cc: 103 in rocksdb::WritePreparedTxn::Rollback()()
________________________________________________________________________________________________________
*** CID 1418238: Control flow issues (UNREACHABLE)
/home/brad/working/src/ceph/src/rocksdb/utilities/transactions/write_prepared_txn.cc: 103 in rocksdb::WritePreparedTxn::Rollback()()
97 return s;
98 }
99
100 Status WritePreparedTxn::Rollback() {
101 // TODO(myabandeh) Implement this
102 throw std::runtime_error("Rollback not Implemented");
>>> CID 1418238: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "return rocksdb::Status(rock...".
103 return Status::OK();
104 }
105
106 } // namespace rocksdb
107
** CID 1418239: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rocksdb/utilities/write_batch_with_index/write_batch_with_index.cc: 853 in rocksdb::WriteBatchWithIndex::GetFromBatchAndDB(rocksdb::DB *, const rocksdb::ReadOptions &, rocksdb::ColumnFamilyHandle *, const rocksdb::Slice &, rocksdb::PinnableSlice *, rocksdb::ReadCallback *)()
________________________________________________________________________________________________________
*** CID 1418239: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rocksdb/utilities/write_batch_with_index/write_batch_with_index.cc: 853 in rocksdb::WriteBatchWithIndex::GetFromBatchAndDB(rocksdb::DB *, const rocksdb::ReadOptions &, rocksdb::ColumnFamilyHandle *, const rocksdb::Slice &, rocksdb::PinnableSlice *, rocksdb::ReadCallback *)()
847 Logger* logger = immuable_db_options.info_log.get();
848
849 Slice* merge_data;
850 if (s.ok()) {
851 merge_data = pinnable_val;
852 } else { // Key not present in db (s.IsNotFound())
>>> CID 1418239: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "merge_data" = "NULL".
853 merge_data = nullptr;
854 }
855
856 if (merge_operator) {
857 s = MergeHelper::TimedFullMerge(
858 merge_operator, key, merge_data, merge_context.GetOperands(),
** CID 1418240: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48203 in __pyx_pw_5rados_5Ioctx_127application_metadata_set()
________________________________________________________________________________________________________
*** CID 1418240: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48203 in __pyx_pw_5rados_5Ioctx_127application_metadata_set()
48197 }
48198 kw_args = PyDict_Size(__pyx_kwds);
48199 switch (pos_args) {
48200 case 0:
48201 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_app_name)) != 0)) kw_args--;
48202 else goto __pyx_L5_argtuple_error;
>>> CID 1418240: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
48203 case 1:
48204 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
48205 else {
48206 __Pyx_RaiseArgtupleInvalid("application_metadata_set", 1, 3, 3, 1); __PYX_ERR(0, 3643, __pyx_L3_error)
48207 }
48208 case 2:
** CID 1418241: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 47475 in __pyx_pw_5rados_5Ioctx_123application_enable()
________________________________________________________________________________________________________
*** CID 1418241: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 47475 in __pyx_pw_5rados_5Ioctx_123application_enable()
47469 }
47470 kw_args = PyDict_Size(__pyx_kwds);
47471 switch (pos_args) {
47472 case 0:
47473 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_app_name)) != 0)) kw_args--;
47474 else goto __pyx_L5_argtuple_error;
>>> CID 1418241: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
47475 case 1:
47476 if (kw_args > 0) {
47477 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_force);
47478 if (value) { values[1] = value; kw_args--; }
47479 }
47480 }
** CID 1418242: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<ceph::mClockOpClassQueue::osd_op_type_t, std::pair<spg_t, PGQueueable>, (bool)0, (unsigned int)2>::ClientRec::ClientRec(ceph::mClockOpClassQueue::osd_op_type_t, const crimson::dmclock::ClientInfo &, unsigned long)()
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<Client, Request, (bool)0, (unsigned int)2>::ClientRec::ClientRec(Client, const crimson::dmclock::ClientInfo &, unsigned long)()
________________________________________________________________________________________________________
*** CID 1418242: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<ceph::mClockOpClassQueue::osd_op_type_t, std::pair<spg_t, PGQueueable>, (bool)0, (unsigned int)2>::ClientRec::ClientRec(ceph::mClockOpClassQueue::osd_op_type_t, const crimson::dmclock::ClientInfo &, unsigned long)()
320 idle(true),
321 last_tick(current_tick),
322 cur_rho(1),
323 cur_delta(1)
324 {
325 // empty
>>> CID 1418242: (UNINIT_CTOR)
>>> Non-static class member "ready_heap_data" is not initialized in this constructor nor in any functions that it calls.
326 }
327
328 inline const RequestTag& get_req_tag() const {
329 return prev_tag;
330 }
331
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<Client, Request, (bool)0, (unsigned int)2>::ClientRec::ClientRec(Client, const crimson::dmclock::ClientInfo &, unsigned long)()
320 idle(true),
321 last_tick(current_tick),
322 cur_rho(1),
323 cur_delta(1)
324 {
325 // empty
>>> CID 1418242: (UNINIT_CTOR)
>>> Non-static class member "ready_heap_data" is not initialized in this constructor nor in any functions that it calls.
326 }
327
328 inline const RequestTag& get_req_tag() const {
329 return prev_tag;
330 }
331
** CID 1418243: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1874 in shutdown_racer_func()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1873 in shutdown_racer_func()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1872 in shutdown_racer_func()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1871 in shutdown_racer_func()()
________________________________________________________________________________________________________
*** CID 1418243: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1874 in shutdown_racer_func()()
1868 {
1869 struct ceph_mount_info *cmount;
1870
1871 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1872 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1873 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
>>> CID 1418243: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1874 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1875 ceph_shutdown(cmount);
1876 }
1877
1878 // See tracker #20988
1879 TEST(LibCephFS, ShutdownRace)
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1873 in shutdown_racer_func()()
1867 static void shutdown_racer_func()
1868 {
1869 struct ceph_mount_info *cmount;
1870
1871 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1872 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
>>> CID 1418243: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1873 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1874 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1875 ceph_shutdown(cmount);
1876 }
1877
1878 // See tracker #20988
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1872 in shutdown_racer_func()()
1866
1867 static void shutdown_racer_func()
1868 {
1869 struct ceph_mount_info *cmount;
1870
1871 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
>>> CID 1418243: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1872 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1873 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1874 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1875 ceph_shutdown(cmount);
1876 }
1877
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1871 in shutdown_racer_func()()
1865 #define NTHREADS 128
1866
1867 static void shutdown_racer_func()
1868 {
1869 struct ceph_mount_info *cmount;
1870
>>> CID 1418243: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1871 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1872 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1873 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1874 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1875 ceph_shutdown(cmount);
1876 }
** CID 1418244: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<std::pair<unsigned long, ceph::mClockClientQueue::osd_op_type_t>, std::pair<spg_t, PGQueueable>, (bool)0, (unsigned int)2>::ClientRec::ClientRec(std::pair<unsigned long, ceph::mClockClientQueue::osd_op_type_t>, const crimson::dmclock::ClientInfo &, unsigned long)()
________________________________________________________________________________________________________
*** CID 1418244: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<std::pair<unsigned long, ceph::mClockClientQueue::osd_op_type_t>, std::pair<spg_t, PGQueueable>, (bool)0, (unsigned int)2>::ClientRec::ClientRec(std::pair<unsigned long, ceph::mClockClientQueue::osd_op_type_t>, const crimson::dmclock::ClientInfo &, unsigned long)()
320 idle(true),
321 last_tick(current_tick),
322 cur_rho(1),
323 cur_delta(1)
324 {
325 // empty
>>> CID 1418244: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "ready_heap_data" is not initialized in this constructor nor in any functions that it calls.
326 }
327
328 inline const RequestTag& get_req_tag() const {
329 return prev_tag;
330 }
331
** CID 1418245: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/utilities/blob_db/blob_db_impl.cc: 266 in rocksdb::blob_db::BlobDBImpl::BlobDBImpl(rocksdb::DB *, const rocksdb::blob_db::BlobDBOptions &)()
________________________________________________________________________________________________________
*** CID 1418245: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/utilities/blob_db/blob_db_impl.cc: 266 in rocksdb::blob_db::BlobDBImpl::BlobDBImpl(rocksdb::DB *, const rocksdb::blob_db::BlobDBOptions &)()
260 total_periods_ampl_(0),
261 total_blob_space_(0) {
262 if (!bdb_options_.blob_dir.empty())
263 blob_dir_ = (bdb_options_.path_relative)
264 ? db_->GetName() + "/" + bdb_options_.blob_dir
265 : bdb_options_.blob_dir;
>>> CID 1418245: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "debug_level_" is not initialized in this constructor nor in any functions that it calls.
266 }
267
268 BlobDBImpl::~BlobDBImpl() {
269 // CancelAllBackgroundWork(db_, true);
270
271 Shutdown();
** CID 1418246: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/util/file_reader_writer.h: 207 in rocksdb::FilePrefetchBuffer::FilePrefetchBuffer()()
________________________________________________________________________________________________________
*** CID 1418246: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/util/file_reader_writer.h: 207 in rocksdb::FilePrefetchBuffer::FilePrefetchBuffer()()
201 Status Prefetch(RandomAccessFileReader* reader, uint64_t offset, size_t n);
202 bool TryReadFromCache(uint64_t offset, size_t n, Slice* result) const;
203
204 private:
205 AlignedBuffer buffer_;
206 uint64_t buffer_offset_;
>>> CID 1418246: Uninitialized members (UNINIT_CTOR)
>>> The compiler-generated constructor for this class does not initialize "buffer_len_".
207 size_t buffer_len_;
208 };
209
210 extern Status NewWritableFile(Env* env, const std::string& fname,
211 unique_ptr<WritableFile>* result,
212 const EnvOptions& options);
** CID 1418247: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/memtable/hash_linklist_rep.cc: 86 in rocksdb::<unnamed>::Node::Node()()
________________________________________________________________________________________________________
*** CID 1418247: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/memtable/hash_linklist_rep.cc: 86 in rocksdb::<unnamed>::Node::Node()()
80 return next_.load(std::memory_order_relaxed);
81 }
82
83 void NoBarrier_SetNext(Node* x) { next_.store(x, std::memory_order_relaxed); }
84
85 // Needed for placement new below which is fine
>>> CID 1418247: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "next_._M_b" is not initialized in this constructor nor in any functions that it calls.
86 Node() {}
87
88 private:
89 std::atomic<Node*> next_;
90
91 // Prohibit copying due to the below
** CID 1418248: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 49517 in __pyx_pf_5rados_5Ioctx_130application_metadata_list()
________________________________________________________________________________________________________
*** CID 1418248: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 49517 in __pyx_pf_5rados_5Ioctx_130application_metadata_list()
49511 *
49512 *
49513 */
49514 free(__pyx_v_c_vals);
49515 goto __pyx_L5;
49516 }
>>> CID 1418248: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
PyThreadState *__pyx_ts...".
49517 /*exception exit:*/{
49518 __Pyx_PyThreadState_declare
49519 __pyx_L4_error:;
49520 __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0; __pyx_t_20 = 0;
49521 __Pyx_PyThreadState_assign
49522 __Pyx_XDECREF(__pyx_t_12); __pyx_t_12 = 0;
** CID 1418249: Memory - illegal accesses (WRAPPER_ESCAPE)
/home/brad/working/src/ceph/src/rocksdb/table/format.cc: 450 in rocksdb::ReadBlockContents(rocksdb::RandomAccessFileReader *, rocksdb::FilePrefetchBuffer *, const rocksdb::Footer &, const rocksdb::ReadOptions &, const rocksdb::BlockHandle &, rocksdb::BlockContents *, const rocksdb::ImmutableCFOptions &, bool, const rocksdb::Slice &, const rocksdb::PersistentCacheOptions &)()
________________________________________________________________________________________________________
*** CID 1418249: Memory - illegal accesses (WRAPPER_ESCAPE)
/home/brad/working/src/ceph/src/rocksdb/table/format.cc: 450 in rocksdb::ReadBlockContents(rocksdb::RandomAccessFileReader *, rocksdb::FilePrefetchBuffer *, const rocksdb::Footer &, const rocksdb::ReadOptions &, const rocksdb::BlockHandle &, rocksdb::BlockContents *, const rocksdb::ImmutableCFOptions &, bool, const rocksdb::Slice &, const rocksdb::PersistentCacheOptions &)()
444 // the slice content is not the buffer provided
445 *contents = BlockContents(Slice(slice.data(), n), false, compression_type);
446 } else {
447 // page is uncompressed, the buffer either stack or heap provided
448 if (got_from_prefetch_buffer || used_buf == &stack_buf[0]) {
449 heap_buf = std::unique_ptr<char[]>(new char[n]);
>>> CID 1418249: Memory - illegal accesses (WRAPPER_ESCAPE)
>>> Using invalidated internal representation of local "used_buf".
450 memcpy(heap_buf.get(), used_buf, n);
451 }
452 *contents = BlockContents(std::move(heap_buf), n, true, compression_type);
453 }
454
455 if (status.ok() && !got_from_prefetch_buffer && read_options.fill_cache &&
** CID 1418250: (BAD_SHIFT)
/home/brad/working/src/ceph/src/common/lockdep.cc: 321 in lockdep_will_lock(const char *, int, bool)()
/home/brad/working/src/ceph/src/common/lockdep.cc: 356 in lockdep_will_lock(const char *, int, bool)()
________________________________________________________________________________________________________
*** CID 1418250: (BAD_SHIFT)
/home/brad/working/src/ceph/src/common/lockdep.cc: 321 in lockdep_will_lock(const char *, int, bool)()
315 p->second->print(*_dout);
316 }
317 delete bt;
318 *_dout << dendl;
319 ceph_abort();
320 }
>>> CID 1418250: (BAD_SHIFT)
>>> In expression "1 << id % 8", shifting by a negative amount has undefined behavior. The shift amount, "id % 8", is -1.
321 else if (!(follows[p->first][id/8] & (1 << (id % 8)))) {
322 // new dependency
323
324 // did we just create a cycle?
325 if (does_follow(id, p->first)) {
326 BackTrace *bt = new BackTrace(BACKTRACE_SKIP);
/home/brad/working/src/ceph/src/common/lockdep.cc: 356 in lockdep_will_lock(const char *, int, bool)()
350 ceph_abort(); // actually, we should just die here.
351 } else {
352 BackTrace *bt = NULL;
353 if (force_backtrace || lockdep_force_backtrace()) {
354 bt = new BackTrace(BACKTRACE_SKIP);
355 }
>>> CID 1418250: (BAD_SHIFT)
>>> In expression "1 << id % 8", shifting by a negative amount has undefined behavior. The shift amount, "id % 8", is -1.
356 follows[p->first][id/8] |= 1 << (id % 8);
357 follows_bt[p->first][id] = bt;
358 lockdep_dout(10) << lock_names[p->first] << " -> " << name << " at" << dendl;
359 //bt->print(*_dout);
360 }
361 }
** CID 1418251: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48208 in __pyx_pw_5rados_5Ioctx_127application_metadata_set()
________________________________________________________________________________________________________
*** CID 1418251: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48208 in __pyx_pw_5rados_5Ioctx_127application_metadata_set()
48202 else goto __pyx_L5_argtuple_error;
48203 case 1:
48204 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
48205 else {
48206 __Pyx_RaiseArgtupleInvalid("application_metadata_set", 1, 3, 3, 1); __PYX_ERR(0, 3643, __pyx_L3_error)
48207 }
>>> CID 1418251: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
48208 case 2:
48209 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_value)) != 0)) kw_args--;
48210 else {
48211 __Pyx_RaiseArgtupleInvalid("application_metadata_set", 1, 3, 3, 2); __PYX_ERR(0, 3643, __pyx_L3_error)
48212 }
48213 }
** CID 1418252: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/rocksdb/db/merge_helper.cc: 135 in rocksdb::MergeHelper::MergeUntil(rocksdb::InternalIterator *, rocksdb::RangeDelAggregator *, unsigned long, bool)()
/home/brad/working/src/ceph/src/rocksdb/db/merge_helper.cc: 249 in rocksdb::MergeHelper::MergeUntil(rocksdb::InternalIterator *, rocksdb::RangeDelAggregator *, unsigned long, bool)()
________________________________________________________________________________________________________
*** CID 1418252: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/rocksdb/db/merge_helper.cc: 135 in rocksdb::MergeHelper::MergeUntil(rocksdb::InternalIterator *, rocksdb::RangeDelAggregator *, unsigned long, bool)()
129 bool original_key_is_iter = true;
130 std::string original_key = iter->key().ToString();
131 // Important:
132 // orig_ikey is backed by original_key if keys_.empty()
133 // orig_ikey is backed by keys_.back() if !keys_.empty()
134 ParsedInternalKey orig_ikey;
>>> CID 1418252: (CHECKED_RETURN)
>>> Calling "ParseInternalKey" without checking return value (as is done elsewhere 25 out of 31 times).
135 ParseInternalKey(original_key, &orig_ikey);
136
137 Status s;
138 bool hit_the_next_user_key = false;
139 for (; iter->Valid(); iter->Next(), original_key_is_iter = false) {
140 if (IsShuttingDown()) {
/home/brad/working/src/ceph/src/rocksdb/db/merge_helper.cc: 249 in rocksdb::MergeHelper::MergeUntil(rocksdb::InternalIterator *, rocksdb::RangeDelAggregator *, unsigned long, bool)()
243 } else {
244 keys_.push_front(iter->key().ToString());
245 }
246 if (keys_.size() == 1) {
247 // we need to re-anchor the orig_ikey because it was anchored by
248 // original_key before
>>> CID 1418252: (CHECKED_RETURN)
>>> Calling "ParseInternalKey" without checking return value (as is done elsewhere 25 out of 31 times).
249 ParseInternalKey(keys_.back(), &orig_ikey);
250 }
251 if (filter == CompactionFilter::Decision::kKeep) {
252 merge_context_.PushOperand(
253 value_slice, iter->IsValuePinned() /* operand_pinned */);
254 } else { // kChangeValue
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GyefNjJaJ-2FyXE15QWVNQOElzV2UBinM3P2nLLf04jfU1oBjekCw8oYd4zmBPBCTzY-2F-2FkwvumZVupyWeL9E99hsAt-2Ftidj6wLA7aFaXkK8wqyJeEzmRnXq0DtpmzXYyi3oV95fyG3Q8N7MwpvrXxzsXcrKpRlzfC8pQi-2FWm5cA9s6qVNM8QYNd4rDmu5WdM3u8-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GyefNjJaJ-2FyXE15QWVNQOElzV2UBinM3P2nLLf04jfUxc-2BTywOZXv-2BOP9KcKMMV7sBynXweiR9ujbM8S2HQTEjH38TAOunogxX7Za-2BN55nSx32vcXpC3XfyUWFMEQY7g6gAgj4zWfeLcfgGJQAAeOxb59t6uV9pTN4egQy58gcm-2F4lClzSBZgGrGavRf7nUv0-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-09-14 7:19 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-09-14 7:19 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 717382: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_rados.h: 2371 in RGWRados::RGWRados()()
________________________________________________________________________________________________________
*** CID 717382: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_rados.h: 2371 in RGWRados::RGWRados()()
2365 pools_initialized(false),
2366 quota_handler(NULL),
2367 finisher(NULL),
2368 cr_registry(NULL),
2369 zone_short_id(0),
2370 rest_master_conn(NULL),
>>> CID 717382: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "sync_tracer" is not initialized in this constructor nor in any functions that it calls.
2371 meta_mgr(NULL), data_log(NULL), reshard(NULL) {}
2372
2373 uint64_t get_new_req_id() {
2374 return ++max_req_id;
2375 }
2376
** CID 1417718: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/common/test_mclock_priority_queue.cc: 24 in Request::Request()()
________________________________________________________________________________________________________
*** CID 1417718: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/common/test_mclock_priority_queue.cc: 24 in Request::Request()()
18 #include "gtest/gtest.h"
19 #include "common/mClockPriorityQueue.h"
20
21
22 struct Request {
23 int value;
>>> CID 1417718: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "value" is not initialized in this constructor nor in any functions that it calls.
24 Request() = default;
25 Request(const Request& o) = default;
26 Request(int value) :
27 value(value)
28 {}
29 };
** CID 1417719: Memory - illegal accesses (STRING_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_data_sync.cc: 492 in RGWInitDataSyncStatusCoroutine::RGWInitDataSyncStatusCoroutine(RGWDataSyncEnv *, unsigned int, unsigned long, std::shared_ptr<RGWSyncTraceNode> &, rgw_data_sync_status *)()
________________________________________________________________________________________________________
*** CID 1417719: Memory - illegal accesses (STRING_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_data_sync.cc: 492 in RGWInitDataSyncStatusCoroutine::RGWInitDataSyncStatusCoroutine(RGWDataSyncEnv *, unsigned int, unsigned long, std::shared_ptr<RGWSyncTraceNode> &, rgw_data_sync_status *)()
486 status->sync_info.instance_id = instance_id;
487
488 #define COOKIE_LEN 16
489 char buf[COOKIE_LEN + 1];
490
491 gen_rand_alphanumeric(cct, buf, sizeof(buf) - 1);
>>> CID 1417719: Memory - illegal accesses (STRING_NULL)
>>> Passing unterminated string "buf" to "operator =", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
492 cookie = buf;
493
494 sync_status_oid = RGWDataSyncStatusManager::sync_status_oid(sync_env->source_zone);
495
496 tn = sync_env->sync_tracer->add_node(new RGWSyncTraceNode(sync_env->cct,
497 sync_env->sync_tracer,
** CID 1417720: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 738 in Infiniband::MemoryManager::PoolAllocator::malloc(unsigned long)()
________________________________________________________________________________________________________
*** CID 1417720: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 738 in Infiniband::MemoryManager::PoolAllocator::malloc(unsigned long)()
732 ch->bytes = cct->_conf->ms_async_rdma_buffer_size;
733 ch->offset = 0;
734 ch->buffer = ch->data; // TODO: refactor tx and remove buffer
735 ch = reinterpret_cast<Chunk *>(reinterpret_cast<char *>(ch) + rx_buf_size);
736 }
737
>>> CID 1417720: Resource leaks (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
738 return reinterpret_cast<char *>(m->chunks);
739 }
740
741
742 void Infiniband::MemoryManager::PoolAllocator::free(char * const block)
743 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gdo0EpVK5EBTrLKxxlyFrMt9L-2FbnXTrO8Epn37V8nfqzm1beyGQbAZnUjAYUpfrttHxhecBB32kV9CtfhE6LSM5d2R7fuIvChaT1A93EqtxJNyuDCDjs-2Bq2d6r6yfB5aaRirPqz51Ct4nY7sT4sfDhkcdU6hUK-2BYJddBcZlOKVVAnHoCfmSKHxZaJpxAQyRZ0-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gdo0EpVK5EBTrLKxxlyFrMt9L-2FbnXTrO8Epn37V8nfq9VJCXndK99SAlU5SBW8qtoBTQTqQxF33f0YcidWZKgNUkLmQY8hvph41xaO3Re6extPBuvGg33hrkonBUpEmMFFpH58JGbvartIc06DvFTsC8kvQCezcBjRs9LF6yergKOHi68HxT7RvI3aWxkVnEI-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-09-07 5:08 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-09-07 5:08 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
9 new defect(s) introduced to ceph found with Coverity Scan.
25 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 1417472: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1417472: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 377 in LibCephFS_ConcurrentRecordLocking_Test::TestBody()()
371 const pid_t mypid = getpid();
372 struct ceph_mount_info *cmount;
373 STARTUP_CEPH();
374
375 char c_file[1024];
376 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417472: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
377 Fh *fh = NULL;
378 Inode *root = NULL, *inode = NULL;
379 struct ceph_statx stx;
380 struct flock lock1;
381 int rc;
382 UserPerm *perms = ceph_mount_perms(cmount);
** CID 1417473: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/client/Client.cc: 12684 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, file_layout_t *, unsigned long, unsigned int)()
________________________________________________________________________________________________________
*** CID 1417473: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/client/Client.cc: 12684 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, file_layout_t *, unsigned long, unsigned int)()
12678 fakesnap.seq = snapseq;
12679
12680 /* lock just in time */
12681 client_lock.Lock();
12682 if (unmounting) {
12683 client_lock.Unlock();
>>> CID 1417473: Resource leaks (RESOURCE_LEAK)
>>> Variable "onsafe" going out of scope leaks the storage it points to.
12684 return -ENOTCONN;
12685 }
12686
12687 objecter->write(oid,
12688 object_locator_t(layout->pool_id),
12689 offset,
** CID 1417474: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1417474: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 520 in LibCephFS_ThreesomeRecordLocking_Test::TestBody()()
514 const pid_t mypid = getpid();
515 struct ceph_mount_info *cmount;
516 STARTUP_CEPH();
517
518 char c_file[1024];
519 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417474: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
520 Fh *fh = NULL;
521 Inode *root = NULL, *inode = NULL;
522 struct ceph_statx stx;
523 struct flock lock1;
524 int rc;
525 UserPerm *perms = ceph_mount_perms(cmount);
** CID 1417475: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1167 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, const std::vector<int, std::allocator<int>> &, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1417475: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1167 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, const std::vector<int, std::allocator<int>> &, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
1161 !all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.is_incomplete() &&
1162 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >=
1163 auth_log_shard->second.log_tail) {
1164 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl;
1165 want[i] = acting[i];
1166 } else if (!restrict_to_up_acting) {
>>> CID 1417475: Control flow issues (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to "all_info_by_shard[shard_id_t(i)]->end()" from "all_info_by_shard[shard_id_t(i)]".
1167 for (set<pg_shard_t>::iterator j = all_info_by_shard[shard_id_t(i)].begin();
1168 j != all_info_by_shard[shard_id_t(i)].end();
1169 ++j) {
1170 assert(j->shard == i);
1171 if (!all_info.find(*j)->second.is_incomplete() &&
1172 all_info.find(*j)->second.last_update >=
** CID 1417476: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1417476: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 765 in LibCephFS_DISABLED_InterProcessRecordLocking_Test::TestBody()()
759 TEST(LibCephFS, DISABLED_InterProcessRecordLocking) {
760 PROCESS_SLOW_MS();
761 // Process synchronization
762 char c_file[1024];
763 const pid_t mypid = getpid();
764 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417476: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
765 Fh *fh = NULL;
766 Inode *root = NULL, *inode = NULL;
767 struct ceph_statx stx;
768 struct flock lock1;
769 int rc;
770
** CID 1417477: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
________________________________________________________________________________________________________
*** CID 1417477: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 284 in thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
278
279 /* Locking in different threads */
280
281 // Used by ConcurrentLocking test
282 static void thread_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
283 struct ceph_mount_info *const cmount = s.cmount;
>>> CID 1417477: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
284 Fh *fh = NULL;
285 Inode *root = NULL, *inode = NULL;
286 struct ceph_statx stx;
287 struct flock lock1;
288 int rc;
289 struct timespec ts;
** CID 1417478: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1417478: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 927 in LibCephFS_DISABLED_ThreesomeInterProcessRecordLocking_Test::TestBody()()
921 TEST(LibCephFS, DISABLED_ThreesomeInterProcessRecordLocking) {
922 PROCESS_SLOW_MS();
923 // Process synchronization
924 char c_file[1024];
925 const pid_t mypid = getpid();
926 sprintf(c_file, "recordlock_test_%d", mypid);
>>> CID 1417478: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
927 Fh *fh = NULL;
928 Inode *root = NULL, *inode = NULL;
929 struct ceph_statx stx;
930 struct flock lock1;
931 int rc;
932
** CID 1417479: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
________________________________________________________________________________________________________
*** CID 1417479: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 673 in process_ConcurrentRecordLocking(str_ConcurrentRecordLocking &)()
667 static void process_ConcurrentRecordLocking(str_ConcurrentRecordLocking& s) {
668 const pid_t mypid = getpid();
669 PROCESS_SLOW_MS();
670
671 struct ceph_mount_info *cmount = NULL;
672 struct timespec ts;
>>> CID 1417479: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
673 Fh *fh = NULL;
674 Inode *root = NULL, *inode = NULL;
675 struct ceph_statx stx;
676 int rc;
677 struct flock lock1;
678
** CID 1417480: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1417480: (FORWARD_NULL)
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/recordlock.cc: 81 in LibCephFS_BasicRecordLocking_Test::TestBody()()
75 TEST(LibCephFS, BasicRecordLocking) {
76 struct ceph_mount_info *cmount = NULL;
77 STARTUP_CEPH();
78
79 char c_file[1024];
80 sprintf(c_file, "recordlock_test_%d", getpid());
>>> CID 1417480: (FORWARD_NULL)
>>> Assigning: "fh" = "NULL".
81 Fh *fh = NULL;
82 Inode *root = NULL, *inode = NULL;
83 struct ceph_statx stx;
84 int rc;
85 struct flock lock1, lock2;
86 UserPerm *perms = ceph_mount_perms(cmount);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HMNw1TEiyfVGuRIB1-2FPbC34TnUzUYP6W8ZSCLjQ5HeNSz4QOW7tMW3EWOoubXLZjfb-2Bi363R5ELhGXJRZ-2F7L6TC64oLs3PHhIS1KdsttJ-2BXkwQJrfHjChN9l4dWVcryKQFuUDS4wN8bUnkHaVRDjEth7QoHQ9LMIcCsG56MPIkSU6Si8CxNxUN4f9aW5OwdYA-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HMNw1TEiyfVGuRIB1-2FPbC34TnUzUYP6W8ZSCLjQ5HeNWoFiQRDrLN-2FFeOj0eSX6bcowlQQ9WuvoGlzOmoDsQumdltAggXiQDrp1Mlt4TL-2BVB-2BMmv-2BUsH69veXp4aovB4TPB5U-2FXaooi-2FvxJe-2Fhpa-2F5D3UGzg-2FoP6H5k4cN5e2gnl94oU0m1-2FM-2Bc945zPW2jm0-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-08-31 6:39 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-08-31 6:39 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
5 new defect(s) introduced to ceph found with Coverity Scan.
35 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1394731: Concurrent data access violations (ATOMICITY)
/home/brad/working/src/ceph/src/common/cohort_lru.h: 153 in cohort::lru::LRU<std::mutex>::evict_block()()
________________________________________________________________________________________________________
*** CID 1394731: Concurrent data access violations (ATOMICITY)
/home/brad/working/src/ceph/src/common/cohort_lru.h: 153 in cohort::lru::LRU<std::mutex>::evict_block()()
147 lane.lock.lock();
148 --(o->lru_refcnt);
149 /* assertions that o state has not changed across
150 * relock */
151 assert(o->lru_refcnt == SENTINEL_REFCNT);
152 assert(o->lru_flags & FLAG_INLRU);
>>> CID 1394731: Concurrent data access violations (ATOMICITY)
>>> Using an unreliable value of "o" inside the second locked section. If the data that "o" depends on was changed by another thread, this use might be incorrect.
153 Object::Queue::iterator it =
154 Object::Queue::s_iterator_to(*o);
155 lane.q.erase(it);
156 lane.lock.unlock();
157 return o;
158 } else {
** CID 1405520: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1282 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
________________________________________________________________________________________________________
*** CID 1405520: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1282 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
1276
1277 template <typename missing_type>
1278 static void read_log_and_missing(
1279 ObjectStore *store,
1280 coll_t pg_coll,
1281 coll_t log_coll,
>>> CID 1405520: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter log_oid of type "ghobject_t" (size 144 bytes) by value.
1282 ghobject_t log_oid,
1283 const pg_info_t &info,
1284 IndexedLog &log,
1285 missing_type &missing,
1286 ostringstream &oss,
1287 bool tolerate_divergent_missing_log,
** CID 1405521: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1261 in PGLog::read_log_and_missing(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool)()
________________________________________________________________________________________________________
*** CID 1405521: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1261 in PGLog::read_log_and_missing(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool)()
1255 );
1256
1257 void read_log_and_missing(
1258 ObjectStore *store,
1259 coll_t pg_coll,
1260 coll_t log_coll,
>>> CID 1405521: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter log_oid of type "ghobject_t" (size 144 bytes) by value.
1261 ghobject_t log_oid,
1262 const pg_info_t &info,
1263 ostringstream &oss,
1264 bool tolerate_divergent_missing_log,
1265 bool debug_verify_stored_missing = false
1266 ) {
** CID 1417061: Compiler dependency (DELETE_ARRAY)
/home/brad/working/src/ceph/src/client/fuse_ll.cc: 121 in getgroups(fuse_req *, unsigned int **)()
________________________________________________________________________________________________________
*** CID 1417061: Compiler dependency (DELETE_ARRAY)
/home/brad/working/src/ceph/src/client/fuse_ll.cc: 121 in getgroups(fuse_req *, unsigned int **)()
115 gid_t *gids = new (std::nothrow) gid_t[c];
116 if (!gids) {
117 return -ENOMEM;
118 }
119 c = fuse_req_getgroups(req, c, gids);
120 if (c < 0) {
>>> CID 1417061: Compiler dependency (DELETE_ARRAY)
>>> Deleting array variable "gids" with non-array delete in "delete gids".
121 delete gids;
122 } else {
123 *sgids = gids;
124 }
125 return c;
126 #endif
** CID 1417062: Incorrect expression (UNINTENDED_INTEGER_DIVISION)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 120 in KvStoreBench::setup(int, const char **)()
________________________________________________________________________________________________________
*** CID 1417062: Incorrect expression (UNINTENDED_INTEGER_DIVISION)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 120 in KvStoreBench::setup(int, const char **)()
114 val_size = atoi(args[i+1]);
115 } else if (strcmp(args[i], "--cache-size") == 0) {
116 cache_size = atoi(args[i+1]);
117 } else if (strcmp(args[i], "--cache-refresh") == 0) {
118 auto temp = atoi(args[i+1]);
119 assert (temp != 0);
>>> CID 1417062: Incorrect expression (UNINTENDED_INTEGER_DIVISION)
>>> Dividing integer expressions "100" and "temp", and then converting the integer quotient to type "double". Any remainder, or fractional part of the quotient, is ignored.
120 cache_refresh = 100 / temp;
121 } else if (strcmp(args[i], "-t") == 0) {
122 max_ops_in_flight = atoi(args[i+1]);
123 } else if (strcmp(args[i], "--clients") == 0) {
124 clients = atoi(args[i+1]);
125 } else if (strcmp(args[i], "-d") == 0) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HWXCLxI9Hvwy6AIjOktPyiqxqjoXsSXJBL-2FkI7Cu1h7bGyGLOcBu7N6ZYB3PwxN6eAKBs4DAhmUu8fgNRnRbfk5U8k8UaJmA-2Bnf0b21mScqTRygT-2FA-2BzJEecy-2BXHx30JB8CpD4GLSlbRZN8BJBB4eLx9nTfKu2b5bz9-2Bw-2BN9f0Cj-2BDeN1XbKFWAMi-2BCGt-2Bh-2Bw-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HWXCLxI9Hvwy6AIjOktPyiqxqjoXsSXJBL-2FkI7Cu1h7b1zC0sVmqB4iH6SBRjovrDYs6-2Bjs7Y5nP56O7JDJoMerfFgTcsL6xITJehu3SWwX0z-2FZo254TcctuhoWqH6jgTGNm5qbtOH8Yhx-2FvrY9v6l31imhS4zel-2FDbnDjQ8c847eWGDeCYAkXQiP6f2xWQbA-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-08-24 23:32 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-08-24 23:32 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
6 new defect(s) introduced to ceph found with Coverity Scan.
12 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 1416843: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_user.cc: 2784 in RGWUserMetadataHandler::list_keys_init(RGWRados *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, void **)()
________________________________________________________________________________________________________
*** CID 1416843: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_user.cc: 2784 in RGWUserMetadataHandler::list_keys_init(RGWRados *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, void **)()
2778
2779 info->store = store;
2780
2781 int ret = store->list_raw_objects_init(store->get_zone_params().user_uid_pool, marker,
2782 &info->ctx);
2783 if (ret < 0) {
>>> CID 1416843: Resource leaks (RESOURCE_LEAK)
>>> Variable "info" going out of scope leaks the storage it points to.
2784 return ret;
2785 }
2786
2787 *phandle = (void *)info;
2788
2789 return 0;
** CID 1416844: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_bucket.cc: 2173 in RGWBucketMetadataHandler::list_keys_init(RGWRados *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, void **)()
________________________________________________________________________________________________________
*** CID 1416844: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_bucket.cc: 2173 in RGWBucketMetadataHandler::list_keys_init(RGWRados *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, void **)()
2167
2168 info->store = store;
2169
2170 int ret = store->list_raw_objects_init(store->get_zone_params().domain_root, marker,
2171 &info->ctx);
2172 if (ret < 0) {
>>> CID 1416844: Resource leaks (RESOURCE_LEAK)
>>> Variable "info" going out of scope leaks the storage it points to.
2173 return ret;
2174 }
2175 *phandle = (void *)info;
2176
2177 return 0;
2178 }
** CID 1416845: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1800 in LibCephFS_ClearSetuid_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1416845: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1800 in LibCephFS_ClearSetuid_Test::TestBody()()
1794 gid_t gids[] = {65533,65532};
1795 UserPerm *altcred = ceph_userperm_new(u, g, sizeof gids / sizeof gids[0], gids);
1796 stx.stx_uid = u;
1797 stx.stx_gid = g;
1798 mode_t m = S_ISGID|S_ISUID|S_IRUSR|S_IWUSR;
1799 stx.stx_mode = m;
>>> CID 1416845: Resource leaks (RESOURCE_LEAK)
>>> Variable "altcred" going out of scope leaks the storage it points to.
1800 ASSERT_EQ(ceph_ll_setattr(cmount, in, &stx, CEPH_STATX_MODE|CEPH_SETATTR_UID|CEPH_SETATTR_GID, rootcred), 0);
1801 ASSERT_EQ(ceph_ll_getattr(cmount, in, &stx, CEPH_STATX_MODE, 0, altcred), 0);
1802 ASSERT_EQ(stx.stx_mode&(mode_t)ALLPERMS, m);
1803 /* not dropped without exe bit */
1804 stx.stx_gid = gids[0];
1805 ASSERT_EQ(ceph_ll_setattr(cmount, in, &stx, CEPH_SETATTR_GID, altcred), 0);
** CID 1416846: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1416846: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/rgw/rgw_lc.h: 121 in LCFilter::encode(ceph::buffer::list &) const()
115
116 bool has_prefix() const {
117 return !prefix.empty();
118 }
119
120 void encode(bufferlist& bl) const {
>>> CID 1416846: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
121 ENCODE_START(1, 1, bl);
122 ::encode(prefix, bl);
123 ENCODE_FINISH(bl);
124 }
125 void decode(bufferlist::iterator& bl) {
126 DECODE_START(1, bl);
** CID 1416847: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_bucket.cc: 2372 in RGWBucketInstanceMetadataHandler::list_keys_init(RGWRados *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, void **)()
________________________________________________________________________________________________________
*** CID 1416847: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_bucket.cc: 2372 in RGWBucketInstanceMetadataHandler::list_keys_init(RGWRados *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, void **)()
2366
2367 info->store = store;
2368
2369 int ret = store->list_raw_objects_init(store->get_zone_params().domain_root, marker,
2370 &info->ctx);
2371 if (ret < 0) {
>>> CID 1416847: Resource leaks (RESOURCE_LEAK)
>>> Variable "info" going out of scope leaks the storage it points to.
2372 return ret;
2373 }
2374 *phandle = (void *)info;
2375
2376 return 0;
2377 }
** CID 1416848: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1416848: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/cls/rbd/cls_rbd_types.cc: 483 in cls::rbd::MirrorImageMap::encode(ceph::buffer::list &) const()
477 f->dump_string("name", name);
478 f->dump_unsigned("deletion_time", deletion_time);
479 f->dump_unsigned("deferment_end_time", deferment_end_time);
480 }
481
482 void MirrorImageMap::encode(bufferlist &bl) const {
>>> CID 1416848: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
483 ENCODE_START(1, 1, bl);
484 ::encode(instance_id, bl);
485 ::encode(data, bl);
486 ENCODE_FINISH(bl);
487 }
488
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EQm6rBqKg8-2FsDqYEpgI93AYqOQn4O6V04lngznPYTIMZ9xBRhpQPyTctZvUpAg8y9GZi1DEQF9Tu8ZRbf4UdcjKz6oZOgPO15wc22nGtImZ2czH5ToVczqo-2B-2F0q0A4BnPKroB6mJErwXesJ9ipOV0UuJNU72riJGvHHJOoXxKFzE5qMHlyptCStlkrN-2BJy4T8-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EQm6rBqKg8-2FsDqYEpgI93AYqOQn4O6V04lngznPYTIMWz2wcwl3HkoIfwUBbRRCx-2FgkDxXEgkFcChT9fQJXE-2FSwAgvO-2Bbm-2BFrdV6oik-2FNHro0ZbbPK6DLwURVx9TpPhaoaaJ64E7u9OmhV0NYiCqQX38yUePqVLrF10RTO39hYxUfUx8MBKxA8XG38QAe7AkU-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-08-17 3:29 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-08-17 3:29 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
8 new defect(s) introduced to ceph found with Coverity Scan.
35 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 1416590: Memory - corruptions (USE_AFTER_FREE)
________________________________________________________________________________________________________
*** CID 1416590: Memory - corruptions (USE_AFTER_FREE)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 552 in RDMAStack::~RDMAStack()()
546 {
547 if (cct->_conf->ms_async_rdma_enable_hugepage) {
548 unsetenv("RDMAV_HUGEPAGES_SAFE"); //remove env variable on destruction
549 }
550
551 dispatcher.polling_stop();
>>> CID 1416590: Memory - corruptions (USE_AFTER_FREE)
>>> Calling "~RDMADispatcher" frees pointer "this->dispatcher.rx_cq" which has already been freed.
552 }
553
554 void RDMAStack::spawn_worker(unsigned i, std::function<void ()> &&func)
555 {
556 threads.resize(i+1);
557 threads[i] = std::thread(func);
** CID 1416591: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1239 in PGLog::read_log_and_missing(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, bool, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool)()
________________________________________________________________________________________________________
*** CID 1416591: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1239 in PGLog::read_log_and_missing(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, bool, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool)()
1233 );
1234
1235 void read_log_and_missing(
1236 ObjectStore *store,
1237 coll_t pg_coll,
1238 coll_t log_coll,
>>> CID 1416591: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter log_oid of type "ghobject_t" (size 144 bytes) by value.
1239 ghobject_t log_oid,
1240 const pg_info_t &info,
1241 bool force_rebuild_missing,
1242 ostringstream &oss,
1243 bool tolerate_divergent_missing_log,
1244 bool debug_verify_stored_missing = false
** CID 1416592: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1261 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, bool, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
________________________________________________________________________________________________________
*** CID 1416592: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1261 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, bool, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
1255
1256 template <typename missing_type>
1257 static void read_log_and_missing(
1258 ObjectStore *store,
1259 coll_t pg_coll,
1260 coll_t log_coll,
>>> CID 1416592: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter log_oid of type "ghobject_t" (size 144 bytes) by value.
1261 ghobject_t log_oid,
1262 const pg_info_t &info,
1263 IndexedLog &log,
1264 missing_type &missing,
1265 bool force_rebuild_missing,
1266 ostringstream &oss,
** CID 1416593: Memory - illegal accesses (USE_AFTER_FREE)
________________________________________________________________________________________________________
*** CID 1416593: Memory - illegal accesses (USE_AFTER_FREE)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 552 in RDMAStack::~RDMAStack()()
546 {
547 if (cct->_conf->ms_async_rdma_enable_hugepage) {
548 unsetenv("RDMAV_HUGEPAGES_SAFE"); //remove env variable on destruction
549 }
550
551 dispatcher.polling_stop();
>>> CID 1416593: Memory - illegal accesses (USE_AFTER_FREE)
>>> Calling "~RDMADispatcher" dereferences freed pointer "this->dispatcher.tx_cc".
552 }
553
554 void RDMAStack::spawn_worker(unsigned i, std::function<void ()> &&func)
555 {
556 threads.resize(i+1);
557 threads[i] = std::thread(func);
** CID 1416594: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 275 in rgw::RGWFileHandle::RGWFileHandle(rgw::RGWLibFS *)()
________________________________________________________________________________________________________
*** CID 1416594: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 275 in rgw::RGWFileHandle::RGWFileHandle(rgw::RGWLibFS *)()
269 fh.fh_type = RGW_FS_TYPE_DIRECTORY;
270 variant_type = directory();
271 /* stat */
272 state.unix_mode = RGW_RWXMODE|S_IFDIR;
273 /* pointer to self */
274 fh.fh_private = this;
>>> CID 1416594: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "fh.fh_hk" is not initialized in this constructor nor in any functions that it calls.
275 }
276
277 uint64_t init_fsid(std::string& uid) {
278 return XXH64(uid.c_str(), uid.length(), fh_key::seed);
279 }
280
** CID 1416595: Memory - corruptions (USE_AFTER_FREE)
________________________________________________________________________________________________________
*** CID 1416595: Memory - corruptions (USE_AFTER_FREE)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 552 in RDMAStack::~RDMAStack()()
546 {
547 if (cct->_conf->ms_async_rdma_enable_hugepage) {
548 unsetenv("RDMAV_HUGEPAGES_SAFE"); //remove env variable on destruction
549 }
550
551 dispatcher.polling_stop();
>>> CID 1416595: Memory - corruptions (USE_AFTER_FREE)
>>> Calling "~RDMADispatcher" frees pointer "this->dispatcher.tx_cq" which has already been freed.
552 }
553
554 void RDMAStack::spawn_worker(unsigned i, std::function<void ()> &&func)
555 {
556 threads.resize(i+1);
557 threads[i] = std::thread(func);
** CID 1416596: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/librados/c_read_operations.cc: 208 in CReadOpsTest_CmpXattr_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1416596: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/librados/c_read_operations.cc: 208 in CReadOpsTest_CmpXattr_Test::TestBody()()
202 TEST_F(CReadOpsTest, CmpXattr) {
203 write_object();
204
205 char buf[len];
206 memset(buf, 0xcc, sizeof(buf));
207
>>> CID 1416596: Memory - corruptions (OVERRUN)
>>> Assigning: "xattr" = ""test"". "xattr" now points to byte 0 of ""test"" (which consists of 5 bytes).
208 const char *xattr = "test";
209 rados_setxattr(ioctx, obj, xattr, buf, sizeof(buf));
210
211 // equal value
212 EXPECT_EQ(1, cmp_xattr(xattr, buf, sizeof(buf), LIBRADOS_CMPXATTR_OP_EQ));
213 EXPECT_EQ(-ECANCELED, cmp_xattr(xattr, buf, sizeof(buf), LIBRADOS_CMPXATTR_OP_NE));
** CID 1416597: Memory - illegal accesses (USE_AFTER_FREE)
________________________________________________________________________________________________________
*** CID 1416597: Memory - illegal accesses (USE_AFTER_FREE)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 552 in RDMAStack::~RDMAStack()()
546 {
547 if (cct->_conf->ms_async_rdma_enable_hugepage) {
548 unsetenv("RDMAV_HUGEPAGES_SAFE"); //remove env variable on destruction
549 }
550
551 dispatcher.polling_stop();
>>> CID 1416597: Memory - illegal accesses (USE_AFTER_FREE)
>>> Calling "~RDMADispatcher" dereferences freed pointer "this->dispatcher.rx_cc".
552 }
553
554 void RDMAStack::spawn_worker(unsigned i, std::function<void ()> &&func)
555 {
556 threads.resize(i+1);
557 threads[i] = std::thread(func);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HJuCdf6fOv6U-2BT-2FfxU234HHO-2FU-2FrdVWrCSKfN5YOY7DbgEhZ8-2B5UG-2FCD2FKz16j4yX1c25Rx7w8cLzh-2B0uCtoEqAhGkEdn8LgdY2K479hJQQJf4vG00srBglzIdO0iy-2FPfTr4yPpAvOVQIFRf6A1qhI7VgiPd5XTAUK-2FxfTx-2BoZauSqnNJtdG258mhSM8Wyo0-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HJuCdf6fOv6U-2BT-2FfxU234HHO-2FU-2FrdVWrCSKfN5YOY7DSNDX-2Bz11nsM28QQkT1KXJKulzaEQCTA-2B0-2BawaUgFrmRszuh1esycUBL296O3a82EtXZ2HKdnqLp4EVd9gr3-2F1jjk0K0YkF170up7pT-2BT2-2F1TlXxCKINLnM8OEgjCRl5ddJPr1lhGeYIEgRuTVpQ6XM-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-08-10 3:50 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-08-10 3:50 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
37 new defect(s) introduced to ceph found with Coverity Scan.
195 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 37 defect(s)
** CID 1020033: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 5303 in dlindependent_calloc()
________________________________________________________________________________________________________
*** CID 1020033: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 5303 in dlindependent_calloc()
5297 return dlmemalign(pagesz, (bytes + pagesz - SIZE_T_ONE) & ~(pagesz - SIZE_T_ONE));
5298 }
5299
5300 void** dlindependent_calloc(size_t n_elements, size_t elem_size,
5301 void* chunks[]) {
5302 size_t sz = elem_size; /* serves as 1-element array */
>>> CID 1020033: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Taking address with "&sz" yields a singleton pointer.
5303 return ialloc(gm, n_elements, &sz, 3, chunks);
5304 }
5305
5306 void** dlindependent_comalloc(size_t n_elements, size_t sizes[],
5307 void* chunks[]) {
5308 return ialloc(gm, n_elements, sizes, 0, chunks);
** CID 1108113: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 3103 in init_mparams()
________________________________________________________________________________________________________
*** CID 1108113: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 3103 in init_mparams()
3097 static int init_mparams(void) {
3098 #ifdef NEED_GLOBAL_LOCK_INIT
3099 if (malloc_global_mutex_status <= 0)
3100 init_malloc_global_mutex();
3101 #endif
3102
>>> CID 1108113: Error handling issues (CHECKED_RETURN)
>>> Calling "spin_acquire_lock" without checking return value (as is done elsewhere 25 out of 29 times).
3103 ACQUIRE_MALLOC_GLOBAL_LOCK();
3104 if (mparams.magic == 0) {
3105 size_t magic;
3106 size_t psize;
3107 size_t gsize;
3108
** CID 1129320: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 5826 in mspace_independent_calloc()
________________________________________________________________________________________________________
*** CID 1129320: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 5826 in mspace_independent_calloc()
5820 size_t sz = elem_size; /* serves as 1-element array */
5821 mstate ms = (mstate)msp;
5822 if (!ok_magic(ms)) {
5823 USAGE_ERROR_ACTION(ms,ms);
5824 return 0;
5825 }
>>> CID 1129320: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Taking address with "&sz" yields a singleton pointer.
5826 return ialloc(ms, n_elements, &sz, 3, chunks);
5827 }
5828
5829 void** mspace_independent_comalloc(mspace msp, size_t n_elements,
5830 size_t sizes[], void* chunks[]) {
5831 mstate ms = (mstate)msp;
** CID 1202734: Memory - corruptions (BAD_FREE)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 4312 in sys_trim()
________________________________________________________________________________________________________
*** CID 1202734: Memory - corruptions (BAD_FREE)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 4312 in sys_trim()
4306 sp->size >= extra &&
4307 !has_segment_link(m, sp)) { /* can't shrink if pinned */
4308 size_t newsize = sp->size - extra;
4309 (void)newsize; /* placate people compiling -Wunused-variable */
4310 /* Prefer mremap, fall back to munmap */
4311 if ((CALL_MREMAP(sp->base, sp->size, newsize, 0) != MFAIL) ||
>>> CID 1202734: Memory - corruptions (BAD_FREE)
>>> "munmap" frees address offset from "sp->base".
4312 (CALL_MUNMAP(sp->base + newsize, extra) == 0)) {
4313 released = extra;
4314 }
4315 }
4316 }
4317 else if (HAVE_MORECORE) {
** CID 1316245: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/cephfs/cephfs-data-scan.cc: 11 in main()
________________________________________________________________________________________________________
*** CID 1316245: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/cephfs/cephfs-data-scan.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "DataScan.h"
9
10
>>> CID 1316245: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
** CID 1316246: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3555 in main()
________________________________________________________________________________________________________
*** CID 1316246: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3555 in main()
3549
3550 out:
3551 delete formatter;
3552 return (ret < 0) ? 1 : 0;
3553 }
3554
>>> CID 1316246: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
3555 int main(int argc, const char **argv)
3556 {
3557 vector<const char*> args;
3558 argv_to_vec(argc, argv, args);
3559 env_to_vec(args);
3560
** CID 1316247: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/scratchtoolpp.cc: 56 in main()
________________________________________________________________________________________________________
*** CID 1316247: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/scratchtoolpp.cc: 56 in main()
50 while ((c = getchar()) != EOF) {
51 if (c == '\n')
52 break;
53 }
54 }
55
>>> CID 1316247: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
56 int main(int argc, const char **argv)
57 {
58 Rados rados;
59 if (rados.init(NULL) < 0) {
60 cerr << "couldn't initialize rados!" << std::endl;
61 exit(1);
** CID 1316248: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 551 in main()
________________________________________________________________________________________________________
*** CID 1316248: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/kv_store_bench.cc: 551 in main()
545 } else {
546 err = test_teuthology_sync(&KvStoreBench::rand_distr, probs);
547 }
548 return err;
549 }
550
>>> CID 1316248: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
551 int main(int argc, const char** argv) {
552 KvStoreBench kvsb;
553 int err = kvsb.setup(argc, argv);
554 if (err == 0) cout << "setup successful" << std::endl;
555 else{
556 cout << "error " << err << std::endl;
** CID 1354457: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 728 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 727 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1354457: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 728 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
722 ioctx.unwatch2(handle);
723
724 std::cout << " flushing" << std::endl;
725 librados::AioCompletion *comp = cluster.aio_create_completion();
726 cluster.aio_watch_flush(comp);
727 ASSERT_EQ(0, comp->wait_for_complete());
>>> CID 1354457: (RESOURCE_LEAK)
>>> Variable "comp" going out of scope leaks the storage it points to.
728 ASSERT_EQ(0, comp->get_return_value());
729 std::cout << " flushed" << std::endl;
730 comp->release();
731 }
732
733 TEST_P(LibRadosWatchNotifyPP, WatchNotify3) {
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 727 in LibRadosWatchNotifyPP_WatchNotify2Timeout_Test::TestBody()()
721 ASSERT_GT(ioctx.watch_check(handle), 0);
722 ioctx.unwatch2(handle);
723
724 std::cout << " flushing" << std::endl;
725 librados::AioCompletion *comp = cluster.aio_create_completion();
726 cluster.aio_watch_flush(comp);
>>> CID 1354457: (RESOURCE_LEAK)
>>> Variable "comp" going out of scope leaks the storage it points to.
727 ASSERT_EQ(0, comp->wait_for_complete());
728 ASSERT_EQ(0, comp->get_return_value());
729 std::cout << " flushed" << std::endl;
730 comp->release();
731 }
732
** CID 1354459: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 689 in LibRadosWatchNotify_WatchNotify2Timeout_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1354459: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/watch_notify.cc: 689 in LibRadosWatchNotify_WatchNotify2Timeout_Test::TestBody()()
683 ASSERT_EQ(1u, notify_cookies.size());
684 ASSERT_GT(rados_watch_check(ioctx, handle), 0);
685
686 rados_unwatch2(ioctx, handle);
687
688 rados_completion_t comp;
>>> CID 1354459: Resource leaks (RESOURCE_LEAK)
>>> Variable "comp" going out of scope leaks the storage it points to.
689 ASSERT_EQ(0, rados_aio_create_completion(NULL, NULL, NULL, &comp));
690 rados_aio_watch_flush(cluster, comp);
691 ASSERT_EQ(0, rados_aio_wait_for_complete(comp));
692 ASSERT_EQ(0, rados_aio_get_return_value(comp));
693 rados_aio_release(comp);
694 rados_buffer_free(reply_buf);
** CID 1395346: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 8226 in BlueStore::_kv_stop()()
________________________________________________________________________________________________________
*** CID 1395346: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 8226 in BlueStore::_kv_stop()()
8220 dout(10) << __func__ << dendl;
8221 {
8222 std::unique_lock<std::mutex> l(kv_lock);
8223 while (!kv_sync_started) {
8224 kv_cond.wait(l);
8225 }
>>> CID 1395346: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->kv_stop" without holding lock "BlueStore.kv_lock". Elsewhere, "BlueStore.kv_stop" is accessed with "BlueStore.kv_lock" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
8226 kv_stop = true;
8227 kv_cond.notify_all();
8228 }
8229 {
8230 std::unique_lock<std::mutex> l(kv_finalize_lock);
8231 while (!kv_finalize_started) {
** CID 1396032: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()
________________________________________________________________________________________________________
*** CID 1396032: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/librbd/test_main.cc: 24 in main()
18 extern void register_test_object_map();
19 extern void register_test_operations();
20 extern void register_test_mirroring();
21 extern void register_test_mirroring_watcher();
22 #endif // TEST_LIBRBD_INTERNALS
23
>>> CID 1396032: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
24 int main(int argc, char **argv)
25 {
26 register_test_librbd();
27 #ifdef TEST_LIBRBD_INTERNALS
28 register_test_groups();
29 register_test_image_watcher();
** CID 1396041: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()
________________________________________________________________________________________________________
*** CID 1396041: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rbd_mirror/test_main.cc: 20 in main()
14 extern void register_test_instances();
15 extern void register_test_leader_watcher();
16 extern void register_test_pool_watcher();
17 extern void register_test_rbd_mirror();
18 extern void register_test_rbd_mirror_image_deleter();
19
>>> CID 1396041: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
20 int main(int argc, char **argv)
21 {
22 register_test_cluster_watcher();
23 register_test_image_sync();
24 register_test_instance_watcher();
25 register_test_instances();
** CID 1412767: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 4082 in sys_alloc()
________________________________________________________________________________________________________
*** CID 1412767: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 4082 in sys_alloc()
4076 */
4077
4078 if (MORECORE_CONTIGUOUS && !use_noncontiguous(m)) {
4079 char* br = CMFAIL;
4080 size_t ssize = asize; /* sbrk call size */
4081 msegmentptr ss = (m->top == 0)? 0 : segment_holding(m, (char*)m->top);
>>> CID 1412767: Error handling issues (CHECKED_RETURN)
>>> Calling "spin_acquire_lock" without checking return value (as is done elsewhere 25 out of 29 times).
4082 ACQUIRE_MALLOC_GLOBAL_LOCK();
4083
4084 if (ss == 0) { /* First time through or recovery */
4085 char* base = (char*)CALL_MORECORE(0);
4086 if (base != CMFAIL) {
4087 size_t fp;
** CID 1412771: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 4320 in sys_trim()
________________________________________________________________________________________________________
*** CID 1412771: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 4320 in sys_trim()
4314 }
4315 }
4316 }
4317 else if (HAVE_MORECORE) {
4318 if (extra >= HALF_MAX_SIZE_T) /* Avoid wrapping negative */
4319 extra = (HALF_MAX_SIZE_T) + SIZE_T_ONE - unit;
>>> CID 1412771: Error handling issues (CHECKED_RETURN)
>>> Calling "spin_acquire_lock" without checking return value (as is done elsewhere 25 out of 29 times).
4320 ACQUIRE_MALLOC_GLOBAL_LOCK();
4321 {
4322 /* Make sure end of memory is where we last set it. */
4323 char* old_br = (char*)(CALL_MORECORE(0));
4324 if (old_br == sp->base + sp->size) {
4325 char* rel_br = (char*)(CALL_MORECORE(-extra));
** CID 1412774: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_ext_2_8_6.c: 899 in internal_node_multialloc()
________________________________________________________________________________________________________
*** CID 1412774: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_ext_2_8_6.c: 899 in internal_node_multialloc()
893 {
894 /* Default contiguous, just check that we can store at least one element */
895 elements_per_segment = INTERNAL_MULTIALLOC_DEFAULT_CONTIGUOUS_MEM/element_req_size;
896 elements_per_segment += (size_t)(!elements_per_segment);
897 }
898 break;
>>> CID 1412774: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "case 18446744073709551615UL:".
899 case DL_MULTIALLOC_ALL_CONTIGUOUS:
900 /* All elements should be allocated in a single call */
901 elements_per_segment = n_elements;
902 break;
903 default:
904 /* Allocate in chunks of "contiguous_elements" */
** CID 1412779: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_ext_2_8_6.c: 1419 in boost_cont_sync_create()
________________________________________________________________________________________________________
*** CID 1412779: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_ext_2_8_6.c: 1419 in boost_cont_sync_create()
1413
1414 void *boost_cont_sync_create()
1415 {
1416 void *p = boost_cont_malloc(sizeof(MLOCK_T));
1417 if(p){
1418 if(0 != INITIAL_LOCK((MLOCK_T*)p)){
>>> CID 1412779: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "boost_cont_free(p);".
1419 boost_cont_free(p);
1420 p = 0;
1421 }
1422 }
1423 return p;
1424 }
** CID 1412790: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/boost/libs/config/checks/architecture/32.cpp: 9 in ()
________________________________________________________________________________________________________
*** CID 1412790: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/boost/libs/config/checks/architecture/32.cpp: 9 in ()
3 // Copyright (c) 2012 Steven Watanabe
4 //
5 // Distributed under the Boost Software License Version 1.0. (See
6 // accompanying file LICENSE_1_0.txt or copy at
7 // https://u2389337.ct.sendgrid.net/wf/click?upn=eMT-2BqXhL85kf4kjMp0VpWCFMlq1TlYlB11Ini8deNjCt00DxPrdVraoAU1pWqOFT_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G18FYACrbQxvEA59Ai-2FYWMyqyg4NQd4x0x5MX8csLWt7-2Bt-2B4OjBBdJM6odqm-2BAUhp86LoxSp0VZms9snHpEsgtrz68Ce-2Bh5WpjedT7778OUyE34yCV-2F2EjO05WDTE29GHPWcbIgFPF4BAuyM5w1AMOxqPp0E6rAgd5kccpDNOcZZAwaeEIFD-2BcNcvCBEJHdZ8-3D
8
>>> CID 1412790: Parse warnings (PARSE_ERROR)
>>> the size of an array must be greater than zero
** CID 1412791: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/boost/libs/config/checks/architecture/arm.cpp: 13 in ()
________________________________________________________________________________________________________
*** CID 1412791: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/boost/libs/config/checks/architecture/arm.cpp: 13 in ()
7 // https://u2389337.ct.sendgrid.net/wf/click?upn=eMT-2BqXhL85kf4kjMp0VpWCFMlq1TlYlB11Ini8deNjCt00DxPrdVraoAU1pWqOFT_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G18FYACrbQxvEA59Ai-2FYWMyqyg4NQd4x0x5MX8csLWt6ylX8SjlIfUmKhcfo7X8Al-2BZlDHNqSQDb6srcWEWmRf4rHonYZQcq8-2BvzQjDYTem5B-2FQx5LcL6MKtBAwS-2BEnB6d8y0Owic2QGBLL8l2Tn6XFPJMvCSE1BcUNdoMG9fBPFv2keSd94gcBeuQRWWQLKM-3D
8
9 #if !defined(__arm__) && !defined(__thumb__) && \
10 !defined(__TARGET_ARCH_ARM) && !defined(__TARGET_ARCH_THUMB) && \
11 !defined(_ARM) && !defined(_M_ARM) && \
12 !defined(__aarch64__)
>>> CID 1412791: Parse warnings (PARSE_ERROR)
>>> #error directive: "Not ARM"
13 #error "Not ARM"
** CID 1412792: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/boost/libs/config/checks/architecture/sparc.cpp: 10 in ()
________________________________________________________________________________________________________
*** CID 1412792: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/boost/libs/config/checks/architecture/sparc.cpp: 10 in ()
4 //
5 // Distributed under the Boost Software License Version 1.0. (See
6 // accompanying file LICENSE_1_0.txt or copy at
7 // https://u2389337.ct.sendgrid.net/wf/click?upn=eMT-2BqXhL85kf4kjMp0VpWCFMlq1TlYlB11Ini8deNjCt00DxPrdVraoAU1pWqOFT_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G18FYACrbQxvEA59Ai-2FYWMyqyg4NQd4x0x5MX8csLWt0Eb8KvLP0-2F-2FK3EaUuMjWkrD8xk6WH6I13j3HryKrS4OxI7-2B1wZv2p4NUurs3bEN6HQUGeea4n3Cd1hwJaIUmSCsVuEIkFaWw-2BZbB664dgXTcjBX0aHNSCN2JDh3Kh2BWGtTlRgDsU-2Fml-2F3AYcB79D4-3D
8
9 #if !defined(__sparc__) && !defined(__sparc)
>>> CID 1412792: Parse warnings (PARSE_ERROR)
>>> #error directive: "Not SPARC"
10 #error "Not SPARC"
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G18FYACrbQxvEA59Ai-2FYWMyqyg4NQd4x0x5MX8csLWt4AvL1Yos2j8VrXTWKko1MeQW0U5Ur0kILnCYdV-2BGpC7FFB5fI3GwuxzxIngd93mSjX7Wn9XFEP81S68N0nFhjiMlsYb0HH8w-2Fwul4vfrByqlsPbD-2FhhYrQ-2BuWcFtOqRcKHCIdC8RvngsVUWfwG0K8M-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G18FYACrbQxvEA59Ai-2FYWMyqyg4NQd4x0x5MX8csLWtyjnraXDHKEbuiypqfZUMKgLiXzD5xGJBtBbsSBQ8Ffd3m6-2BOJzxegtmGKXyOJniqV7hbSiBN7mGu3nQyS4lFK3OnHI3iECLd1Yf-2BiuHR5OX1q4qVK0lR6hAiay2DuNnCLsnuBEPqPUytngiwYXwzwY-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-08-03 4:57 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-08-03 4:57 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1409825: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_file.cc: 359 in rgw::RGWLibFS::unlink(rgw::RGWFileHandle *, const char *, unsigned int)()
________________________________________________________________________________________________________
*** CID 1409825: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_file.cc: 359 in rgw::RGWLibFS::unlink(rgw::RGWFileHandle *, const char *, unsigned int)()
353 rc = req.get_ret();
354 }
355 }
356
357 /* ENOENT when raced with other s3 gateway */
358 if (! rc || rc == -ENOENT) {
>>> CID 1409825: Null pointer dereferences (FORWARD_NULL)
>>> Dereferencing null pointer "rgw_fh".
359 rgw_fh->flags |= RGWFileHandle::FLAG_DELETED;
360 fh_cache.remove(rgw_fh->fh.fh_hk.object, rgw_fh,
361 RGWFileHandle::FHCache::FLAG_LOCK);
362 }
363
364 if (! rc) {
** CID 1416109: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/tools/rbd/action/MergeDiff.cc: 404 in rbd::action::merge_diff::do_merge_diff(const char *, const char *, const char *, bool)()
________________________________________________________________________________________________________
*** CID 1416109: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/tools/rbd/action/MergeDiff.cc: 404 in rbd::action::merge_diff::do_merge_diff(const char *, const char *, const char *, bool)()
398 pc.fail();
399 if (pd > 2)
400 unlink(path);
401 } else
402 pc.finish();
403
>>> CID 1416109: Resource leaks (RESOURCE_LEAK)
>>> Handle variable "sd" going out of scope leaks the handle.
404 return r;
405 }
406
407 void get_arguments(po::options_description *positional,
408 po::options_description *options) {
409 positional->add_options()
** CID 1416110: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/rgw/rgw_op.cc: 5291 in RGWCompleteMultipart::execute()()
________________________________________________________________________________________________________
*** CID 1416110: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/rgw/rgw_op.cc: 5291 in RGWCompleteMultipart::execute()()
5285 rados::cls::lock::Lock l("RGWCompleteMultipart");
5286 int max_lock_secs_mp = s->cct->_conf->get_val<int64_t>("rgw_mp_lock_max_time");
5287
5288 op.assert_exists();
5289 store->obj_to_raw((s->bucket_info).placement_rule, meta_obj, &raw_obj);
5290 store->get_obj_data_pool((s->bucket_info).placement_rule,meta_obj,&meta_pool);
>>> CID 1416110: Error handling issues (CHECKED_RETURN)
>>> Calling "open_pool_ctx" without checking return value (as is done elsewhere 6 out of 7 times).
5291 store->open_pool_ctx(meta_pool, ioctx);
5292
5293 const string raw_meta_oid = raw_obj.oid;
5294 utime_t time(max_lock_secs_mp, 0);
5295 l.set_duration(time);
5296 l.lock_exclusive(&op);
** CID 1416111: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1416111: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/osd/osd_types.cc: 4130 in pg_log_dup_t::encode(ceph::buffer::list &) const()
4124 {
4125 return "dup_" + version.get_key_name();
4126 }
4127
4128 void pg_log_dup_t::encode(bufferlist &bl) const
4129 {
>>> CID 1416111: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
4130 ENCODE_START(1, 1, bl);
4131 ::encode(reqid, bl);
4132 ::encode(version, bl);
4133 ::encode(user_version, bl);
4134 ::encode(return_code, bl);
4135 ENCODE_FINISH(bl);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E2MSMr71IldpKS7gNpK3ScFTMRw9FJdy3YGvm6G8hLT4zuhKQGcsnyxDVRshe2DgPIF99CKytmrLo-2F1QS-2F3YYgfklaQj6t0LQeovcxfqW3ZFL-2FiohxyZ72SVhn2wOCHIWjhJuKOHtI9FQLMHsv-2BAQegGQMjH3-2BNryhIiNPMO7LHbejiKmc4pF1t9UjJ-2BvsORY-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E2MSMr71IldpKS7gNpK3ScFTMRw9FJdy3YGvm6G8hLT62nAU0lLI8alqgdg4Asf1pI2icXa34bjrY5lZSFxNUhv1BBdMv2SlpESAFi1zTA8VlUV9nOsef-2FKBCXevWn0E-2BrgxzEkb7dbWxiIZGJJlSSqDEBt40UAfUvMTNlIuDVeyZQrTjwi4KdfU2lJKj-2BVOQ-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2017-07-28 18:42 ` Gregory Farnum
@ 2017-07-28 22:22 ` Brad Hubbard
0 siblings, 0 replies; 124+ messages in thread
From: Brad Hubbard @ 2017-07-28 22:22 UTC (permalink / raw)
To: Gregory Farnum; +Cc: scan-admin, ceph-devel
On Sat, Jul 29, 2017 at 4:42 AM, Gregory Farnum <gfarnum@redhat.com> wrote:
> ________________________________________________________________________________________________________
>> *** CID 1415755: Memory - corruptions (OVERRUN)
>> /home/brad/working/src/ceph/src/mon/MonCommand.h: 39 in MonCommand::encode(ceph::buffer::list &) const()
>> 33
>> 34 bool has_flag(uint64_t flag) const { return (flags & flag) != 0; }
>> 35 void set_flag(uint64_t flag) { flags |= flag; }
>> 36 void unset_flag(uint64_t flag) { flags &= ~flag; }
>> 37
>> 38 void encode(bufferlist &bl) const {
>>>>> CID 1415755: Memory - corruptions (OVERRUN)
>>>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
>> 39 ENCODE_START(1, 1, bl);
>> 40 encode_bare(bl);
>> 41 ::encode(flags, bl);
>> 42 ENCODE_FINISH(bl);
>> 43 }
>> 44
>
> I looked at this one briefly and don't understand it at all. The only
> ceph_le32 I can find related to it is the struct_v (defined in the
> macro), and there's nothing referencing it oddly! Anybody have some
> idea?
We could try compiling with "-fsanitize=address" and exercise this code then try
it under valgrind (I imagine this is already done since this code is well used).
If neither of those show up the problem we could probably flag it as a false
positive?
> -Greg
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Cheers,
Brad
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2017-07-27 3:50 scan-admin
@ 2017-07-28 18:42 ` Gregory Farnum
2017-07-28 22:22 ` Brad Hubbard
0 siblings, 1 reply; 124+ messages in thread
From: Gregory Farnum @ 2017-07-28 18:42 UTC (permalink / raw)
To: scan-admin; +Cc: ceph-devel
________________________________________________________________________________________________________
> *** CID 1415755: Memory - corruptions (OVERRUN)
> /home/brad/working/src/ceph/src/mon/MonCommand.h: 39 in MonCommand::encode(ceph::buffer::list &) const()
> 33
> 34 bool has_flag(uint64_t flag) const { return (flags & flag) != 0; }
> 35 void set_flag(uint64_t flag) { flags |= flag; }
> 36 void unset_flag(uint64_t flag) { flags &= ~flag; }
> 37
> 38 void encode(bufferlist &bl) const {
>>>> CID 1415755: Memory - corruptions (OVERRUN)
>>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
> 39 ENCODE_START(1, 1, bl);
> 40 encode_bare(bl);
> 41 ::encode(flags, bl);
> 42 ENCODE_FINISH(bl);
> 43 }
> 44
I looked at this one briefly and don't understand it at all. The only
ceph_le32 I can find related to it is the struct_v (defined in the
macro), and there's nothing referencing it oddly! Anybody have some
idea?
-Greg
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-07-27 3:50 scan-admin
2017-07-28 18:42 ` Gregory Farnum
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2017-07-27 3:50 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
119 new defect(s) introduced to ceph found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 119 defect(s)
** CID 742343: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/functional: 1862 in std::function<int (std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)>::function()()
________________________________________________________________________________________________________
*** CID 742343: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/functional: 1862 in std::function<int (std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)>::function()()
1856
1857 /**
1858 * @brief Default construct creates an empty function call wrapper.
1859 * @post @c !(bool)*this
1860 */
1861 function() noexcept
>>> CID 742343: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
1862 : _Function_base() { }
1863
1864 /**
1865 * @brief Creates an empty function call wrapper.
1866 * @post @c !(bool)*this
1867 */
** CID 1415737: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rgw/test_http_manager.cc: 46 in main()
/home/brad/working/src/ceph/src/test/rgw/test_http_manager.cc: 46 in main()
________________________________________________________________________________________________________
*** CID 1415737: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/rgw/test_http_manager.cc: 46 in main()
40 for (size_t i = 0; i < num_requests; i++) {
41 RGWHTTPClient client{cct};
42 http.add_request(&client, "PUT", "https://u2389337.ct.sendgrid.net/wf/click?upn=fD34396FQoQ91T9x-2BhmXx3zqBikxIjbLh07rMjDngok-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F5lXRZqPomtFYhumhQS7Ys56UCLMyraoRU8cAgH5Gb9p-2FOEaXwDBubR7a6vGsxgMl66a2ESHQ-2BDPgGAanQFq9zMj-2BvVvPhZ0KNXhClovkOFoICV8ApnfOJg22A8DyebqOnvcVPoFlLPJ7NKm-2FAP6YCEZCHZIDB4-2Fw8o1j0vzgp57YlHqZFQYywQinyxnevN-2Fg-3D");
43 }
44 }
45
>>> CID 1415737: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
46 int main(int argc, char** argv)
47 {
48 vector<const char*> args;
49 argv_to_vec(argc, (const char **)argv, args);
50
51 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
/home/brad/working/src/ceph/src/test/rgw/test_http_manager.cc: 46 in main()
40 for (size_t i = 0; i < num_requests; i++) {
41 RGWHTTPClient client{cct};
42 http.add_request(&client, "PUT", "https://u2389337.ct.sendgrid.net/wf/click?upn=fD34396FQoQ91T9x-2BhmXx3zqBikxIjbLh07rMjDngok-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F5lXRZqPomtFYhumhQS7Ys56UCLMyraoRU8cAgH5Gb9nO0iFRmZD9uPWZHcvbCWZ62mEVFjMkDtjtMAALfiMgyOgNHh3OXa0oRFVBiJXDXsNxmMeMbRDVrip9IFae-2B5nLiIMKNjJ6avJaRPApEflKbgvOiIhtgOIYYi6zG36Q7rqnZp786jKHmyzxQQLX-2B3-2FM-3D");
43 }
44 }
45
>>> CID 1415737: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
46 int main(int argc, char** argv)
47 {
48 vector<const char*> args;
49 argv_to_vec(argc, (const char **)argv, args);
50
51 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
** CID 1415738: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/journal/test_main.cc: 12 in main()
/home/brad/working/src/ceph/src/test/journal/test_main.cc: 12 in main()
/home/brad/working/src/ceph/src/test/journal/test_main.cc: 12 in main()
________________________________________________________________________________________________________
*** CID 1415738: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/journal/test_main.cc: 12 in main()
6 #include "common/ceph_crypto.h"
7 #include "common/config.h"
8 #include "global/global_context.h"
9 #include "global/global_init.h"
10 #include <vector>
11
>>> CID 1415738: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
12 int main(int argc, char **argv)
13 {
14 ::testing::InitGoogleTest(&argc, argv);
15
16 std::vector<const char*> args;
17 argv_to_vec(argc, (const char **)argv, args);
/home/brad/working/src/ceph/src/test/journal/test_main.cc: 12 in main()
6 #include "common/ceph_crypto.h"
7 #include "common/config.h"
8 #include "global/global_context.h"
9 #include "global/global_init.h"
10 #include <vector>
11
>>> CID 1415738: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
12 int main(int argc, char **argv)
13 {
14 ::testing::InitGoogleTest(&argc, argv);
15
16 std::vector<const char*> args;
17 argv_to_vec(argc, (const char **)argv, args);
/home/brad/working/src/ceph/src/test/journal/test_main.cc: 12 in main()
6 #include "common/ceph_crypto.h"
7 #include "common/config.h"
8 #include "global/global_context.h"
9 #include "global/global_init.h"
10 #include <vector>
11
>>> CID 1415738: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
12 int main(int argc, char **argv)
13 {
14 ::testing::InitGoogleTest(&argc, argv);
15
16 std::vector<const char*> args;
17 argv_to_vec(argc, (const char **)argv, args);
** CID 1415739: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/omap_bench.cc: 414 in main()
________________________________________________________________________________________________________
*** CID 1415739: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/omap_bench.cc: 414 in main()
408 }
409
410 /**
411 * runs the specified test with the specified parameters and generates
412 * a histogram of latencies
413 */
>>> CID 1415739: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
414 int main(int argc, const char** argv) {
415 OmapBench ob;
416 int err = ob.setup(argc, argv);
417 if (err<0) {
418 cout << "error during setup: "<<err;
419 cout << std::endl;
** CID 1415740: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 4697 in C_ExtentCmpRead::C_ExtentCmpRead(PrimaryLogPG *, OSDOp &, boost::optional<unsigned int>, unsigned long, OSDService *, hobject_t, unsigned int)()
________________________________________________________________________________________________________
*** CID 1415740: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 4697 in C_ExtentCmpRead::C_ExtentCmpRead(PrimaryLogPG *, OSDOp &, boost::optional<unsigned int>, unsigned long, OSDService *, hobject_t, unsigned int)()
4691 Context *fill_extent_ctx;
4692
4693 C_ExtentCmpRead(PrimaryLogPG *primary_log_pg, OSDOp &osd_op,
4694 boost::optional<uint32_t> maybe_crc, uint64_t size,
4695 OSDService *osd, hobject_t soid, __le32 flags)
4696 : primary_log_pg(primary_log_pg), osd_op(osd_op),
>>> CID 1415740: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "fill_extent_ctx" of "C_ExtentCmpRead" but there is no destructor.
4697 fill_extent_ctx(new FillInVerifyExtent(&read_length, &osd_op.rval,
4698 &read_bl, maybe_crc, size,
4699 osd, soid, flags)) {
4700 }
4701
4702 void finish(int r) override {
** CID 1415741: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_cors.cc: 882 in main()
/home/brad/working/src/ceph/src/test/test_cors.cc: 882 in main()
________________________________________________________________________________________________________
*** CID 1415741: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_cors.cc: 882 in main()
876 EXPECT_EQ(204U, g_test->get_resp_code());
877 g_test->send_request("GET", "/" S3_BUCKET_NAME "?cors");
878 EXPECT_EQ(404U, g_test->get_resp_code());
879 ASSERT_EQ(0, delete_bucket());
880 }
881
>>> CID 1415741: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
882 int main(int argc, char *argv[]){
883 vector<const char*> args;
884 argv_to_vec(argc, (const char **)argv, args);
885
886 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
887 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/test_cors.cc: 882 in main()
876 EXPECT_EQ(204U, g_test->get_resp_code());
877 g_test->send_request("GET", "/" S3_BUCKET_NAME "?cors");
878 EXPECT_EQ(404U, g_test->get_resp_code());
879 ASSERT_EQ(0, delete_bucket());
880 }
881
>>> CID 1415741: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
882 int main(int argc, char *argv[]){
883 vector<const char*> args;
884 argv_to_vec(argc, (const char **)argv, args);
885
886 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
887 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1415742: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
________________________________________________________________________________________________________
*** CID 1415742: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1415742: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1415742: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1415742: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1415743: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_rgw_admin_opstate.cc: 804 in main()
/home/brad/working/src/ceph/src/test/test_rgw_admin_opstate.cc: 804 in main()
________________________________________________________________________________________________________
*** CID 1415743: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_rgw_admin_opstate.cc: 804 in main()
798 EXPECT_EQ(200U, g_test->get_resp_code());
799
800 ASSERT_EQ(caps_rm(cname, perm), 0);
801 ASSERT_EQ(user_rm(uid, display_name), 0);
802 }
803
>>> CID 1415743: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
804 int main(int argc, char *argv[]){
805 vector<const char*> args;
806 argv_to_vec(argc, (const char **)argv, args);
807
808 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
809 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/test_rgw_admin_opstate.cc: 804 in main()
798 EXPECT_EQ(200U, g_test->get_resp_code());
799
800 ASSERT_EQ(caps_rm(cname, perm), 0);
801 ASSERT_EQ(user_rm(uid, display_name), 0);
802 }
803
>>> CID 1415743: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
804 int main(int argc, char *argv[]){
805 vector<const char*> args;
806 argv_to_vec(argc, (const char **)argv, args);
807
808 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
809 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1415744: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/messenger/simple_server.cc: 35 in main()
/home/brad/working/src/ceph/src/test/messenger/simple_server.cc: 35 in main()
________________________________________________________________________________________________________
*** CID 1415744: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/messenger/simple_server.cc: 35 in main()
29 #include "common/address_helper.h"
30 #include "simple_dispatcher.h"
31
32 #define dout_subsys ceph_subsys_simple_server
33
34
>>> CID 1415744: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
35 int main(int argc, const char **argv)
36 {
37 vector<const char*> args;
38 Messenger *messenger;
39 Dispatcher *dispatcher;
40 std::vector<const char*>::iterator arg_iter;
/home/brad/working/src/ceph/src/test/messenger/simple_server.cc: 35 in main()
29 #include "common/address_helper.h"
30 #include "simple_dispatcher.h"
31
32 #define dout_subsys ceph_subsys_simple_server
33
34
>>> CID 1415744: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
35 int main(int argc, const char **argv)
36 {
37 vector<const char*> args;
38 Messenger *messenger;
39 Dispatcher *dispatcher;
40 std::vector<const char*>::iterator arg_iter;
** CID 1415745: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3555 in main()
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3555 in main()
________________________________________________________________________________________________________
*** CID 1415745: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3555 in main()
3549
3550 out:
3551 delete formatter;
3552 return (ret < 0) ? 1 : 0;
3553 }
3554
>>> CID 1415745: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
3555 int main(int argc, const char **argv)
3556 {
3557 vector<const char*> args;
3558 argv_to_vec(argc, argv, args);
3559 env_to_vec(args);
3560
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3555 in main()
3549
3550 out:
3551 delete formatter;
3552 return (ret < 0) ? 1 : 0;
3553 }
3554
>>> CID 1415745: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
3555 int main(int argc, const char **argv)
3556 {
3557 vector<const char*> args;
3558 argv_to_vec(argc, argv, args);
3559 env_to_vec(args);
3560
** CID 1415746: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
________________________________________________________________________________________________________
*** CID 1415746: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
323 // point defined in that library (fatal error LNK1561: entry point
324 // must be defined). This dummy test keeps gtest_main linked in.
325 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
326
327 #endif
328
>>> CID 1415746: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
329 int main(int argc, char **argv) {
330 vector<const char*> args;
331 argv_to_vec(argc, (const char **)argv, args);
332 env_to_vec(args);
333
334 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
323 // point defined in that library (fatal error LNK1561: entry point
324 // must be defined). This dummy test keeps gtest_main linked in.
325 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
326
327 #endif
328
>>> CID 1415746: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
329 int main(int argc, char **argv) {
330 vector<const char*> args;
331 argv_to_vec(argc, (const char **)argv, args);
332 env_to_vec(args);
333
334 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
323 // point defined in that library (fatal error LNK1561: entry point
324 // must be defined). This dummy test keeps gtest_main linked in.
325 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
326
327 #endif
328
>>> CID 1415746: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
329 int main(int argc, char **argv) {
330 vector<const char*> args;
331 argv_to_vec(argc, (const char **)argv, args);
332 env_to_vec(args);
333
334 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
/home/brad/working/src/ceph/src/test/objectstore/test_kv.cc: 329 in main()
323 // point defined in that library (fatal error LNK1561: entry point
324 // must be defined). This dummy test keeps gtest_main linked in.
325 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
326
327 #endif
328
>>> CID 1415746: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
329 int main(int argc, char **argv) {
330 vector<const char*> args;
331 argv_to_vec(argc, (const char **)argv, args);
332 env_to_vec(args);
333
334 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
** CID 1415747: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
________________________________________________________________________________________________________
*** CID 1415747: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1415747: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
74 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1415747: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
74 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1415747: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
74 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1415747: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
74 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1415748: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/ObjectMap/test_keyvaluedb_iterators.cc: 1741 in main()
/home/brad/working/src/ceph/src/test/ObjectMap/test_keyvaluedb_iterators.cc: 1741 in main()
________________________________________________________________________________________________________
*** CID 1415748: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/ObjectMap/test_keyvaluedb_iterators.cc: 1741 in main()
/home/brad/working/src/ceph/src/test/ObjectMap/test_keyvaluedb_iterators.cc: 1741 in main()
1735 SCOPED_TRACE("MockDB: Empty Store, Upper Bound");
1736 UpperBound(mock->get_iterator());
1737 ASSERT_FALSE(HasFatalFailure());
1738 }
1739
1740
>>> CID 1415748: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
1741 int main(int argc, char *argv[])
1742 {
1743 vector<const char*> args;
1744 argv_to_vec(argc, (const char **) argv, args);
1745
1746 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
** CID 1415749: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
________________________________________________________________________________________________________
*** CID 1415749: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1415749: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 env_to_vec(args);
36 argv_to_vec(argc, argv, args);
37
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1415749: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 env_to_vec(args);
36 argv_to_vec(argc, argv, args);
37
/home/brad/working/src/ceph/src/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1415749: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 env_to_vec(args);
36 argv_to_vec(argc, argv, args);
37
** CID 1415750: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/test_idempotent_sequence.cc: 202 in main()
/home/brad/working/src/ceph/src/test/objectstore/test_idempotent_sequence.cc: 202 in main()
/home/brad/working/src/ceph/src/test/objectstore/test_idempotent_sequence.cc: 202 in main()
________________________________________________________________________________________________________
*** CID 1415750: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/test_idempotent_sequence.cc: 202 in main()
196 }
197
198 usage(our_name, command);
199 exit(1);
200 }
201
>>> CID 1415750: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
202 int main(int argc, const char *argv[])
203 {
204 vector<const char*> def_args;
205 vector<const char*> args;
206 our_name = argv[0];
207 argv_to_vec(argc, argv, args);
/home/brad/working/src/ceph/src/test/objectstore/test_idempotent_sequence.cc: 202 in main()
196 }
197
198 usage(our_name, command);
199 exit(1);
200 }
201
>>> CID 1415750: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
202 int main(int argc, const char *argv[])
203 {
204 vector<const char*> def_args;
205 vector<const char*> args;
206 our_name = argv[0];
207 argv_to_vec(argc, argv, args);
/home/brad/working/src/ceph/src/test/objectstore/test_idempotent_sequence.cc: 202 in main()
196 }
197
198 usage(our_name, command);
199 exit(1);
200 }
201
>>> CID 1415750: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
202 int main(int argc, const char *argv[])
203 {
204 vector<const char*> def_args;
205 vector<const char*> args;
206 our_name = argv[0];
207 argv_to_vec(argc, argv, args);
** CID 1415751: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
________________________________________________________________________________________________________
*** CID 1415751: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
356 out:
357 ceph_shutdown(admin);
358 return r;
359 }
360
361
>>> CID 1415751: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
362 int main(int argc, char **argv)
363 {
364 int r = update_root_mode();
365 if (r < 0)
366 exit(1);
367
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
356 out:
357 ceph_shutdown(admin);
358 return r;
359 }
360
361
>>> CID 1415751: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
362 int main(int argc, char **argv)
363 {
364 int r = update_root_mode();
365 if (r < 0)
366 exit(1);
367
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
356 out:
357 ceph_shutdown(admin);
358 return r;
359 }
360
361
>>> CID 1415751: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
362 int main(int argc, char **argv)
363 {
364 int r = update_root_mode();
365 if (r < 0)
366 exit(1);
367
/home/brad/working/src/ceph/src/test/libcephfs/access.cc: 362 in main()
356 out:
357 ceph_shutdown(admin);
358 return r;
359 }
360
361
>>> CID 1415751: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
362 int main(int argc, char **argv)
363 {
364 int r = update_root_mode();
365 if (r < 0)
366 exit(1);
367
** CID 1415752: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/crushtool.cc: 242 in main()
/home/brad/working/src/ceph/src/tools/crushtool.cc: 242 in main()
________________________________________________________________________________________________________
*** CID 1415752: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/crushtool.cc: 242 in main()
236 struct layer_t {
237 const char *name;
238 const char *buckettype;
239 int size;
240 };
241
>>> CID 1415752: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
242 int main(int argc, const char **argv)
243 {
244 vector<const char*> args;
245 argv_to_vec(argc, argv, args);
246
247 const char *me = argv[0];
/home/brad/working/src/ceph/src/tools/crushtool.cc: 242 in main()
236 struct layer_t {
237 const char *name;
238 const char *buckettype;
239 int size;
240 };
241
>>> CID 1415752: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
242 int main(int argc, const char **argv)
243 {
244 vector<const char*> args;
245 argv_to_vec(argc, argv, args);
246
247 const char *me = argv[0];
** CID 1415753: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
/home/brad/working/src/ceph/src/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
/home/brad/working/src/ceph/src/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
________________________________________________________________________________________________________
*** CID 1415753: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1415753: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
/home/brad/working/src/ceph/src/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1415753: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
/home/brad/working/src/ceph/src/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1415753: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
** CID 1415754: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/test_memstore_clone.cc: 178 in main()
/home/brad/working/src/ceph/src/test/objectstore/test_memstore_clone.cc: 178 in main()
________________________________________________________________________________________________________
*** CID 1415754: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/objectstore/test_memstore_clone.cc: 178 in main()
172 t.clone_range(cid, src, dst, 2, 8, 2);
173 ASSERT_EQ(0u, store->apply_transaction(nullptr, std::move(t)));
174 ASSERT_EQ(12, store->read(cid, dst, 0, 12, result));
175 ASSERT_EQ(expected, result);
176 }
177
>>> CID 1415754: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
178 int main(int argc, char** argv)
179 {
180 // default to memstore
181 vector<const char*> defaults{
182 "--osd_objectstore", "memstore",
183 "--osd_data", "msc.test_temp_dir",
/home/brad/working/src/ceph/src/test/objectstore/test_memstore_clone.cc: 178 in main()
172 t.clone_range(cid, src, dst, 2, 8, 2);
173 ASSERT_EQ(0u, store->apply_transaction(nullptr, std::move(t)));
174 ASSERT_EQ(12, store->read(cid, dst, 0, 12, result));
175 ASSERT_EQ(expected, result);
176 }
177
>>> CID 1415754: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
178 int main(int argc, char** argv)
179 {
180 // default to memstore
181 vector<const char*> defaults{
182 "--osd_objectstore", "memstore",
183 "--osd_data", "msc.test_temp_dir",
** CID 1415755: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1415755: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/mon/MonCommand.h: 39 in MonCommand::encode(ceph::buffer::list &) const()
33
34 bool has_flag(uint64_t flag) const { return (flags & flag) != 0; }
35 void set_flag(uint64_t flag) { flags |= flag; }
36 void unset_flag(uint64_t flag) { flags &= ~flag; }
37
38 void encode(bufferlist &bl) const {
>>> CID 1415755: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
39 ENCODE_START(1, 1, bl);
40 encode_bare(bl);
41 ::encode(flags, bl);
42 ENCODE_FINISH(bl);
43 }
44
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F5lXRZqPomtFYhumhQS7Ys56UCLMyraoRU8cAgH5Gb9r7Tl14jaYgei9cmXUNtbkKA9CKloT1XjbviuMsCqkdz1egGjn1xXAwJTyshEhHNeYGifRuQQEpdBBZHTWtIurE2UL1R9kFjuncnHFGhWm-2FVRCsu5aVc-2B1KJM2BNeVvtTrdR1ozfp02EGO22F4feolk-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F5lXRZqPomtFYhumhQS7Ys56UCLMyraoRU8cAgH5Gb9j-2Bpg6pHeTbKjI8DZWvhcJ0ZQPkkgqILLEefrJ3oXrTmCx5mhrh4-2BH5NegCIozE0Zs-2FkYK238q0u-2FoKoWnynQmdqdfGpx2b4vg90WpcOaaYTpFNyKK6W7Wl0SbftvvVpG8XqwTL3XY3hI9hT1r14OCg-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-07-20 4:08 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-07-20 4:08 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
17 new defect(s) introduced to ceph found with Coverity Scan.
16 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 17 of 17 defect(s)
** CID 1415542: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 49347 in __pyx_pf_5rados_5Ioctx_126application_metadata_list()
________________________________________________________________________________________________________
*** CID 1415542: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 49347 in __pyx_pf_5rados_5Ioctx_126application_metadata_list()
49341 *
49342 *
49343 */
49344 free(__pyx_v_c_vals);
49345 goto __pyx_L5;
49346 }
>>> CID 1415542: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
PyThreadState *__pyx_ts...".
49347 /*exception exit:*/{
49348 __Pyx_PyThreadState_declare
49349 __pyx_L4_error:;
49350 __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0; __pyx_t_20 = 0;
49351 __Pyx_PyThreadState_assign
49352 __Pyx_XDECREF(__pyx_t_12); __pyx_t_12 = 0;
** CID 1415543: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MOSDPGRecoveryDeleteReply.h: 30 in MOSDPGRecoveryDeleteReply::MOSDPGRecoveryDeleteReply()()
________________________________________________________________________________________________________
*** CID 1415543: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MOSDPGRecoveryDeleteReply.h: 30 in MOSDPGRecoveryDeleteReply::MOSDPGRecoveryDeleteReply()()
24 spg_t get_spg() const override {
25 return pgid;
26 }
27
28 MOSDPGRecoveryDeleteReply()
29 : MOSDFastDispatchOp(MSG_OSD_PG_RECOVERY_DELETE_REPLY, HEAD_VERSION, COMPAT_VERSION)
>>> CID 1415543: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "min_epoch" is not initialized in this constructor nor in any functions that it calls.
30 {}
31
32 void decode_payload() override {
33 bufferlist::iterator p = payload.begin();
34 ::decode(pgid.pgid, p);
35 ::decode(map_epoch, p);
** CID 1415544: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48431 in __pyx_pw_5rados_5Ioctx_125application_metadata_remove()
________________________________________________________________________________________________________
*** CID 1415544: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48431 in __pyx_pw_5rados_5Ioctx_125application_metadata_remove()
48425 }
48426 kw_args = PyDict_Size(__pyx_kwds);
48427 switch (pos_args) {
48428 case 0:
48429 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_app_name)) != 0)) kw_args--;
48430 else goto __pyx_L5_argtuple_error;
>>> CID 1415544: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
48431 case 1:
48432 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
48433 else {
48434 __Pyx_RaiseArgtupleInvalid("application_metadata_remove", 1, 2, 2, 1); __PYX_ERR(0, 3654, __pyx_L3_error)
48435 }
48436 }
** CID 1415545: (OVERRUN)
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1272 in LibRadosMisc_Applications_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1262 in LibRadosMisc_Applications_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1301 in LibRadosMisc_Applications_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1309 in LibRadosMisc_Applications_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1302 in LibRadosMisc_Applications_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1310 in LibRadosMisc_Applications_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1415545: (OVERRUN)
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1272 in LibRadosMisc_Applications_Test::TestBody()()
1266 ASSERT_EQ(0, rados_application_enable(ioctx, "app2", 1));
1267
1268 ASSERT_EQ(-ERANGE, rados_application_list(ioctx, apps, &app_len));
1269 ASSERT_EQ(16U, app_len);
1270 ASSERT_EQ(0, rados_application_list(ioctx, apps, &app_len));
1271 ASSERT_EQ(16U, app_len);
>>> CID 1415545: (OVERRUN)
>>> Overrunning array ""app1\0app2\0rados"" of 17 bytes by passing it to a function which accesses it at byte offset 127 using argument "app_len" (which evaluates to 128).
1272 ASSERT_EQ(0, memcmp("app1\0app2\0rados\0", apps, app_len));
1273
1274 char keys[128];
1275 char vals[128];
1276 size_t key_len;
1277 size_t val_len;
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1262 in LibRadosMisc_Applications_Test::TestBody()()
1256 char apps[128];
1257 size_t app_len;
1258
1259 app_len = sizeof(apps);
1260 ASSERT_EQ(0, rados_application_list(ioctx, apps, &app_len));
1261 ASSERT_EQ(6U, app_len);
>>> CID 1415545: (OVERRUN)
>>> Overrunning array ""rados"" of 7 bytes by passing it to a function which accesses it at byte offset 127 using argument "app_len" (which evaluates to 128).
1262 ASSERT_EQ(0, memcmp("rados\0", apps, app_len));
1263
1264 ASSERT_EQ(0, rados_application_enable(ioctx, "app1", 1));
1265 ASSERT_EQ(-EPERM, rados_application_enable(ioctx, "app2", 0));
1266 ASSERT_EQ(0, rados_application_enable(ioctx, "app2", 1));
1267
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1301 in LibRadosMisc_Applications_Test::TestBody()()
1295 ASSERT_EQ(10U, key_len);
1296 ASSERT_EQ(14U, val_len);
1297 ASSERT_EQ(0, rados_application_metadata_list(ioctx, "app1", keys, &key_len,
1298 vals, &val_len));
1299 ASSERT_EQ(10U, key_len);
1300 ASSERT_EQ(14U, val_len);
>>> CID 1415545: (OVERRUN)
>>> Overrunning array ""key1\0key2"" of 11 bytes by passing it to a function which accesses it at byte offset 127 using argument "key_len" (which evaluates to 128).
1301 ASSERT_EQ(0, memcmp("key1\0key2\0", keys, key_len));
1302 ASSERT_EQ(0, memcmp("value1\0value2\0", vals, val_len));
1303
1304 ASSERT_EQ(0, rados_application_metadata_remove(ioctx, "app1", "key1"));
1305 ASSERT_EQ(0, rados_application_metadata_list(ioctx, "app1", keys, &key_len,
1306 vals, &val_len));
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1309 in LibRadosMisc_Applications_Test::TestBody()()
1303
1304 ASSERT_EQ(0, rados_application_metadata_remove(ioctx, "app1", "key1"));
1305 ASSERT_EQ(0, rados_application_metadata_list(ioctx, "app1", keys, &key_len,
1306 vals, &val_len));
1307 ASSERT_EQ(5U, key_len);
1308 ASSERT_EQ(7U, val_len);
>>> CID 1415545: (OVERRUN)
>>> Overrunning array ""key2"" of 6 bytes by passing it to a function which accesses it at byte offset 127 using argument "key_len" (which evaluates to 128).
1309 ASSERT_EQ(0, memcmp("key2\0", keys, key_len));
1310 ASSERT_EQ(0, memcmp("value2\0", vals, val_len));
1311 }
1312
1313 TEST_F(LibRadosMiscPP, Applications) {
1314 bufferlist inbl, outbl;
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1302 in LibRadosMisc_Applications_Test::TestBody()()
1296 ASSERT_EQ(14U, val_len);
1297 ASSERT_EQ(0, rados_application_metadata_list(ioctx, "app1", keys, &key_len,
1298 vals, &val_len));
1299 ASSERT_EQ(10U, key_len);
1300 ASSERT_EQ(14U, val_len);
1301 ASSERT_EQ(0, memcmp("key1\0key2\0", keys, key_len));
>>> CID 1415545: (OVERRUN)
>>> Overrunning array ""value1\0value2"" of 15 bytes by passing it to a function which accesses it at byte offset 127 using argument "val_len" (which evaluates to 128).
1302 ASSERT_EQ(0, memcmp("value1\0value2\0", vals, val_len));
1303
1304 ASSERT_EQ(0, rados_application_metadata_remove(ioctx, "app1", "key1"));
1305 ASSERT_EQ(0, rados_application_metadata_list(ioctx, "app1", keys, &key_len,
1306 vals, &val_len));
1307 ASSERT_EQ(5U, key_len);
/home/brad/working/src/ceph/src/test/librados/misc.cc: 1310 in LibRadosMisc_Applications_Test::TestBody()()
1304 ASSERT_EQ(0, rados_application_metadata_remove(ioctx, "app1", "key1"));
1305 ASSERT_EQ(0, rados_application_metadata_list(ioctx, "app1", keys, &key_len,
1306 vals, &val_len));
1307 ASSERT_EQ(5U, key_len);
1308 ASSERT_EQ(7U, val_len);
1309 ASSERT_EQ(0, memcmp("key2\0", keys, key_len));
>>> CID 1415545: (OVERRUN)
>>> Overrunning array ""value2"" of 8 bytes by passing it to a function which accesses it at byte offset 127 using argument "val_len" (which evaluates to 128).
1310 ASSERT_EQ(0, memcmp("value2\0", vals, val_len));
1311 }
1312
1313 TEST_F(LibRadosMiscPP, Applications) {
1314 bufferlist inbl, outbl;
1315 string outs;
** CID 1415546: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 917 in boost::function1<void, int>::assign_to<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1)()
________________________________________________________________________________________________________
*** CID 1415546: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 917 in boost::function1<void, int>::assign_to<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1)()
911 get_vtable()->base.manager(f.functor, this->functor,
912 boost::detail::function::clone_functor_tag);
913 }
914 }
915
916 template<typename Functor>
>>> CID 1415546: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "PrimaryLogPG::remove_missing_object(hobject_t const &, eversion_t, Context *)::[lambda(int) (instance 1)]" (size 1104 bytes) by value.
917 void assign_to(Functor f)
918 {
919 using boost::detail::function::vtable_base;
920
921 typedef typename boost::detail::function::get_function_tag<Functor>::type tag;
922 typedef boost::detail::function::BOOST_FUNCTION_GET_INVOKER<tag> get_invoker;
** CID 1415547: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MOSDPGRecoveryDelete.h: 47 in MOSDPGRecoveryDelete::MOSDPGRecoveryDelete()()
________________________________________________________________________________________________________
*** CID 1415547: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MOSDPGRecoveryDelete.h: 47 in MOSDPGRecoveryDelete::MOSDPGRecoveryDelete()()
41 void set_cost(uint64_t c) {
42 cost = c;
43 }
44
45 MOSDPGRecoveryDelete()
46 : MOSDFastDispatchOp(MSG_OSD_PG_RECOVERY_DELETE, HEAD_VERSION,
>>> CID 1415547: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "cost" is not initialized in this constructor nor in any functions that it calls.
47 COMPAT_VERSION) {}
48
49 MOSDPGRecoveryDelete(pg_shard_t from, spg_t pgid, epoch_t map_epoch,
50 epoch_t min_epoch)
51 : MOSDFastDispatchOp(MSG_OSD_PG_RECOVERY_DELETE, HEAD_VERSION,
52 COMPAT_VERSION),
** CID 1415548: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 1065 in boost::function<void (int)>::function<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
________________________________________________________________________________________________________
*** CID 1415548: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 1065 in boost::function<void (int)>::function<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
1059
1060 public:
1061
1062 function() : base_type() {}
1063
1064 template<typename Functor>
>>> CID 1415548: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "PrimaryLogPG::remove_missing_object(hobject_t const &, eversion_t, Context *)::[lambda(int) (instance 1)]" (size 1104 bytes) by value.
1065 function(Functor f
1066 #ifndef BOOST_NO_SFINAE
1067 ,typename boost::enable_if_c<
1068 !(is_integral<Functor>::value),
1069 int>::type = 0
1070 #endif
** CID 1415549: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48033 in __pyx_pw_5rados_5Ioctx_123application_metadata_set()
________________________________________________________________________________________________________
*** CID 1415549: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48033 in __pyx_pw_5rados_5Ioctx_123application_metadata_set()
48027 }
48028 kw_args = PyDict_Size(__pyx_kwds);
48029 switch (pos_args) {
48030 case 0:
48031 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_app_name)) != 0)) kw_args--;
48032 else goto __pyx_L5_argtuple_error;
>>> CID 1415549: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
48033 case 1:
48034 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
48035 else {
48036 __Pyx_RaiseArgtupleInvalid("application_metadata_set", 1, 3, 3, 1); __PYX_ERR(0, 3627, __pyx_L3_error)
48037 }
48038 case 2:
** CID 1415550: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 605 in boost::detail::function::basic_vtable1<void, int>::assign_to<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, boost::detail::function::function_obj_tag) const()
________________________________________________________________________________________________________
*** CID 1415550: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 605 in boost::detail::function::basic_vtable1<void, int>::assign_to<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, boost::detail::function::function_obj_tag) const()
599 functor_wrapper_type* new_f = static_cast<functor_wrapper_type*>(copy);
600 functor.members.obj_ptr = new_f;
601 }
602
603 template<typename FunctionObj>
604 bool
>>> CID 1415550: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "PrimaryLogPG::remove_missing_object(hobject_t const &, eversion_t, Context *)::[lambda(int) (instance 1)]" (size 1104 bytes) by value.
605 assign_to(FunctionObj f, function_buffer& functor, function_obj_tag) const
606 {
607 if (!boost::detail::function::has_empty_target(boost::addressof(f))) {
608 assign_functor(f, functor,
609 mpl::bool_<(function_allows_small_object_optimization<FunctionObj>::value)>());
610 return true;
** CID 1415551: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48038 in __pyx_pw_5rados_5Ioctx_123application_metadata_set()
________________________________________________________________________________________________________
*** CID 1415551: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 48038 in __pyx_pw_5rados_5Ioctx_123application_metadata_set()
48032 else goto __pyx_L5_argtuple_error;
48033 case 1:
48034 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
48035 else {
48036 __Pyx_RaiseArgtupleInvalid("application_metadata_set", 1, 3, 3, 1); __PYX_ERR(0, 3627, __pyx_L3_error)
48037 }
>>> CID 1415551: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
48038 case 2:
48039 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_value)) != 0)) kw_args--;
48040 else {
48041 __Pyx_RaiseArgtupleInvalid("application_metadata_set", 1, 3, 3, 2); __PYX_ERR(0, 3627, __pyx_L3_error)
48042 }
48043 }
** CID 1415552: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 47921 in __pyx_pf_5rados_5Ioctx_120application_list()
________________________________________________________________________________________________________
*** CID 1415552: Control flow issues (UNREACHABLE)
/src/pybind/rados/rados.c: 47921 in __pyx_pf_5rados_5Ioctx_120application_list()
47915 */
47916 /*finally:*/ {
47917 /*normal exit:*/{
47918 free(__pyx_v_apps);
47919 goto __pyx_L5;
47920 }
>>> CID 1415552: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
PyThreadState *__pyx_ts...".
47921 /*exception exit:*/{
47922 __Pyx_PyThreadState_declare
47923 __pyx_L4_error:;
47924 __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0;
47925 __Pyx_PyThreadState_assign
47926 __Pyx_XDECREF(__pyx_t_9); __pyx_t_9 = 0;
** CID 1415553: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MOSDPGRecoveryDelete.h: 56 in MOSDPGRecoveryDelete::MOSDPGRecoveryDelete(pg_shard_t, spg_t, unsigned int, unsigned int)()
________________________________________________________________________________________________________
*** CID 1415553: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MOSDPGRecoveryDelete.h: 56 in MOSDPGRecoveryDelete::MOSDPGRecoveryDelete(pg_shard_t, spg_t, unsigned int, unsigned int)()
50 epoch_t min_epoch)
51 : MOSDFastDispatchOp(MSG_OSD_PG_RECOVERY_DELETE, HEAD_VERSION,
52 COMPAT_VERSION),
53 from(from),
54 pgid(pgid),
55 map_epoch(map_epoch),
>>> CID 1415553: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "cost" is not initialized in this constructor nor in any functions that it calls.
56 min_epoch(min_epoch) {}
57
58 private:
59 ~MOSDPGRecoveryDelete() {}
60
61 public:
** CID 1415554: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1330 in CrushWrapper::_alloc_class_id() const()
________________________________________________________________________________________________________
*** CID 1415554: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1330 in CrushWrapper::_alloc_class_id() const()
1324 if (class_id >= 0) {
1325 return class_id;
1326 }
1327 // wrapped, pick a random start and do exhaustive search
1328 uint32_t upperlimit = numeric_limits<int32_t>::max();
1329 upperlimit++;
>>> CID 1415554: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1330 class_id = rand() % upperlimit;
1331 const auto start = class_id;
1332 do {
1333 if (!class_name.count(class_id)) {
1334 return class_id;
1335 } else {
** CID 1415555: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 495 in boost::detail::function::basic_vtable1<void, int>::assign_to<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &) const()
________________________________________________________________________________________________________
*** CID 1415555: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 495 in boost::detail::function::basic_vtable1<void, int>::assign_to<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &) const()
489
490 typedef result_type (*invoker_type)(function_buffer&
491 BOOST_FUNCTION_COMMA
492 BOOST_FUNCTION_TEMPLATE_ARGS);
493
494 template<typename F>
>>> CID 1415555: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "PrimaryLogPG::remove_missing_object(hobject_t const &, eversion_t, Context *)::[lambda(int) (instance 1)]" (size 1104 bytes) by value.
495 bool assign_to(F f, function_buffer& functor) const
496 {
497 typedef typename get_function_tag<F>::type tag;
498 return assign_to(f, functor, tag());
499 }
500 template<typename F,typename Allocator>
** CID 1415556: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 718 in boost::function1<void, int>::function1<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
________________________________________________________________________________________________________
*** CID 1415556: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 718 in boost::function1<void, int>::function1<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
712
713 BOOST_FUNCTION_FUNCTION() : function_base() { }
714
715 // MSVC chokes if the following two constructors are collapsed into
716 // one with a default parameter.
717 template<typename Functor>
>>> CID 1415556: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "PrimaryLogPG::remove_missing_object(hobject_t const &, eversion_t, Context *)::[lambda(int) (instance 1)]" (size 1104 bytes) by value.
718 BOOST_FUNCTION_FUNCTION(Functor BOOST_FUNCTION_TARGET_FIX(const &) f
719 #ifndef BOOST_NO_SFINAE
720 ,typename boost::enable_if_c<
721 !(is_integral<Functor>::value),
722 int>::type = 0
723 #endif // BOOST_NO_SFINAE
** CID 1415557: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 584 in boost::detail::function::basic_vtable1<void, int>::assign_functor<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, mpl_::bool_<(bool)0>) const()
________________________________________________________________________________________________________
*** CID 1415557: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 584 in boost::detail::function::basic_vtable1<void, int>::assign_functor<PrimaryLogPG::remove_missing_object(const hobject_t &, eversion_t, Context *)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, mpl_::bool_<(bool)0>) const()
578 assign_functor(f,functor,mpl::true_());
579 }
580
581 // Assign to a function object allocated on the heap.
582 template<typename FunctionObj>
583 void
>>> CID 1415557: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "PrimaryLogPG::remove_missing_object(hobject_t const &, eversion_t, Context *)::[lambda(int) (instance 1)]" (size 1104 bytes) by value.
584 assign_functor(FunctionObj f, function_buffer& functor, mpl::false_) const
585 {
586 functor.members.obj_ptr = new FunctionObj(f);
587 }
588 template<typename FunctionObj,typename Allocator>
589 void
** CID 1415558: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 47305 in __pyx_pw_5rados_5Ioctx_119application_enable()
________________________________________________________________________________________________________
*** CID 1415558: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 47305 in __pyx_pw_5rados_5Ioctx_119application_enable()
47299 }
47300 kw_args = PyDict_Size(__pyx_kwds);
47301 switch (pos_args) {
47302 case 0:
47303 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_app_name)) != 0)) kw_args--;
47304 else goto __pyx_L5_argtuple_error;
>>> CID 1415558: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
47305 case 1:
47306 if (kw_args > 0) {
47307 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_force);
47308 if (value) { values[1] = value; kw_args--; }
47309 }
47310 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HqmEi2R22YHXkWCosYE9EXLpHsybSNI-2FOQhMZUz6G9OuU0N8q7Uz1CboFB8Edir6bGZC9vy-2BYZokvyRdjMgQZRUzf5LuMKEmAHOvhzBXZT3hQ0Qkusfl5l740nl6QqMToukNsD0seRLn7bN0NpSoQVYDxrWQdCda9lwgN2koQZI-2Bb3G0MbC7owCOWkweFSyEw-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HqmEi2R22YHXkWCosYE9EXLpHsybSNI-2FOQhMZUz6G9Ot5JNAil7JiPkDb5bK2douJenOLgPXJVJauLjwemkUnFFF9SYD0i8nlcoPxVWQFhRjHOeyUgVKstO4SHSS95h9l7BjWFjchtDFu8VnzqqoUv4YBT-2FdfZ5q4UsY26nNO3C5-2BzsKI9rh45IsCP29lN-2BI0-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-07-13 5:11 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-07-13 5:11 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
11 new defect(s) introduced to ceph found with Coverity Scan.
11 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 11 of 11 defect(s)
** CID 1414864: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1414864: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/mgr/ServiceMap.cc: 57 in ServiceMap::Service::encode(ceph::buffer::list &, unsigned long) const()
51 }
52
53 // Service
54
55 void ServiceMap::Service::encode(bufferlist& bl, uint64_t features) const
56 {
>>> CID 1414864: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
57 ENCODE_START(1, 1, bl);
58 ::encode(daemons, bl, features);
59 ::encode(summary, bl);
60 ENCODE_FINISH(bl);
61 }
62
** CID 1414865: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/filestore/HashIndex.cc: 382 in HashIndex::write_settings()()
________________________________________________________________________________________________________
*** CID 1414865: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/filestore/HashIndex.cc: 382 in HashIndex::write_settings()()
376 return r;
377 return write_settings();
378 }
379
380 int HashIndex::write_settings() {
381 if (cct->_conf->filestore_split_rand_factor > 0) {
>>> CID 1414865: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
382 settings.split_rand_factor = rand() % cct->_conf->filestore_split_rand_factor;
383 } else {
384 settings.split_rand_factor = 0;
385 }
386 vector<string> path;
387 bufferlist bl;
** CID 1414866: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1414866: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/mgr/ServiceMap.cc: 12 in ServiceMap::Daemon::encode(ceph::buffer::list &, unsigned long) const()
6 #include "common/Formatter.h"
7
8 // Daemon
9
10 void ServiceMap::Daemon::encode(bufferlist& bl, uint64_t features) const
11 {
>>> CID 1414866: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
12 ENCODE_START(1, 1, bl);
13 ::encode(gid, bl);
14 ::encode(addr, bl, features);
15 ::encode(start_epoch, bl);
16 ::encode(start_stamp, bl);
17 ::encode(metadata, bl);
** CID 1414867: Memory - illegal accesses (USE_AFTER_FREE)
/home/brad/working/src/ceph/src/mon/Monitor.cc: 1596 in Monitor::reset_probe_timeout()()
________________________________________________________________________________________________________
*** CID 1414867: Memory - illegal accesses (USE_AFTER_FREE)
/home/brad/working/src/ceph/src/mon/Monitor.cc: 1596 in Monitor::reset_probe_timeout()()
1590 cancel_probe_timeout();
1591 probe_timeout_event = new C_MonContext(this, [this](int r) {
1592 probe_timeout(r);
1593 });
1594 double t = g_conf->mon_probe_timeout;
1595 timer.add_event_after(t, probe_timeout_event);
>>> CID 1414867: Memory - illegal accesses (USE_AFTER_FREE)
>>> Passing freed pointer "this->probe_timeout_event" as an argument to "operator <<".
1596 dout(10) << "reset_probe_timeout " << probe_timeout_event << " after " << t << " seconds" << dendl;
1597 }
1598
1599 void Monitor::probe_timeout(int r)
1600 {
1601 dout(4) << "probe_timeout " << probe_timeout_event << dendl;
** CID 1414868: Control flow issues (MISSING_RESTORE)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 4119 in BlueStore::_open_bdev(bool)()
________________________________________________________________________________________________________
*** CID 1414868: Control flow issues (MISSING_RESTORE)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 4119 in BlueStore::_open_bdev(bool)()
4113 assert(block_size == 1u << block_size_order);
4114 // and set cache_size based on device type
4115 r = _set_cache_sizes();
4116 if (r < 0) {
4117 goto fail_close;
4118 }
>>> CID 1414868: Control flow issues (MISSING_RESTORE)
>>> Value of non-local "this->bdev" that was verified to be "NULL" is not restored as it was along other paths.
4119 return 0;
4120
4121 fail_close:
4122 bdev->close();
4123 fail:
4124 delete bdev;
** CID 1414869: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1414869: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/mgr/ServiceMap.cc: 93 in ServiceMap::encode(ceph::buffer::list &, unsigned long) const()
87 }
88
89 // ServiceMap
90
91 void ServiceMap::encode(bufferlist& bl, uint64_t features) const
92 {
>>> CID 1414869: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
93 ENCODE_START(1, 1, bl);
94 ::encode(epoch, bl);
95 ::encode(modified, bl);
96 ::encode(services, bl, features);
97 ENCODE_FINISH(bl);
98 }
** CID 1414870: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1414870: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/cls/lock/cls_lock_types.h: 108 in rados::cls::lock::lock_info_t::encode(ceph::buffer::list &, unsigned long) const()
102 ClsLockType lock_type; // lock type (exclusive / shared)
103 string tag; // tag: operations on lock can only succeed with this tag
104 // as long as set of non expired lockers
105 // is bigger than 0.
106
107 void encode(bufferlist &bl, uint64_t features) const {
>>> CID 1414870: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
108 ENCODE_START(1, 1, bl);
109 ::encode(lockers, bl, features);
110 uint8_t t = (uint8_t)lock_type;
111 ::encode(t, bl);
112 ::encode(tag, bl);
113 ENCODE_FINISH(bl);
** CID 1414871: Incorrect expression (SIZEOF_MISMATCH)
/home/brad/working/src/ceph/src/isa-l/igzip/huff_codes.c: 1390 in isal_create_hufftables()
________________________________________________________________________________________________________
*** CID 1414871: Incorrect expression (SIZEOF_MISMATCH)
/home/brad/working/src/ceph/src/isa-l/igzip/huff_codes.c: 1390 in isal_create_hufftables()
1384
1385 create_code_tables(lit_table, lit_table_sizes, IGZIP_LIT_TABLE_SIZE, lit_huff_table);
1386
1387 create_packed_len_table(len_table, lit_huff_table);
1388 create_packed_dist_table(dist_table, IGZIP_DIST_TABLE_SIZE, dist_huff_table);
1389
>>> CID 1414871: Incorrect expression (SIZEOF_MISMATCH)
>>> Passing argument "deflate_hdr" of type "uint8_t *" and argument "8U /* sizeof (deflate_hdr) */" to function "set_buf" is suspicious.
1390 set_buf(&header_bitbuf, deflate_hdr, sizeof(deflate_hdr));
1391 init(&header_bitbuf);
1392
1393 hlit = max_lit_len_sym - 256;
1394 hdist = max_dist_sym;
1395
** CID 1414872: Incorrect expression (SIZEOF_MISMATCH)
/home/brad/working/src/ceph/src/isa-l/igzip/huff_codes.c: 1481 in isal_create_hufftables_subset()
________________________________________________________________________________________________________
*** CID 1414872: Incorrect expression (SIZEOF_MISMATCH)
/home/brad/working/src/ceph/src/isa-l/igzip/huff_codes.c: 1481 in isal_create_hufftables_subset()
1475
1476 create_code_tables(lit_table, lit_table_sizes, IGZIP_LIT_TABLE_SIZE, lit_huff_table);
1477
1478 create_packed_len_table(len_table, lit_huff_table);
1479 create_packed_dist_table(dist_table, IGZIP_DIST_TABLE_SIZE, dist_huff_table);
1480
>>> CID 1414872: Incorrect expression (SIZEOF_MISMATCH)
>>> Passing argument "deflate_hdr" of type "uint8_t *" and argument "8U /* sizeof (deflate_hdr) */" to function "set_buf" is suspicious.
1481 set_buf(&header_bitbuf, deflate_hdr, sizeof(deflate_hdr));
1482 init(&header_bitbuf);
1483
1484 hlit = max_lit_len_sym - 256;
1485 hdist = max_dist_sym;
1486
** CID 1414873: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/rgw/rgw_op.cc: 3716 in RGWPostObj::execute()()
________________________________________________________________________________________________________
*** CID 1414873: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/rgw/rgw_op.cc: 3716 in RGWPostObj::execute()()
3710 op_ret = -ERR_TOO_SMALL;
3711 return;
3712 }
3713
3714 s->obj_size = ofs;
3715
>>> CID 1414873: Uninitialized variables (UNINIT)
>>> Using uninitialized element of array "calc_md5" when calling "strcmp".
3716 if (supplied_md5_b64 && strcmp(calc_md5, supplied_md5)) {
3717 op_ret = -ERR_BAD_DIGEST;
3718 return;
3719 }
3720
3721 op_ret = store->check_quota(s->bucket_owner.get_id(), s->bucket,
** CID 1414874: Memory - illegal accesses (UNINIT)
/home/brad/working/src/ceph/src/compressor/zlib/ZlibCompressor.cc: 115 in ZlibCompressor::isal_compress(const ceph::buffer::list &, ceph::buffer::list &)()
________________________________________________________________________________________________________
*** CID 1414874: Memory - illegal accesses (UNINIT)
/home/brad/working/src/ceph/src/compressor/zlib/ZlibCompressor.cc: 115 in ZlibCompressor::isal_compress(const ceph::buffer::list &, ceph::buffer::list &)()
109
110 #if __x86_64__ && defined(HAVE_BETTER_YASM_ELF64)
111 int ZlibCompressor::isal_compress(const bufferlist &in, bufferlist &out)
112 {
113 int ret;
114 unsigned have;
>>> CID 1414874: Memory - illegal accesses (UNINIT)
>>> Declaring variable "strm" without initializer.
115 isal_zstream strm;
116 unsigned char* c_in;
117 int begin = 1;
118
119 /* allocate deflate state */
120 isal_deflate_init(&strm);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GgUHDK3UdKUZb0vpG-2Fz19Ghj7-2Bx-2FKWvgGtKe2pBI0awbrnxqUxRLcPqBM1Vp1NF-2F3gwQrwIAPVElxtQMRscsFh1WtQdX4JANyHU0xgmGaBVUjmpp2BBqSvQ25-2FOLVbF8wvW2cvH68a1zd9mDtBJS8ZJrA0IYUr4qd0W8Ak6WUG6ZU0WPgJbVubSULSlFFd250-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GgUHDK3UdKUZb0vpG-2Fz19Ghj7-2Bx-2FKWvgGtKe2pBI0awYdxU42XtgK12zM2JW75KTpHQ0BnOgU3rYwE29D-2FETObwGymbUVyYoPhnWuZOz0pwMmFoOpgrKXxi4pqD-2FnlXTQODJDxsXnXttjVj0EN41ZxTnq428Ik05KCr97hRWjUpE-2B26YTDaxHAe3dkT99VIWw-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-07-06 5:03 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-07-06 5:03 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
27 new defect(s) introduced to ceph found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 27 defect(s)
** CID 1395636: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 821 in get_attrs(ObjectStore *, coll_t, ghobject_t, ObjectStore::Transaction *, ceph::buffer::list &, OSDriver &, SnapMapper &)()
________________________________________________________________________________________________________
*** CID 1395636: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 821 in get_attrs(ObjectStore *, coll_t, ghobject_t, ObjectStore::Transaction *, ceph::buffer::list &, OSDriver &, SnapMapper &)()
815 cerr << "\tdata: offset " << ds.offset << " len " << ds.len << std::endl;
816 t->write(coll, hoid, ds.offset, ds.len, ds.databl);
817 return 0;
818 }
819
820 int get_attrs(
>>> CID 1395636: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter hoid of type "ghobject_t" (size 144 bytes) by value.
821 ObjectStore *store, coll_t coll, ghobject_t hoid,
822 ObjectStore::Transaction *t, bufferlist &bl,
823 OSDriver &driver, SnapMapper &snap_mapper)
824 {
825 bufferlist::iterator ebliter = bl.begin();
826 attr_section as;
** CID 1414508: Incorrect expression (PW.ASSIGN_WHERE_COMPARE_MEANT)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAConnectedSocketImpl.cc: 606 in ()
________________________________________________________________________________________________________
*** CID 1414508: Incorrect expression (PW.ASSIGN_WHERE_COMPARE_MEANT)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAConnectedSocketImpl.cc: 606 in ()
600 void RDMAConnectedSocketImpl::notify()
601 {
602 uint64_t i = 1;
603 int ret;
604
605 ret = write(notify_fd, &i, sizeof(i));
>>> CID 1414508: Incorrect expression (PW.ASSIGN_WHERE_COMPARE_MEANT)
>>> use of "=" where "==" may have been intended
606 assert(ret = sizeof(i));
607 }
608
609 void RDMAConnectedSocketImpl::shutdown()
610 {
611 if (!error)
** CID 1414509: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/msg/async/net_handler.cc: 190 in ceph::NetHandler::generic_connect(const entity_addr_t &, const entity_addr_t &, bool)()
________________________________________________________________________________________________________
*** CID 1414509: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/msg/async/net_handler.cc: 190 in ceph::NetHandler::generic_connect(const entity_addr_t &, const entity_addr_t &, bool)()
184 if (ret < 0) {
185 close(s);
186 return ret;
187 }
188 }
189
>>> CID 1414509: Error handling issues (CHECKED_RETURN)
>>> Calling "set_socket_options" without checking return value (as is done elsewhere 5 out of 6 times).
190 set_socket_options(s, cct->_conf->ms_tcp_nodelay, cct->_conf->ms_tcp_rcvbuf);
191
192 {
193 entity_addr_t addr = bind_addr;
194 if (cct->_conf->ms_bind_before_connect && (!addr.is_blank_ip())) {
195 addr.set_port(0);
** CID 1414510: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/libradosstriper/RadosStriperImpl.cc: 378 in <unnamed>::BasicStatCompletionData::BasicStatCompletionData(libradosstriper::RadosStriperImpl *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librados::AioCompletionImpl *, libradosstriper::MultiAioCompletionImpl *, unsigned long *, int)()
________________________________________________________________________________________________________
*** CID 1414510: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/libradosstriper/RadosStriperImpl.cc: 378 in <unnamed>::BasicStatCompletionData::BasicStatCompletionData(libradosstriper::RadosStriperImpl *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librados::AioCompletionImpl *, libradosstriper::MultiAioCompletionImpl *, unsigned long *, int)()
372 librados::AioCompletionImpl *userCompletion,
373 libradosstriper::MultiAioCompletionImpl *multiCompletion,
374 uint64_t *psize,
375 int n = 1) :
376 CompletionData(striper, soid, "", userCompletion, n),
377 m_multiCompletion(multiCompletion), m_psize(psize),
>>> CID 1414510: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_objectSize" is not initialized in this constructor nor in any functions that it calls.
378 m_statRC(0), m_getxattrRC(0) {};
379 // MultiAioCompletionImpl used to handle the double aysnc
380 // call in the back (stat + getxattr)
381 libradosstriper::MultiAioCompletionImpl *m_multiCompletion;
382 // where to store the size of first objct
383 // this will be ignored but we need a place to store it when
** CID 1414511: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 554 in RDMAStack::RDMAStack(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1414511: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 554 in RDMAStack::RDMAStack(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
548 ldout(cct, 20) << __func__ << " constructing RDMAStack..." << dendl;
549 dispatcher = new RDMADispatcher(cct, this);
550 global_infiniband->set_dispatcher(dispatcher);
551
552 unsigned num = get_num_worker();
553 for (unsigned i = 0; i < num; ++i) {
>>> CID 1414511: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "w" = "dynamic_cast <RDMAWorker *>(this->get_worker(i))".
554 RDMAWorker* w = dynamic_cast<RDMAWorker*>(get_worker(i));
555 w->set_stack(this);
556 }
557
558 ldout(cct, 20) << " creating RDMAStack:" << this << " with dispatcher:" << dispatcher << dendl;
559 }
** CID 1414512: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 480 in Infiniband::MemoryManager::Chunk::Chunk(ibv_mr *, unsigned int, char *)()
________________________________________________________________________________________________________
*** CID 1414512: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 480 in Infiniband::MemoryManager::Chunk::Chunk(ibv_mr *, unsigned int, char *)()
474 }
475
476
477 Infiniband::MemoryManager::Chunk::Chunk(ibv_mr* m, uint32_t len, char* b)
478 : mr(m), bytes(len), offset(0), buffer(b)
479 {
>>> CID 1414512: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "bound" is not initialized in this constructor nor in any functions that it calls.
480 }
481
482 Infiniband::MemoryManager::Chunk::~Chunk()
483 {
484 }
485
** CID 1414513: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/mon/LogMonitor.cc: 433 in LogMonitor::preprocess_command(boost::intrusive_ptr<MonOpRequest>)()
________________________________________________________________________________________________________
*** CID 1414513: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/mon/LogMonitor.cc: 433 in LogMonitor::preprocess_command(boost::intrusive_ptr<MonOpRequest>)()
427 auto match = [level, channel](const LogEntry &entry) {
428 return entry.prio >= level && (entry.channel == channel || channel == "*");
429 };
430
431 auto p = summary.tail.end();
432 while (num > 0 && p != summary.tail.begin()) {
>>> CID 1414513: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
433 if (match(*p)) {
434 num--;
435 }
436 --p;
437 }
438 ostringstream ss;
** CID 1414514: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/filestore/FileStore.cc: 3255 in FileStore::read(const coll_t &, const ghobject_t &, unsigned long, unsigned long, ceph::buffer::list &, unsigned int)()
________________________________________________________________________________________________________
*** CID 1414514: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/filestore/FileStore.cc: 3255 in FileStore::read(const coll_t &, const ghobject_t &, unsigned long, unsigned long, ceph::buffer::list &, unsigned int)()
3249 dout(10) << __FUNC__ << ": " << cid << "/" << oid << " " << offset << "~"
3250 << got << "/" << len << dendl;
3251 if (cct->_conf->filestore_debug_inject_read_err &&
3252 debug_data_eio(oid)) {
3253 return -EIO;
3254 } else if (cct->_conf->filestore_debug_random_read_err &&
>>> CID 1414514: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3255 (rand() % (int)(cct->_conf->filestore_debug_random_read_err * 100.0)) == 0) {
3256 dout(0) << __func__ << ": inject random EIO" << dendl;
3257 return -EIO;
3258 } else {
3259 tracepoint(objectstore, read_exit, got);
3260 return got;
** CID 1414515: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 559 in RDMAStack::RDMAStack(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1414515: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAStack.cc: 559 in RDMAStack::RDMAStack(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
553 for (unsigned i = 0; i < num; ++i) {
554 RDMAWorker* w = dynamic_cast<RDMAWorker*>(get_worker(i));
555 w->set_stack(this);
556 }
557
558 ldout(cct, 20) << " creating RDMAStack:" << this << " with dispatcher:" << dispatcher << dendl;
>>> CID 1414515: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "perf_counter" is not initialized in this constructor nor in any functions that it calls.
559 }
560
561 RDMAStack::~RDMAStack()
562 {
563 if (cct->_conf->ms_async_rdma_enable_hugepage) {
564 unsetenv("RDMAV_HUGEPAGES_SAFE"); //remove env variable on destruction
** CID 1414516: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 715 in Infiniband::Infiniband(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned char)()
________________________________________________________________________________________________________
*** CID 1414516: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 715 in Infiniband::Infiniband(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned char)()
709 }
710
711
712 Infiniband::Infiniband(CephContext *cct, const std::string &device_name, uint8_t port_num)
713 : cct(cct), lock("IB lock"), device_name(device_name), port_num(port_num)
714 {
>>> CID 1414516: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "pd" is not initialized in this constructor nor in any functions that it calls.
715 }
716
717 void Infiniband::init()
718 {
719 Mutex::Locker l(lock);
720
** CID 1414517: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/io/test_mock_ImageRequestWQ.cc: 50 in librbd::io::ImageRequest<librbd::<unnamed>::MockTestImageCtx>::ImageRequest()()
________________________________________________________________________________________________________
*** CID 1414517: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/io/test_mock_ImageRequestWQ.cc: 50 in librbd::io::ImageRequest<librbd::<unnamed>::MockTestImageCtx>::ImageRequest()()
44 MOCK_CONST_METHOD0(start_op, void());
45 MOCK_CONST_METHOD0(send, void());
46 MOCK_CONST_METHOD1(fail, void(int));
47
48 ImageRequest() {
49 s_instance = this;
>>> CID 1414517: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "aio_comp" is not initialized in this constructor nor in any functions that it calls.
50 }
51 };
52
53 } // namespace io
54
55 namespace util {
** CID 1414518: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/ReplicatedBackend.cc: 2037 in ReplicatedBackend::build_push_op(const ObjectRecoveryInfo &, const ObjectRecoveryProgress &, ObjectRecoveryProgress *, PushOp *, object_stat_sum_t *, bool)()
________________________________________________________________________________________________________
*** CID 1414518: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/ReplicatedBackend.cc: 2037 in ReplicatedBackend::build_push_op(const ObjectRecoveryInfo &, const ObjectRecoveryProgress &, ObjectRecoveryProgress *, PushOp *, object_stat_sum_t *, bool)()
2031 ++p) {
2032 bufferlist bit;
2033 int r = store->read(ch, ghobject_t(recovery_info.soid),
2034 p.get_start(), p.get_len(), bit,
2035 cache_dont_need ? CEPH_OSD_OP_FLAG_FADVISE_DONTNEED: 0);
2036 if (cct->_conf->osd_debug_random_push_read_error &&
>>> CID 1414518: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2037 (rand() % (int)(cct->_conf->osd_debug_random_push_read_error * 100.0)) == 0) {
2038 dout(0) << __func__ << ": inject EIO " << recovery_info.soid << dendl;
2039 r = -EIO;
2040 }
2041 if (r < 0) {
2042 return r;
** CID 1414519: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAConnectedSocketImpl.cc: 392 in RDMAConnectedSocketImpl::zero_copy_read(ceph::buffer::ptr &)()
________________________________________________________________________________________________________
*** CID 1414519: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/msg/async/rdma/RDMAConnectedSocketImpl.cc: 392 in RDMAConnectedSocketImpl::zero_copy_read(ceph::buffer::ptr &)()
386 // FIXME need to handle release
387 // auto del = std::bind(&Chunk::post_srq, std::move(chunk), infiniband);
388 size = chunk->bound;
389 continue;
390 }
391 buffers.push_back(chunk);
>>> CID 1414519: API usage errors (INVALIDATE_ITERATOR)
>>> Incrementing iterator "iter" though it is already past the end of its container.
392 iter++;
393 }
394
395 if (size == 0)
396 return -EAGAIN;
397 return size;
** CID 1414520: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 931 in Infiniband::send_msg(CephContext *, int, IBSYNMsg &)()
________________________________________________________________________________________________________
*** CID 1414520: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 931 in Infiniband::send_msg(CephContext *, int, IBSYNMsg &)()
925 sprintf(msg, "%04x:%08x:%08x:%08x:%s", im.lid, im.qpn, im.psn, im.peer_qpn, gid);
926 ldout(cct, 10) << __func__ << " sending: " << im.lid << ", " << im.qpn << ", " << im.psn
927 << ", " << im.peer_qpn << ", " << gid << dendl;
928 r = ::write(sd, msg, sizeof(msg));
929 // Drop incoming qpt
930 if (cct->_conf->ms_inject_socket_failures && sd >= 0) {
>>> CID 1414520: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
931 if (rand() % cct->_conf->ms_inject_socket_failures == 0) {
932 ldout(cct, 0) << __func__ << " injecting socket failure" << dendl;
933 return -EINVAL;
934 }
935 }
936
** CID 1414521: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/libradosstriper/RadosStriperImpl.cc: 279 in <unnamed>::WriteCompletionData::WriteCompletionData(libradosstriper::RadosStriperImpl *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librados::AioCompletionImpl *, int)()
________________________________________________________________________________________________________
*** CID 1414521: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/libradosstriper/RadosStriperImpl.cc: 279 in <unnamed>::WriteCompletionData::WriteCompletionData(libradosstriper::RadosStriperImpl *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librados::AioCompletionImpl *, int)()
273 int n) :
274 CompletionData(striper, soid, lockCookie, userCompletion, n), m_safe(0),
275 m_unlockCompletion(0) {
276 if (userCompletion) {
277 m_safe = new librados::IoCtxImpl::C_aio_Complete(userCompletion);
278 }
>>> CID 1414521: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_writeRc" is not initialized in this constructor nor in any functions that it calls.
279 }
280
281 WriteCompletionData::~WriteCompletionData() {
282 m_unlockCompletion->release();
283 if (m_safe) delete m_safe;
284 }
** CID 1414522: Memory - corruptions (REVERSE_NEGATIVE)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 930 in Infiniband::send_msg(CephContext *, int, IBSYNMsg &)()
________________________________________________________________________________________________________
*** CID 1414522: Memory - corruptions (REVERSE_NEGATIVE)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 930 in Infiniband::send_msg(CephContext *, int, IBSYNMsg &)()
924 gid_to_wire_gid(&(im.gid), gid);
925 sprintf(msg, "%04x:%08x:%08x:%08x:%s", im.lid, im.qpn, im.psn, im.peer_qpn, gid);
926 ldout(cct, 10) << __func__ << " sending: " << im.lid << ", " << im.qpn << ", " << im.psn
927 << ", " << im.peer_qpn << ", " << gid << dendl;
928 r = ::write(sd, msg, sizeof(msg));
929 // Drop incoming qpt
>>> CID 1414522: Memory - corruptions (REVERSE_NEGATIVE)
>>> You might be using variable "sd" before verifying that it is >= 0.
930 if (cct->_conf->ms_inject_socket_failures && sd >= 0) {
931 if (rand() % cct->_conf->ms_inject_socket_failures == 0) {
932 ldout(cct, 0) << __func__ << " injecting socket failure" << dendl;
933 return -EINVAL;
934 }
935 }
** CID 1414523: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 127 in Device::Device(CephContext *, ibv_device *)()
________________________________________________________________________________________________________
*** CID 1414523: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 127 in Device::Device(CephContext *, ibv_device *)()
121 }
122 int r = ibv_query_device(ctxt, device_attr);
123 if (r == -1) {
124 lderr(cct) << __func__ << " failed to query rdma device. " << cpp_strerror(errno) << dendl;
125 ceph_abort();
126 }
>>> CID 1414523: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "port_cnt" is not initialized in this constructor nor in any functions that it calls.
127 }
128
129 void Device::binding_port(CephContext *cct, int port_num) {
130 port_cnt = device_attr->phys_port_cnt;
131 for (uint8_t i = 0; i < port_cnt; ++i) {
132 Port *port = new Port(cct, ctxt, i+1);
** CID 1414524: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 565 in Infiniband::MemoryManager::Cluster::Cluster(Infiniband::MemoryManager&, unsigned int)()
________________________________________________________________________________________________________
*** CID 1414524: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 565 in Infiniband::MemoryManager::Cluster::Cluster(Infiniband::MemoryManager&, unsigned int)()
559 ib->post_chunk(this);
560 }
561
562 Infiniband::MemoryManager::Cluster::Cluster(MemoryManager& m, uint32_t s)
563 : manager(m), buffer_size(s), lock("cluster_lock")
564 {
>>> CID 1414524: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "num_chunk" is not initialized in this constructor nor in any functions that it calls.
565 }
566
567 Infiniband::MemoryManager::Cluster::~Cluster()
568 {
569 int r = ibv_dereg_mr(chunk_base->mr);
570 assert(r == 0);
** CID 1414525: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 107 in Port::Port(CephContext *, ibv_context *, unsigned char)()
________________________________________________________________________________________________________
*** CID 1414525: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 107 in Port::Port(CephContext *, ibv_context *, unsigned char)()
101 r = ibv_query_gid(ctxt, port_num, 0, &gid);
102 if (r) {
103 lderr(cct) << __func__ << " query gid failed " << cpp_strerror(errno) << dendl;
104 ceph_abort();
105 }
106 #endif
>>> CID 1414525: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "gid_idx" is not initialized in this constructor nor in any functions that it calls.
107 }
108
109
110 Device::Device(CephContext *cct, ibv_device* d): device(d), device_attr(new ibv_device_attr), active_port(nullptr)
111 {
112 if (device == NULL) {
** CID 1414526: Memory - corruptions (REVERSE_NEGATIVE)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 893 in Infiniband::recv_msg(CephContext *, int, IBSYNMsg &)()
________________________________________________________________________________________________________
*** CID 1414526: Memory - corruptions (REVERSE_NEGATIVE)
/home/brad/working/src/ceph/src/msg/async/rdma/Infiniband.cc: 893 in Infiniband::recv_msg(CephContext *, int, IBSYNMsg &)()
887 int Infiniband::recv_msg(CephContext *cct, int sd, IBSYNMsg& im)
888 {
889 char msg[TCP_MSG_LEN];
890 char gid[33];
891 ssize_t r = ::read(sd, &msg, sizeof(msg));
892 // Drop incoming qpt
>>> CID 1414526: Memory - corruptions (REVERSE_NEGATIVE)
>>> You might be using variable "sd" before verifying that it is >= 0.
893 if (cct->_conf->ms_inject_socket_failures && sd >= 0) {
894 if (rand() % cct->_conf->ms_inject_socket_failures == 0) {
895 ldout(cct, 0) << __func__ << " injecting socket failure" << dendl;
896 return -EINVAL;
897 }
898 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FS4QUbvARQoOgvORDHL0r0P39yajanM5mcACKANuEqByf-2BI2jCb572luKStyPuF1x6lzO3p4WEelq6u0X-2BZBf8bI5F5jyfbNcAr5n7c5AJc0ObPcp3lHIHEcFGuCvZgbz9cYAXHqb7BQX7julEM31K4LBsNm1EgO3syRPWK390k5uH8VoPtX4zBx17IupHh8I-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FS4QUbvARQoOgvORDHL0r0P39yajanM5mcACKANuEqBwpVRh-2BRDYYk1QUJuHjs4dvF2GgMhWDO2-2B5LD2hfRUDGMXGsmNFxt6P7u8poP2zMyEKc4BEYelA6D06gIdk9u0EgGdRk-2FrXANh8ydNC-2FTStWPJdeM-2Fg6Thr844gaM4nZD9-2Bb5K4a70iE1ppNWXMXKvw-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-06-29 4:08 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-06-29 4:08 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
36 new defect(s) introduced to ceph found with Coverity Scan.
32 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 36 defect(s)
** CID 1405850: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<ceph::mClockOpClassQueue::osd_op_type_t, std::pair<spg_t, PGQueueable>, (unsigned int)2>::ClientRec::ClientRec(ceph::mClockOpClassQueue::osd_op_type_t, const crimson::dmclock::ClientInfo &, unsigned long)()
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<std::pair<entity_inst_t, ceph::mClockClientQueue::osd_op_type_t>, std::pair<spg_t, PGQueueable>, (unsigned int)2>::ClientRec::ClientRec(std::pair<entity_inst_t, ceph::mClockClientQueue::osd_op_type_t>, const crimson::dmclock::ClientInfo &, unsigned long)()
________________________________________________________________________________________________________
*** CID 1405850: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<ceph::mClockOpClassQueue::osd_op_type_t, std::pair<spg_t, PGQueueable>, (unsigned int)2>::ClientRec::ClientRec(ceph::mClockOpClassQueue::osd_op_type_t, const crimson::dmclock::ClientInfo &, unsigned long)()
320 idle(true),
321 last_tick(current_tick),
322 cur_rho(1),
323 cur_delta(1)
324 {
325 // empty
>>> CID 1405850: (UNINIT_CTOR)
>>> Non-static class member "ready_heap_data" is not initialized in this constructor nor in any functions that it calls.
326 }
327
328 inline const RequestTag& get_req_tag() const {
329 return prev_tag;
330 }
331
/home/brad/working/src/ceph/src/dmclock/src/dmclock_server.h: 326 in crimson::dmclock::PriorityQueueBase<std::pair<entity_inst_t, ceph::mClockClientQueue::osd_op_type_t>, std::pair<spg_t, PGQueueable>, (unsigned int)2>::ClientRec::ClientRec(std::pair<entity_inst_t, ceph::mClockClientQueue::osd_op_type_t>, const crimson::dmclock::ClientInfo &, unsigned long)()
320 idle(true),
321 last_tick(current_tick),
322 cur_rho(1),
323 cur_delta(1)
324 {
325 // empty
>>> CID 1405850: (UNINIT_CTOR)
>>> Non-static class member "ready_heap_data" is not initialized in this constructor nor in any functions that it calls.
326 }
327
328 inline const RequestTag& get_req_tag() const {
329 return prev_tag;
330 }
331
** CID 1413773: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/OpenRequest.cc: 341 in librbd::image::OpenRequest<librbd::ImageCtx>::send_v2_get_create_timestamp()()
________________________________________________________________________________________________________
*** CID 1413773: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/OpenRequest.cc: 341 in librbd::image::OpenRequest<librbd::ImageCtx>::send_v2_get_create_timestamp()()
335 cls_client::get_create_timestamp_start(&op);
336
337 using klass = OpenRequest<I>;
338 librados::AioCompletion *comp = create_rados_callback<
339 klass, &klass::handle_v2_get_create_timestamp>(this);
340 m_out_bl.clear();
>>> CID 1413773: Error handling issues (CHECKED_RETURN)
>>> Calling "aio_operate" without checking return value (as is done elsewhere 60 out of 74 times).
341 m_image_ctx->md_ctx.aio_operate(m_image_ctx->header_oid, comp, &op,
342 &m_out_bl);
343 comp->release();
344 }
345
346 template <typename I>
** CID 1413774: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::MockImageCtx>::SnapshotCreateRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::ImageCtx>::SnapshotCreateRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
________________________________________________________________________________________________________
*** CID 1413774: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::MockImageCtx>::SnapshotCreateRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
29 const std::string &snap_name,
30 uint64_t journal_op_tid,
31 bool skip_object_map)
32 : Request<I>(image_ctx, on_finish, journal_op_tid),
33 m_snap_namespace(snap_namespace), m_snap_name(snap_name),
34 m_skip_object_map(skip_object_map), m_ret_val(0), m_snap_id(CEPH_NOSNAP) {
>>> CID 1413774: (UNINIT_CTOR)
>>> Non-static class member "m_size" is not initialized in this constructor nor in any functions that it calls.
35 }
36
37 template <typename I>
38 void SnapshotCreateRequest<I>::send_op() {
39 send_suspend_requests();
40 }
/home/brad/working/src/ceph/src/librbd/operation/SnapshotCreateRequest.cc: 35 in librbd::operation::SnapshotCreateRequest<librbd::ImageCtx>::SnapshotCreateRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, bool)()
29 const std::string &snap_name,
30 uint64_t journal_op_tid,
31 bool skip_object_map)
32 : Request<I>(image_ctx, on_finish, journal_op_tid),
33 m_snap_namespace(snap_namespace), m_snap_name(snap_name),
34 m_skip_object_map(skip_object_map), m_ret_val(0), m_snap_id(CEPH_NOSNAP) {
>>> CID 1413774: (UNINIT_CTOR)
>>> Non-static class member "m_size" is not initialized in this constructor nor in any functions that it calls.
35 }
36
37 template <typename I>
38 void SnapshotCreateRequest<I>::send_op() {
39 send_suspend_requests();
40 }
** CID 1413775: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25903 in __pyx_pw_3rbd_5Image_103lock_break()
________________________________________________________________________________________________________
*** CID 1413775: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25903 in __pyx_pw_3rbd_5Image_103lock_break()
25897 }
25898 kw_args = PyDict_Size(__pyx_kwds);
25899 switch (pos_args) {
25900 case 0:
25901 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_mode)) != 0)) kw_args--;
25902 else goto __pyx_L5_argtuple_error;
>>> CID 1413775: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25903 case 1:
25904 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_owner)) != 0)) kw_args--;
25905 else {
25906 __Pyx_RaiseArgtupleInvalid("lock_break", 1, 2, 2, 1); __PYX_ERR(0, 2318, __pyx_L3_error)
25907 }
25908 }
** CID 1413776: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 24761 in __pyx_pf_3rbd_5Image_92list_children()
________________________________________________________________________________________________________
*** CID 1413776: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 24761 in __pyx_pf_3rbd_5Image_92list_children()
24755 * return list(zip(pools, images))
24756 * finally:
24757 * free(c_pools) # <<<<<<<<<<<<<<
24758 * free(c_images)
24759 *
24760 */
>>> CID 1413776: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
PyThreadState *__...".
24761 /*finally:*/ {
24762 /*exception exit:*/{
24763 __Pyx_PyThreadState_declare
24764 __pyx_L4_error:;
24765 __pyx_t_9 = 0; __pyx_t_10 = 0; __pyx_t_11 = 0; __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0;
24766 __Pyx_PyThreadState_assign
** CID 1413777: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::MockImageCtx>::SnapshotProtectRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::ImageCtx>::SnapshotProtectRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1413777: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::MockImageCtx>::SnapshotProtectRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
31 template <typename I>
32 SnapshotProtectRequest<I>::SnapshotProtectRequest(I &image_ctx,
33 Context *on_finish,
34 const cls::rbd::SnapshotNamespace &snap_namespace,
35 const std::string &snap_name)
36 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace), m_snap_name(snap_name) {
>>> CID 1413777: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
37 }
38
39 template <typename I>
40 void SnapshotProtectRequest<I>::send_op() {
41 send_protect_snap();
42 }
/home/brad/working/src/ceph/src/librbd/operation/SnapshotProtectRequest.cc: 37 in librbd::operation::SnapshotProtectRequest<librbd::ImageCtx>::SnapshotProtectRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
31 template <typename I>
32 SnapshotProtectRequest<I>::SnapshotProtectRequest(I &image_ctx,
33 Context *on_finish,
34 const cls::rbd::SnapshotNamespace &snap_namespace,
35 const std::string &snap_name)
36 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace), m_snap_name(snap_name) {
>>> CID 1413777: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
37 }
38
39 template <typename I>
40 void SnapshotProtectRequest<I>::send_op() {
41 send_protect_snap();
42 }
** CID 1413778: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 26372 in __pyx_pw_3rbd_5Image_107lock_shared()
________________________________________________________________________________________________________
*** CID 1413778: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 26372 in __pyx_pw_3rbd_5Image_107lock_shared()
26366 }
26367 kw_args = PyDict_Size(__pyx_kwds);
26368 switch (pos_args) {
26369 case 0:
26370 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
26371 else goto __pyx_L5_argtuple_error;
>>> CID 1413778: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
26372 case 1:
26373 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_tag)) != 0)) kw_args--;
26374 else {
26375 __Pyx_RaiseArgtupleInvalid("lock_shared", 1, 2, 2, 1); __PYX_ERR(0, 2348, __pyx_L3_error)
26376 }
26377 }
** CID 1413779: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29536 in __pyx_pw_3rbd_5Image_129aio_write()
________________________________________________________________________________________________________
*** CID 1413779: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 29536 in __pyx_pw_3rbd_5Image_129aio_write()
29530 }
29531 kw_args = PyDict_Size(__pyx_kwds);
29532 switch (pos_args) {
29533 case 0:
29534 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
29535 else goto __pyx_L5_argtuple_error;
>>> CID 1413779: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
29536 case 1:
29537 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
29538 else {
29539 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 1); __PYX_ERR(0, 2571, __pyx_L3_error)
29540 }
29541 case 2:
** CID 1413780: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockClientQueue.cc: 12 in main()
________________________________________________________________________________________________________
*** CID 1413780: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockClientQueue.cc: 12 in main()
6 #include "global/global_init.h"
7 #include "common/common_init.h"
8
9 #include "osd/mClockClientQueue.h"
10
11
>>> CID 1413780: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::<unnamed>::ClassUniqueToAlwaysTrue" is thrown and never caught.
12 int main(int argc, char **argv) {
13 std::vector<const char*> args(argv, argv+argc);
14 auto cct = global_init(nullptr, args, CEPH_ENTITY_TYPE_OSD,
15 CODE_ENVIRONMENT_UTILITY,
16 CINIT_FLAG_NO_DEFAULT_CONFIG_FILE);
17 common_init_finish(g_ceph_context);
** CID 1413781: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockOpClassQueue.cc: 14 in main()
________________________________________________________________________________________________________
*** CID 1413781: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockOpClassQueue.cc: 14 in main()
8 #include "global/global_init.h"
9 #include "common/common_init.h"
10
11 #include "osd/mClockOpClassQueue.h"
12
13
>>> CID 1413781: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
14 int main(int argc, char **argv) {
15 std::vector<const char*> args(argv, argv+argc);
16 auto cct = global_init(nullptr, args, CEPH_ENTITY_TYPE_OSD,
17 CODE_ENVIRONMENT_UTILITY,
18 CINIT_FLAG_NO_DEFAULT_CONFIG_FILE);
19 common_init_finish(g_ceph_context);
** CID 1413782: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockClientQueue.cc: 12 in main()
________________________________________________________________________________________________________
*** CID 1413782: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockClientQueue.cc: 12 in main()
6 #include "global/global_init.h"
7 #include "common/common_init.h"
8
9 #include "osd/mClockClientQueue.h"
10
11
>>> CID 1413782: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::GoogleTestFailureException" is thrown and never caught.
12 int main(int argc, char **argv) {
13 std::vector<const char*> args(argv, argv+argc);
14 auto cct = global_init(nullptr, args, CEPH_ENTITY_TYPE_OSD,
15 CODE_ENVIRONMENT_UTILITY,
16 CINIT_FLAG_NO_DEFAULT_CONFIG_FILE);
17 common_init_finish(g_ceph_context);
** CID 1413783: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/rgw/rgw_rest.cc: 1919 in RGWHandler_REST::read_permissions(RGWOp *)()
________________________________________________________________________________________________________
*** CID 1413783: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/rgw/rgw_rest.cc: 1919 in RGWHandler_REST::read_permissions(RGWOp *)()
1913
1914 return do_init_permissions();
1915 }
1916
1917 int RGWHandler_REST::read_permissions(RGWOp* op_obj)
1918 {
>>> CID 1413783: Uninitialized variables (UNINIT)
>>> Declaring variable "only_bucket" without initializer.
1919 bool only_bucket;
1920
1921 switch (s->op) {
1922 case OP_HEAD:
1923 case OP_GET:
1924 only_bucket = false;
** CID 1413784: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockOpClassQueue.cc: 14 in main()
________________________________________________________________________________________________________
*** CID 1413784: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockOpClassQueue.cc: 14 in main()
8 #include "global/global_init.h"
9 #include "common/common_init.h"
10
11 #include "osd/mClockOpClassQueue.h"
12
13
>>> CID 1413784: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::<unnamed>::ClassUniqueToAlwaysTrue" is thrown and never caught.
14 int main(int argc, char **argv) {
15 std::vector<const char*> args(argv, argv+argc);
16 auto cct = global_init(nullptr, args, CEPH_ENTITY_TYPE_OSD,
17 CODE_ENVIRONMENT_UTILITY,
18 CINIT_FLAG_NO_DEFAULT_CONFIG_FILE);
19 common_init_finish(g_ceph_context);
** CID 1413785: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 25390 in __pyx_pf_3rbd_5Image_94list_lockers()
________________________________________________________________________________________________________
*** CID 1413785: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 25390 in __pyx_pf_3rbd_5Image_94list_lockers()
25384 * }
25385 * finally:
25386 * free(c_clients) # <<<<<<<<<<<<<<
25387 * free(c_cookies)
25388 * free(c_addrs)
25389 */
>>> CID 1413785: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
PyThreadState *__...".
25390 /*finally:*/ {
25391 /*exception exit:*/{
25392 __Pyx_PyThreadState_declare
25393 __pyx_L4_error:;
25394 __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0;
25395 __Pyx_PyThreadState_assign
** CID 1413786: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 28809 in __pyx_pw_3rbd_5Image_127aio_read()
________________________________________________________________________________________________________
*** CID 1413786: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 28809 in __pyx_pw_3rbd_5Image_127aio_read()
28803 }
28804 kw_args = PyDict_Size(__pyx_kwds);
28805 switch (pos_args) {
28806 case 0:
28807 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
28808 else goto __pyx_L5_argtuple_error;
>>> CID 1413786: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
28809 case 1:
28810 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
28811 else {
28812 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 1); __PYX_ERR(0, 2516, __pyx_L3_error)
28813 }
28814 case 2:
** CID 1413787: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1413787: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/rgw/rgw_tag.h: 20 in RGWObjTags::encode(ceph::buffer::list &) const()
14 tag_map_t tag_map;
15 public:
16 RGWObjTags() {}
17 ~RGWObjTags() {}
18
19 void encode(bufferlist& bl) const {
>>> CID 1413787: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
20 ENCODE_START(1,1,bl);
21 ::encode(tag_map, bl);
22 ENCODE_FINISH(bl);
23 }
24
25 void decode(bufferlist::iterator &bl) {
** CID 1413788: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 26899 in __pyx_pw_3rbd_5Image_111break_lock()
________________________________________________________________________________________________________
*** CID 1413788: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 26899 in __pyx_pw_3rbd_5Image_111break_lock()
26893 }
26894 kw_args = PyDict_Size(__pyx_kwds);
26895 switch (pos_args) {
26896 case 0:
26897 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_client)) != 0)) kw_args--;
26898 else goto __pyx_L5_argtuple_error;
>>> CID 1413788: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
26899 case 1:
26900 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
26901 else {
26902 __Pyx_RaiseArgtupleInvalid("break_lock", 1, 2, 2, 1); __PYX_ERR(0, 2377, __pyx_L3_error)
26903 }
26904 }
** CID 1413789: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/rgw/rgw_rest_s3.cc: 412 in RGWPutObjTags_ObjStore_S3::get_params()()
________________________________________________________________________________________________________
*** CID 1413789: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/rgw/rgw_rest_s3.cc: 412 in RGWPutObjTags_ObjStore_S3::get_params()()
406 return -ERR_MALFORMED_XML;
407 }
408
409 RGWObjTagSet_S3 *obj_tags_s3;
410 RGWObjTagging_S3 *tagging;
411
>>> CID 1413789: Null pointer dereferences (NULL_RETURNS)
>>> Assigning: "tagging" = null return value from "find_first".
412 tagging = static_cast<RGWObjTagging_S3 *>(parser.find_first("Tagging"));
413 obj_tags_s3 = static_cast<RGWObjTagSet_S3 *>(tagging->find_first("TagSet"));
414 if(!obj_tags_s3){
415 return -ERR_MALFORMED_XML;
416 }
417
** CID 1413790: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::MockImageCtx>::SnapshotRemoveRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::ImageCtx>::SnapshotRemoveRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
________________________________________________________________________________________________________
*** CID 1413790: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::MockImageCtx>::SnapshotRemoveRequest(librbd::MockImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
50 Context *on_finish,
51 const cls::rbd::SnapshotNamespace &snap_namespace,
52 const std::string &snap_name,
53 uint64_t snap_id)
54 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace),
55 m_snap_name(snap_name), m_snap_id(snap_id) {
>>> CID 1413790: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
56 }
57
58 template <typename I>
59 void SnapshotRemoveRequest<I>::send_op() {
60 send_remove_object_map();
61 }
/home/brad/working/src/ceph/src/librbd/operation/SnapshotRemoveRequest.cc: 56 in librbd::operation::SnapshotRemoveRequest<librbd::ImageCtx>::SnapshotRemoveRequest(librbd::ImageCtx &, Context *, const boost::variant<cls::rbd::UserSnapshotNamespace, cls::rbd::GroupSnapshotNamespace, cls::rbd::UnknownSnapshotNamespace> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
50 Context *on_finish,
51 const cls::rbd::SnapshotNamespace &snap_namespace,
52 const std::string &snap_name,
53 uint64_t snap_id)
54 : Request<I>(image_ctx, on_finish), m_snap_namespace(snap_namespace),
55 m_snap_name(snap_name), m_snap_id(snap_id) {
>>> CID 1413790: (UNINIT_CTOR)
>>> Non-static class member "m_state" is not initialized in this constructor nor in any functions that it calls.
56 }
57
58 template <typename I>
59 void SnapshotRemoveRequest<I>::send_op() {
60 send_remove_object_map();
61 }
** CID 1413791: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockOpClassQueue.cc: 14 in main()
________________________________________________________________________________________________________
*** CID 1413791: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/osd/TestMClockOpClassQueue.cc: 14 in main()
8 #include "global/global_init.h"
9 #include "common/common_init.h"
10
11 #include "osd/mClockOpClassQueue.h"
12
13
>>> CID 1413791: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::GoogleTestFailureException" is thrown and never caught.
14 int main(int argc, char **argv) {
15 std::vector<const char*> args(argv, argv+argc);
16 auto cct = global_init(nullptr, args, CEPH_ENTITY_TYPE_OSD,
17 CODE_ENVIRONMENT_UTILITY,
18 CINIT_FLAG_NO_DEFAULT_CONFIG_FILE);
19 common_init_finish(g_ceph_context);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gdqru02AOJ8xFvhzofrXAMglLToQRHpHQEwgExCFzb-2B1ClWkE-2Bn4aJWgCBAl9eoeUftZbl8RCB2v1Vbmv-2B6i3AD2dWFDhxV7AtWubB4M4GLIGr-2Frg1ZzN96h8xcGayZStALek50fv3LirI6c518Frh3C0VQtXwk-2BBTwlsnslzwMRUFIBiOqozMAuwMx7cuku8-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Gdqru02AOJ8xFvhzofrXAMglLToQRHpHQEwgExCFzb-2B-2FMVWtXCLEedYlBcxvZTdI2rGJjc8W2865NXIGmpml4C61KOLjLmpqsoWcZ5JepreLO-2BsYPiQZILRabMc219jD1dvfOu7ykn53DUxFjcXmLGb-2BTlOFNGJRKYWDhPwB7dSy4Pa3J-2BY9l6AWmpVep1OIc-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-06-22 4:27 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-06-22 4:27 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
452 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1412976: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5530 in TestLibRBD_ExclusiveLock_Test::TestBody()::[lambda(int, void *&) (instance 1)]::operator ()(int, void *&) const()
________________________________________________________________________________________________________
*** CID 1412976: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5530 in TestLibRBD_ExclusiveLock_Test::TestBody()::[lambda(int, void *&) (instance 1)]::operator ()(int, void *&) const()
5524 EXPECT_TRUE(lock_owner);
5525 std::cout << m_id << ": exclusive lock acquired" << std::endl;
5526 {
5527 lock_guard<mutex> locker(lock);
5528 owner_id = m_id;
5529 }
>>> CID 1412976: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
5530 usleep(rand() % 50000);
5531 }
5532
5533 lock_guard<mutex> locker(lock);
5534 if (owner_id == m_id) {
5535 EXPECT_EQ(0, rbd_lock_release(m_image));
** CID 1412977: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2027 in BlueStore::ExtentMap::allocate_spanning_blob_id()()
________________________________________________________________________________________________________
*** CID 1412977: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2027 in BlueStore::ExtentMap::allocate_spanning_blob_id()()
2021 return 0;
2022 bid_t bid = spanning_blob_map.rbegin()->first + 1;
2023 // bid is valid and available.
2024 if (bid >= 0)
2025 return bid;
2026 // Find next unused bid;
>>> CID 1412977: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2027 bid = rand() % (numeric_limits<bid_t>::max() + 1);
2028 const auto begin_bid = bid;
2029 do {
2030 if (!spanning_blob_map.count(bid))
2031 return bid;
2032 else {
** CID 1412978: (SLEEP)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5530 in TestLibRBD_ExclusiveLock_Test::TestBody()::[lambda(int, void *&) (instance 1)]::operator ()(int, void *&) const()
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5530 in TestLibRBD_ExclusiveLock_Test::TestBody()::[lambda(int, void *&) (instance 1)]::operator ()(int, void *&) const()
________________________________________________________________________________________________________
*** CID 1412978: (SLEEP)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5530 in TestLibRBD_ExclusiveLock_Test::TestBody()::[lambda(int, void *&) (instance 1)]::operator ()(int, void *&) const()
5524 EXPECT_TRUE(lock_owner);
5525 std::cout << m_id << ": exclusive lock acquired" << std::endl;
5526 {
5527 lock_guard<mutex> locker(lock);
5528 owner_id = m_id;
5529 }
>>> CID 1412978: (SLEEP)
>>> Call to "usleep" might sleep while holding lock "this->lock".
5530 usleep(rand() % 50000);
5531 }
5532
5533 lock_guard<mutex> locker(lock);
5534 if (owner_id == m_id) {
5535 EXPECT_EQ(0, rbd_lock_release(m_image));
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5530 in TestLibRBD_ExclusiveLock_Test::TestBody()::[lambda(int, void *&) (instance 1)]::operator ()(int, void *&) const()
5524 EXPECT_TRUE(lock_owner);
5525 std::cout << m_id << ": exclusive lock acquired" << std::endl;
5526 {
5527 lock_guard<mutex> locker(lock);
5528 owner_id = m_id;
5529 }
>>> CID 1412978: (SLEEP)
>>> Call to "usleep" might sleep while holding lock "this->lock".
5530 usleep(rand() % 50000);
5531 }
5532
5533 lock_guard<mutex> locker(lock);
5534 if (owner_id == m_id) {
5535 EXPECT_EQ(0, rbd_lock_release(m_image));
** CID 1412979: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_lc.h: 81 in LCRule::LCRule()()
________________________________________________________________________________________________________
*** CID 1412979: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_lc.h: 81 in LCRule::LCRule()()
75 LCExpiration noncur_expiration;
76 LCExpiration mp_expiration;
77 bool dm_expiration;
78
79 public:
80
>>> CID 1412979: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "dm_expiration" is not initialized in this constructor nor in any functions that it calls.
81 LCRule(){};
82 ~LCRule(){};
83
84 bool get_id(string& _id) {
85 _id = id;
86 return true;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Hdr6h-2FwNY-2BPNl-2FhRJsMeMY8yymIcYqeyx8I3yhnIuuNXhTLvZvv-2B2vp6eYcBQUaGjiTdUH-2FKWqdHEACF-2FvC4vDL5J9VzCCwDkbrOC7-2FUBv2txEyPUyeQJ-2FMyLiWTzCCahjhOYO-2FWGq3tgUd9nPissGlkgFgepCfSwkrOhRPM0g66-2Fm0yJ2ZE5Rm5CxN3vF9OU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Hdr6h-2FwNY-2BPNl-2FhRJsMeMY8yymIcYqeyx8I3yhnIuuNfq2DsgbC22CplMb1dqqY7yL-2BkFwVLkKiGMREPzHvy-2BrqqyulPg4I4WrUxx-2FW-2F-2BhvXpNpR9gvo7B6GUb7iNz4Idkfu18bmQY8kDFWh0e01UR-2BzTealqAB7YPDtwdxN4D5BHjkk8tiliYISXCkqo3ke8-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-06-15 9:50 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-06-15 9:50 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
113 new defect(s) introduced to ceph found with Coverity Scan.
12 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 113 defect(s)
** CID 70416: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/bits/locale_classes.h: 513 in std::locale::id::id()()
________________________________________________________________________________________________________
*** CID 70416: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/bits/locale_classes.h: 513 in std::locale::id::id()()
507 id(const id&); // Not defined.
508
509 public:
510 // NB: This class is always a static data member, and thus can be
511 // counted on to be zero-initialized.
512 /// Constructor.
>>> CID 70416: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_index" is not initialized in this constructor nor in any functions that it calls.
513 id() { }
514
515 size_t
516 _M_id() const throw();
517 };
518
** CID 259559: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/boost/boost/graph/detail/edge.hpp: 25 in boost::detail::edge_base<boost::bidirectional_tag, unsigned long>::edge_base()()
________________________________________________________________________________________________________
*** CID 259559: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/boost/boost/graph/detail/edge.hpp: 25 in boost::detail::edge_base<boost::bidirectional_tag, unsigned long>::edge_base()()
19
20 namespace detail {
21
22 template <typename Directed, typename Vertex>
23 struct edge_base
24 {
>>> CID 259559: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_target" is not initialized in this constructor nor in any functions that it calls.
25 inline edge_base() {}
26 inline edge_base(Vertex s, Vertex d)
27 : m_source(s), m_target(d) { }
28 Vertex m_source;
29 Vertex m_target;
30 };
** CID 972861: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/boost/boost/graph/detail/adjacency_list.hpp: 177 in boost::detail::in_edge_iter<__gnu_cxx::__normal_iterator<boost::detail::stored_edge_iter<unsigned long, std::_List_iterator<boost::list_edge<unsigned long, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>> *, std::vector<boost::detail::stored_edge_iter<unsigned long, std::_List_iterator<boost::list_edge<unsigned long, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>, boost::property<boost:
:edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>, std::allocator<boost::detail::stored_edge_iter<unsigned long, std::_Lis
t_iterator<boost::list_edge<unsigned long, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>>>, unsigned long, boost::detail::edge_desc_impl<boost::bidirectional_tag, unsigned long>, long>::in_edge_iter()()
________________________________________________________________________________________________________
*** CID 972861: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/boost/boost/graph/detail/adjacency_list.hpp: 177 in boost::detail::in_edge_iter<__gnu_cxx::__normal_iterator<boost::detail::stored_edge_iter<unsigned long, std::_List_iterator<boost::list_edge<unsigned long, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>> *, std::vector<boost::detail::stored_edge_iter<unsigned long, std::_List_iterator<boost::list_edge<unsigned long, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>, boost::property<boost:
:edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>, std::allocator<boost::detail::stored_edge_iter<unsigned long, std::_Lis
t_iterator<boost::list_edge<unsigned long, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>, boost::property<boost::edge_index_t, unsigned long, boost::property<boost::<unnamed>::edge_cast_t, void *(*)(void *), boost::no_property>>>>>>, unsigned long, boost::detail::edge_desc_impl<boost::bidirectional_tag, unsigned long>, long>::in_edge_iter()()
171 , EdgeDescriptor
172 , use_default
173 , EdgeDescriptor
174 , Difference
175 > super_t;
176
>>> CID 972861: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_src" is not initialized in this constructor nor in any functions that it calls.
177 inline in_edge_iter() { }
178 inline in_edge_iter(const BaseIter& i, const VertexDescriptor& src)
179 : super_t(i), m_src(src) { }
180
181 inline EdgeDescriptor
182 dereference() const
** CID 973186: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 291 in std::__copy_move<(bool)0, (bool)0, std::forward_iterator_tag>::__copy_m<boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
/usr/include/c++/6.3.1/bits/stl_algobase.h: 291 in std::__copy_move<(bool)0, (bool)0, std::forward_iterator_tag>::__copy_m<boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
________________________________________________________________________________________________________
*** CID 973186: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 291 in std::__copy_move<(bool)0, (bool)0, std::forward_iterator_tag>::__copy_m<boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
285
286 template<bool, bool, typename>
287 struct __copy_move
288 {
289 template<typename _II, typename _OI>
290 static _OI
>>> CID 973186: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<wchar_t>" (size 264 bytes) by value.
291 __copy_m(_II __first, _II __last, _OI __result)
292 {
293 for (; __first != __last; ++__result, (void)++__first)
294 *__result = *__first;
295 return __result;
296 }
/usr/include/c++/6.3.1/bits/stl_algobase.h: 291 in std::__copy_move<(bool)0, (bool)0, std::forward_iterator_tag>::__copy_m<boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
285
286 template<bool, bool, typename>
287 struct __copy_move
288 {
289 template<typename _II, typename _OI>
290 static _OI
>>> CID 973186: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<char>" (size 264 bytes) by value.
291 __copy_m(_II __first, _II __last, _OI __result)
292 {
293 for (; __first != __last; ++__result, (void)++__first)
294 *__result = *__first;
295 return __result;
296 }
** CID 973187: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/cpp_type_traits.h: 408 in std::__miter_base<boost::program_options::detail::basic_config_file_iterator<wchar_t>>(T1)()
/usr/include/c++/6.3.1/bits/cpp_type_traits.h: 408 in std::__miter_base<boost::program_options::detail::basic_config_file_iterator<char>>(T1)()
________________________________________________________________________________________________________
*** CID 973187: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/cpp_type_traits.h: 408 in std::__miter_base<boost::program_options::detail::basic_config_file_iterator<wchar_t>>(T1)()
402 };
403
404 // Fallback implementation of the function in bits/stl_iterator.h used to
405 // remove the move_iterator wrapper.
406 template<typename _Iterator>
407 inline _Iterator
>>> CID 973187: (PASS_BY_VALUE)
>>> Passing parameter __it of type "boost::program_options::detail::basic_config_file_iterator<wchar_t>" (size 264 bytes) by value.
408 __miter_base(_Iterator __it)
409 { return __it; }
410
411 _GLIBCXX_END_NAMESPACE_VERSION
412 } // namespace
413 } // extern "C++"
414
/usr/include/c++/6.3.1/bits/cpp_type_traits.h: 408 in std::__miter_base<boost::program_options::detail::basic_config_file_iterator<char>>(T1)()
402 };
403
404 // Fallback implementation of the function in bits/stl_iterator.h used to
405 // remove the move_iterator wrapper.
406 template<typename _Iterator>
407 inline _Iterator
>>> CID 973187: (PASS_BY_VALUE)
>>> Passing parameter __it of type "boost::program_options::detail::basic_config_file_iterator<char>" (size 264 bytes) by value.
408 __miter_base(_Iterator __it)
409 { return __it; }
410
411 _GLIBCXX_END_NAMESPACE_VERSION
412 } // namespace
413 } // extern "C++"
414
** CID 973188: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 277 in std::__niter_base<boost::program_options::detail::basic_config_file_iterator<wchar_t>>(T1)()
/usr/include/c++/6.3.1/bits/stl_algobase.h: 277 in std::__niter_base<boost::program_options::detail::basic_config_file_iterator<char>>(T1)()
________________________________________________________________________________________________________
*** CID 973188: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 277 in std::__niter_base<boost::program_options::detail::basic_config_file_iterator<wchar_t>>(T1)()
271 }
272
273 // Fallback implementation of the function in bits/stl_iterator.h used to
274 // remove the __normal_iterator wrapper. See copy, fill, ...
275 template<typename _Iterator>
276 inline _Iterator
>>> CID 973188: (PASS_BY_VALUE)
>>> Passing parameter __it of type "boost::program_options::detail::basic_config_file_iterator<wchar_t>" (size 264 bytes) by value.
277 __niter_base(_Iterator __it)
278 { return __it; }
279
280 // All of these auxiliary structs serve two purposes. (1) Replace
281 // calls to copy with memmove whenever possible. (Memmove, not memcpy,
282 // because the input and output ranges are permitted to overlap.)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 277 in std::__niter_base<boost::program_options::detail::basic_config_file_iterator<char>>(T1)()
271 }
272
273 // Fallback implementation of the function in bits/stl_iterator.h used to
274 // remove the __normal_iterator wrapper. See copy, fill, ...
275 template<typename _Iterator>
276 inline _Iterator
>>> CID 973188: (PASS_BY_VALUE)
>>> Passing parameter __it of type "boost::program_options::detail::basic_config_file_iterator<char>" (size 264 bytes) by value.
277 __niter_base(_Iterator __it)
278 { return __it; }
279
280 // All of these auxiliary structs serve two purposes. (1) Replace
281 // calls to copy with memmove whenever possible. (Memmove, not memcpy,
282 // because the input and output ranges are permitted to overlap.)
** CID 973189: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 375 in std::__copy_move_a<(bool)0, boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
/usr/include/c++/6.3.1/bits/stl_algobase.h: 375 in std::__copy_move_a<(bool)0, boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
________________________________________________________________________________________________________
*** CID 973189: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 375 in std::__copy_move_a<(bool)0, boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
369 return __result + _Num;
370 }
371 };
372
373 template<bool _IsMove, typename _II, typename _OI>
374 inline _OI
>>> CID 973189: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<wchar_t>" (size 264 bytes) by value.
375 __copy_move_a(_II __first, _II __last, _OI __result)
376 {
377 typedef typename iterator_traits<_II>::value_type _ValueTypeI;
378 typedef typename iterator_traits<_OI>::value_type _ValueTypeO;
379 typedef typename iterator_traits<_II>::iterator_category _Category;
380 const bool __simple = (__is_trivial(_ValueTypeI)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 375 in std::__copy_move_a<(bool)0, boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
369 return __result + _Num;
370 }
371 };
372
373 template<bool _IsMove, typename _II, typename _OI>
374 inline _OI
>>> CID 973189: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<char>" (size 264 bytes) by value.
375 __copy_move_a(_II __first, _II __last, _OI __result)
376 {
377 typedef typename iterator_traits<_II>::value_type _ValueTypeI;
378 typedef typename iterator_traits<_OI>::value_type _ValueTypeO;
379 typedef typename iterator_traits<_II>::iterator_category _Category;
380 const bool __simple = (__is_trivial(_ValueTypeI)
** CID 973190: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 420 in std::__copy_move_a2<(bool)0, boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
/usr/include/c++/6.3.1/bits/stl_algobase.h: 420 in std::__copy_move_a2<(bool)0, boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
________________________________________________________________________________________________________
*** CID 973190: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 420 in std::__copy_move_a2<(bool)0, boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
414 _CharT*>::__type
415 __copy_move_a2(istreambuf_iterator<_CharT, char_traits<_CharT> >,
416 istreambuf_iterator<_CharT, char_traits<_CharT> >, _CharT*);
417
418 template<bool _IsMove, typename _II, typename _OI>
419 inline _OI
>>> CID 973190: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<wchar_t>" (size 264 bytes) by value.
420 __copy_move_a2(_II __first, _II __last, _OI __result)
421 {
422 return _OI(std::__copy_move_a<_IsMove>(std::__niter_base(__first),
423 std::__niter_base(__last),
424 std::__niter_base(__result)));
425 }
/usr/include/c++/6.3.1/bits/stl_algobase.h: 420 in std::__copy_move_a2<(bool)0, boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T2, T2, T3)()
414 _CharT*>::__type
415 __copy_move_a2(istreambuf_iterator<_CharT, char_traits<_CharT> >,
416 istreambuf_iterator<_CharT, char_traits<_CharT> >, _CharT*);
417
418 template<bool _IsMove, typename _II, typename _OI>
419 inline _OI
>>> CID 973190: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<char>" (size 264 bytes) by value.
420 __copy_move_a2(_II __first, _II __last, _OI __result)
421 {
422 return _OI(std::__copy_move_a<_IsMove>(std::__niter_base(__first),
423 std::__niter_base(__last),
424 std::__niter_base(__result)));
425 }
** CID 973191: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 446 in std::copy<boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
/usr/include/c++/6.3.1/bits/stl_algobase.h: 446 in std::copy<boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
________________________________________________________________________________________________________
*** CID 973191: (PASS_BY_VALUE)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 446 in std::copy<boost::program_options::detail::basic_config_file_iterator<wchar_t>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
440 *
441 * Note that the end of the output range is permitted to be contained
442 * within [first,last).
443 */
444 template<typename _II, typename _OI>
445 inline _OI
>>> CID 973191: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<wchar_t>" (size 264 bytes) by value.
446 copy(_II __first, _II __last, _OI __result)
447 {
448 // concept requirements
449 __glibcxx_function_requires(_InputIteratorConcept<_II>)
450 __glibcxx_function_requires(_OutputIteratorConcept<_OI,
451 typename iterator_traits<_II>::value_type>)
/usr/include/c++/6.3.1/bits/stl_algobase.h: 446 in std::copy<boost::program_options::detail::basic_config_file_iterator<char>, std::back_insert_iterator<std::vector<boost::program_options::basic_option<char>, std::allocator<boost::program_options::basic_option<char>>>>>(T1, T1, T2)()
440 *
441 * Note that the end of the output range is permitted to be contained
442 * within [first,last).
443 */
444 template<typename _II, typename _OI>
445 inline _OI
>>> CID 973191: (PASS_BY_VALUE)
>>> Passing parameter __last of type "boost::program_options::detail::basic_config_file_iterator<char>" (size 264 bytes) by value.
446 copy(_II __first, _II __last, _OI __result)
447 {
448 // concept requirements
449 __glibcxx_function_requires(_InputIteratorConcept<_II>)
450 __glibcxx_function_requires(_OutputIteratorConcept<_OI,
451 typename iterator_traits<_II>::value_type>)
** CID 1020033: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 5303 in dlindependent_calloc()
________________________________________________________________________________________________________
*** CID 1020033: Memory - corruptions (ARRAY_VS_SINGLETON)
/home/brad/working/src/ceph/src/boost/libs/container/src/dlmalloc_2_8_6.c: 5303 in dlindependent_calloc()
5297 return dlmemalign(pagesz, (bytes + pagesz - SIZE_T_ONE) & ~(pagesz - SIZE_T_ONE));
5298 }
5299
5300 void** dlindependent_calloc(size_t n_elements, size_t elem_size,
5301 void* chunks[]) {
5302 size_t sz = elem_size; /* serves as 1-element array */
>>> CID 1020033: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Taking address with "&sz" yields a singleton pointer.
5303 return ialloc(gm, n_elements, &sz, 3, chunks);
5304 }
5305
5306 void** dlindependent_comalloc(size_t n_elements, size_t sizes[],
5307 void* chunks[]) {
5308 return ialloc(gm, n_elements, sizes, 0, chunks);
** CID 1040644: Memory - illegal accesses (UNINIT)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/function.c: 3170 in argument_list_push()
________________________________________________________________________________________________________
*** CID 1040644: Memory - illegal accesses (UNINIT)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/function.c: 3170 in argument_list_push()
3164 LISTITER actual_iter = list_begin( actual );
3165 LISTITER const actual_end = list_end( actual );
3166 int j;
3167 for ( j = 0; j < formal[ i ].size; ++j )
3168 {
3169 struct argument * formal_arg = &formal[ i ].args[ j ];
>>> CID 1040644: Memory - illegal accesses (UNINIT)
>>> Declaring variable "value" without initializer.
3170 LIST * value;
3171
3172 switch ( formal_arg->flags )
3173 {
3174 case ARG_ONE:
3175 if ( actual_iter == actual_end )
** CID 1040645: (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/hcache.c: 255 in hcache_init()
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/hcache.c: 276 in hcache_init()
________________________________________________________________________________________________________
*** CID 1040645: (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/hcache.c: 255 in hcache_init()
249
250 timestamp_init( &cachedata.time, atoi( object_str( time_secs_str ) ),
251 atoi( object_str( time_nsecs_str ) ) );
252 cachedata.age = atoi( object_str( age_str ) ) + 1;
253
254 count = atoi( object_str( includes_count_str ) );
>>> CID 1040645: (TAINTED_SCALAR)
>>> Using tainted variable "count" as a loop boundary.
255 for ( l = L0, i = 0; i < count; ++i )
256 {
257 OBJECT * const s = read_netstring( f );
258 if ( !s )
259 {
260 err_printf( "invalid %s\n", hcachename );
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/hcache.c: 276 in hcache_init()
270 {
271 err_printf( "invalid %s\n", hcachename );
272 goto cleanup;
273 }
274
275 count = atoi( object_str( hdrscan_count_str ) );
>>> CID 1040645: (TAINTED_SCALAR)
>>> Using tainted variable "count" as a loop boundary.
276 for ( l = L0, i = 0; i < count; ++i )
277 {
278 OBJECT * const s = read_netstring( f );
279 if ( !s )
280 {
281 err_printf( "invalid %s\n", hcachename );
** CID 1040649: Code maintainability issues (SIZEOF_MISMATCH)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/hash.c: 251 in hashrehash()
________________________________________________________________________________________________________
*** CID 1040649: Code maintainability issues (SIZEOF_MISMATCH)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/hash.c: 251 in hashrehash()
245 hp->items.nel += hp->items.more;
246
247 if ( hp->tab.base )
248 BJAM_FREE( (char *)hp->tab.base );
249
250 hp->tab.nel = hp->items.nel * hp->bloat;
>>> CID 1040649: Code maintainability issues (SIZEOF_MISMATCH)
>>> Passing argument "hp->tab.nel * 8UL /* sizeof (ITEM **) */" to function "malloc" and then casting the return value to "ITEM **" is suspicious. In this particular case "sizeof (ITEM **)" happens to be equal to "sizeof (ITEM *)", but this is not a portable assumption.
251 hp->tab.base = (ITEM * *)BJAM_MALLOC( hp->tab.nel * sizeof( ITEM * * ) );
252
253 memset( (char *)hp->tab.base, '\0', hp->tab.nel * sizeof( ITEM * ) );
254
255 for ( i = 0; i < hp->items.list; ++i )
256 {
** CID 1040650: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/modules/property-set.c: 164 in property_set_create()
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/modules/property-set.c: 183 in property_set_create()
________________________________________________________________________________________________________
*** CID 1040650: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/modules/property-set.c: 164 in property_set_create()
158 return list_new( object_copy( pos->value ) );
159 }
160 else
161 {
162 OBJECT * rulename = object_new( "new" );
163 OBJECT * varname = object_new( "self.raw" );
>>> CID 1040650: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "list_new(object_new("property-set"))" leaks it.
164 LIST * val = call_rule( rulename, frame,
165 list_new( object_new( "property-set" ) ), 0 );
166 LISTITER iter, end;
167 object_free( rulename );
168 pos->value = object_copy( list_front( val ) );
169 var_set( bindmodule( pos->value ), varname, unique, VAR_SET );
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/modules/property-set.c: 183 in property_set_create()
177 string message[ 1 ];
178 string_new( message );
179 string_append( message, "Invalid property: '" );
180 string_append( message, str );
181 string_append( message, "'" );
182 rulename = object_new( "errors.error" );
>>> CID 1040650: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "list_new(object_new(message->value))" leaks it.
183 call_rule( rulename, frame,
184 list_new( object_new( message->value ) ), 0 );
185 /* unreachable */
186 string_free( message );
187 object_free( rulename );
188 }
** CID 1040652: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 205 in exec_cmd()
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 207 in exec_cmd()
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 213 in exec_cmd()
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 308 in exec_cmd()
________________________________________________________________________________________________________
*** CID 1040652: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 205 in exec_cmd()
199
200 /* ignore SIGINT and SIGQUIT */
201 ignore.sa_handler = SIG_IGN;
202 sigemptyset(&ignore.sa_mask);
203 ignore.sa_flags = 0;
204 if (sigaction(SIGINT, &ignore, &saveintr) < 0)
>>> CID 1040652: (RESOURCE_LEAK)
>>> Returning without freeing "shell" leaks the storage that it points to.
205 return;
206 if (sigaction(SIGQUIT, &ignore, &savequit) < 0)
207 return;
208
209 /* block SIGCHLD */
210 sigemptyset(&chldmask);
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 207 in exec_cmd()
201 ignore.sa_handler = SIG_IGN;
202 sigemptyset(&ignore.sa_mask);
203 ignore.sa_flags = 0;
204 if (sigaction(SIGINT, &ignore, &saveintr) < 0)
205 return;
206 if (sigaction(SIGQUIT, &ignore, &savequit) < 0)
>>> CID 1040652: (RESOURCE_LEAK)
>>> Returning without freeing "shell" leaks the storage that it points to.
207 return;
208
209 /* block SIGCHLD */
210 sigemptyset(&chldmask);
211 sigaddset(&chldmask, SIGCHLD);
212 if (sigprocmask(SIG_BLOCK, &chldmask, &savemask) < 0)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 213 in exec_cmd()
207 return;
208
209 /* block SIGCHLD */
210 sigemptyset(&chldmask);
211 sigaddset(&chldmask, SIGCHLD);
212 if (sigprocmask(SIG_BLOCK, &chldmask, &savemask) < 0)
>>> CID 1040652: (RESOURCE_LEAK)
>>> Returning without freeing "shell" leaks the storage that it points to.
213 return;
214
215 if ( ( cmdtab[ slot ].pid = vfork() ) == -1 )
216 {
217 perror( "vfork" );
218 exit( EXITBAD );
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/execunix.c: 308 in exec_cmd()
302 cmdtab[ slot ].closure = closure;
303
304 /* restore previous signals */
305 sigaction(SIGINT, &saveintr, NULL);
306 sigaction(SIGQUIT, &savequit, NULL);
307 sigprocmask(SIG_SETMASK, &savemask, NULL);
>>> CID 1040652: (RESOURCE_LEAK)
>>> Returning without freeing "shell" leaks the storage that it points to.
308 }
309
310 #undef EXECCMD_PIPE_READ
311 #undef EXECCMD_PIPE_WRITE
312
313
** CID 1040653: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1817 in builtin_file_open()
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1817 in builtin_file_open()
________________________________________________________________________________________________________
*** CID 1040653: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1817 in builtin_file_open()
1811 else
1812 fd = open( name, O_RDONLY );
1813
1814 if ( fd != -1 )
1815 {
1816 sprintf( buffer, "%d", fd );
>>> CID 1040653: (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
1817 return list_new( object_new( buffer ) );
1818 }
1819 return L0;
1820 }
1821
1822
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1817 in builtin_file_open()
1811 else
1812 fd = open( name, O_RDONLY );
1813
1814 if ( fd != -1 )
1815 {
1816 sprintf( buffer, "%d", fd );
>>> CID 1040653: (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
1817 return list_new( object_new( buffer ) );
1818 }
1819 return L0;
1820 }
1821
1822
** CID 1040654: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/filesys.c: 440 in file_dirscan_impl()
________________________________________________________________________________________________________
*** CID 1040654: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/filesys.c: 440 in file_dirscan_impl()
434 * insensitive file system
435 * - convert the NTFS paths to their long path variants as that
436 * file system each file system entity may have a long and a
437 * short path variant thus allowing for many different path
438 * strings identifying the same file.
439 */
>>> CID 1040654: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a null pointer "ffq".
440 (*func)( closure, ffq->name, 1 /* stat()'ed */, &ffq->time );
441 }
442 }
443 }
444
445
** CID 1040655: Memory - illegal accesses (NO_EFFECT)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/strings.c: 55 in string_new()
________________________________________________________________________________________________________
*** CID 1040655: Memory - illegal accesses (NO_EFFECT)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/strings.c: 55 in string_new()
49 {
50 s->value = s->opt;
51 s->size = 0;
52 s->capacity = sizeof( s->opt );
53 s->opt[ 0 ] = 0;
54 #ifndef NDEBUG
>>> CID 1040655: Memory - illegal accesses (NO_EFFECT)
>>> "memset" argument "-49" loses precision in "memset(s->magic, -49, 4UL)".
55 memset( s->magic, JAM_STRING_MAGIC, sizeof( s->magic ) );
56 #endif
57 assert_invariants( s );
58 }
59
60
** CID 1040656: Error handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/jam.c: 671 in executable_path()
________________________________________________________________________________________________________
*** CID 1040656: Error handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/jam.c: 671 in executable_path()
665 #elif defined(__linux__)
666 # include <unistd.h>
667 char * executable_path( char const * argv0 )
668 {
669 char buf[ 1024 ];
670 ssize_t const ret = readlink( "/proc/self/exe", buf, sizeof( buf ) );
>>> CID 1040656: Error handling issues (NEGATIVE_RETURNS)
>>> "ret" is passed to a parameter that cannot be negative.
671 return ( !ret || ret == sizeof( buf ) ) ? NULL : strndup( buf, ret );
672 }
673 #elif defined(OS_VMS)
674 # include <unixlib.h>
675 char * executable_path( char const * argv0 )
676 {
** CID 1040657: (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1510 in builtin_update_now()
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1511 in builtin_update_now()
________________________________________________________________________________________________________
*** CID 1040657: (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1510 in builtin_update_now()
1504 {
1505 /* Flush whatever stdio might have buffered, while descriptions 0 and 1
1506 * still refer to the log file.
1507 */
1508 out_flush( );
1509 err_flush( );
>>> CID 1040657: (NEGATIVE_RETURNS)
>>> "original_stdout" is passed to a parameter that cannot be negative.
1510 dup2( original_stdout, 0 );
1511 dup2( original_stderr, 1 );
1512 close( original_stdout );
1513 close( original_stderr );
1514 }
1515
/home/brad/working/src/ceph/src/boost/tools/build/src/engine/builtins.c: 1511 in builtin_update_now()
1505 /* Flush whatever stdio might have buffered, while descriptions 0 and 1
1506 * still refer to the log file.
1507 */
1508 out_flush( );
1509 err_flush( );
1510 dup2( original_stdout, 0 );
>>> CID 1040657: (NEGATIVE_RETURNS)
>>> "original_stderr" is passed to a parameter that cannot be negative.
1511 dup2( original_stderr, 1 );
1512 close( original_stdout );
1513 close( original_stderr );
1514 }
1515
1516 last_update_now_status = status;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8H5-2BXb3AzDpE-2FX6kkp9m8asxgX45OVW6vuYHbSx-2BEW3uQU6-2FrasRM-2Bx7AHFeLmffM2RJCSw94-2F6UxN7GQFFjn8q9Xb7ZpvWJn7lECQZu-2B9ekJ4TlpxNfBH1-2FJmkX3kIfvQf8V-2FpXZ-2BDtAqd2xCFBbktXpl-2BFYgbfZnHSUrglRQoediqSkPjq9sxTsJhCwyPYGw-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8H5-2BXb3AzDpE-2FX6kkp9m8asxgX45OVW6vuYHbSx-2BEW3uQCi114WmghEZQZFOg-2FPrRIl-2BKBYKDX8F4UfvEYhGT1r-2BV47P304TOo9CpSix9HiHl7a3hnsI9FS1OQJuQ-2Ff0-2F74PM-2B3pfSz7BYQjHBjDWnLaleVfbJB4-2FlJ1jOnQNTVRyDAiBA9C-2Blmy3FgvTZdjSw-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-06-11 23:46 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-06-11 23:46 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
49 new defect(s) introduced to ceph found with Coverity Scan.
21 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 49 defect(s)
** CID 717210: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/common/LogEntry.h: 70 in LogEntryKey::LogEntryKey()()
________________________________________________________________________________________________________
*** CID 717210: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/common/LogEntry.h: 70 in LogEntryKey::LogEntryKey()()
64
65 entity_inst_t who;
66 utime_t stamp;
67 uint64_t seq = 0;
68
69 public:
>>> CID 717210: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_hash" is not initialized in this constructor nor in any functions that it calls.
70 LogEntryKey() {}
71 LogEntryKey(const entity_inst_t& w, utime_t t, uint64_t s)
72 : who(w), stamp(t), seq(s) {
73 _calc_hash();
74 }
75
** CID 1412572: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/mon/MgrStatMonitor.cc: 82 in MgrStatMonitor::update_from_paxos(bool *)()
________________________________________________________________________________________________________
*** CID 1412572: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/mon/MgrStatMonitor.cc: 82 in MgrStatMonitor::update_from_paxos(bool *)()
76
77 void MgrStatMonitor::update_from_paxos(bool *need_bootstrap)
78 {
79 version = get_last_committed();
80 dout(10) << " " << version << dendl;
81 bufferlist bl;
>>> CID 1412572: Error handling issues (CHECKED_RETURN)
>>> Calling "get_version" without checking return value (as is done elsewhere 14 out of 15 times).
82 get_version(version, bl);
83 if (version) {
84 assert(bl.length());
85 auto p = bl.begin();
86 ::decode(digest, p);
87 ::decode(health_summary, p);
** CID 1412573: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 10941 in RGWRados::bucket_index_read_olh_log(const RGWBucketInfo &, RGWObjState &, const rgw_obj &, unsigned long, std::map<unsigned long, std::vector<rgw_bucket_olh_log_entry, std::allocator<rgw_bucket_olh_log_entry>>, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, std::vector<rgw_bucket_olh_log_entry, std::allocator<rgw_bucket_olh_log_entry>>>>> *, bool *)()
________________________________________________________________________________________________________
*** CID 1412573: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 10941 in RGWRados::bucket_index_read_olh_log(const RGWBucketInfo &, RGWObjState &, const rgw_obj &, unsigned long, std::map<unsigned long, std::vector<rgw_bucket_olh_log_entry, std::allocator<rgw_bucket_olh_log_entry>>, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, std::vector<rgw_bucket_olh_log_entry, std::allocator<rgw_bucket_olh_log_entry>>>>> *, bool *)()
10935 cls_rgw_guard_bucket_resharding(op, -ERR_BUSY_RESHARDING);
10936 return cls_rgw_get_olh_log(bs->index_ctx, bs->bucket_obj, op,
10937 key, ver_marker, olh_tag, log, is_truncated);
10938 });
10939 if (ret < 0) {
10940 ldout(cct, 20) << "cls_rgw_get_olh_log() returned r=" << r << dendl;
>>> CID 1412573: Incorrect expression (COPY_PASTE_ERROR)
>>> "ret" looks like a copy-paste error.
10941 return ret;
10942 }
10943
10944 return 0;
10945 }
10946
** CID 1412574: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 41 in librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>::PreReleaseRequest(librbd::MockImageCtx &, bool, AsyncOpTracker &, Context *)()
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 41 in librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>::PreReleaseRequest(librbd::ImageCtx &, bool, AsyncOpTracker &, Context *)()
________________________________________________________________________________________________________
*** CID 1412574: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 41 in librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>::PreReleaseRequest(librbd::MockImageCtx &, bool, AsyncOpTracker &, Context *)()
35 template <typename I>
36 PreReleaseRequest<I>::PreReleaseRequest(I &image_ctx, bool shutting_down,
37 AsyncOpTracker &async_op_tracker,
38 Context *on_finish)
39 : m_image_ctx(image_ctx), m_shutting_down(shutting_down),
40 m_async_op_tracker(async_op_tracker),
>>> CID 1412574: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>" but the destructor and whatever functions it calls do not free it.
41 m_on_finish(create_async_context_callback(image_ctx, on_finish)) {
42 }
43
44 template <typename I>
45 PreReleaseRequest<I>::~PreReleaseRequest() {
46 if (!m_shutting_down) {
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 41 in librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>::PreReleaseRequest(librbd::ImageCtx &, bool, AsyncOpTracker &, Context *)()
35 template <typename I>
36 PreReleaseRequest<I>::PreReleaseRequest(I &image_ctx, bool shutting_down,
37 AsyncOpTracker &async_op_tracker,
38 Context *on_finish)
39 : m_image_ctx(image_ctx), m_shutting_down(shutting_down),
40 m_async_op_tracker(async_op_tracker),
>>> CID 1412574: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
41 m_on_finish(create_async_context_callback(image_ctx, on_finish)) {
42 }
43
44 template <typename I>
45 PreReleaseRequest<I>::~PreReleaseRequest() {
46 if (!m_shutting_down) {
** CID 1412575: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/mon/PGMap.cc: 2764 in PGMap::get_health(CephContext *, const OSDMap &, std::__cxx11::list<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &, std::__cxx11::list<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> *) const()
________________________________________________________________________________________________________
*** CID 1412575: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/mon/PGMap.cc: 2764 in PGMap::get_health(CephContext *, const OSDMap &, std::__cxx11::list<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &, std::__cxx11::list<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<health_status_t, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> *) const()
2758 ss2 << num_err << " osds have very slow requests";
2759 summary.push_back(make_pair(HEALTH_ERR, ss2.str()));
2760 detail->push_back(make_pair(HEALTH_ERR, ss2.str()));
2761 }
2762 if (num_warn) {
2763 ostringstream ss2;
>>> CID 1412575: Incorrect expression (COPY_PASTE_ERROR)
>>> "num_err" in "ss2 << num_err" looks like a copy-paste error.
2764 ss2 << num_err << " osds have slow requests";
2765 summary.push_back(make_pair(HEALTH_WARN, ss2.str()));
2766 detail->push_back(make_pair(HEALTH_WARN, ss2.str()));
2767 }
2768 }
2769 }
** CID 1412576: Integer handling issues (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/mon/PGMap.cc: 683 in PGMapDigest::dump_pool_stats_full(const OSDMap &, std::__cxx11::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> *, ceph::Formatter *, bool) const()
________________________________________________________________________________________________________
*** CID 1412576: Integer handling issues (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/mon/PGMap.cc: 683 in PGMapDigest::dump_pool_stats_full(const OSDMap &, std::__cxx11::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> *, ceph::Formatter *, bool) const()
677 osd_map.get_erasure_code_profile(pool->erasure_code_profile);
678 auto pm = ecp.find("m");
679 auto pk = ecp.find("k");
680 if (pm != ecp.end() && pk != ecp.end()) {
681 int k = atoi(pk->second.c_str());
682 int m = atoi(pm->second.c_str());
>>> CID 1412576: Integer handling issues (DIVIDE_BY_ZERO)
>>> In expression "avail * k / (m + k)", division by expression "m + k" which may be zero has undefined behavior.
683 avail = avail * k / (m + k);
684 raw_used_rate = (float)(m + k) / k;
685 } else {
686 raw_used_rate = 0.0;
687 }
688 }
** CID 1412577: Incorrect expression (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/mon/PGMap.cc: 684 in PGMapDigest::dump_pool_stats_full(const OSDMap &, std::__cxx11::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> *, ceph::Formatter *, bool) const()
________________________________________________________________________________________________________
*** CID 1412577: Incorrect expression (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/mon/PGMap.cc: 684 in PGMapDigest::dump_pool_stats_full(const OSDMap &, std::__cxx11::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> *, ceph::Formatter *, bool) const()
678 auto pm = ecp.find("m");
679 auto pk = ecp.find("k");
680 if (pm != ecp.end() && pk != ecp.end()) {
681 int k = atoi(pk->second.c_str());
682 int m = atoi(pm->second.c_str());
683 avail = avail * k / (m + k);
>>> CID 1412577: Incorrect expression (DIVIDE_BY_ZERO)
>>> In expression "(float)(m + k) / k", division by expression "k" which may be zero has undefined behavior.
684 raw_used_rate = (float)(m + k) / k;
685 } else {
686 raw_used_rate = 0.0;
687 }
688 }
689 break;
** CID 1412578: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/Server.cc: 7032 in Server::_rename_prepare(boost::intrusive_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
________________________________________________________________________________________________________
*** CID 1412578: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/Server.cc: 7032 in Server::_rename_prepare(boost::intrusive_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
7026 force_journal_dest = true;
7027 } else
7028 force_journal_dest = _need_force_journal(srci, false);
7029 }
7030
7031 bool force_journal_stray = false;
>>> CID 1412578: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "straydn" to null implies that "straydn" might be null.
7032 if (oldin && oldin->is_dir() && straydn && !straydn->is_auth())
7033 force_journal_stray = _need_force_journal(oldin, true);
7034
7035 if (linkmerge)
7036 dout(10) << " merging remote and primary links to the same inode" << dendl;
7037 if (silent)
** CID 1412579: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI34cls_rgw_clear_bucket_resharding_opE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412579: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI34cls_rgw_clear_bucket_resharding_opE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412579: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412580: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI25cls_rgw_reshard_remove_opE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412580: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI25cls_rgw_reshard_remove_opE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412580: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412581: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI24cls_rgw_reshard_list_retE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412581: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI24cls_rgw_reshard_list_retE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412581: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412582: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI23cls_rgw_reshard_get_retE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412582: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI23cls_rgw_reshard_get_retE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412582: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412583: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI29cls_rgw_bucket_instance_entryE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412583: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI29cls_rgw_bucket_instance_entryE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412583: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412584: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI22cls_rgw_reshard_get_opE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412584: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI22cls_rgw_reshard_get_opE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412584: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412585: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI32cls_rgw_set_bucket_resharding_opE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412585: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI32cls_rgw_set_bucket_resharding_opE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412585: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412586: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI23cls_rgw_reshard_list_opE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412586: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI23cls_rgw_reshard_list_opE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412586: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412587: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI22cls_rgw_reshard_add_opE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412587: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI22cls_rgw_reshard_add_opE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412587: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412588: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI21cls_rgw_reshard_entryE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412588: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI21cls_rgw_reshard_entryE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412588: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412589: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI11PGMapDigestE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1412589: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI11PGMapDigestE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1412589: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1412590: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 18590 in __pyx_pw_5rados_5Rados_65monitor_log2()
________________________________________________________________________________________________________
*** CID 1412590: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 18590 in __pyx_pw_5rados_5Rados_65monitor_log2()
18584 }
18585 kw_args = PyDict_Size(__pyx_kwds);
18586 switch (pos_args) {
18587 case 0:
18588 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_level)) != 0)) kw_args--;
18589 else goto __pyx_L5_argtuple_error;
>>> CID 1412590: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18590 case 1:
18591 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_callback)) != 0)) kw_args--;
18592 else {
18593 __Pyx_RaiseArgtupleInvalid("monitor_log2", 1, 3, 3, 1); __PYX_ERR(0, 1419, __pyx_L3_error)
18594 }
18595 case 2:
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EnwDfL5KmGX4YdCmc-2FpKJF4vR59fQpqSroqM2G9hQwWc-2F47LynvUqg6VdQlp-2BWWUGMuPvvtFIa8UtxGOqgrOKp8YN-2FcIfOQp8BBQD-2FES0-2B7MDQVohLRs579NPLiYQ-2BYf8fS1pCg8vZSky3Xxjkw-2F0QZ97ixCpdPv-2BgCsJCrm57cXgtkl7RiCxG2gS5aYLj2kc-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EnwDfL5KmGX4YdCmc-2FpKJF4vR59fQpqSroqM2G9hQwWYHoYpGzLSlbNeOLCZzz9R25jlGcLqgN2DWfe-2FXaNZ76yRdlpf6ByXbIBFQu0iVaZZk8MLDbvt2Zbf76GjQOtyvsPZqvqjDWtc880RtWono-2BGKHzWDLygRJOrbty44QnHdG90VIIyfV5WfliF9obpgg-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-06-01 4:33 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-06-01 4:33 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
11 new defect(s) introduced to ceph found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 11 of 11 defect(s)
** CID 1411820: Integer handling issues (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/test/test_denc.cc: 618 in Legacy::encode_n(unsigned int, const std::vector<unsigned int, std::allocator<unsigned int>> &)()
________________________________________________________________________________________________________
*** CID 1411820: Integer handling issues (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/test/test_denc.cc: 618 in Legacy::encode_n(unsigned int, const std::vector<unsigned int, std::allocator<unsigned int>> &)()
612 bufferlist segmented;
613 auto p = bl.begin();
614
615 auto sum = std::accumulate(segments.begin(), segments.end(), 0u);
616 for (auto i : segments) {
617 buffer::ptr seg;
>>> CID 1411820: Integer handling issues (DIVIDE_BY_ZERO)
>>> In expression "bl.length() * i / sum", division by expression "sum" which may be zero has undefined behavior.
618 p.copy_deep(bl.length() * i / sum, seg);
619 segmented.push_back(seg);
620 }
621 p.copy_all(segmented);
622 return segmented;
623 }
** CID 1411821: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI15sstring_wrapperE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1411821: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI15sstring_wrapperE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1411821: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1411822: (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/include/buffer.h: 661 in ceph::buffer::list::list(unsigned int)()
/home/brad/working/src/ceph/src/include/rados/buffer.h: 661 in ceph::buffer::list::list(unsigned int)()
________________________________________________________________________________________________________
*** CID 1411822: (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/include/buffer.h: 661 in ceph::buffer::list::list(unsigned int)()
655 int zero_copy_to_fd(int fd) const;
656
657 public:
658 // cons/des
659 list() : _len(0), _memcopy_count(0), last_p(this) {}
660 // cppcheck-suppress noExplicitConstructor
>>> CID 1411822: (NEGATIVE_RETURNS)
>>> Assigning: "this->_mempool" = a negative value.
661 list(unsigned prealloc) : _len(0), _memcopy_count(0), last_p(this) {
662 reserve(prealloc);
663 }
664
665 list(const list& other) : _buffers(other._buffers), _len(other._len),
666 _memcopy_count(other._memcopy_count), last_p(this) {
/home/brad/working/src/ceph/src/include/rados/buffer.h: 661 in ceph::buffer::list::list(unsigned int)()
655 int zero_copy_to_fd(int fd) const;
656
657 public:
658 // cons/des
659 list() : _len(0), _memcopy_count(0), last_p(this) {}
660 // cppcheck-suppress noExplicitConstructor
>>> CID 1411822: (NEGATIVE_RETURNS)
>>> Assigning: "this->_mempool" = a negative value.
661 list(unsigned prealloc) : _len(0), _memcopy_count(0), last_p(this) {
662 reserve(prealloc);
663 }
664
665 list(const list& other) : _buffers(other._buffers), _len(other._len),
666 _memcopy_count(other._memcopy_count), last_p(this) {
** CID 1411823: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1378 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
________________________________________________________________________________________________________
*** CID 1411823: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1378 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
1372 crush_choose_arg_map arg_map = w.second;
1373 crush_choose_arg *arg = &arg_map.args[-1-bucket->id];
1374 for (__u32 j = 0; j < arg->weight_set_size; j++) {
1375 crush_weight_set *weight_set = &arg->weight_set[j];
1376 weight_set->weights = (__u32*)realloc(weight_set->weights, new_size * sizeof(__u32));
1377 assert(weight_set->size + 1 == new_size);
>>> CID 1411823: Null pointer dereferences (NULL_RETURNS)
>>> Dereferencing a null pointer "weight_set->weights".
1378 weight_set->weights[weight_set->size] = weight;
1379 weight_set->size = new_size;
1380 }
1381 if (arg->ids_size) {
1382 arg->ids = (int*)realloc(arg->ids, new_size * sizeof(int));
1383 assert(arg->ids_size + 1 == new_size);
** CID 1411824: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1411824: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/osd/osd_types.cc: 4933 in object_manifest_t::encode(ceph::buffer::list &) const()
4927 }
4928
4929 // -- object_manifest_t --
4930
4931 void object_manifest_t::encode(bufferlist& bl) const
4932 {
>>> CID 1411824: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
4933 ENCODE_START(1, 1, bl);
4934 ::encode(type, bl);
4935 switch (type) {
4936 case TYPE_NONE: break;
4937 case TYPE_REDIRECT:
4938 ::encode(redirect_target, bl);
** CID 1411825: (OVERRUN)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1378 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1378 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
________________________________________________________________________________________________________
*** CID 1411825: (OVERRUN)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1378 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
1372 crush_choose_arg_map arg_map = w.second;
1373 crush_choose_arg *arg = &arg_map.args[-1-bucket->id];
1374 for (__u32 j = 0; j < arg->weight_set_size; j++) {
1375 crush_weight_set *weight_set = &arg->weight_set[j];
1376 weight_set->weights = (__u32*)realloc(weight_set->weights, new_size * sizeof(__u32));
1377 assert(weight_set->size + 1 == new_size);
>>> CID 1411825: (OVERRUN)
>>> Overrunning dynamic array "weight_set->weights" at offset corresponding to index variable "weight_set->size".
1378 weight_set->weights[weight_set->size] = weight;
1379 weight_set->size = new_size;
1380 }
1381 if (arg->ids_size) {
1382 arg->ids = (int*)realloc(arg->ids, new_size * sizeof(int));
1383 assert(arg->ids_size + 1 == new_size);
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1378 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
1372 crush_choose_arg_map arg_map = w.second;
1373 crush_choose_arg *arg = &arg_map.args[-1-bucket->id];
1374 for (__u32 j = 0; j < arg->weight_set_size; j++) {
1375 crush_weight_set *weight_set = &arg->weight_set[j];
1376 weight_set->weights = (__u32*)realloc(weight_set->weights, new_size * sizeof(__u32));
1377 assert(weight_set->size + 1 == new_size);
>>> CID 1411825: (OVERRUN)
>>> Overrunning dynamic array "weight_set->weights" at offset corresponding to index variable "weight_set->size".
1378 weight_set->weights[weight_set->size] = weight;
1379 weight_set->size = new_size;
1380 }
1381 if (arg->ids_size) {
1382 arg->ids = (int*)realloc(arg->ids, new_size * sizeof(int));
1383 assert(arg->ids_size + 1 == new_size);
** CID 1411826: (OVERRUN)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1384 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1384 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
________________________________________________________________________________________________________
*** CID 1411826: (OVERRUN)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1384 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
1378 weight_set->weights[weight_set->size] = weight;
1379 weight_set->size = new_size;
1380 }
1381 if (arg->ids_size) {
1382 arg->ids = (int*)realloc(arg->ids, new_size * sizeof(int));
1383 assert(arg->ids_size + 1 == new_size);
>>> CID 1411826: (OVERRUN)
>>> Overrunning dynamic array "arg->ids" at offset corresponding to index variable "arg->ids_size".
1384 arg->ids[arg->ids_size] = item;
1385 arg->ids_size = new_size;
1386 }
1387 }
1388 return crush_bucket_add_item(crush, bucket, item, weight);
1389 }
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1384 in CrushWrapper::bucket_add_item(crush_bucket *, int, int)()
1378 weight_set->weights[weight_set->size] = weight;
1379 weight_set->size = new_size;
1380 }
1381 if (arg->ids_size) {
1382 arg->ids = (int*)realloc(arg->ids, new_size * sizeof(int));
1383 assert(arg->ids_size + 1 == new_size);
>>> CID 1411826: (OVERRUN)
>>> Overrunning dynamic array "arg->ids" at offset corresponding to index variable "arg->ids_size".
1384 arg->ids[arg->ids_size] = item;
1385 arg->ids_size = new_size;
1386 }
1387 }
1388 return crush_bucket_add_item(crush, bucket, item, weight);
1389 }
** CID 1411827: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/tier.cc: 5494 in LibRadosTwoPoolsECPP_SetRedirectRead_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/tier.cc: 5492 in LibRadosTwoPoolsECPP_SetRedirectRead_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1411827: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/tier.cc: 5494 in LibRadosTwoPoolsECPP_SetRedirectRead_Test::TestBody()()
5488 {
5489 ObjectWriteOperation op;
5490 op.set_redirect("bar", cache_ioctx, 0);
5491 librados::AioCompletion *completion = cluster.aio_create_completion();
5492 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op));
5493 completion->wait_for_safe();
>>> CID 1411827: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
5494 ASSERT_EQ(0, completion->get_return_value());
5495 completion->release();
5496 }
5497 // read and verify the object
5498 {
5499 bufferlist bl;
/home/brad/working/src/ceph/src/test/librados/tier.cc: 5492 in LibRadosTwoPoolsECPP_SetRedirectRead_Test::TestBody()()
5486 cluster.wait_for_latest_osdmap();
5487
5488 {
5489 ObjectWriteOperation op;
5490 op.set_redirect("bar", cache_ioctx, 0);
5491 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1411827: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
5492 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op));
5493 completion->wait_for_safe();
5494 ASSERT_EQ(0, completion->get_return_value());
5495 completion->release();
5496 }
5497 // read and verify the object
** CID 1411828: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/tier.cc: 2795 in LibRadosTwoPoolsPP_SetRedirectRead_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/tier.cc: 2793 in LibRadosTwoPoolsPP_SetRedirectRead_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1411828: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/tier.cc: 2795 in LibRadosTwoPoolsPP_SetRedirectRead_Test::TestBody()()
2789 {
2790 ObjectWriteOperation op;
2791 op.set_redirect("bar", cache_ioctx, 0);
2792 librados::AioCompletion *completion = cluster.aio_create_completion();
2793 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op));
2794 completion->wait_for_safe();
>>> CID 1411828: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
2795 ASSERT_EQ(0, completion->get_return_value());
2796 completion->release();
2797 }
2798 // read and verify the object
2799 {
2800 bufferlist bl;
/home/brad/working/src/ceph/src/test/librados/tier.cc: 2793 in LibRadosTwoPoolsPP_SetRedirectRead_Test::TestBody()()
2787 cluster.wait_for_latest_osdmap();
2788
2789 {
2790 ObjectWriteOperation op;
2791 op.set_redirect("bar", cache_ioctx, 0);
2792 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1411828: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
2793 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op));
2794 completion->wait_for_safe();
2795 ASSERT_EQ(0, completion->get_return_value());
2796 completion->release();
2797 }
2798 // read and verify the object
** CID 1411829: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/osd/TestRados.cc: 55 in WeightedTestGenerator::WeightedTestGenerator(int, int, std::map<TestOpType, unsigned int, std::less<TestOpType>, std::allocator<std::pair<const TestOpType, unsigned int>>>, TestOpStat *, int, bool, bool, bool)()
________________________________________________________________________________________________________
*** CID 1411829: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/osd/TestRados.cc: 55 in WeightedTestGenerator::WeightedTestGenerator(int, int, std::map<TestOpType, unsigned int, std::less<TestOpType>, std::allocator<std::pair<const TestOpType, unsigned int>>>, TestOpStat *, int, bool, bool, bool)()
49 if (m_set_redirect) {
50 /* create redirect objects + set-redirect*/
51 m_redirect_objects = objects*2; // for copy_from + set-redirect test
52 m_initial_redirected_objects = objects;
53 m_ops = ops+m_redirect_objects+m_initial_redirected_objects;
54 }
>>> CID 1411829: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_initial_redirected_objects" is not initialized in this constructor nor in any functions that it calls.
55 }
56
57 TestOp *next(RadosTestContext &context) override
58 {
59 TestOp *retval = NULL;
60
** CID 1411830: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/osd/RadosModel.h: 2126 in UnsetRedirectOp::UnsetRedirectOp(int, RadosTestContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, TestOpStat *)()
________________________________________________________________________________________________________
*** CID 1411830: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/osd/RadosModel.h: 2126 in UnsetRedirectOp::UnsetRedirectOp(int, RadosTestContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, TestOpStat *)()
2120
2121 UnsetRedirectOp(int n,
2122 RadosTestContext *context,
2123 const string &oid,
2124 TestOpStat *stat = 0)
2125 : TestOp(n, context, stat), oid(oid)
>>> CID 1411830: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "comp" is not initialized in this constructor nor in any functions that it calls.
2126 {}
2127
2128 void _begin() override
2129 {
2130 context->state_lock.Lock();
2131 if (context->get_watch_context(oid)) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G5OiOArS4mvucljpKkZw44xl0QoIr8EpGQt1P0w1oaffl7nxw8VV-2FfL-2BSHVBEVO6LCmn0hI3U0Gj4IBjBpEHsBqkyG32oG7OM07i90czclrUn8ZHIPd7o0COMiw9vRPoQvv9Qjc4bhBMPPuVAfW-2Fp-2Fl68O2kkGS5yLflkFKEpdvr57J6B1ycB-2BZ93t-2Fb-2BrHkw-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G5OiOArS4mvucljpKkZw44xl0QoIr8EpGQt1P0w1oafXCIZ8tHMljtYMd-2Fvesxn1V8hxDdwW85wJWMZSoNgAEHWwSeYpAfDcwI4c-2FwCOmfWTElzRdAYV-2FwKXoRzvooUS1exKyuJU-2FEzJqVabH9jj4h26-2BepOn998l-2FejVNhKELgNj8j2nQHqQTsEd6D0fWZnc-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-05-25 6:22 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-05-25 6:22 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
400 new defect(s) introduced to ceph found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 400 defect(s)
** CID 717165: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
________________________________________________________________________________________________________
*** CID 717165: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
3513
3514 out:
3515 delete formatter;
3516 return (ret < 0) ? 1 : 0;
3517 }
3518
>>> CID 717165: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
3519 int main(int argc, const char **argv)
3520 {
3521 vector<const char*> args;
3522 argv_to_vec(argc, argv, args);
3523 env_to_vec(args);
3524
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
3513
3514 out:
3515 delete formatter;
3516 return (ret < 0) ? 1 : 0;
3517 }
3518
>>> CID 717165: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
3519 int main(int argc, const char **argv)
3520 {
3521 vector<const char*> args;
3522 argv_to_vec(argc, argv, args);
3523 env_to_vec(args);
3524
** CID 717379: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_op.h: 244 in RGWGetObj::RGWGetObj()()
________________________________________________________________________________________________________
*** CID 717379: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_op.h: 244 in RGWGetObj::RGWGetObj()()
238 first_block = 0;
239 last_block = 0;
240 q_ofs = 0;
241 q_len = 0;
242 first_data = true;
243 cur_ofs = 0;
>>> CID 717379: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "rgwx_stat" is not initialized in this constructor nor in any functions that it calls.
244 }
245
246 bool prefetch_data() override;
247
248 void set_get_data(bool get_data) {
249 this->get_data = get_data;
** CID 745929: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 745929: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
54 JSONDecoder::decode_json("max_buckets", max_buckets, obj);
55 JSONDecoder::decode_json("keys", keys, obj);
56 }
57 };
58
59
>>> CID 745929: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_get> >" is thrown and never caught.
60 int main(int argc, char **argv) {
61 JSONParser parser;
62
63 char buf[1024];
64 bufferlist bl;
65
** CID 1019602: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
________________________________________________________________________________________________________
*** CID 1019602: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1019603: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
________________________________________________________________________________________________________
*** CID 1019603: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1019603: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_lexical_cast> >" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1054823: (ATOMICITY)
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
________________________________________________________________________________________________________
*** CID 1054823: (ATOMICITY)
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
536 len -= send_len;
537 sent += send_len;
538
539 lock.Lock();
540
541 bufferlist new_bl;
>>> CID 1054823: (ATOMICITY)
>>> Using an unreliable value of "bl" inside the second locked section. If the data that "bl" depends on was changed by another thread, this use might be incorrect.
542 if (bl.length() > send_len) {
543 bufferptr bp(bl.c_str() + send_len, bl.length() - send_len);
544 new_bl.append(bp);
545 }
546 pending_send.pop_front(); /* need to do this after we copy data from bl */
547 if (new_bl.length()) {
/home/brad/working/src/ceph/src/rgw/rgw_rest_client.cc: 542 in RGWRESTStreamWriteRequest::send_data(void *, unsigned long)()
536 len -= send_len;
537 sent += send_len;
538
539 lock.Lock();
540
541 bufferlist new_bl;
>>> CID 1054823: (ATOMICITY)
>>> Using an unreliable value of "bl" inside the second locked section. If the data that "bl" depends on was changed by another thread, this use might be incorrect.
542 if (bl.length() > send_len) {
543 bufferptr bp(bl.c_str() + send_len, bl.length() - send_len);
544 new_bl.append(bp);
545 }
546 pending_send.pop_front(); /* need to do this after we copy data from bl */
547 if (new_bl.length()) {
** CID 1219619: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
________________________________________________________________________________________________________
*** CID 1219619: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rados/rados.cc: 3519 in main()
3513
3514 out:
3515 delete formatter;
3516 return (ret < 0) ? 1 : 0;
3517 }
3518
>>> CID 1219619: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
3519 int main(int argc, const char **argv)
3520 {
3521 vector<const char*> args;
3522 argv_to_vec(argc, argv, args);
3523 env_to_vec(args);
3524
** CID 1219625: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 1219625: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_jsonparser.cc: 60 in main()
54 JSONDecoder::decode_json("max_buckets", max_buckets, obj);
55 JSONDecoder::decode_json("keys", keys, obj);
56 }
57 };
58
59
>>> CID 1219625: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
60 int main(int argc, char **argv) {
61 JSONParser parser;
62
63 char buf[1024];
64 bufferlist bl;
65
** CID 1219631: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
________________________________________________________________________________________________________
*** CID 1219631: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1219631: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/home/brad/working/src/ceph/src/test/bench/small_io_bench_rbd.cc: 25 in main()
19 #include "detailed_stat_collector.h"
20 #include "distribution.h"
21
22 namespace po = boost::program_options;
23 using namespace std;
24
>>> CID 1219631: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
25 int main(int argc, char **argv)
26 {
27 po::options_description desc("Allowed options");
28 desc.add_options()
29 ("help", "produce help message")
30 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1232605: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
________________________________________________________________________________________________________
*** CID 1232605: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
52 cout << std::endl;
53 cout << "Image mapping rules:" << std::endl;
54 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
55 cout << "image2." << std::endl;
56 }
57
>>> CID 1232605: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
58 int main(int argc, const char **argv) {
59 vector<const char*> args;
60
61 argv_to_vec(argc, argv, args);
62 env_to_vec(args);
63 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
** CID 1247721: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd/rbd.cc: 10 in main()
________________________________________________________________________________________________________
*** CID 1247721: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/rbd/rbd.cc: 10 in main()
4 #include "tools/rbd/Shell.h"
5 #include "include/int_types.h"
6 #include "common/ceph_argparse.h"
7 #include "global/global_init.h"
8 #include <vector>
9
>>> CID 1247721: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
10 int main(int argc, const char **argv)
11 {
12 std::vector<const char*> args;
13 argv_to_vec(argc, argv, args);
14 env_to_vec(args);
15
** CID 1255934: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/functional: 1869 in std::function<void (ceph::Formatter &, const md_config_t &, RGWRados &)>::function(std::nullptr_t)()
________________________________________________________________________________________________________
*** CID 1255934: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/functional: 1869 in std::function<void (ceph::Formatter &, const md_config_t &, RGWRados &)>::function(std::nullptr_t)()
1863
1864 /**
1865 * @brief Creates an empty function call wrapper.
1866 * @post @c !(bool)*this
1867 */
1868 function(nullptr_t) noexcept
>>> CID 1255934: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
1869 : _Function_base() { }
1870
1871 /**
1872 * @brief %Function copy constructor.
1873 * @param __x A %function object with identical call signature.
1874 * @post @c bool(*this) == bool(__x)
** CID 1296302: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/bits/regex_scanner.h: 110 in std::__detail::_ScannerBase::_ScannerBase(std::regex_constants::syntax_option_type)()
________________________________________________________________________________________________________
*** CID 1296302: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.3.1/bits/regex_scanner.h: 110 in std::__detail::_ScannerBase::_ScannerBase(std::regex_constants::syntax_option_type)()
104 : _M_flags & regex_constants::egrep
105 ? ".[\\()*+?{|^$\n"
106 : _M_flags & regex_constants::awk
107 ? _M_extended_spec_char
108 : nullptr),
109 _M_at_bracket_start(false)
>>> CID 1296302: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_token" is not initialized in this constructor nor in any functions that it calls.
110 { __glibcxx_assert(_M_spec_char); }
111
112 protected:
113 const char*
114 _M_find_escape(char __c)
115 {
** CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/test/librbd/fsx.cc: 1340 in save_buffer(char *, long, int)()
________________________________________________________________________________________________________
*** CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/test/librbd/fsx.cc: 1340 in save_buffer(char *, long, int)()
1334 off_t ret;
1335 ssize_t byteswritten;
1336
1337 if (fd <= 0 || bufferlength == 0)
1338 return;
1339
>>> CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>>> "bufferlength > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
1340 if (bufferlength > SSIZE_MAX) {
1341 prt("fsx flaw: overflow in save_buffer\n");
1342 exit(67);
1343 }
1344
1345 ret = lseek(fd, (off_t)0, SEEK_SET);
** CID 1297756: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/cls_rbd/test_cls_rbd.cc: 62 in random_buf(unsigned long)()
________________________________________________________________________________________________________
*** CID 1297756: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/cls_rbd/test_cls_rbd.cc: 62 in random_buf(unsigned long)()
56 }
57
58 static char *random_buf(size_t len)
59 {
60 char *b = new char[len];
61 for (size_t i = 0; i < len; i++)
>>> CID 1297756: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
62 b[i] = (rand() % (128 - 32)) + 32;
63 return b;
64 }
65
66 class TestClsRbd : public ::testing::Test {
67 public:
** CID 1297879: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
________________________________________________________________________________________________________
*** CID 1297879: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rbd_replay/rbd-replay.cc: 58 in main()
52 cout << std::endl;
53 cout << "Image mapping rules:" << std::endl;
54 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
55 cout << "image2." << std::endl;
56 }
57
>>> CID 1297879: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::thread_resource_error> >" is thrown and never caught.
58 int main(int argc, const char **argv) {
59 vector<const char*> args;
60
61 argv_to_vec(argc, argv, args);
62 env_to_vec(args);
63 auto cct = global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT,
** CID 1313366: (ATOMICITY)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 719 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 788 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
________________________________________________________________________________________________________
*** CID 1313366: (ATOMICITY)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 719 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
713 }
714
715 // calculate latency here, so memcmp doesn't inflate it
716 data.cur_latency = ceph_clock_now() - start_times[slot];
717
718 cur_contents = contents[slot];
>>> CID 1313366: (ATOMICITY)
>>> Using an unreliable value of "index[slot]" inside the second locked section. If the data that "index[slot]" depends on was changed by another thread, this use might be incorrect.
719 int current_index = index[slot];
720
721 // invalidate internal crc cache
722 cur_contents->invalidate_crc();
723
724 if (!no_verify) {
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 788 in ObjBencher::seq_read_bench(int, int, int, int, bool)()
782 if (data.cur_latency < data.min_latency) data.min_latency = data.cur_latency;
783 ++data.finished;
784 data.avg_latency = total_latency / data.finished;
785 --data.in_flight;
786 release_completion(slot);
787 if (!no_verify) {
>>> CID 1313366: (ATOMICITY)
>>> Using an unreliable value of "index[slot]" inside the second locked section. If the data that "index[slot]" depends on was changed by another thread, this use might be incorrect.
788 snprintf(data.object_contents, data.op_size, "I'm the %16dth op!", index[slot]);
789 lock.Unlock();
790 if ((contents[slot]->length() != data.op_size) ||
791 (memcmp(data.object_contents, contents[slot]->c_str(), data.op_size) != 0)) {
792 cerr << name[slot] << " is not correct!" << std::endl;
793 ++errors;
** CID 1313371: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 120 in RadosImport::import(librados::IoCtx &, bool)()
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 164 in RadosImport::import(librados::IoCtx &, bool)()
________________________________________________________________________________________________________
*** CID 1313371: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 120 in RadosImport::import(librados::IoCtx &, bool)()
114 return -EINVAL;
115 }
116 #endif
117
118 #if defined(__linux__)
119 if (file_fd != STDIN_FILENO)
>>> CID 1313371: (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->file_fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
120 posix_fadvise(file_fd, 0, 0, POSIX_FADV_SEQUENTIAL);
121 #endif
122
123 bool done = false;
124 bool found_metadata = false;
125 while(!done) {
/home/brad/working/src/ceph/src/tools/rados/RadosImport.cc: 164 in RadosImport::import(librados::IoCtx &, bool)()
158 if (!(pool_mode || found_metadata)) {
159 cerr << "Missing metadata section!" << std::endl;
160 }
161
162 #if defined(__linux__)
163 if (file_fd != STDIN_FILENO)
>>> CID 1313371: (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->file_fd, 0L, 0L, 4)" without checking return value. This library function may fail and return an error code.
164 posix_fadvise(file_fd, 0, 0, POSIX_FADV_DONTNEED);
165 #endif
166 return 0;
167 }
168
169 int RadosImport::get_object_rados(librados::IoCtx &ioctx, bufferlist &bl, bool no_overwrite)
** CID 1313372: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/PoolDump.cc: 167 in PoolDump::dump(librados::IoCtx *)()
________________________________________________________________________________________________________
*** CID 1313372: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rados/PoolDump.cc: 167 in PoolDump::dump(librados::IoCtx *)()
161 }
162 }
163
164 r = write_simple(TYPE_POOL_END, file_fd);
165 #if defined(__linux__)
166 if (file_fd != STDOUT_FILENO)
>>> CID 1313372: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->file_fd, 0L, 0L, 4)" without checking return value. This library function may fail and return an error code.
167 posix_fadvise(file_fd, 0, 0, POSIX_FADV_DONTNEED);
168 #endif
169 return r;
** CID 1313380: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 977 in ObjBencher::rand_read_bench(int, int, int, int, bool)()
________________________________________________________________________________________________________
*** CID 1313380: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/common/obj_bencher.cc: 977 in ObjBencher::rand_read_bench(int, int, int, int, bool)()
971 (memcmp(data.object_contents, cur_contents->c_str(), data.op_size) != 0)) {
972 cerr << name[slot] << " is not correct!" << std::endl;
973 ++errors;
974 }
975 }
976
>>> CID 1313380: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
977 rand_id = rand() % num_objects;
978 newName = generate_object_name(rand_id / writes_per_object, pid);
979 index[slot] = rand_id;
980 release_completion(slot);
981
982 // invalidate internal crc cache
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HbBSYlGRvC6yb6IGf3IrEcYVJqy9-2FImfMxv9uburkNvarkyqWwX5Mqfu1HqNERerkSBlR1irNG2DpcaId5JlbsZpQs26lS4yycxgraa1mvrR7aSRTFPsSGKdgWoLAVo-2Frer-2FgL1qdiMaEHDi926oC8TDKjYc6u-2FkgsCns9GNvyZCnDQmB-2F3VZmts8D-2F4mxFKc-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HbBSYlGRvC6yb6IGf3IrEcYVJqy9-2FImfMxv9uburkNvWGv8Z7p1J5GSXDQNgfSCKDvcXRmzIF5P9TwhoIZ-2F-2FM6-2FmWzXqXif3RlYGW6QeWOjcarMjFVTscNUNbzSaxsAsqDUL7G1JdcbAvWsyF65rFgQ2-2FtBGe0pEE4IAAkDKDhaV5C3064UhFoc-2FjLoVy2SQk-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-05-18 1:44 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-05-18 1:44 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
14 new defect(s) introduced to ceph found with Coverity Scan.
957 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 14 of 14 defect(s)
** CID 1220854: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1165 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1220854: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1165 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
1159 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >=
1160 auth_log_shard->second.log_tail) {
1161 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl;
1162 want[i] = acting[i];
1163 ++usable;
1164 } else if (!restrict_to_up_acting) {
>>> CID 1220854: Control flow issues (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to "all_info_by_shard[shard_id_t(i)]->end()" from "all_info_by_shard[shard_id_t(i)]".
1165 for (set<pg_shard_t>::iterator j = all_info_by_shard[shard_id_t(i)].begin();
1166 j != all_info_by_shard[shard_id_t(i)].end();
1167 ++j) {
1168 assert(j->shard == i);
1169 if (!all_info.find(*j)->second.is_incomplete() &&
1170 all_info.find(*j)->second.last_update >=
** CID 1351454: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/osd/osd_types.cc: 1980 in object_stat_sum_t::decode(ceph::buffer::list::iterator &)()
________________________________________________________________________________________________________
*** CID 1351454: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/osd/osd_types.cc: 1980 in object_stat_sum_t::decode(ceph::buffer::list::iterator &)()
1974 ::decode(num_flush_mode_low, bl);
1975 ::decode(num_evict_mode_some, bl);
1976 ::decode(num_evict_mode_full, bl);
1977 ::decode(num_objects_pinned, bl);
1978 ::decode(num_objects_missing, bl);
1979 if (struct_v >= 16) {
>>> CID 1351454: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "decode(this->num_legacy_sna...".
1980 ::decode(num_legacy_snapsets, bl);
1981 } else {
1982 num_legacy_snapsets = num_object_clones; // upper bound
1983 }
1984 }
1985 DECODE_FINISH(bl);
** CID 1409692: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 1876 in BlueStore::OldExtent::create(boost::intrusive_ptr<BlueStore::Collection>, unsigned int, unsigned int, unsigned int, boost::intrusive_ptr<BlueStore::Blob> &)()
________________________________________________________________________________________________________
*** CID 1409692: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 1876 in BlueStore::OldExtent::create(boost::intrusive_ptr<BlueStore::Collection>, unsigned int, unsigned int, unsigned int, boost::intrusive_ptr<BlueStore::Blob> &)()
1870 BlueStore::OldExtent* BlueStore::OldExtent::create(CollectionRef c,
1871 uint32_t lo,
1872 uint32_t o,
1873 uint32_t l,
1874 BlobRef& b) {
1875 OldExtent* oe = new OldExtent(lo, o, l, b);
>>> CID 1409692: Error handling issues (CHECKED_RETURN)
>>> Calling "put_ref" without checking return value (as is done elsewhere 31 out of 38 times).
1876 b->put_ref(c.get(), o, l, &(oe->r));
1877 oe->blob_empty = b->get_referenced_bytes() == 0;
1878 return oe;
1879 }
1880
1881 // ExtentMap
** CID 1409693: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/Migrator.cc: 833 in Migrator::export_dir(CDir *, int)()
________________________________________________________________________________________________________
*** CID 1409693: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/Migrator.cc: 833 in Migrator::export_dir(CDir *, int)()
827 CInode *in = dnl->get_inode();
828 if (in->is_dir())
829 in->get_nested_dirfrags(ls);
830 }
831 }
832 if (ls.size() > 0) {
>>> CID 1409693: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
833 int n = rand() % ls.size();
834 auto p = ls.begin();
835 while (n--) ++p;
836 CDir *bd = *p;
837 if (!(bd->is_frozen() || bd->is_freezing())) {
838 assert(bd->is_auth());
** CID 1409694: (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
________________________________________________________________________________________________________
*** CID 1409694: (FORWARD_NULL)
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
1630 dout(10) << "request " << *mdr << " was killed" << dendl;
1631 return;
1632 }
1633
1634 MClientRequest *req = mdr->client_request;
1635
>>> CID 1409694: (FORWARD_NULL)
>>> Comparing "this->logger" to null implies that "this->logger" might be null.
1636 if (logger) logger->inc(l_mdss_dispatch_client_request);
1637
1638 dout(7) << "dispatch_client_request " << *req << dendl;
1639
1640 if (req->may_write()) {
1641 if (mdcache->is_readonly()) {
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
1630 dout(10) << "request " << *mdr << " was killed" << dendl;
1631 return;
1632 }
1633
1634 MClientRequest *req = mdr->client_request;
1635
>>> CID 1409694: (FORWARD_NULL)
>>> Comparing "this->logger" to null implies that "this->logger" might be null.
1636 if (logger) logger->inc(l_mdss_dispatch_client_request);
1637
1638 dout(7) << "dispatch_client_request " << *req << dendl;
1639
1640 if (req->may_write()) {
1641 if (mdcache->is_readonly()) {
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
1630 dout(10) << "request " << *mdr << " was killed" << dendl;
1631 return;
1632 }
1633
1634 MClientRequest *req = mdr->client_request;
1635
>>> CID 1409694: (FORWARD_NULL)
>>> Comparing "this->logger" to null implies that "this->logger" might be null.
1636 if (logger) logger->inc(l_mdss_dispatch_client_request);
1637
1638 dout(7) << "dispatch_client_request " << *req << dendl;
1639
1640 if (req->may_write()) {
1641 if (mdcache->is_readonly()) {
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
1630 dout(10) << "request " << *mdr << " was killed" << dendl;
1631 return;
1632 }
1633
1634 MClientRequest *req = mdr->client_request;
1635
>>> CID 1409694: (FORWARD_NULL)
>>> Comparing "this->logger" to null implies that "this->logger" might be null.
1636 if (logger) logger->inc(l_mdss_dispatch_client_request);
1637
1638 dout(7) << "dispatch_client_request " << *req << dendl;
1639
1640 if (req->may_write()) {
1641 if (mdcache->is_readonly()) {
/home/brad/working/src/ceph/src/mds/Server.cc: 1636 in Server::dispatch_client_request(boost::intrusive_ptr<MDRequestImpl> &)()
1630 dout(10) << "request " << *mdr << " was killed" << dendl;
1631 return;
1632 }
1633
1634 MClientRequest *req = mdr->client_request;
1635
>>> CID 1409694: (FORWARD_NULL)
>>> Comparing "this->logger" to null implies that "this->logger" might be null.
1636 if (logger) logger->inc(l_mdss_dispatch_client_request);
1637
1638 dout(7) << "dispatch_client_request " << *req << dendl;
1639
1640 if (req->may_write()) {
1641 if (mdcache->is_readonly()) {
** CID 1409695: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/mds/Server.cc: 1147 in Server::respond_to_request(boost::intrusive_ptr<MDRequestImpl> &, int)()
________________________________________________________________________________________________________
*** CID 1409695: Control flow issues (MISSING_BREAK)
/home/brad/working/src/ceph/src/mds/Server.cc: 1147 in Server::respond_to_request(boost::intrusive_ptr<MDRequestImpl> &, int)()
1141 break;
1142 case CEPH_MDS_OP_GETFILELOCK:
1143 logger->inc(l_mdss_req_getfilelock);
1144 break;
1145 case CEPH_MDS_OP_CREATE:
1146 logger->inc(l_mdss_req_create);
>>> CID 1409695: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
1147 case CEPH_MDS_OP_OPEN:
1148 logger->inc(l_mdss_req_open);
1149 break;
1150 case CEPH_MDS_OP_MKNOD:
1151 logger->inc(l_mdss_req_mknod);
1152 break;
** CID 1409696: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 821 in get_attrs(ObjectStore *, coll_t, ghobject_t, ObjectStore::Transaction *, ceph::buffer::list &, OSDriver &, SnapMapper &, const ghobject_t &, const std::set<ghobject_t, std::less<ghobject_t>, std::allocator<ghobject_t>> &)()
________________________________________________________________________________________________________
*** CID 1409696: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/tools/ceph_objectstore_tool.cc: 821 in get_attrs(ObjectStore *, coll_t, ghobject_t, ObjectStore::Transaction *, ceph::buffer::list &, OSDriver &, SnapMapper &, const ghobject_t &, const std::set<ghobject_t, std::less<ghobject_t>, std::allocator<ghobject_t>> &)()
815 cerr << "\tdata: offset " << ds.offset << " len " << ds.len << std::endl;
816 t->write(coll, hoid, ds.offset, ds.len, ds.databl);
817 return 0;
818 }
819
820 int get_attrs(
>>> CID 1409696: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter hoid of type "ghobject_t" (size 144 bytes) by value.
821 ObjectStore *store, coll_t coll, ghobject_t hoid,
822 ObjectStore::Transaction *t, bufferlist &bl,
823 OSDriver &driver, SnapMapper &snap_mapper,
824 const ghobject_t& last_head,
825 const set<ghobject_t>& last_clones)
826 {
** CID 1409697: Incorrect expression (PW.ASSIGN_WHERE_COMPARE_MEANT)
/home/brad/working/src/ceph/src/rgw/rgw_iam_policy.h: 323 in ()
________________________________________________________________________________________________________
*** CID 1409697: Incorrect expression (PW.ASSIGN_WHERE_COMPARE_MEANT)
/home/brad/working/src/ceph/src/rgw/rgw_iam_policy.h: 323 in ()
317 return false;
318 }
319
320 try {
321 double d = std::stod(s, &p);
322 if (p == s.length()) {
>>> CID 1409697: Incorrect expression (PW.ASSIGN_WHERE_COMPARE_MEANT)
>>> During compilation of file '/home/brad/working/src/ceph/src/rgw/rgw_admin.cc'
323 return !((d == +0.0) || (d = -0.0) || std::isnan(d));
324 }
325 } catch (const std::logic_error& e) {
326 // Fallthrough
327 }
328
** CID 1409698: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 87 in RadosTestECNS::RadosTestECNS(bool)()
________________________________________________________________________________________________________
*** CID 1409698: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 87 in RadosTestECNS::RadosTestECNS(bool)()
81 librados::IoCtx ioctx;
82 bool cleanup;
83 };
84
85 class RadosTestECNS : public RadosTestNS {
86 public:
>>> CID 1409698: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "alignment" is not initialized in this constructor nor in any functions that it calls.
87 RadosTestECNS(bool c=false) : cleanup(c) {}
88 ~RadosTestECNS() override {}
89 protected:
90 static void SetUpTestCase();
91 static void TearDownTestCase();
92 static rados_t s_cluster;
** CID 1409699: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 24 in RadosTestNS::RadosTestNS(bool)()
________________________________________________________________________________________________________
*** CID 1409699: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 24 in RadosTestNS::RadosTestNS(bool)()
18 *
19 * Since pool creation and deletion is slow, this allows many tests to
20 * run faster.
21 */
22 class RadosTestNS : public ::testing::Test {
23 public:
>>> CID 1409699: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "ioctx" is not initialized in this constructor nor in any functions that it calls.
24 RadosTestNS(bool c=false) : cleanup(c) {}
25 ~RadosTestNS() override {}
26 protected:
27 static void SetUpTestCase();
28 static void TearDownTestCase();
29 static void cleanup_all_objects(rados_ioctx_t ioctx);
** CID 1409700: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 109 in RadosTestECPPNS::RadosTestECPPNS(bool)()
________________________________________________________________________________________________________
*** CID 1409700: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 109 in RadosTestECPPNS::RadosTestECPPNS(bool)()
103 struct RadosTestECNSCleanup : public RadosTestECNS {
104 RadosTestECNSCleanup() : RadosTestECNS(true) {}
105 };
106
107 class RadosTestECPPNS : public RadosTestPPNS {
108 public:
>>> CID 1409700: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "alignment" is not initialized in this constructor nor in any functions that it calls.
109 RadosTestECPPNS(bool c=false) : cluster(s_cluster), cleanup(c) {}
110 ~RadosTestECPPNS() override {}
111 protected:
112 static void SetUpTestCase();
113 static void TearDownTestCase();
114 static librados::Rados s_cluster;
** CID 1409701: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 139 in RadosTest::RadosTest(bool)()
________________________________________________________________________________________________________
*** CID 1409701: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 139 in RadosTest::RadosTest(bool)()
133 *
134 * Since pool creation and deletion is slow, this allows many tests to
135 * run faster.
136 */
137 class RadosTest : public ::testing::Test {
138 public:
>>> CID 1409701: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "ioctx" is not initialized in this constructor nor in any functions that it calls.
139 RadosTest(bool c=false) : cleanup(c) {}
140 ~RadosTest() override {}
141 protected:
142 static void SetUpTestCase();
143 static void TearDownTestCase();
144 static void cleanup_default_namespace(rados_ioctx_t ioctx);
** CID 1409702: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 219 in RadosTestECPP::RadosTestECPP(bool)()
________________________________________________________________________________________________________
*** CID 1409702: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 219 in RadosTestECPP::RadosTestECPP(bool)()
213 std::string nspace;
214 uint64_t alignment;
215 };
216
217 class RadosTestECPP : public RadosTestPP {
218 public:
>>> CID 1409702: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "alignment" is not initialized in this constructor nor in any functions that it calls.
219 RadosTestECPP(bool c=false) : cluster(s_cluster), cleanup(c) {}
220 ~RadosTestECPP() override {}
221 protected:
222 static void SetUpTestCase();
223 static void TearDownTestCase();
224 static librados::Rados s_cluster;
** CID 1409703: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 200 in RadosTestEC::RadosTestEC(bool)()
________________________________________________________________________________________________________
*** CID 1409703: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librados/TestCase.h: 200 in RadosTestEC::RadosTestEC(bool)()
194 bool cleanup;
195 std::string nspace;
196 };
197
198 class RadosTestEC : public RadosTest {
199 public:
>>> CID 1409703: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "alignment" is not initialized in this constructor nor in any functions that it calls.
200 RadosTestEC(bool c=false) : cleanup(c) {}
201 ~RadosTestEC() override {}
202 protected:
203 static void SetUpTestCase();
204 static void TearDownTestCase();
205 static rados_t s_cluster;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HMjjwnZWb39VuwjRaMfXFHTPT740cPiEkS-2FSnJ-2FMgmtpSduCsquQuoddloT7fhppnFh3N-2BJw7a79K4uSHJ34cJDZNeqy-2F6aLXObwCtKbuuMVTkoqWbxXQElkKOyN-2BgypV5ljNLkbHL3UhxN2823zFzWzKJEKFrc8Pfw-2FWVzBvavhkOAMOHVNwk5CVlKXYIlr8-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HMjjwnZWb39VuwjRaMfXFHTPT740cPiEkS-2FSnJ-2FMgmtmLE7WL9MADAv2U9YvJXPZOVKqgmAJ0Y7OJ5giSDmCRzc-2FaQgSPvVD0hmvGKftuKutvyDFix1k3KH2UN4YeJBQPZd0qe4ai04KpK-2B53k2aPpG9YHV7zkjCKlBmVeq9ttBKSKZnWCn8SaCNHmRSDGKtU-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-05-11 5:32 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-05-11 5:32 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
5 new defect(s) introduced to ceph found with Coverity Scan.
6 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1406085: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/bluestore/KernelDevice.cc: 537 in KernelDevice::_sync_write(unsigned long, ceph::buffer::list &, bool)()
________________________________________________________________________________________________________
*** CID 1406085: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/bluestore/KernelDevice.cc: 537 in KernelDevice::_sync_write(unsigned long, ceph::buffer::list &, bool)()
531 int KernelDevice::_sync_write(uint64_t off, bufferlist &bl, bool buffered)
532 {
533 uint64_t len = bl.length();
534 dout(5) << __func__ << " 0x" << std::hex << off << "~" << len
535 << std::dec << " buffered" << dendl;
536 if (cct->_conf->bdev_inject_crash &&
>>> CID 1406085: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
537 rand() % cct->_conf->bdev_inject_crash == 0) {
538 derr << __func__ << " bdev_inject_crash: dropping io 0x" << std::hex
539 << off << "~" << len << std::dec << dendl;
540 ++injecting_crash;
541 return 0;
542 }
** CID 1406086: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_admin.cc: 1636 in commit_period(RGWRealm &, RGWPeriod &, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool)()
________________________________________________________________________________________________________
*** CID 1406086: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_admin.cc: 1636 in commit_period(RGWRealm &, RGWPeriod &, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool)()
1630 if (remote.empty() && url.empty()) {
1631 // use the new master zone's connection
1632 remote = master_zone;
1633 cout << "Sending period to new master zone " << remote << std::endl;
1634 }
1635 boost::optional<RGWRESTConn> conn;
>>> CID 1406086: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "remote_conn" = "NULL".
1636 RGWRESTConn *remote_conn = nullptr;
1637 if (!remote.empty()) {
1638 conn = get_remote_conn(store, period.get_map(), remote);
1639 if (!conn) {
1640 cerr << "failed to find a zone or zonegroup for remote "
1641 << remote << std::endl;
** CID 1406087: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/mgr/PyState.cc: 121 in ceph_send_command(_object *, _object *)()
/home/brad/working/src/ceph/src/mgr/PyState.cc: 147 in ceph_send_command(_object *, _object *)()
/home/brad/working/src/ceph/src/mgr/PyState.cc: 150 in ceph_send_command(_object *, _object *)()
________________________________________________________________________________________________________
*** CID 1406087: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/mgr/PyState.cc: 121 in ceph_send_command(_object *, _object *)()
115 c);
116 } else if (std::string(type) == "osd") {
117 std::string err;
118 uint64_t osd_id = strict_strtoll(name, 10, &err);
119 if (!err.empty()) {
120 // TODO: raise exception
>>> CID 1406087: (RESOURCE_LEAK)
>>> Variable "c" going out of scope leaks the storage it points to.
121 return nullptr;
122 }
123
124 ceph_tid_t tid;
125 global_handle->get_objecter().osd_command(
126 osd_id,
/home/brad/working/src/ceph/src/mgr/PyState.cc: 147 in ceph_send_command(_object *, _object *)()
141 if (r != 0) {
142 // TODO: raise exception
143 return nullptr;
144 }
145 } else if (std::string(type) == "pg") {
146 // TODO: expose objecter::pg_command
>>> CID 1406087: (RESOURCE_LEAK)
>>> Variable "c" going out of scope leaks the storage it points to.
147 return nullptr;
148 } else {
149 // TODO: raise exception
150 return nullptr;
151 }
152
/home/brad/working/src/ceph/src/mgr/PyState.cc: 150 in ceph_send_command(_object *, _object *)()
144 }
145 } else if (std::string(type) == "pg") {
146 // TODO: expose objecter::pg_command
147 return nullptr;
148 } else {
149 // TODO: raise exception
>>> CID 1406087: (RESOURCE_LEAK)
>>> Variable "c" going out of scope leaks the storage it points to.
150 return nullptr;
151 }
152
153 Py_RETURN_NONE;
154 }
155
** CID 1406088: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/client/Client.cc: 296 in Client::Client(Messenger *, MonClient *, Objecter *)()
________________________________________________________________________________________________________
*** CID 1406088: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/client/Client.cc: 296 in Client::Client(Messenger *, MonClient *, Objecter *)()
290 cct->_conf->client_oc_max_dirty,
291 cct->_conf->client_oc_target_dirty,
292 cct->_conf->client_oc_max_dirty_age,
293 true));
294 objecter_finisher.start();
295 filer.reset(new Filer(objecter, &objecter_finisher));
>>> CID 1406088: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "root_ancestor" is not initialized in this constructor nor in any functions that it calls.
296 }
297
298
299 Client::~Client()
300 {
301 assert(!client_lock.is_locked());
** CID 1406089: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/rgw/rgw_rest.cc: 1494 in RGWPostObj_ObjStore::read_form_part_header(RGWPostObj_ObjStore::post_form_part *, bool &)()
________________________________________________________________________________________________________
*** CID 1406089: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/rgw/rgw_rest.cc: 1494 in RGWPostObj_ObjStore::read_form_part_header(RGWPostObj_ObjStore::post_form_part *, bool &)()
1488 }
1489
1490 if (reached_boundary) {
1491 break;
1492 }
1493
>>> CID 1406089: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "this->read_line(bl, chunk_size, reached_boundary, done)" to "r" here, but that stored value is overwritten before it can be used.
1494 r = read_line(bl, chunk_size, reached_boundary, done);
1495 }
1496
1497 return 0;
1498 }
1499
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F2RvkAmtikdYQoty-2BlUwj049nP5-2Bx-2FPo9oNlfzcrZ9jg-2BmvxaLAZy4DFZXP6QTTxRBR-2FJ5gDWUQOmJpa98OpEpRuc5HquLf5nUK5ZlLdNVO-2BnxgGQtWvQpDho2Po0pxoxuhMMWlBgqKFHvAxbgaw9M9f-2F8F-2FnGWnk8-2BmJOQFg9mgka9pqMTiO0DErWixvx9ac-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9OVG2ZVnjrgThgf5hX3GVEkIxvBX-2BorwRZfOftSp7HPfCifRGGak1MlgNFVd3IIPA-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F2RvkAmtikdYQoty-2BlUwj049nP5-2Bx-2FPo9oNlfzcrZ9jl7VjSBFayVvHhteZ9EMKxW4rPKRVcy15-2BmGnesem4dU-2BZCGrqQ7LQbRjzHVrjbBiGGyA30LjAfLBU2VZGRiiTgLlZAeZuaoyZLAju2k4umr4KoYl6X480m6HPPAz9Tr1npDkN5UOL-2Bk6o6iEnsEXt4-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-05-04 2:45 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-05-04 2:45 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
83 new defect(s) introduced to ceph found with Coverity Scan.
64 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 83 defect(s)
** CID 1161001: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 1871 in std::function<void (const int &, std::unique_ptr<Request, std::default_delete<Request>>, crimson::dmclock::PhaseType)>::function()()
________________________________________________________________________________________________________
*** CID 1161001: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 1871 in std::function<void (const int &, std::unique_ptr<Request, std::default_delete<Request>>, crimson::dmclock::PhaseType)>::function()()
1865
1866 /**
1867 * @brief Default construct creates an empty function call wrapper.
1868 * @post @c !(bool)*this
1869 */
1870 function() noexcept
>>> CID 1161001: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
1871 : _Function_base() { }
1872
1873 /**
1874 * @brief Creates an empty function call wrapper.
1875 * @post @c !(bool)*this
1876 */
** CID 1222393: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2111 in std::function<void (const unsigned int &, const crimson::qos_simulation::TestRequest &, const unsigned int &, const crimson::dmclock::ReqParams &)>::function(const std::function<void (const unsigned int &, const crimson::qos_simulation::TestRequest &, const unsigned int &, const crimson::dmclock::ReqParams &)>&)()
________________________________________________________________________________________________________
*** CID 1222393: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2111 in std::function<void (const unsigned int &, const crimson::qos_simulation::TestRequest &, const unsigned int &, const crimson::dmclock::ReqParams &)>::function(const std::function<void (const unsigned int &, const crimson::qos_simulation::TestRequest &, const unsigned int &, const crimson::dmclock::ReqParams &)>&)()
2105 if (static_cast<bool>(__x))
2106 {
2107 __x._M_manager(_M_functor, __x._M_functor, __clone_functor);
2108 _M_invoker = __x._M_invoker;
2109 _M_manager = __x._M_manager;
2110 }
>>> CID 1222393: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
2111 }
2112
2113 template<typename _Res, typename... _ArgTypes>
2114 template<typename _Functor, typename, typename>
2115 function<_Res(_ArgTypes...)>::
2116 function(_Functor __f)
** CID 1358695: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2127 in std::function<void (crimson::test_dmc::DmcAccum &, const crimson::dmclock::PhaseType &)>::function<void (*)(crimson::test_dmc::DmcAccum &, const crimson::dmclock::PhaseType &), void, void>(T1)()
________________________________________________________________________________________________________
*** CID 1358695: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2127 in std::function<void (crimson::test_dmc::DmcAccum &, const crimson::dmclock::PhaseType &)>::function<void (*)(crimson::test_dmc::DmcAccum &, const crimson::dmclock::PhaseType &), void, void>(T1)()
2121 if (_My_handler::_M_not_empty_function(__f))
2122 {
2123 _My_handler::_M_init_functor(_M_functor, std::move(__f));
2124 _M_invoker = &_My_handler::_M_invoke;
2125 _M_manager = &_My_handler::_M_manager;
2126 }
>>> CID 1358695: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
2127 }
2128
2129 template<typename _Res, typename... _ArgTypes>
2130 _Res
2131 function<_Res(_ArgTypes...)>::
2132 operator()(_ArgTypes... __args) const
** CID 1405781: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/dmclock/support/test/test_indirect_intrusive_heap.cc: 390 in IndIntruHeap_multi_K_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1405781: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/dmclock/support/test/test_indirect_intrusive_heap.cc: 390 in IndIntruHeap_multi_K_Test::TestBody()()
384 constexpr size_t count = 250;
385
386 std::srand(std::time(0)); // use current time as seed for random generator
387
388 // insert same set of random values into the four heaps
389 for (size_t i = 0; i < count; ++i) {
>>> CID 1405781: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
390 int value = std::rand() % 201 - 100; // -100...+100
391 auto data = std::make_shared<Elem>(value);
392 heap2.push(data);
393 heap3.push(data);
394 heap4.push(data);
395 heap10.push(data);
** CID 1405782: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_rest_swift.cc: 770 in RGWPutObj_ObjStore_SWIFT::get_params()()
________________________________________________________________________________________________________
*** CID 1405782: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_rest_swift.cc: 770 in RGWPutObj_ObjStore_SWIFT::get_params()()
764 return r;
765 }
766
767 if (!s->cct->_conf->rgw_swift_custom_header.empty()) {
768 string custom_header = s->cct->_conf->rgw_swift_custom_header;
769 if (s->info.env->exists(custom_header.c_str())) {
>>> CID 1405782: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "this->s->info.env->get(custom_header.c_str(), NULL)" to "operator =", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
770 user_data = s->info.env->get(custom_header.c_str());
771 }
772 }
773
774 dlo_manifest = s->info.env->get("HTTP_X_OBJECT_MANIFEST");
775 bool exists;
** CID 1405783: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rocksdb/db/convenience.cc: 19 in rocksdb::CancelAllBackgroundWork(rocksdb::DB *, bool)()
________________________________________________________________________________________________________
*** CID 1405783: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rocksdb/db/convenience.cc: 19 in rocksdb::CancelAllBackgroundWork(rocksdb::DB *, bool)()
13
14 #include "db/db_impl.h"
15
16 namespace rocksdb {
17
18 void CancelAllBackgroundWork(DB* db, bool wait) {
>>> CID 1405783: Null pointer dereferences (FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast <rocksdb::DBImpl *>(db->GetRootDB())" can return "NULL".
19 (dynamic_cast<DBImpl*>(db->GetRootDB()))->CancelAllBackgroundWork(wait);
20 }
21
22 Status DeleteFilesInRange(DB* db, ColumnFamilyHandle* column_family,
23 const Slice* begin, const Slice* end) {
24 return (dynamic_cast<DBImpl*>(db))
** CID 1405784: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 8134 in BlueStore::_kv_sync_thread()()
________________________________________________________________________________________________________
*** CID 1405784: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 8134 in BlueStore::_kv_sync_thread()()
8128 kv_committing.pop_front();
8129 }
8130 for (auto b : deferred_stable) {
8131 auto p = b->txcs.begin();
8132 while (p != b->txcs.end()) {
8133 TransContext *txc = &*p;
>>> CID 1405784: API usage errors (INVALIDATE_ITERATOR)
>>> Using invalid iterator "boost::intrusive::list_impl<boost::intrusive::mhtraits<BlueStore::TransContext, boost::intrusive::list_member_hook<void, void, void>, &BlueStore::TransContext::deferred_queue_item>, unsigned long, true, void>::const_iterator(p)".
8134 p = b->txcs.erase(p); // unlink here because
8135 _txc_state_proc(txc); // this may destroy txc
8136 }
8137 delete b;
8138 }
8139
** CID 1405785: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 2995 in __pyx_pw_5rados_7OSError_1__init__()
________________________________________________________________________________________________________
*** CID 1405785: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 2995 in __pyx_pw_5rados_7OSError_1__init__()
2989 }
2990 kw_args = PyDict_Size(__pyx_kwds);
2991 switch (pos_args) {
2992 case 0:
2993 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
2994 else goto __pyx_L5_argtuple_error;
>>> CID 1405785: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2995 case 1:
2996 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_errno)) != 0)) kw_args--;
2997 else {
2998 __Pyx_RaiseArgtupleInvalid("__init__", 1, 3, 3, 1); __PYX_ERR(0, 310, __pyx_L3_error)
2999 }
3000 case 2:
** CID 1405786: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 3000 in __pyx_pw_5rados_7OSError_1__init__()
________________________________________________________________________________________________________
*** CID 1405786: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 3000 in __pyx_pw_5rados_7OSError_1__init__()
2994 else goto __pyx_L5_argtuple_error;
2995 case 1:
2996 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_errno)) != 0)) kw_args--;
2997 else {
2998 __Pyx_RaiseArgtupleInvalid("__init__", 1, 3, 3, 1); __PYX_ERR(0, 310, __pyx_L3_error)
2999 }
>>> CID 1405786: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
3000 case 2:
3001 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_strerror)) != 0)) kw_args--;
3002 else {
3003 __Pyx_RaiseArgtupleInvalid("__init__", 1, 3, 3, 2); __PYX_ERR(0, 310, __pyx_L3_error)
3004 }
3005 }
** CID 1405787: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 21003 in __pyx_pw_3rbd_5Image_73diff_iterate()
________________________________________________________________________________________________________
*** CID 1405787: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 21003 in __pyx_pw_3rbd_5Image_73diff_iterate()
20997 }
20998 case 2:
20999 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_from_snapshot)) != 0)) kw_args--;
21000 else {
21001 __Pyx_RaiseArgtupleInvalid("diff_iterate", 0, 4, 6, 2); __PYX_ERR(0, 2022, __pyx_L3_error)
21002 }
>>> CID 1405787: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
21003 case 3:
21004 if (likely((values[3] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_iterate_cb)) != 0)) kw_args--;
21005 else {
21006 __Pyx_RaiseArgtupleInvalid("diff_iterate", 0, 4, 6, 3); __PYX_ERR(0, 2022, __pyx_L3_error)
21007 }
21008 case 4:
** CID 1405788: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 28052 in __pyx_pw_3rbd_5Image_129aio_discard()
________________________________________________________________________________________________________
*** CID 1405788: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 28052 in __pyx_pw_3rbd_5Image_129aio_discard()
28046 else goto __pyx_L5_argtuple_error;
28047 case 1:
28048 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
28049 else {
28050 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 1); __PYX_ERR(0, 2601, __pyx_L3_error)
28051 }
>>> CID 1405788: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
28052 case 2:
28053 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
28054 else {
28055 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 2); __PYX_ERR(0, 2601, __pyx_L3_error)
28056 }
28057 }
** CID 1405789: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8010 in __pyx_pw_3rbd_3RBD_17trash_get()
________________________________________________________________________________________________________
*** CID 1405789: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8010 in __pyx_pw_3rbd_3RBD_17trash_get()
8004 else goto __pyx_L5_argtuple_error;
8005 case 1:
8006 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8007 else {
8008 __Pyx_RaiseArgtupleInvalid("trash_get", 1, 3, 3, 1); __PYX_ERR(0, 936, __pyx_L3_error)
8009 }
>>> CID 1405789: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8010 case 2:
8011 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_image_id)) != 0)) kw_args--;
8012 else {
8013 __Pyx_RaiseArgtupleInvalid("trash_get", 1, 3, 3, 2); __PYX_ERR(0, 936, __pyx_L3_error)
8014 }
8015 }
** CID 1405790: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8490 in __pyx_pw_3rbd_3RBD_19trash_list()
________________________________________________________________________________________________________
*** CID 1405790: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8490 in __pyx_pw_3rbd_3RBD_19trash_list()
8484 }
8485 kw_args = PyDict_Size(__pyx_kwds);
8486 switch (pos_args) {
8487 case 0:
8488 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
8489 else goto __pyx_L5_argtuple_error;
>>> CID 1405790: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8490 case 1:
8491 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8492 else {
8493 __Pyx_RaiseArgtupleInvalid("trash_list", 1, 2, 2, 1); __PYX_ERR(0, 979, __pyx_L3_error)
8494 }
8495 }
** CID 1405791: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24679 in __pyx_pw_3rbd_5Image_105lock_shared()
________________________________________________________________________________________________________
*** CID 1405791: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24679 in __pyx_pw_3rbd_5Image_105lock_shared()
24673 }
24674 kw_args = PyDict_Size(__pyx_kwds);
24675 switch (pos_args) {
24676 case 0:
24677 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
24678 else goto __pyx_L5_argtuple_error;
>>> CID 1405791: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24679 case 1:
24680 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_tag)) != 0)) kw_args--;
24681 else {
24682 __Pyx_RaiseArgtupleInvalid("lock_shared", 1, 2, 2, 1); __PYX_ERR(0, 2333, __pyx_L3_error)
24683 }
24684 }
** CID 1405792: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9338 in __pyx_pw_3rbd_3RBD_27mirror_peer_add()
________________________________________________________________________________________________________
*** CID 1405792: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9338 in __pyx_pw_3rbd_3RBD_27mirror_peer_add()
9332 }
9333 kw_args = PyDict_Size(__pyx_kwds);
9334 switch (pos_args) {
9335 case 0:
9336 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
9337 else goto __pyx_L5_argtuple_error;
>>> CID 1405792: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9338 case 1:
9339 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
9340 else {
9341 __Pyx_RaiseArgtupleInvalid("mirror_peer_add", 1, 4, 4, 1); __PYX_ERR(0, 1044, __pyx_L3_error)
9342 }
9343 case 2:
** CID 1405793: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18160 in __pyx_pw_3rbd_5Image_47rename_snap()
________________________________________________________________________________________________________
*** CID 1405793: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18160 in __pyx_pw_3rbd_5Image_47rename_snap()
18154 }
18155 kw_args = PyDict_Size(__pyx_kwds);
18156 switch (pos_args) {
18157 case 0:
18158 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_srcname)) != 0)) kw_args--;
18159 else goto __pyx_L5_argtuple_error;
>>> CID 1405793: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18160 case 1:
18161 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_dstname)) != 0)) kw_args--;
18162 else {
18163 __Pyx_RaiseArgtupleInvalid("rename_snap", 1, 2, 2, 1); __PYX_ERR(0, 1786, __pyx_L3_error)
18164 }
18165 }
** CID 1405794: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8609 in __pyx_pw_3rbd_3RBD_21trash_restore()
________________________________________________________________________________________________________
*** CID 1405794: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8609 in __pyx_pw_3rbd_3RBD_21trash_restore()
8603 }
8604 kw_args = PyDict_Size(__pyx_kwds);
8605 switch (pos_args) {
8606 case 0:
8607 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
8608 else goto __pyx_L5_argtuple_error;
>>> CID 1405794: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8609 case 1:
8610 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8611 else {
8612 __Pyx_RaiseArgtupleInvalid("trash_restore", 1, 4, 4, 1); __PYX_ERR(0, 988, __pyx_L3_error)
8613 }
8614 case 2:
** CID 1405795: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 27618 in __pyx_pw_3rbd_5Image_127aio_write()
________________________________________________________________________________________________________
*** CID 1405795: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 27618 in __pyx_pw_3rbd_5Image_127aio_write()
27612 else goto __pyx_L5_argtuple_error;
27613 case 1:
27614 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
27615 else {
27616 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 1); __PYX_ERR(0, 2556, __pyx_L3_error)
27617 }
>>> CID 1405795: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
27618 case 2:
27619 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
27620 else {
27621 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 2); __PYX_ERR(0, 2556, __pyx_L3_error)
27622 }
27623 case 3:
** CID 1405796: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24246 in __pyx_pw_3rbd_5Image_101lock_break()
________________________________________________________________________________________________________
*** CID 1405796: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24246 in __pyx_pw_3rbd_5Image_101lock_break()
24240 }
24241 kw_args = PyDict_Size(__pyx_kwds);
24242 switch (pos_args) {
24243 case 0:
24244 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_mode)) != 0)) kw_args--;
24245 else goto __pyx_L5_argtuple_error;
>>> CID 1405796: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24246 case 1:
24247 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_owner)) != 0)) kw_args--;
24248 else {
24249 __Pyx_RaiseArgtupleInvalid("lock_break", 1, 2, 2, 1); __PYX_ERR(0, 2303, __pyx_L3_error)
24250 }
24251 }
** CID 1405797: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 27613 in __pyx_pw_3rbd_5Image_127aio_write()
________________________________________________________________________________________________________
*** CID 1405797: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 27613 in __pyx_pw_3rbd_5Image_127aio_write()
27607 }
27608 kw_args = PyDict_Size(__pyx_kwds);
27609 switch (pos_args) {
27610 case 0:
27611 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
27612 else goto __pyx_L5_argtuple_error;
>>> CID 1405797: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
27613 case 1:
27614 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
27615 else {
27616 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 1); __PYX_ERR(0, 2556, __pyx_L3_error)
27617 }
27618 case 2:
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GkzVqSy5um0G-2F060TlF5Yc14Eu4rR4NWgcuqu6-2BlwkuG-2BuyzfDsEURiBOsX-2FGvN5jmsKmeIE97INOgDRil5CF-2FdBU-2BNz-2FDLUPPF8idy4XySa5AlDew0cBaAbN1mS7NqLG-2FQkC8G3YrFDqV96XFaQeL8-2Beu6nYHiz6GrGvXe-2FFjCoatpFX82VCedd-2Bf-2FudXKLk-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GkzVqSy5um0G-2F060TlF5Yc14Eu4rR4NWgcuqu6-2BlwkuBR8pCwrYuhbR-2B5Tx3ftvQQOyYTup1g5qYrQ-2FseYF8sDv-2Bmv10yMfinqIhsYVcPRemPxf-2BD0msxaB-2FL97kr9eBVzA4OnTAo-2FWRMxjH1-2F0-2BdJabe7SBC-2F2zUuAN-2B3cQPxHjiRZo2wELAIhtra-2BhhoAFA-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-04-27 2:22 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-04-27 2:22 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
22 new defect(s) introduced to ceph found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 22 defect(s)
** CID 1405516: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/mon/Monitor.cc: 2923 in Monitor::handle_command(boost::intrusive_ptr<MonOpRequest>)()
________________________________________________________________________________________________________
*** CID 1405516: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/mon/Monitor.cc: 2923 in Monitor::handle_command(boost::intrusive_ptr<MonOpRequest>)()
2917 }
2918
2919 if (module == "mds" || module == "fs") {
2920 mdsmon()->dispatch(op);
2921 return;
2922 }
>>> CID 1405516: Incorrect expression (COPY_PASTE_ERROR)
>>> "module" looks like a copy-paste error.
2923 if (module == "osd" || prefix == "pg map") {
2924 osdmon()->dispatch(op);
2925 return;
2926 }
2927
2928 if (module == "pg") {
** CID 1405517: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_sync.cc: 98 in RGWBackoffControlCR::operate()()
________________________________________________________________________________________________________
*** CID 1405517: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_sync.cc: 98 in RGWBackoffControlCR::operate()()
92 cr->get();
93 call(cr);
94 }
95 {
96 Mutex::Locker l(lock);
97 cr->put();
>>> CID 1405517: Null pointer dereferences (FORWARD_NULL)
>>> Assigning: "this->cr" = "NULL".
98 cr = NULL;
99 }
100 if (retcode >= 0) {
101 break;
102 }
103 if (retcode != -EBUSY && retcode != -EAGAIN) {
** CID 1405518: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 106 in __event_prepare_filter_stack__osd___do_osd_op_pre_extent_cmp()
________________________________________________________________________________________________________
*** CID 1405518: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 106 in __event_prepare_filter_stack__osd___do_osd_op_pre_extent_cmp()
100 ctf_integer_hex(uint16_t, op, op)
101 ctf_string(opname, opname)
102 ctf_integer_hex(uint32_t, flags, flags)
103 )
104 )
105
>>> CID 1405518: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "4294967295U < 0U".
106 TRACEPOINT_EVENT(osd, do_osd_op_pre_extent_cmp,
107 TP_ARGS(
108 const char*, oid,
109 uint64_t, snap,
110 uint64_t, osize,
111 uint32_t, oseq,
** CID 1405519: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1405519: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/tools/rbd_mirror/instance_watcher/Types.cc: 108 in rbd::mirror::instance_watcher::NotifyMessage::encode(ceph::buffer::list &) const()
102 }
103
104 void UnknownPayload::dump(Formatter *f) const {
105 }
106
107 void NotifyMessage::encode(bufferlist& bl) const {
>>> CID 1405519: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
108 ENCODE_START(1, 1, bl);
109 boost::apply_visitor(EncodePayloadVisitor(bl), payload);
110 ENCODE_FINISH(bl);
111 }
112
113 void NotifyMessage::decode(bufferlist::iterator& iter) {
** CID 1405520: (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1116 in PGLog::read_log_and_missing<pg_missing_set<(bool)0>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
/home/brad/working/src/ceph/src/osd/PGLog.h: 1116 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
________________________________________________________________________________________________________
*** CID 1405520: (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1116 in PGLog::read_log_and_missing<pg_missing_set<(bool)0>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
1110 (pg_log_debug ? &log_keys_debug : 0),
1111 debug_verify_stored_missing);
1112 }
1113
1114 template <typename missing_type>
1115 static void read_log_and_missing(ObjectStore *store, coll_t pg_coll,
>>> CID 1405520: (PASS_BY_VALUE)
>>> Passing parameter log_oid of type "ghobject_t" (size 144 bytes) by value.
1116 coll_t log_coll, ghobject_t log_oid,
1117 const pg_info_t &info,
1118 IndexedLog &log,
1119 missing_type &missing, ostringstream &oss,
1120 bool tolerate_divergent_missing_log,
1121 bool *clear_divergent_priors = NULL,
/home/brad/working/src/ceph/src/osd/PGLog.h: 1116 in PGLog::read_log_and_missing<pg_missing_set<(bool)1>>(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, PGLog::IndexedLog &, T1 &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool *, const DoutPrefixProvider *, std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> *, bool)()
1110 (pg_log_debug ? &log_keys_debug : 0),
1111 debug_verify_stored_missing);
1112 }
1113
1114 template <typename missing_type>
1115 static void read_log_and_missing(ObjectStore *store, coll_t pg_coll,
>>> CID 1405520: (PASS_BY_VALUE)
>>> Passing parameter log_oid of type "ghobject_t" (size 144 bytes) by value.
1116 coll_t log_coll, ghobject_t log_oid,
1117 const pg_info_t &info,
1118 IndexedLog &log,
1119 missing_type &missing, ostringstream &oss,
1120 bool tolerate_divergent_missing_log,
1121 bool *clear_divergent_priors = NULL,
** CID 1405521: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1098 in PGLog::read_log_and_missing(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool)()
________________________________________________________________________________________________________
*** CID 1405521: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/osd/PGLog.h: 1098 in PGLog::read_log_and_missing(ObjectStore *, coll_t, coll_t, ghobject_t, const pg_info_t &, std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char>> &, bool, bool)()
1092 bool clear_divergent_priors,
1093 set<string> *log_keys_debug
1094 );
1095
1096 void read_log_and_missing(
1097 ObjectStore *store, coll_t pg_coll,
>>> CID 1405521: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter log_oid of type "ghobject_t" (size 144 bytes) by value.
1098 coll_t log_coll, ghobject_t log_oid,
1099 const pg_info_t &info,
1100 ostringstream &oss,
1101 bool tolerate_divergent_missing_log,
1102 bool debug_verify_stored_missing = false
1103 ) {
** CID 1405522: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/c_read_operations.cc: 680 in CReadOpsTest_CmpExt_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/c_read_operations.cc: 696 in CReadOpsTest_CmpExt_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1405522: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/c_read_operations.cc: 680 in CReadOpsTest_CmpExt_Test::TestBody()()
674 int read_val = 0;
675
676 write_object();
677
678 // cmpext with match should ensure that the following read is successful
679 rados_read_op_t op = rados_create_read_op();
>>> CID 1405522: (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
680 ASSERT_TRUE(op);
681 // @obj, @data and @len correspond to object initialised by write_object()
682 rados_read_op_cmpext(op, data, len, 0, &cmpext_val);
683 rados_read_op_read(op, 0, len, buf, &bytes_read, &read_val);
684 ASSERT_EQ(0, rados_read_op_operate(op, ioctx, obj, 0));
685 ASSERT_EQ(len, bytes_read);
/home/brad/working/src/ceph/src/test/librados/c_read_operations.cc: 696 in CReadOpsTest_CmpExt_Test::TestBody()()
690 // cmpext with mismatch should fail and fill mismatch_buf accordingly
691 memset(buf, 0, sizeof(buf));
692 bytes_read = 0;
693 cmpext_val = 0;
694 read_val = 0;
695 op = rados_create_read_op();
>>> CID 1405522: (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
696 ASSERT_TRUE(op);
697 // @obj, @data and @len correspond to object initialised by write_object()
698 rados_read_op_cmpext(op, "mismatch", strlen("mismatch"), 0, &cmpext_val);
699 rados_read_op_read(op, 0, len, buf, &bytes_read, &read_val);
700 ASSERT_EQ(-MAX_ERRNO, rados_read_op_operate(op, ioctx, obj, 0));
701 rados_release_read_op(op);
** CID 1405523: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4101 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4109 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4113 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4115 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4099 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4095 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1405523: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4101 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4095 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion2, 0, cbl));
4096
4097 {
4098 TestAlarm alarm;
4099 ASSERT_EQ(0, my_completion2->wait_for_complete());
4100 }
>>> CID 1405523: (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
4101 ASSERT_EQ(0, my_completion2->get_return_value());
4102
4103 /* compare with mismatch */
4104 memset(full, 0xdd, sizeof(full));
4105 cbl.clear();
4106 cbl.append(full, sizeof(full));
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4109 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4103 /* compare with mismatch */
4104 memset(full, 0xdd, sizeof(full));
4105 cbl.clear();
4106 cbl.append(full, sizeof(full));
4107 AioCompletion *my_completion3 = test_data.m_cluster.aio_create_completion(
4108 (void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1405523: (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
4109 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion3, 0, cbl));
4110
4111 {
4112 TestAlarm alarm;
4113 ASSERT_EQ(0, my_completion3->wait_for_complete());
4114 }
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4113 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4107 AioCompletion *my_completion3 = test_data.m_cluster.aio_create_completion(
4108 (void*)&test_data, set_completion_complete, set_completion_safe);
4109 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion3, 0, cbl));
4110
4111 {
4112 TestAlarm alarm;
>>> CID 1405523: (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
4113 ASSERT_EQ(0, my_completion3->wait_for_complete());
4114 }
4115 ASSERT_EQ(-MAX_ERRNO, my_completion3->get_return_value());
4116
4117 delete my_completion;
4118 delete my_completion2;
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4115 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4109 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion3, 0, cbl));
4110
4111 {
4112 TestAlarm alarm;
4113 ASSERT_EQ(0, my_completion3->wait_for_complete());
4114 }
>>> CID 1405523: (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
4115 ASSERT_EQ(-MAX_ERRNO, my_completion3->get_return_value());
4116
4117 delete my_completion;
4118 delete my_completion2;
4119 delete my_completion3;
4120 }
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4099 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4093 AioCompletion *my_completion2 = test_data.m_cluster.aio_create_completion(
4094 (void*)&test_data, set_completion_complete, set_completion_safe);
4095 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion2, 0, cbl));
4096
4097 {
4098 TestAlarm alarm;
>>> CID 1405523: (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
4099 ASSERT_EQ(0, my_completion2->wait_for_complete());
4100 }
4101 ASSERT_EQ(0, my_completion2->get_return_value());
4102
4103 /* compare with mismatch */
4104 memset(full, 0xdd, sizeof(full));
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4095 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4089
4090 /* compare with match */
4091 bufferlist cbl;
4092 cbl.append(full, sizeof(full));
4093 AioCompletion *my_completion2 = test_data.m_cluster.aio_create_completion(
4094 (void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1405523: (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
4095 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion2, 0, cbl));
4096
4097 {
4098 TestAlarm alarm;
4099 ASSERT_EQ(0, my_completion2->wait_for_complete());
4100 }
** CID 1405524: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4115 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4113 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4109 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1405524: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4115 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4109 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion3, 0, cbl));
4110
4111 {
4112 TestAlarm alarm;
4113 ASSERT_EQ(0, my_completion3->wait_for_complete());
4114 }
>>> CID 1405524: (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
4115 ASSERT_EQ(-MAX_ERRNO, my_completion3->get_return_value());
4116
4117 delete my_completion;
4118 delete my_completion2;
4119 delete my_completion3;
4120 }
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4113 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4107 AioCompletion *my_completion3 = test_data.m_cluster.aio_create_completion(
4108 (void*)&test_data, set_completion_complete, set_completion_safe);
4109 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion3, 0, cbl));
4110
4111 {
4112 TestAlarm alarm;
>>> CID 1405524: (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
4113 ASSERT_EQ(0, my_completion3->wait_for_complete());
4114 }
4115 ASSERT_EQ(-MAX_ERRNO, my_completion3->get_return_value());
4116
4117 delete my_completion;
4118 delete my_completion2;
/home/brad/working/src/ceph/src/test/librados/aio.cc: 4109 in LibRadosAio_RoundTripCmpExtPP_Test::TestBody()()
4103 /* compare with mismatch */
4104 memset(full, 0xdd, sizeof(full));
4105 cbl.clear();
4106 cbl.append(full, sizeof(full));
4107 AioCompletion *my_completion3 = test_data.m_cluster.aio_create_completion(
4108 (void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1405524: (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
4109 ASSERT_EQ(0, test_data.m_ioctx.aio_cmpext("foo", my_completion3, 0, cbl));
4110
4111 {
4112 TestAlarm alarm;
4113 ASSERT_EQ(0, my_completion3->wait_for_complete());
4114 }
** CID 1405525: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/c_write_operations.cc: 240 in LibRadosCWriteOps_CmpExt_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/c_write_operations.cc: 273 in LibRadosCWriteOps_CmpExt_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1405525: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/c_write_operations.cc: 240 in LibRadosCWriteOps_CmpExt_Test::TestBody()()
234 std::string pool_name = get_temp_pool_name();
235 ASSERT_EQ("", create_one_pool(pool_name, &cluster));
236 rados_ioctx_create(cluster, pool_name.c_str(), &ioctx);
237
238 // create an object, write to it using writesame
239 rados_write_op_t op = rados_create_write_op();
>>> CID 1405525: (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
240 ASSERT_TRUE(op);
241 rados_write_op_create(op, LIBRADOS_CREATE_EXCLUSIVE, NULL);
242 rados_write_op_write(op, "four", 4, 0);
243 ASSERT_EQ(0, rados_write_op_operate(op, ioctx, "test", NULL, 0));
244 rados_release_write_op(op);
245 char hi[4];
/home/brad/working/src/ceph/src/test/librados/c_write_operations.cc: 273 in LibRadosCWriteOps_CmpExt_Test::TestBody()()
267 ASSERT_EQ(-MAX_ERRNO - 1, rados_write_op_operate(op, ioctx, "test", NULL, 0));
268
269 ASSERT_EQ(-MAX_ERRNO - 1, val);
270
271 // cleanup
272 op = rados_create_write_op();
>>> CID 1405525: (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
273 ASSERT_TRUE(op);
274 rados_write_op_remove(op);
275 ASSERT_EQ(0, rados_write_op_operate(op, ioctx, "test", NULL, 0));
276
277 rados_ioctx_destroy(ioctx);
278 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
** CID 1405526: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/c_write_operations.cc: 240 in LibRadosCWriteOps_CmpExt_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1405526: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/c_write_operations.cc: 240 in LibRadosCWriteOps_CmpExt_Test::TestBody()()
234 std::string pool_name = get_temp_pool_name();
235 ASSERT_EQ("", create_one_pool(pool_name, &cluster));
236 rados_ioctx_create(cluster, pool_name.c_str(), &ioctx);
237
238 // create an object, write to it using writesame
239 rados_write_op_t op = rados_create_write_op();
>>> CID 1405526: Resource leaks (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
240 ASSERT_TRUE(op);
241 rados_write_op_create(op, LIBRADOS_CREATE_EXCLUSIVE, NULL);
242 rados_write_op_write(op, "four", 4, 0);
243 ASSERT_EQ(0, rados_write_op_operate(op, ioctx, "test", NULL, 0));
244 rados_release_write_op(op);
245 char hi[4];
** CID 1405527: API usage errors (STREAM_FORMAT_STATE)
/home/brad/working/src/ceph/src/osd/osd_types.cc: 3704 in operator <<(std::basic_ostream<char, std::char_traits<char>>&, const pg_log_entry_t &)()
________________________________________________________________________________________________________
*** CID 1405527: API usage errors (STREAM_FORMAT_STATE)
/home/brad/working/src/ceph/src/osd/osd_types.cc: 3704 in operator <<(std::basic_ostream<char, std::char_traits<char>>&, const pg_log_entry_t &)()
3698 ::decode(snaps, p);
3699 } catch (...) {
3700 snaps.clear();
3701 }
3702 out << " snaps " << snaps;
3703 }
>>> CID 1405527: API usage errors (STREAM_FORMAT_STATE)
>>> Changing format state of stream "out" for category adjustfield without later restoring it.
3704 return out;
3705 }
3706
3707
3708 // -- pg_log_t --
3709
** CID 1405528: Memory - illegal accesses (STRING_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_data_sync.cc: 483 in RGWInitDataSyncStatusCoroutine::RGWInitDataSyncStatusCoroutine(RGWDataSyncEnv *, unsigned int, rgw_data_sync_status *)()
________________________________________________________________________________________________________
*** CID 1405528: Memory - illegal accesses (STRING_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_data_sync.cc: 483 in RGWInitDataSyncStatusCoroutine::RGWInitDataSyncStatusCoroutine(RGWDataSyncEnv *, unsigned int, rgw_data_sync_status *)()
477 lock_name = "sync_lock";
478
479 #define COOKIE_LEN 16
480 char buf[COOKIE_LEN + 1];
481
482 gen_rand_alphanumeric(cct, buf, sizeof(buf) - 1);
>>> CID 1405528: Memory - illegal accesses (STRING_NULL)
>>> Passing unterminated string "buf" to "operator =", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
483 cookie = buf;
484
485 sync_status_oid = RGWDataSyncStatusManager::sync_status_oid(sync_env->source_zone);
486 }
487
488 int operate() override {
** CID 1405529: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
________________________________________________________________________________________________________
*** CID 1405529: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
/home/brad/working/src/ceph/src/tools/ceph_kvstore_tool.cc: 246 in main()
240 << " compact\n"
241 << " compact-prefix <prefix>\n"
242 << " compact-range <prefix> <start> <end>\n"
243 << std::endl;
244 }
245
>>> CID 1405529: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::runtime_error" is thrown and never caught.
246 int main(int argc, const char *argv[])
247 {
248 vector<const char*> args;
249 argv_to_vec(argc, argv, args);
250 env_to_vec(args);
251
** CID 1405530: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
________________________________________________________________________________________________________
*** CID 1405530: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
418 ASSERT_EQ(-ENOTCONN, client.send_message(new MPing(), server.get_myinst()));
419
420 ASSERT_EQ(0, client.shutdown());
421 client.wait();
422 }
423
>>> CID 1405530: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
424 int main(int argc, char **argv)
425 {
426 // command-line arguments
427 vector<const char*> args;
428 argv_to_vec(argc, (const char **)argv, args);
429 env_to_vec(args);
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
418 ASSERT_EQ(-ENOTCONN, client.send_message(new MPing(), server.get_myinst()));
419
420 ASSERT_EQ(0, client.shutdown());
421 client.wait();
422 }
423
>>> CID 1405530: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
424 int main(int argc, char **argv)
425 {
426 // command-line arguments
427 vector<const char*> args;
428 argv_to_vec(argc, (const char **)argv, args);
429 env_to_vec(args);
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
418 ASSERT_EQ(-ENOTCONN, client.send_message(new MPing(), server.get_myinst()));
419
420 ASSERT_EQ(0, client.shutdown());
421 client.wait();
422 }
423
>>> CID 1405530: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
424 int main(int argc, char **argv)
425 {
426 // command-line arguments
427 vector<const char*> args;
428 argv_to_vec(argc, (const char **)argv, args);
429 env_to_vec(args);
** CID 1405531: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/ObjectMap/test_keyvaluedb_atomicity.cc: 82 in main()
________________________________________________________________________________________________________
*** CID 1405531: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/ObjectMap/test_keyvaluedb_atomicity.cc: 82 in main()
76 }
77 assert(!db->submit_transaction(t));
78 }
79 return 0;
80 }
81
>>> CID 1405531: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main()" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
82 int main() {
83 char *path = getenv("OBJECT_MAP_PATH");
84 boost::scoped_ptr< KeyValueDB > db;
85 if (!path) {
86 std::cerr << "No path found, OBJECT_MAP_PATH undefined" << std::endl;
87 return 0;
** CID 1405532: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
________________________________________________________________________________________________________
*** CID 1405532: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
418 ASSERT_EQ(-ENOTCONN, client.send_message(new MPing(), server.get_myinst()));
419
420 ASSERT_EQ(0, client.shutdown());
421 client.wait();
422 }
423
>>> CID 1405532: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::GoogleTestFailureException" is thrown and never caught.
424 int main(int argc, char **argv)
425 {
426 // command-line arguments
427 vector<const char*> args;
428 argv_to_vec(argc, (const char **)argv, args);
429 env_to_vec(args);
** CID 1405533: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
________________________________________________________________________________________________________
*** CID 1405533: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
418 ASSERT_EQ(-ENOTCONN, client.send_message(new MPing(), server.get_myinst()));
419
420 ASSERT_EQ(0, client.shutdown());
421 client.wait();
422 }
423
>>> CID 1405533: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
424 int main(int argc, char **argv)
425 {
426 // command-line arguments
427 vector<const char*> args;
428 argv_to_vec(argc, (const char **)argv, args);
429 env_to_vec(args);
** CID 1405534: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
________________________________________________________________________________________________________
*** CID 1405534: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/direct_messenger/test_direct_messenger.cc: 424 in main()
418 ASSERT_EQ(-ENOTCONN, client.send_message(new MPing(), server.get_myinst()));
419
420 ASSERT_EQ(0, client.shutdown());
421 client.wait();
422 }
423
>>> CID 1405534: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::<unnamed>::ClassUniqueToAlwaysTrue" is thrown and never caught.
424 int main(int argc, char **argv)
425 {
426 // command-line arguments
427 vector<const char*> args;
428 argv_to_vec(argc, (const char **)argv, args);
429 env_to_vec(args);
** CID 1405535: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 55 in librbd::image::CloneRequest<librbd::ImageCtx>::CloneRequest(librbd::ImageCtx *, librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librbd::ImageOptions, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ContextWQ *, Context *)()
________________________________________________________________________________________________________
*** CID 1405535: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/image/CloneRequest.cc: 55 in librbd::image::CloneRequest<librbd::ImageCtx>::CloneRequest(librbd::ImageCtx *, librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, librbd::ImageOptions, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ContextWQ *, Context *)()
49 m_opts.set(RBD_IMAGE_OPTION_FORMAT, static_cast<uint64_t>(2));
50 }
51
52 ldout(m_cct, 20) << "clone " << &m_p_imctx->md_ctx << " name " << m_p_imctx->name
53 << " snap " << m_p_imctx->snap_name << " to child " << &m_ioctx
54 << " name " << m_name << " opts = " << &m_opts << dendl;
>>> CID 1405535: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_force_non_primary" is not initialized in this constructor nor in any functions that it calls.
55 return;
56 }
57
58 template <typename I>
59 void CloneRequest<I>::send() {
60 ldout(m_cct, 20) << this << " " << __func__ << dendl;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FWC5Lanp6zKkoteKjArroYRReoPv-2BmrW7vqYxCjQ4mkRmh-2FzUglMW6QVZAp3Ih0RwpGGsAnBGRGpDRdBIb5WBcIM6G-2B1GcGHIg0aFT2TASUVccMXbDD-2FPFt6MvRsdHss0tCxKW1raF8bBpdkMDDaOf-2FGSj60neSozzoto5gOYI1TvJDH85Dvy8m-2BzZgtqKtZQ-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FWC5Lanp6zKkoteKjArroYRReoPv-2BmrW7vqYxCjQ4mkSkH0vVHRb6k0xQGwMJkLxh1Q7glJvc43rNhn8FsQ-2FnIA4ZxdbGL8bZCiMHGg5kDt8iVRHOfbUxdEdtB1QOauXVTDnPmVHS3-2BsVroXgtImy0jRQDfnknsV9P95M60Bhd-2B2Yzq9O9kyAF3S3A-2F6fzaLs-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-04-20 5:34 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-04-20 5:34 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
148 new defect(s) introduced to ceph found with Coverity Scan.
24 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 148 defect(s)
** CID 717204: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/client/Client.cc: 300 in Client::Client(Messenger *, MonClient *)()
________________________________________________________________________________________________________
*** CID 717204: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/client/Client.cc: 300 in Client::Client(Messenger *, MonClient *)()
294 cct->_conf->client_oc_max_dirty,
295 cct->_conf->client_oc_target_dirty,
296 cct->_conf->client_oc_max_dirty_age,
297 true);
298 objecter_finisher.start();
299 filer = new Filer(objecter, &objecter_finisher);
>>> CID 717204: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "root_ancestor" is not initialized in this constructor nor in any functions that it calls.
300 }
301
302
303 Client::~Client()
304 {
305 assert(!client_lock.is_locked());
** CID 717207: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/client/MetaRequest.h: 93 in MetaRequest::MetaRequest(int)()
________________________________________________________________________________________________________
*** CID 717207: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/client/MetaRequest.h: 93 in MetaRequest::MetaRequest(int)()
87 kick(false), success(false),
88 got_unsafe(false), item(this), unsafe_item(this),
89 unsafe_dir_item(this), unsafe_target_item(this),
90 caller_cond(0), dispatch_cond(0) {
91 memset(&head, 0, sizeof(head));
92 head.op = op;
>>> CID 717207: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "dirp" is not initialized in this constructor nor in any functions that it calls.
93 }
94 ~MetaRequest();
95
96 /**
97 * Prematurely terminate the request, such that callers
98 * to make_request will receive `rc` as their result.
** CID 717264: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MClientReply.h: 128 in InodeStat::InodeStat()()
________________________________________________________________________________________________________
*** CID 717264: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/messages/MClientReply.h: 128 in InodeStat::InodeStat()()
122 bufferlist inline_data;
123 version_t inline_version;
124
125 quota_info_t quota;
126
127 public:
>>> CID 717264: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "inline_version" is not initialized in this constructor nor in any functions that it calls.
128 InodeStat() {}
129 InodeStat(bufferlist::iterator& p, uint64_t features) {
130 decode(p, features);
131 }
132
133 void decode(bufferlist::iterator &p, uint64_t features) {
** CID 728001: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 998 in PG::Scrubber::Scrubber()()
________________________________________________________________________________________________________
*** CID 728001: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 998 in PG::Scrubber::Scrubber()()
992 must_scrub(false), must_deep_scrub(false), must_repair(false),
993 auto_repair(false),
994 num_digest_updates_pending(0),
995 state(INACTIVE),
996 deep(false),
997 seed(0)
>>> CID 728001: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "priority" is not initialized in this constructor nor in any functions that it calls.
998 {}
999
1000 PG::Scrubber::~Scrubber() {}
1001
1002 /**
1003 * find_best_info
** CID 1219624: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_fuse.cc: 73 in main()
/home/brad/working/src/ceph/src/ceph_fuse.cc: 73 in main()
/home/brad/working/src/ceph/src/ceph_fuse.cc: 73 in main()
________________________________________________________________________________________________________
*** CID 1219624: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_fuse.cc: 73 in main()
67 " use root_directory as the mounted root, rather than the full Ceph tree.\n"
68 "\n";
69 fuse_usage();
70 generic_client_usage();
71 }
72
>>> CID 1219624: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **, char const **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
73 int main(int argc, const char **argv, const char *envp[]) {
74 int filer_flags = 0;
75 //cerr << "ceph-fuse starting " << myrank << "/" << world << std::endl;
76 std::vector<const char*> args;
77 argv_to_vec(argc, argv, args);
78 if (args.empty()) {
/home/brad/working/src/ceph/src/ceph_fuse.cc: 73 in main()
67 " use root_directory as the mounted root, rather than the full Ceph tree.\n"
68 "\n";
69 fuse_usage();
70 generic_client_usage();
71 }
72
>>> CID 1219624: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **, char const **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
73 int main(int argc, const char **argv, const char *envp[]) {
74 int filer_flags = 0;
75 //cerr << "ceph-fuse starting " << myrank << "/" << world << std::endl;
76 std::vector<const char*> args;
77 argv_to_vec(argc, argv, args);
78 if (args.empty()) {
/home/brad/working/src/ceph/src/ceph_fuse.cc: 73 in main()
67 " use root_directory as the mounted root, rather than the full Ceph tree.\n"
68 "\n";
69 fuse_usage();
70 generic_client_usage();
71 }
72
>>> CID 1219624: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **, char const **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
73 int main(int argc, const char **argv, const char *envp[]) {
74 int filer_flags = 0;
75 //cerr << "ceph-fuse starting " << myrank << "/" << world << std::endl;
76 std::vector<const char*> args;
77 argv_to_vec(argc, argv, args);
78 if (args.empty()) {
** CID 1297734: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 414 in SyntheticClient::run()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 824 in SyntheticClient::run()()
________________________________________________________________________________________________________
*** CID 1297734: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 414 in SyntheticClient::run()()
408 case SYNCLIENT_MODE_RANDOMSLEEP:
409 {
410 int iarg1 = iargs.front();
411 iargs.pop_front();
412 if (run_me()) {
413 srand(time(0) + getpid() + client->whoami.v);
>>> CID 1297734: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
414 sleep(rand() % iarg1);
415 }
416 did_run_me();
417 }
418 break;
419
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 824 in SyntheticClient::run()()
818
819 case SYNCLIENT_MODE_OPENTEST:
820 {
821 int count = iargs.front(); iargs.pop_front();
822 if (run_me()) {
823 for (int i=0; i<count; i++) {
>>> CID 1297734: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
824 int fd = client->open("test", (rand()%2) ?
825 (O_WRONLY|O_CREAT) : O_RDONLY,
826 perms);
827 if (fd > 0) client->close(fd);
828 }
829 }
** CID 1297743: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 126 in SyntheticClient::get_random_fh()()
________________________________________________________________________________________________________
*** CID 1297743: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 126 in SyntheticClient::get_random_fh()()
120 contents.clear();
121 subdirs.clear();
122 did_readdir = false;
123 }
124
125 int get_random_fh() {
>>> CID 1297743: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
126 int r = rand() % open_files.size();
127 set<int>::iterator it = open_files.begin();
128 while (r--) ++it;
129 return *it;
130 }
131
** CID 1297748: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 136 in SyntheticClient::get_random_subdir()()
________________________________________________________________________________________________________
*** CID 1297748: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 136 in SyntheticClient::get_random_subdir()()
130 }
131
132
133 filepath n1;
134 const char *get_random_subdir() {
135 assert(!subdirs.empty());
>>> CID 1297748: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
136 int r = ((rand() % subdirs.size()) + (rand() % subdirs.size())) / 2; // non-uniform distn
137 set<string>::iterator it = subdirs.begin();
138 while (r--) ++it;
139
140 n1 = cwd;
141 n1.push_dentry( *it );
** CID 1297749: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2354 in SyntheticClient::object_rw(int, int, int, int, double, double)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2351 in SyntheticClient::object_rw(int, int, int, int, double, double)()
________________________________________________________________________________________________________
*** CID 1297749: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2354 in SyntheticClient::object_rw(int, int, int, int, double, double)()
2348 if (time_to_stop()) break;
2349
2350 // read or write?
2351 bool write = (rand() % 100) < wrpc;
2352
2353 // choose object
>>> CID 1297749: (DC.WEAK_CRYPTO)
>>> "drand48()" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2354 double r = drand48(); // [0..1)
2355 long o;
2356 if (write) {
2357 o = (long)trunc(pow(r, wskew) * (double)nobj); // exponentially skew towards 0
2358 int pnoremap = (long)(r * 100.0);
2359 if (pnoremap >= overlappc)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2351 in SyntheticClient::object_rw(int, int, int, int, double, double)()
2345 int unack = 0;
2346
2347 while (1) {
2348 if (time_to_stop()) break;
2349
2350 // read or write?
>>> CID 1297749: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2351 bool write = (rand() % 100) < wrpc;
2352
2353 // choose object
2354 double r = drand48(); // [0..1)
2355 long o;
2356 if (write) {
** CID 1297751: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2531 in normdist(int, int, int)()
________________________________________________________________________________________________________
*** CID 1297751: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2531 in normdist(int, int, int)()
2525 curve */
2526
2527 stdev += 1; /* compensation for integer vs. floating point math */
2528 for (int c = iterate; c != 0; c--) /* loop through iterations */
2529 {
2530 // result += (uniform (1, 100) * stdev) / 100; /* calculate and
>>> CID 1297751: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2531 result += ( (rand()%100 + 1) * stdev) / 100;
2532 // printf("result=%d\n", result );
2533 }
2534 printf("\n final result=%d\n", result );
2535 return result + min; /* send final result back */
2536 }
** CID 1297761: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 163 in SyntheticClient::make_sub(const char *)()
________________________________________________________________________________________________________
*** CID 1297761: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 163 in SyntheticClient::make_sub(const char *)()
157 return n2.get_path().c_str();
158 }
159
160 filepath sub;
161 char sub_s[50];
162 const char *make_sub(const char *base) {
>>> CID 1297761: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
163 snprintf(sub_s, sizeof(sub_s), "%s.%d", base, rand() % 100);
164 string f = sub_s;
165 sub = cwd;
166 sub.push_dentry(f);
167 return sub.c_str();
168 }
** CID 1297765: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/include/Distribution.h: 54 in Distribution::sample()()
________________________________________________________________________________________________________
*** CID 1297765: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/include/Distribution.h: 54 in Distribution::sample()()
48 }
49 for (unsigned i=0; i<p.size(); i++)
50 p[i] /= sum;
51 }
52
53 int sample() {
>>> CID 1297765: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
54 float s = (float)(rand() % 10000) / 10000.0;
55 for (unsigned i=0; i<p.size(); i++) {
56 if (s < p[i]) return v[i];
57 s -= p[i];
58 }
59 ceph_abort();
** CID 1297767: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 147 in SyntheticClient::get_random_sub()()
________________________________________________________________________________________________________
*** CID 1297767: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.h: 147 in SyntheticClient::get_random_sub()()
141 n1.push_dentry( *it );
142 return n1.get_path().c_str();
143 }
144 filepath n2;
145 const char *get_random_sub() {
146 assert(!contents.empty());
>>> CID 1297767: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
147 int r = ((rand() % contents.size()) + (rand() % contents.size())) / 2; // non-uniform distn
148 if (cwd.depth() && cwd.last_dentry().length())
149 r += cwd.last_dentry().c_str()[0]; // slightly permuted
150 r %= contents.size();
151
152 map<string,struct stat*>::iterator it = contents.begin();
** CID 1297786: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 959 in roll_die(float)()
________________________________________________________________________________________________________
*** CID 1297786: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 959 in roll_die(float)()
953 return 0;
954 }
955
956
957 bool roll_die(float p)
958 {
>>> CID 1297786: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
959 float r = (float)(rand() % 100000) / 100000.0;
960 if (r < p)
961 return true;
962 else
963 return false;
964 }
** CID 1297788: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2847 in SyntheticClient::make_dir_mess(const char *, int)()
________________________________________________________________________________________________________
*** CID 1297788: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2847 in SyntheticClient::make_dir_mess(const char *, int)()
2841 // P(dir) ~ subdirs_of(dir) + 2
2842 // from 5-year metadata workload paper in fast'07
2843
2844 // create dirs
2845 for (int i=0; i<n; i++) {
2846 // pick a dir
>>> CID 1297788: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2847 int k = rand() % dirs.size();
2848 string parent = dirs[k];
2849
2850 // pick a name
2851 std::stringstream ss;
2852 ss << parent << "/" << i;
** CID 1297794: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2934 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2935 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2936 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2950 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2951 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2952 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2953 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2954 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2955 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2970 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2971 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2972 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2973 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2974 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2975 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2985 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2986 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2987 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2988 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2989 in SyntheticClient::foo()()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2990 in SyntheticClient::foo()()
________________________________________________________________________________________________________
*** CID 1297794: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2934 in SyntheticClient::foo()()
2928 }
2929 if (1) {
2930 // open some files
2931 srand(0);
2932 for (int i=0; i<20; i++) {
2933 int s = 5;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2934 int a = rand() % s;
2935 int b = rand() % s;
2936 int c = rand() % s;
2937 char src[80];
2938 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2939 //int fd =
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2935 in SyntheticClient::foo()()
2929 if (1) {
2930 // open some files
2931 srand(0);
2932 for (int i=0; i<20; i++) {
2933 int s = 5;
2934 int a = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2935 int b = rand() % s;
2936 int c = rand() % s;
2937 char src[80];
2938 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2939 //int fd =
2940 client->open(src, O_RDONLY, perms);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2936 in SyntheticClient::foo()()
2930 // open some files
2931 srand(0);
2932 for (int i=0; i<20; i++) {
2933 int s = 5;
2934 int a = rand() % s;
2935 int b = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2936 int c = rand() % s;
2937 char src[80];
2938 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2939 //int fd =
2940 client->open(src, O_RDONLY, perms);
2941 }
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2950 in SyntheticClient::foo()()
2944 }
2945
2946 if (0) {
2947 // rename fun
2948 for (int i=0; i<100; i++) {
2949 int s = 5;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2950 int a = rand() % s;
2951 int b = rand() % s;
2952 int c = rand() % s;
2953 int d = rand() % s;
2954 int e = rand() % s;
2955 int f = rand() % s;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2951 in SyntheticClient::foo()()
2945
2946 if (0) {
2947 // rename fun
2948 for (int i=0; i<100; i++) {
2949 int s = 5;
2950 int a = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2951 int b = rand() % s;
2952 int c = rand() % s;
2953 int d = rand() % s;
2954 int e = rand() % s;
2955 int f = rand() % s;
2956 char src[80];
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2952 in SyntheticClient::foo()()
2946 if (0) {
2947 // rename fun
2948 for (int i=0; i<100; i++) {
2949 int s = 5;
2950 int a = rand() % s;
2951 int b = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2952 int c = rand() % s;
2953 int d = rand() % s;
2954 int e = rand() % s;
2955 int f = rand() % s;
2956 char src[80];
2957 char dst[80];
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2953 in SyntheticClient::foo()()
2947 // rename fun
2948 for (int i=0; i<100; i++) {
2949 int s = 5;
2950 int a = rand() % s;
2951 int b = rand() % s;
2952 int c = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2953 int d = rand() % s;
2954 int e = rand() % s;
2955 int f = rand() % s;
2956 char src[80];
2957 char dst[80];
2958 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2954 in SyntheticClient::foo()()
2948 for (int i=0; i<100; i++) {
2949 int s = 5;
2950 int a = rand() % s;
2951 int b = rand() % s;
2952 int c = rand() % s;
2953 int d = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2954 int e = rand() % s;
2955 int f = rand() % s;
2956 char src[80];
2957 char dst[80];
2958 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2959 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/file.%d", d, e, f);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2955 in SyntheticClient::foo()()
2949 int s = 5;
2950 int a = rand() % s;
2951 int b = rand() % s;
2952 int c = rand() % s;
2953 int d = rand() % s;
2954 int e = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2955 int f = rand() % s;
2956 char src[80];
2957 char dst[80];
2958 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2959 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/file.%d", d, e, f);
2960 client->rename(src, dst, perms);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2970 in SyntheticClient::foo()()
2964
2965 if (1) {
2966 // link fun
2967 srand(0);
2968 for (int i=0; i<100; i++) {
2969 int s = 5;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2970 int a = rand() % s;
2971 int b = rand() % s;
2972 int c = rand() % s;
2973 int d = rand() % s;
2974 int e = rand() % s;
2975 int f = rand() % s;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2971 in SyntheticClient::foo()()
2965 if (1) {
2966 // link fun
2967 srand(0);
2968 for (int i=0; i<100; i++) {
2969 int s = 5;
2970 int a = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2971 int b = rand() % s;
2972 int c = rand() % s;
2973 int d = rand() % s;
2974 int e = rand() % s;
2975 int f = rand() % s;
2976 char src[80];
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2972 in SyntheticClient::foo()()
2966 // link fun
2967 srand(0);
2968 for (int i=0; i<100; i++) {
2969 int s = 5;
2970 int a = rand() % s;
2971 int b = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2972 int c = rand() % s;
2973 int d = rand() % s;
2974 int e = rand() % s;
2975 int f = rand() % s;
2976 char src[80];
2977 char dst[80];
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2973 in SyntheticClient::foo()()
2967 srand(0);
2968 for (int i=0; i<100; i++) {
2969 int s = 5;
2970 int a = rand() % s;
2971 int b = rand() % s;
2972 int c = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2973 int d = rand() % s;
2974 int e = rand() % s;
2975 int f = rand() % s;
2976 char src[80];
2977 char dst[80];
2978 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2974 in SyntheticClient::foo()()
2968 for (int i=0; i<100; i++) {
2969 int s = 5;
2970 int a = rand() % s;
2971 int b = rand() % s;
2972 int c = rand() % s;
2973 int d = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2974 int e = rand() % s;
2975 int f = rand() % s;
2976 char src[80];
2977 char dst[80];
2978 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2979 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/newlink.%d", d, e, f);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2975 in SyntheticClient::foo()()
2969 int s = 5;
2970 int a = rand() % s;
2971 int b = rand() % s;
2972 int c = rand() % s;
2973 int d = rand() % s;
2974 int e = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2975 int f = rand() % s;
2976 char src[80];
2977 char dst[80];
2978 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2979 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/newlink.%d", d, e, f);
2980 client->link(src, dst, perms);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2985 in SyntheticClient::foo()()
2979 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/newlink.%d", d, e, f);
2980 client->link(src, dst, perms);
2981 }
2982 srand(0);
2983 for (int i=0; i<100; i++) {
2984 int s = 5;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2985 int a = rand() % s;
2986 int b = rand() % s;
2987 int c = rand() % s;
2988 int d = rand() % s;
2989 int e = rand() % s;
2990 int f = rand() % s;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2986 in SyntheticClient::foo()()
2980 client->link(src, dst, perms);
2981 }
2982 srand(0);
2983 for (int i=0; i<100; i++) {
2984 int s = 5;
2985 int a = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2986 int b = rand() % s;
2987 int c = rand() % s;
2988 int d = rand() % s;
2989 int e = rand() % s;
2990 int f = rand() % s;
2991 char src[80];
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2987 in SyntheticClient::foo()()
2981 }
2982 srand(0);
2983 for (int i=0; i<100; i++) {
2984 int s = 5;
2985 int a = rand() % s;
2986 int b = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2987 int c = rand() % s;
2988 int d = rand() % s;
2989 int e = rand() % s;
2990 int f = rand() % s;
2991 char src[80];
2992 char dst[80];
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2988 in SyntheticClient::foo()()
2982 srand(0);
2983 for (int i=0; i<100; i++) {
2984 int s = 5;
2985 int a = rand() % s;
2986 int b = rand() % s;
2987 int c = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2988 int d = rand() % s;
2989 int e = rand() % s;
2990 int f = rand() % s;
2991 char src[80];
2992 char dst[80];
2993 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2989 in SyntheticClient::foo()()
2983 for (int i=0; i<100; i++) {
2984 int s = 5;
2985 int a = rand() % s;
2986 int b = rand() % s;
2987 int c = rand() % s;
2988 int d = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2989 int e = rand() % s;
2990 int f = rand() % s;
2991 char src[80];
2992 char dst[80];
2993 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2994 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/newlink.%d", d, e, f);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 2990 in SyntheticClient::foo()()
2984 int s = 5;
2985 int a = rand() % s;
2986 int b = rand() % s;
2987 int c = rand() % s;
2988 int d = rand() % s;
2989 int e = rand() % s;
>>> CID 1297794: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2990 int f = rand() % s;
2991 char src[80];
2992 char dst[80];
2993 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
2994 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/newlink.%d", d, e, f);
2995 client->unlink(dst, perms);
** CID 1297796: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/MDCache.h: 1143 in MDCache::hack_pick_random_inode()()
________________________________________________________________________________________________________
*** CID 1297796: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/mds/MDCache.h: 1143 in MDCache::hack_pick_random_inode()()
1137 public:
1138 void show_cache();
1139 void show_subtrees(int dbl=10);
1140
1141 CInode *hack_pick_random_inode() {
1142 assert(!inode_map.empty());
>>> CID 1297796: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1143 int n = rand() % inode_map.size();
1144 ceph::unordered_map<vinodeno_t,CInode*>::iterator p = inode_map.begin();
1145 while (n--) ++p;
1146 return p->second;
1147 }
1148
** CID 1297800: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3075 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3077 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3082 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3091 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3109 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3113 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3121 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3125 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3130 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3161 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3163 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3167 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3173 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3175 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
________________________________________________________________________________________________________
*** CID 1297800: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3075 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3069
3070 srand(0);
3071 if (1) {
3072 bool renames = true; // thrash renames too?
3073 for (int k=0; k<n; k++) {
3074
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3075 if (renames && rand() % 10 == 0) {
3076 // rename some directories. whee!
3077 int dep = (rand() % depth) + 1;
3078 string src = basedir;
3079 {
3080 char t[80];
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3077 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3071 if (1) {
3072 bool renames = true; // thrash renames too?
3073 for (int k=0; k<n; k++) {
3074
3075 if (renames && rand() % 10 == 0) {
3076 // rename some directories. whee!
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3077 int dep = (rand() % depth) + 1;
3078 string src = basedir;
3079 {
3080 char t[80];
3081 for (int d=0; d<dep; d++) {
3082 int a = rand() % dirs;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3082 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3076 // rename some directories. whee!
3077 int dep = (rand() % depth) + 1;
3078 string src = basedir;
3079 {
3080 char t[80];
3081 for (int d=0; d<dep; d++) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3082 int a = rand() % dirs;
3083 snprintf(t, sizeof(t), "/dir.%d", a);
3084 src += t;
3085 }
3086 }
3087 string dst = basedir;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3091 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3085 }
3086 }
3087 string dst = basedir;
3088 {
3089 char t[80];
3090 for (int d=0; d<dep; d++) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3091 int a = rand() % dirs;
3092 snprintf(t, sizeof(t), "/dir.%d", a);
3093 dst += t;
3094 }
3095 }
3096
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3109 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3103
3104 // pick a dest dir
3105 string src = basedir;
3106 {
3107 char t[80];
3108 for (int d=0; d<depth; d++) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3109 int a = rand() % dirs;
3110 snprintf(t, sizeof(t), "/dir.%d", a);
3111 src += t;
3112 }
3113 int a = rand() % files;
3114 snprintf(t, sizeof(t), "/file.%d", a);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3113 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3107 char t[80];
3108 for (int d=0; d<depth; d++) {
3109 int a = rand() % dirs;
3110 snprintf(t, sizeof(t), "/dir.%d", a);
3111 src += t;
3112 }
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3113 int a = rand() % files;
3114 snprintf(t, sizeof(t), "/file.%d", a);
3115 src += t;
3116 }
3117 string dst = basedir;
3118 {
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3121 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3115 src += t;
3116 }
3117 string dst = basedir;
3118 {
3119 char t[80];
3120 for (int d=0; d<depth; d++) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3121 int a = rand() % dirs;
3122 snprintf(t, sizeof(t), "/dir.%d", a);
3123 dst += t;
3124 }
3125 int a = rand() % files;
3126 snprintf(t, sizeof(t), "/file.%d", a);
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3125 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3119 char t[80];
3120 for (int d=0; d<depth; d++) {
3121 int a = rand() % dirs;
3122 snprintf(t, sizeof(t), "/dir.%d", a);
3123 dst += t;
3124 }
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3125 int a = rand() % files;
3126 snprintf(t, sizeof(t), "/file.%d", a);
3127 dst += t;
3128 }
3129
3130 int o = rand() % 4;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3130 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3124 }
3125 int a = rand() % files;
3126 snprintf(t, sizeof(t), "/file.%d", a);
3127 dst += t;
3128 }
3129
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3130 int o = rand() % 4;
3131 switch (o) {
3132 case 0:
3133 client->mknod(src.c_str(), 0755, perms);
3134 if (renames) client->rename(src.c_str(), dst.c_str(), perms);
3135 break;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3161 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3155 char f[20];
3156
3157 // pick a file
3158 string file = basedir;
3159
3160 if (depth) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3161 int d = rand() % (depth+1);
3162 for (int k=0; k<d; k++) {
3163 snprintf(f, sizeof(f), "/dir.%d", rand() % dirs);
3164 file += f;
3165 }
3166 }
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3163 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3157 // pick a file
3158 string file = basedir;
3159
3160 if (depth) {
3161 int d = rand() % (depth+1);
3162 for (int k=0; k<d; k++) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3163 snprintf(f, sizeof(f), "/dir.%d", rand() % dirs);
3164 file += f;
3165 }
3166 }
3167 snprintf(f, sizeof(f), "/file.%d", rand() % files);
3168 file += f;
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3167 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3161 int d = rand() % (depth+1);
3162 for (int k=0; k<d; k++) {
3163 snprintf(f, sizeof(f), "/dir.%d", rand() % dirs);
3164 file += f;
3165 }
3166 }
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3167 snprintf(f, sizeof(f), "/file.%d", rand() % files);
3168 file += f;
3169
3170 // pick a dir for our link
3171 string ln = basedir;
3172 if (depth) {
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3173 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3167 snprintf(f, sizeof(f), "/file.%d", rand() % files);
3168 file += f;
3169
3170 // pick a dir for our link
3171 string ln = basedir;
3172 if (depth) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3173 int d = rand() % (depth+1);
3174 for (int k=0; k<d; k++) {
3175 snprintf(f, sizeof(f), "/dir.%d", rand() % dirs);
3176 ln += f;
3177 }
3178 }
/home/brad/working/src/ceph/src/client/SyntheticClient.cc: 3175 in SyntheticClient::thrash_links(const char *, int, int, int, int)()
3169
3170 // pick a dir for our link
3171 string ln = basedir;
3172 if (depth) {
3173 int d = rand() % (depth+1);
3174 for (int k=0; k<d; k++) {
>>> CID 1297800: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3175 snprintf(f, sizeof(f), "/dir.%d", rand() % dirs);
3176 ln += f;
3177 }
3178 }
3179 snprintf(f, sizeof(f), "/ln.%d", i);
3180 ln += f;
** CID 1297806: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/librados/RadosClient.cc: 917 in librados::RadosClient::pg_command(pg_t, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)()
________________________________________________________________________________________________________
*** CID 1297806: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/librados/RadosClient.cc: 917 in librados::RadosClient::pg_command(pg_t, std::vector<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)()
911 ceph_tid_t tid;
912 lock.Lock();
913 objecter->pg_command(pgid, cmd, inbl, &tid, poutbl, prs,
914 new C_SafeCond(&mylock, &cond, &done, &ret));
915 lock.Unlock();
916 mylock.Lock();
>>> CID 1297806: Program hangs (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
917 while (!done)
918 cond.Wait(mylock);
919 mylock.Unlock();
920 return ret;
921 }
922
** CID 1297808: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/librados/RadosClient.cc: 743 in librados::RadosClient::pool_delete(const char *)()
________________________________________________________________________________________________________
*** CID 1297808: Program hangs (INFINITE_LOOP)
/home/brad/working/src/ceph/src/librados/RadosClient.cc: 743 in librados::RadosClient::pool_delete(const char *)()
737 ret = objecter->delete_pool(name, onfinish);
738
739 if (ret < 0) {
740 delete onfinish;
741 } else {
742 mylock.Lock();
>>> CID 1297808: Program hangs (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
743 while (!done)
744 cond.Wait(mylock);
745 mylock.Unlock();
746 }
747 return ret;
748 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FM-2Bxn1zjqYZCkhHlCBkOx1Vz0uLM-2FuwLDNBehQ2BDvWcOTkGamZs6pEokobGiq806-2By-2BV2NXD3E-2BdqHwlZLT3BYGFSRnkXKtde76qyalNbQq00lnximbAQohElZErU19YUuo2zvV5HZ2Xyo-2B6EJbkJBr-2FYuIukpf2b-2Bf3D3-2Bs4eB0sZ7FfOf3uEZ6mH8iz3s8-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FM-2Bxn1zjqYZCkhHlCBkOx1Vz0uLM-2FuwLDNBehQ2BDvWWusjvVvLqEEQz1PxoGnvV4szRZ-2B6087FsnqILien-2F5rjXesn3ZF-2BbCJNq6fRgf5c4m-2F-2F1wgt1Wr-2By78JNfI1Y97M4y1hVoiPoMo4-2B1OFoYneqPN8HlniTnL8uDnBhHMpMDuOjApUEDtmMFt-2FwgcGaA-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-04-13 6:25 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-04-13 6:25 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
52 new defect(s) introduced to ceph found with Coverity Scan.
43 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 52 defect(s)
** CID 1313369: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/osd/OSD.cc: 3156 in OSD::clear_temp_objects()()
________________________________________________________________________________________________________
*** CID 1313369: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/osd/OSD.cc: 3156 in OSD::clear_temp_objects()()
3150 }
3151
3152 void OSD::clear_temp_objects()
3153 {
3154 dout(10) << __func__ << dendl;
3155 vector<coll_t> ls;
>>> CID 1313369: Error handling issues (CHECKED_RETURN)
>>> Calling "list_collections" without checking return value (as is done elsewhere 9 out of 11 times).
3156 store->list_collections(ls);
3157 for (vector<coll_t>::iterator p = ls.begin(); p != ls.end(); ++p) {
3158 spg_t pgid;
3159 if (!p->is_pg(&pgid))
3160 continue;
3161
** CID 1405048: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/os/FuseStore.cc: 408 in os_readdir(const char *, void *, int (*)(void *, const char *, const stat *, long), long, fuse_file_info *)()
________________________________________________________________________________________________________
*** CID 1405048: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/os/FuseStore.cc: 408 in os_readdir(const char *, void *, int (*)(void *, const char *, const stat *, long), long, fuse_file_info *)()
402
403 switch (t) {
404 case FN_ROOT:
405 {
406 filler(buf, "type", NULL, 0);
407 vector<coll_t> cls;
>>> CID 1405048: Error handling issues (CHECKED_RETURN)
>>> Calling "list_collections" without checking return value (as is done elsewhere 9 out of 11 times).
408 fs->store->list_collections(cls);
409 for (auto c : cls) {
410 int r = filler(buf, stringify(c).c_str(), NULL, 0);
411 if (r > 0)
412 break;
413 }
** CID 1405049: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/OpenRequest.cc: 215 in librbd::image::OpenRequest<librbd::ImageCtx>::send_v2_get_name_from_trash()()
________________________________________________________________________________________________________
*** CID 1405049: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/OpenRequest.cc: 215 in librbd::image::OpenRequest<librbd::ImageCtx>::send_v2_get_name_from_trash()()
209 cls_client::trash_get_start(&op, m_image_ctx->id);
210
211 using klass = OpenRequest<I>;
212 librados::AioCompletion *comp = create_rados_callback<
213 klass, &klass::handle_v2_get_name_from_trash>(this);
214 m_out_bl.clear();
>>> CID 1405049: Error handling issues (CHECKED_RETURN)
>>> Calling "aio_operate" without checking return value (as is done elsewhere 56 out of 69 times).
215 m_image_ctx->md_ctx.aio_operate(RBD_TRASH, comp, &op, &m_out_bl);
216 comp->release();
217 }
218
219 template <typename I>
220 Context *OpenRequest<I>::handle_v2_get_name_from_trash(int *result) {
** CID 1405050: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/tools/rbd/Utils.cc: 323 in rbd::utils::get_pool_image_id(const boost::program_options::variables_map &, unsigned long *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)()
________________________________________________________________________________________________________
*** CID 1405050: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/tools/rbd/Utils.cc: 323 in rbd::utils::get_pool_image_id(const boost::program_options::variables_map &, unsigned long *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)()
317 if (r < 0) {
318 return r;
319 }
320 }
321 }
322
>>> CID 1405050: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pool_name" to "empty", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
323 if (pool_name->empty()) {
324 *pool_name = at::DEFAULT_POOL_NAME;
325 }
326
327 if (image_id != nullptr && image_id->empty()) {
328 std::cerr << "rbd: image id was not specified" << std::endl;
** CID 1405051: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 4244 in memset_rand(char *, unsigned long)()
________________________________________________________________________________________________________
*** CID 1405051: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 4244 in memset_rand(char *, unsigned long)()
4238 ASSERT_EQ(0, image1.snap_set(NULL));
4239 ASSERT_PASSED(validate_object_map, image1);
4240 }
4241
4242 void memset_rand(char *buf, size_t len) {
4243 for (size_t i = 0; i < len; ++i) {
>>> CID 1405051: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
4244 buf[i] = (char) (rand() % (126 - 33) + 33);
4245 }
4246 }
4247
4248 TEST_F(TestLibRBD, Metadata)
4249 {
** CID 1405052: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 28021 in __pyx_pw_3rbd_5Image_133metadata_set()
________________________________________________________________________________________________________
*** CID 1405052: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 28021 in __pyx_pw_3rbd_5Image_133metadata_set()
28015 }
28016 kw_args = PyDict_Size(__pyx_kwds);
28017 switch (pos_args) {
28018 case 0:
28019 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
28020 else goto __pyx_L5_argtuple_error;
>>> CID 1405052: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
28021 case 1:
28022 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_value)) != 0)) kw_args--;
28023 else {
28024 __Pyx_RaiseArgtupleInvalid("metadata_set", 1, 2, 2, 1); __PYX_ERR(0, 2591, __pyx_L3_error)
28025 }
28026 }
** CID 1405053: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9001 in __pyx_pw_3rbd_3RBD_27mirror_peer_remove()
________________________________________________________________________________________________________
*** CID 1405053: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9001 in __pyx_pw_3rbd_3RBD_27mirror_peer_remove()
8995 else goto __pyx_L5_argtuple_error;
8996 case 1:
8997 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8998 else {
8999 __Pyx_RaiseArgtupleInvalid("mirror_peer_remove", 1, 3, 3, 1); __PYX_ERR(0, 1017, __pyx_L3_error)
9000 }
>>> CID 1405053: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9001 case 2:
9002 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_uuid)) != 0)) kw_args--;
9003 else {
9004 __Pyx_RaiseArgtupleInvalid("mirror_peer_remove", 1, 3, 3, 2); __PYX_ERR(0, 1017, __pyx_L3_error)
9005 }
9006 }
** CID 1405054: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8360 in __pyx_pw_3rbd_3RBD_23mirror_mode_set()
________________________________________________________________________________________________________
*** CID 1405054: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8360 in __pyx_pw_3rbd_3RBD_23mirror_mode_set()
8354 else goto __pyx_L5_argtuple_error;
8355 case 1:
8356 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8357 else {
8358 __Pyx_RaiseArgtupleInvalid("mirror_mode_set", 1, 3, 3, 1); __PYX_ERR(0, 970, __pyx_L3_error)
8359 }
>>> CID 1405054: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8360 case 2:
8361 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mirror_mode)) != 0)) kw_args--;
8362 else {
8363 __Pyx_RaiseArgtupleInvalid("mirror_mode_set", 1, 3, 3, 2); __PYX_ERR(0, 970, __pyx_L3_error)
8364 }
8365 }
** CID 1405055: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9999 in __pyx_pw_3rbd_3RBD_35mirror_image_status_list()
________________________________________________________________________________________________________
*** CID 1405055: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9999 in __pyx_pw_3rbd_3RBD_35mirror_image_status_list()
9993 }
9994 kw_args = PyDict_Size(__pyx_kwds);
9995 switch (pos_args) {
9996 case 0:
9997 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
9998 else goto __pyx_L5_argtuple_error;
>>> CID 1405055: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9999 case 1:
10000 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
10001 else {
10002 __Pyx_RaiseArgtupleInvalid("mirror_image_status_list", 1, 2, 2, 1); __PYX_ERR(0, 1089, __pyx_L3_error)
10003 }
10004 }
** CID 1405056: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8577 in __pyx_pw_3rbd_3RBD_25mirror_peer_add()
________________________________________________________________________________________________________
*** CID 1405056: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8577 in __pyx_pw_3rbd_3RBD_25mirror_peer_add()
8571 }
8572 case 2:
8573 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cluster_name)) != 0)) kw_args--;
8574 else {
8575 __Pyx_RaiseArgtupleInvalid("mirror_peer_add", 1, 4, 4, 2); __PYX_ERR(0, 987, __pyx_L3_error)
8576 }
>>> CID 1405056: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8577 case 3:
8578 if (likely((values[3] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_client_name)) != 0)) kw_args--;
8579 else {
8580 __Pyx_RaiseArgtupleInvalid("mirror_peer_add", 1, 4, 4, 3); __PYX_ERR(0, 987, __pyx_L3_error)
8581 }
8582 }
** CID 1405057: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9250 in __pyx_pw_3rbd_3RBD_29mirror_peer_list()
________________________________________________________________________________________________________
*** CID 1405057: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9250 in __pyx_pw_3rbd_3RBD_29mirror_peer_list()
9244 }
9245 kw_args = PyDict_Size(__pyx_kwds);
9246 switch (pos_args) {
9247 case 0:
9248 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
9249 else goto __pyx_L5_argtuple_error;
>>> CID 1405057: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9250 case 1:
9251 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
9252 else {
9253 __Pyx_RaiseArgtupleInvalid("mirror_peer_list", 1, 2, 2, 1); __PYX_ERR(0, 1035, __pyx_L3_error)
9254 }
9255 }
** CID 1405058: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8355 in __pyx_pw_3rbd_3RBD_23mirror_mode_set()
________________________________________________________________________________________________________
*** CID 1405058: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8355 in __pyx_pw_3rbd_3RBD_23mirror_mode_set()
8349 }
8350 kw_args = PyDict_Size(__pyx_kwds);
8351 switch (pos_args) {
8352 case 0:
8353 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
8354 else goto __pyx_L5_argtuple_error;
>>> CID 1405058: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8355 case 1:
8356 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8357 else {
8358 __Pyx_RaiseArgtupleInvalid("mirror_mode_set", 1, 3, 3, 1); __PYX_ERR(0, 970, __pyx_L3_error)
8359 }
8360 case 2:
** CID 1405059: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9696 in __pyx_pw_3rbd_3RBD_33mirror_peer_set_cluster()
________________________________________________________________________________________________________
*** CID 1405059: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9696 in __pyx_pw_3rbd_3RBD_33mirror_peer_set_cluster()
9690 }
9691 case 2:
9692 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_uuid)) != 0)) kw_args--;
9693 else {
9694 __Pyx_RaiseArgtupleInvalid("mirror_peer_set_cluster", 1, 4, 4, 2); __PYX_ERR(0, 1067, __pyx_L3_error)
9695 }
>>> CID 1405059: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9696 case 3:
9697 if (likely((values[3] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cluster_name)) != 0)) kw_args--;
9698 else {
9699 __Pyx_RaiseArgtupleInvalid("mirror_peer_set_cluster", 1, 4, 4, 3); __PYX_ERR(0, 1067, __pyx_L3_error)
9700 }
9701 }
** CID 1405060: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9686 in __pyx_pw_3rbd_3RBD_33mirror_peer_set_cluster()
________________________________________________________________________________________________________
*** CID 1405060: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9686 in __pyx_pw_3rbd_3RBD_33mirror_peer_set_cluster()
9680 }
9681 kw_args = PyDict_Size(__pyx_kwds);
9682 switch (pos_args) {
9683 case 0:
9684 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
9685 else goto __pyx_L5_argtuple_error;
>>> CID 1405060: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9686 case 1:
9687 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
9688 else {
9689 __Pyx_RaiseArgtupleInvalid("mirror_peer_set_cluster", 1, 4, 4, 1); __PYX_ERR(0, 1067, __pyx_L3_error)
9690 }
9691 case 2:
** CID 1405061: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9369 in __pyx_pw_3rbd_3RBD_31mirror_peer_set_client()
________________________________________________________________________________________________________
*** CID 1405061: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9369 in __pyx_pw_3rbd_3RBD_31mirror_peer_set_client()
9363 }
9364 kw_args = PyDict_Size(__pyx_kwds);
9365 switch (pos_args) {
9366 case 0:
9367 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
9368 else goto __pyx_L5_argtuple_error;
>>> CID 1405061: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9369 case 1:
9370 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
9371 else {
9372 __Pyx_RaiseArgtupleInvalid("mirror_peer_set_client", 1, 4, 4, 1); __PYX_ERR(0, 1045, __pyx_L3_error)
9373 }
9374 case 2:
** CID 1405062: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9374 in __pyx_pw_3rbd_3RBD_31mirror_peer_set_client()
________________________________________________________________________________________________________
*** CID 1405062: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 9374 in __pyx_pw_3rbd_3RBD_31mirror_peer_set_client()
9368 else goto __pyx_L5_argtuple_error;
9369 case 1:
9370 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
9371 else {
9372 __Pyx_RaiseArgtupleInvalid("mirror_peer_set_client", 1, 4, 4, 1); __PYX_ERR(0, 1045, __pyx_L3_error)
9373 }
>>> CID 1405062: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
9374 case 2:
9375 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_uuid)) != 0)) kw_args--;
9376 else {
9377 __Pyx_RaiseArgtupleInvalid("mirror_peer_set_client", 1, 4, 4, 2); __PYX_ERR(0, 1045, __pyx_L3_error)
9378 }
9379 case 3:
** CID 1405063: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8572 in __pyx_pw_3rbd_3RBD_25mirror_peer_add()
________________________________________________________________________________________________________
*** CID 1405063: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8572 in __pyx_pw_3rbd_3RBD_25mirror_peer_add()
8566 else goto __pyx_L5_argtuple_error;
8567 case 1:
8568 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8569 else {
8570 __Pyx_RaiseArgtupleInvalid("mirror_peer_add", 1, 4, 4, 1); __PYX_ERR(0, 987, __pyx_L3_error)
8571 }
>>> CID 1405063: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8572 case 2:
8573 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cluster_name)) != 0)) kw_args--;
8574 else {
8575 __Pyx_RaiseArgtupleInvalid("mirror_peer_add", 1, 4, 4, 2); __PYX_ERR(0, 987, __pyx_L3_error)
8576 }
8577 case 3:
** CID 1405064: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8151 in __pyx_pw_3rbd_3RBD_21mirror_mode_get()
________________________________________________________________________________________________________
*** CID 1405064: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8151 in __pyx_pw_3rbd_3RBD_21mirror_mode_get()
8145 }
8146 kw_args = PyDict_Size(__pyx_kwds);
8147 switch (pos_args) {
8148 case 0:
8149 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
8150 else goto __pyx_L5_argtuple_error;
>>> CID 1405064: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8151 case 1:
8152 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8153 else {
8154 __Pyx_RaiseArgtupleInvalid("mirror_mode_get", 1, 2, 2, 1); __PYX_ERR(0, 953, __pyx_L3_error)
8155 }
8156 }
** CID 1405065: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 10114 in __pyx_pw_3rbd_3RBD_37mirror_image_status_summary()
________________________________________________________________________________________________________
*** CID 1405065: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 10114 in __pyx_pw_3rbd_3RBD_37mirror_image_status_summary()
10108 }
10109 kw_args = PyDict_Size(__pyx_kwds);
10110 switch (pos_args) {
10111 case 0:
10112 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
10113 else goto __pyx_L5_argtuple_error;
>>> CID 1405065: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
10114 case 1:
10115 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
10116 else {
10117 __Pyx_RaiseArgtupleInvalid("mirror_image_status_summary", 1, 2, 2, 1); __PYX_ERR(0, 1099, __pyx_L3_error)
10118 }
10119 }
** CID 1405066: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8996 in __pyx_pw_3rbd_3RBD_27mirror_peer_remove()
________________________________________________________________________________________________________
*** CID 1405066: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 8996 in __pyx_pw_3rbd_3RBD_27mirror_peer_remove()
8990 }
8991 kw_args = PyDict_Size(__pyx_kwds);
8992 switch (pos_args) {
8993 case 0:
8994 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_self)) != 0)) kw_args--;
8995 else goto __pyx_L5_argtuple_error;
>>> CID 1405066: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8996 case 1:
8997 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_ioctx)) != 0)) kw_args--;
8998 else {
8999 __Pyx_RaiseArgtupleInvalid("mirror_peer_remove", 1, 3, 3, 1); __PYX_ERR(0, 1017, __pyx_L3_error)
9000 }
9001 case 2:
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HEU8MtG2JUIESx2-2Bsif-2BPmVM1Ko-2BS4lJ-2FgAMtxb6GDj-2BabyFOjyyZAni0rQQF1KNqyoWyqb5UsWbi4pt9SZHE4hXQQ1n1BOAYgZYMMzeY0cTVRVnUdPEB-2Br8eBD2BeCKOIHPju-2BMXcBkIPkIEKsNz5FSaxGzqrvxp0u-2BCHsoNEonJiUJMNSHOx2pAo9QYp0xU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HEU8MtG2JUIESx2-2Bsif-2BPmVM1Ko-2BS4lJ-2FgAMtxb6GDjyTt0kOBmUqWGnfpKZfvAQ0x1eruOypRYt-2FhKS9hLIRIvo-2BxOcfkZRusdQizKiUIMtjuvbAHFpziV1ND8KDvwtKpluulBuzYxZhzMsGNonKRKNYOxl4ah2uVFEAgGiTUOA7abEwSuhbQV3wdxryh2Ik-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-04-06 9:40 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-04-06 9:40 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
10 new defect(s) introduced to ceph found with Coverity Scan.
16 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 10 of 10 defect(s)
** CID 1394846: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/tools/rbd/Utils.cc: 371 in rbd::utils::get_pool_image_snapshot_names(const boost::program_options::variables_map &, rbd::argument_types::ArgumentModifier, unsigned long *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, rbd::utils::SnapshotPresence, rbd::utils::SpecValidation, bool)()
________________________________________________________________________________________________________
*** CID 1394846: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/tools/rbd/Utils.cc: 371 in rbd::utils::get_pool_image_snapshot_names(const boost::program_options::variables_map &, rbd::argument_types::ArgumentModifier, unsigned long *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, rbd::utils::SnapshotPresence, rbd::utils::SpecValidation, bool)()
365 if (r < 0) {
366 return r;
367 }
368 }
369 }
370
>>> CID 1394846: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "pool_name" to null implies that "pool_name" might be null.
371 if (pool_name != nullptr && pool_name->empty()) {
372 *pool_name = at::DEFAULT_POOL_NAME;
373 }
374
375 if (image_name != nullptr && image_required && image_name->empty()) {
376 std::string prefix = at::get_description_prefix(mod);
** CID 1404864: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 778 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int, unsigned long)()
________________________________________________________________________________________________________
*** CID 1404864: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 778 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int, unsigned long)()
772 goto done;
773 }
774 assert(bdev_size >= 0);
775 size = (uint64_t) bdev_size;
776 }
777 #ifdef HAVE_POSIX_FADVISE
>>> CID 1404864: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
778 posix_fadvise(fd, 0, 0, POSIX_FADV_SEQUENTIAL);
779 #endif
780 }
781
782 r = do_import_header(fd, import_format, size, opts);
783 if (r < 0) {
** CID 1404865: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI6MgrMapE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1404865: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI6MgrMapE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1404865: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1404866: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI14creating_pgs_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1404866: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI14creating_pgs_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1404866: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1404867: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 835 in __event_prepare_filter_stack__librbd___copy4_enter()
________________________________________________________________________________________________________
*** CID 1404867: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 835 in __event_prepare_filter_stack__librbd___copy4_enter()
829 int, retval),
830 TP_FIELDS(
831 ctf_integer(int, retval, retval)
832 )
833 )
834
>>> CID 1404867: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
835 TRACEPOINT_EVENT(librbd, copy4_enter,
836 TP_ARGS(
837 void*, src_imagectx,
838 const char*, src_name,
839 const char*, src_snap_name,
840 char, src_read_only,
** CID 1404868: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1404868: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/mon/CreatingPGs.h: 15 in creating_pgs_t::encode(ceph::buffer::list &) const()
9
10 struct creating_pgs_t {
11 epoch_t last_scan_epoch = 0;
12 std::map<pg_t, std::pair<epoch_t, utime_t> > pgs;
13 std::set<int64_t> created_pools;
14 void encode(bufferlist& bl) const {
>>> CID 1404868: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
15 ENCODE_START(1, 1, bl);
16 ::encode(last_scan_epoch, bl);
17 ::encode(pgs, bl);
18 ::encode(created_pools, bl);
19 ENCODE_FINISH(bl);
20 }
** CID 1404869: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/mgr/DaemonServer.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1404869: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/mgr/DaemonServer.cc: 1 in ()
>>> CID 1404869: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2016 John Spray <john.spray@redhat.com>
** CID 1404870: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
________________________________________________________________________________________________________
*** CID 1404870: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404870: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
** CID 1404871: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
________________________________________________________________________________________________________
*** CID 1404871: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404871: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404871: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404871: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404871: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404871: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
** CID 1404872: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
________________________________________________________________________________________________________
*** CID 1404872: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404872: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404872: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404872: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
/home/brad/working/src/ceph/src/os/bluestore/bluestore_tool.cc: 28 in main()
22
23 void usage(po::options_description &desc)
24 {
25 cout << desc << std::endl;
26 }
27
>>> CID 1404872: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
28 int main(int argc, char **argv)
29 {
30 string out_dir;
31 vector<string> devs;
32 string path;
33 string action;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8ESAs-2By74XaS-2B3Sav9bPnm1S5ZHtHAVePRnf4ZDGWX0Rwi4aWJ9xFGZJmkqePxx6ljblODBpSCl-2BfxIlMebw-2BOSVXPZmnPQU33miY3DT33DIwN1bzt-2BJEx-2FwNiZGOqlzP8SGSHjwGg4BFdptgCJ610o6X64ZaQ5cDxiuG-2FC6kq00KEfIWoD07f68S6GWASxBeU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8ESAs-2By74XaS-2B3Sav9bPnm1S5ZHtHAVePRnf4ZDGWX0R-2FAk3-2BU7l-2F-2Fty6HM-2F7UV1v758q-2FEhCe6GEEcRMKWDekfoJIsd0-2BUBBFSKgMPiTAhPqqJY6fCDrJg6KTOOBRY5A4oPw6adtBMVR3vh-2FGGCpP8aHGQ1WvbjVIZxjj1iTtTo8eeNxO-2B1B1shxEvpLnMgX4-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-03-31 1:25 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-03-31 1:25 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
21 new defect(s) introduced to ceph found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 21 defect(s)
** CID 1160831: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1160831: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/common/ceph_context.cc: 709 in CephContext::reopen_logs()()
703 }
704
705 void CephContext::reopen_logs()
706 {
707 ceph_spin_lock(&_service_thread_lock);
708 if (_service_thread)
>>> CID 1160831: Program hangs (ORDER_REVERSAL)
>>> Calling "reopen_logs" acquires lock "Mutex._m" while holding lock "ceph_spinlock_t.lock" (count: 3 / 23).
709 _service_thread->reopen_logs();
710 ceph_spin_unlock(&_service_thread_lock);
711 }
712
713 void CephContext::join_service_thread()
714 {
** CID 1403541: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 1030 in ObjectMapTest_RandomTestNoDeletesXattrs_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1403541: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 1030 in ObjectMapTest_RandomTestNoDeletesXattrs_Test::TestBody()()
1024 }
1025 }
1026
1027 TEST_F(ObjectMapTest, RandomTestNoDeletesXattrs) {
1028 tester.def_init();
1029 for (unsigned i = 0; i < 5000; ++i) {
>>> CID 1403541: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1030 unsigned val = rand();
1031 val <<= 8;
1032 val %= 100;
1033 if (!(i%100))
1034 std::cout << "on op " << i
1035 << " val is " << val << std::endl;
** CID 1403542: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/ObjectStore.cc: 82 in ObjectStore::create(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned int)()
________________________________________________________________________________________________________
*** CID 1403542: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/ObjectStore.cc: 82 in ObjectStore::create(CephContext *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned int)()
76 if (type == "bluestore" &&
77 cct->check_experimental_feature_enabled("bluestore")) {
78 return new BlueStore(cct, data);
79 }
80 if (type == "random" &&
81 cct->check_experimental_feature_enabled("bluestore")) {
>>> CID 1403542: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
82 if (rand() % 2) {
83 return new FileStore(cct, data, journal, flags);
84 } else {
85 return new BlueStore(cct, data);
86 }
87 }
** CID 1403543: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 297 in ObjectMapTester::auto_set_keys(std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1403543: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 297 in ObjectMapTester::auto_set_keys(std::basic_ostream<char, std::char_traits<char>>&)()
291 }
292
293 void auto_set_keys(ostream &out) {
294 set<string>::iterator object = rand_choose(object_name_space);
295
296 map<string, string> to_set;
>>> CID 1403543: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
297 unsigned amount = (rand() % 10) + 1;
298 for (unsigned i = 0; i < amount; ++i) {
299 set<string>::iterator key = rand_choose(key_space);
300 string value = val_from_key(*object, *key);
301 out << "auto_set_key " << *object << ": " << *key << " -> "
302 << value << std::endl;
** CID 1403544: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 2040 in CrushWrapper::_choose_type_stack(CephContext *, const std::vector<std::pair<int, int>, std::allocator<std::pair<int, int>>> &, const std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>&, std::vector<int, std::allocator<int>>&, __gnu_cxx::__normal_iterator<const int *, std::vector<int, std::allocator<int>>> &, std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>*) const()
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 2040 in CrushWrapper::_choose_type_stack(CephContext *, const std::vector<std::pair<int, int>, std::allocator<std::pair<int, int>>> &, const std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>&, std::vector<int, std::allocator<int>>&, __gnu_cxx::__normal_iterator<const int *, std::vector<int, std::allocator<int>>> &, std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>*) const()
________________________________________________________________________________________________________
*** CID 1403544: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 2040 in CrushWrapper::_choose_type_stack(CephContext *, const std::vector<std::pair<int, int>, std::allocator<std::pair<int, int>>> &, const std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>&, std::vector<int, std::allocator<int>>&, __gnu_cxx::__normal_iterator<const int *, std::vector<int, std::allocator<int>>> &, std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>*) const()
2034 for (auto from : w) {
2035 ldout(cct, 10) << " from " << from << dendl;
2036
2037 for (int pos = 0; pos < fanout; ++pos) {
2038 if (type > 0) {
2039 // non-leaf
>>> CID 1403544: (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "tmpi" though it is already past the end of its container.
2040 int item = *tmpi;
2041 do {
2042 int r = get_immediate_parent_id(item, &item);
2043 if (r < 0) {
2044 ldout(cct, 10) << __func__ << " parent of " << item << " got "
2045 << cpp_strerror(r) << dendl;
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 2040 in CrushWrapper::_choose_type_stack(CephContext *, const std::vector<std::pair<int, int>, std::allocator<std::pair<int, int>>> &, const std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>&, std::vector<int, std::allocator<int>>&, __gnu_cxx::__normal_iterator<const int *, std::vector<int, std::allocator<int>>> &, std::set<int, std::less<int>, std::allocator<int>> &, std::vector<int, std::allocator<int>>*) const()
2034 for (auto from : w) {
2035 ldout(cct, 10) << " from " << from << dendl;
2036
2037 for (int pos = 0; pos < fanout; ++pos) {
2038 if (type > 0) {
2039 // non-leaf
>>> CID 1403544: (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "tmpi" though it is already past the end of its container.
2040 int item = *tmpi;
2041 do {
2042 int r = get_immediate_parent_id(item, &item);
2043 if (r < 0) {
2044 ldout(cct, 10) << __func__ << " parent of " << item << " got "
2045 << cpp_strerror(r) << dendl;
** CID 1403545: Program hangs (LOCK)
/home/brad/working/src/ceph/src/librados/AioCompletionImpl.h: 220 in librados::C_AioCompleteAndSafe::finish(int)()
________________________________________________________________________________________________________
*** CID 1403545: Program hangs (LOCK)
/home/brad/working/src/ceph/src/librados/AioCompletionImpl.h: 220 in librados::C_AioCompleteAndSafe::finish(int)()
214
215 c->lock.Lock();
216 c->callback_complete = NULL;
217 c->callback_safe = NULL;
218 c->cond.Signal();
219 c->put_unlock();
>>> CID 1403545: Program hangs (LOCK)
>>> Returning without unlocking "this->c->lock._m".
220 }
221 };
222
223 }
224
** CID 1403546: Program hangs (LOCK)
/home/brad/working/src/ceph/src/test/librados_test_stub/TestRadosClient.cc: 54 in librados::finish_aio_completion(librados::AioCompletionImpl *, int)()
________________________________________________________________________________________________________
*** CID 1403546: Program hangs (LOCK)
/home/brad/working/src/ceph/src/test/librados_test_stub/TestRadosClient.cc: 54 in librados::finish_aio_completion(librados::AioCompletionImpl *, int)()
48
49 c->lock.Lock();
50 c->callback_complete = NULL;
51 c->callback_safe = NULL;
52 c->cond.Signal();
53 c->put_unlock();
>>> CID 1403546: Program hangs (LOCK)
>>> Returning without unlocking "c->lock._m".
54 }
55
56 class AioFunctionContext : public Context {
57 public:
58 AioFunctionContext(const TestRadosClient::AioFunction &callback,
59 Finisher *finisher, AioCompletionImpl *c)
** CID 1403547: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1403547: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 653 in AsyncMessenger::mark_down(const entity_addr_t &)()
647 void AsyncMessenger::mark_down(const entity_addr_t& addr)
648 {
649 lock.Lock();
650 AsyncConnectionRef p = _lookup_conn(addr);
651 if (p) {
652 ldout(cct, 1) << __func__ << " " << addr << " -- " << p << dendl;
>>> CID 1403547: Program hangs (ORDER_REVERSAL)
>>> Calling "stop" acquires lock "AsyncConnection.lock" while holding lock "Mutex._m" (count: 2 / 5).
653 p->stop(true);
654 } else {
655 ldout(cct, 1) << __func__ << " " << addr << " -- connection dne" << dendl;
656 }
657 lock.Unlock();
658 }
** CID 1403548: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1403548: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/common/ceph_context.cc: 769 in CephContext::disable_perf_counter()()
763
764 void CephContext::disable_perf_counter()
765 {
766 _perf_counters_collection->remove(_cct_perf);
767
768 ceph_spin_lock(&_cct_perf_lock);
>>> CID 1403548: Program hangs (ORDER_REVERSAL)
>>> Calling "~PerfCounters" acquires lock "Mutex._m" while holding lock "ceph_spinlock_t.lock" (count: 3 / 23).
769 delete _cct_perf;
770 _cct_perf = NULL;
771 ceph_spin_unlock(&_cct_perf_lock);
772 }
773
774 void CephContext::refresh_perf_values()
** CID 1403549: (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1403549: (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 622 in AsyncMessenger::shutdown_connections(bool)()
616 ldout(cct,1) << __func__ << " " << dendl;
617 lock.Lock();
618 for (set<AsyncConnectionRef>::iterator q = accepting_conns.begin();
619 q != accepting_conns.end(); ++q) {
620 AsyncConnectionRef p = *q;
621 ldout(cct, 5) << __func__ << " accepting_conn " << p.get() << dendl;
>>> CID 1403549: (ORDER_REVERSAL)
>>> Calling "stop" acquires lock "AsyncConnection.lock" while holding lock "Mutex._m" (count: 2 / 5).
622 p->stop(queue_reset);
623 }
624 accepting_conns.clear();
625
626 while (!conns.empty()) {
627 ceph::unordered_map<entity_addr_t, AsyncConnectionRef>::iterator it = conns.begin();
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 632 in AsyncMessenger::shutdown_connections(bool)()
626 while (!conns.empty()) {
627 ceph::unordered_map<entity_addr_t, AsyncConnectionRef>::iterator it = conns.begin();
628 AsyncConnectionRef p = it->second;
629 ldout(cct, 5) << __func__ << " mark down " << it->first << " " << p << dendl;
630 conns.erase(it);
631 p->get_perf_counter()->dec(l_msgr_active_connections);
>>> CID 1403549: (ORDER_REVERSAL)
>>> Calling "stop" acquires lock "AsyncConnection.lock" while holding lock "Mutex._m" (count: 2 / 5).
632 p->stop(queue_reset);
633 }
634
635 {
636 Mutex::Locker l(deleted_lock);
637 while (!deleted_conns.empty()) {
** CID 1403550: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 218 in ObjectMapTester::rename(ghobject_t, ghobject_t)()
________________________________________________________________________________________________________
*** CID 1403550: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 218 in ObjectMapTester::rename(ghobject_t, ghobject_t)()
212
213 void rename(const string &objname, const string &target) {
214 rename(ghobject_t(hobject_t(sobject_t(objname, CEPH_NOSNAP))),
215 ghobject_t(hobject_t(sobject_t(target, CEPH_NOSNAP))));
216 }
217
>>> CID 1403550: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter hoid of type "ghobject_t" (size 144 bytes) by value.
218 void rename(ghobject_t hoid,
219 ghobject_t hoid2) {
220 db->rename(hoid, hoid2);
221 }
222
223 void clear(const string &objname) {
** CID 1403551: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 186 in ObjectMapTester::remove_keys(ghobject_t, const std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &)()
________________________________________________________________________________________________________
*** CID 1403551: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 186 in ObjectMapTester::remove_keys(ghobject_t, const std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &)()
180 string key) {
181 set<string> to_remove;
182 to_remove.insert(key);
183 db->rm_keys(hoid, to_remove);
184 }
185
>>> CID 1403551: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter hoid of type "ghobject_t" (size 144 bytes) by value.
186 void remove_keys(ghobject_t hoid,
187 const set<string> &to_remove) {
188 db->rm_keys(hoid, to_remove);
189 }
190
191 void remove_xattr(const string &objname, const string &key) {
** CID 1403552: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 232 in ObjectMapTester::legacy_clone(ghobject_t, ghobject_t)()
________________________________________________________________________________________________________
*** CID 1403552: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 232 in ObjectMapTester::legacy_clone(ghobject_t, ghobject_t)()
226
227 void legacy_clone(const string &objname, const string &target) {
228 legacy_clone(ghobject_t(hobject_t(sobject_t(objname, CEPH_NOSNAP))),
229 ghobject_t(hobject_t(sobject_t(target, CEPH_NOSNAP))));
230 }
231
>>> CID 1403552: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter hoid of type "ghobject_t" (size 144 bytes) by value.
232 void legacy_clone(ghobject_t hoid,
233 ghobject_t hoid2) {
234 db->legacy_clone(hoid, hoid2);
235 }
236
237 void clear(ghobject_t hoid) {
** CID 1403553: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 76 in ObjectMapTester::set_keys(ghobject_t, const std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &)()
________________________________________________________________________________________________________
*** CID 1403553: Performance inefficiencies (PASS_BY_VALUE)
/home/brad/working/src/ceph/src/test/ObjectMap/test_object_map.cc: 76 in ObjectMapTester::set_keys(ghobject_t, const std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &)()
70 bufferlist bl;
71 bl.append(bp);
72 to_write.insert(make_pair(key, bl));
73 db->set_keys(hoid, to_write);
74 }
75
>>> CID 1403553: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter hoid of type "ghobject_t" (size 144 bytes) by value.
76 void set_keys(ghobject_t hoid, const map<string, string> &to_set) {
77 map<string, bufferlist> to_write;
78 for (auto &&i: to_set) {
79 bufferptr bp(i.second.data(), i.second.size());
80 bufferlist bl;
81 bl.append(bp);
** CID 1403554: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1276 in GarbageCollector_BasicTest_Test::TestBody()()
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1343 in GarbageCollector_BasicTest_Test::TestBody()()
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1344 in GarbageCollector_BasicTest_Test::TestBody()()
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1346 in GarbageCollector_BasicTest_Test::TestBody()()
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1392 in GarbageCollector_BasicTest_Test::TestBody()()
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1463 in GarbageCollector_BasicTest_Test::TestBody()()
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1464 in GarbageCollector_BasicTest_Test::TestBody()()
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1466 in GarbageCollector_BasicTest_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1403554: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1276 in GarbageCollector_BasicTest_Test::TestBody()()
1270 b2->get_ref(coll.get(), 200, 10);
1271 em.extent_map.insert(*new BlueStore::Extent(300, 300, 100, b4));
1272 b4->get_ref(coll.get(), 300, 100);
1273 em.extent_map.insert(*new BlueStore::Extent(4096, 0, 10, b3));
1274 b3->get_ref(coll.get(), 0, 10);
1275
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(300U, 300U, 10U, b1)" leaks it.
1276 old_extents.push_back(*new BlueStore::OldExtent(300, 300, 10, b1));
1277
1278 saving = gc.estimate(300, 100, em, old_extents, 4096);
1279 ASSERT_EQ(saving, 1);
1280 auto& to_collect = gc.get_extents_to_collect();
1281 ASSERT_EQ(to_collect.size(), 1u);
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1343 in GarbageCollector_BasicTest_Test::TestBody()()
1337 em.extent_map.insert(
1338 *new BlueStore::Extent(0x30000, 0, 0xf000, b4)); // new extent
1339 b4->get_ref(coll.get(), 0, 0xf000);
1340 em.extent_map.insert(*new BlueStore::Extent(0x3f000, 0x3f000, 0x1000, b1));
1341 b1->get_ref(coll.get(), 0x3f000, 0x1000);
1342
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(32768U, 32768U, 32768U, b1)" leaks it.
1343 old_extents.push_back(*new BlueStore::OldExtent(0x8000, 0x8000, 0x8000, b1));
1344 old_extents.push_back(
1345 *new BlueStore::OldExtent(0x10000, 0x10000, 0x20000, b1));
1346 old_extents.push_back(*new BlueStore::OldExtent(0x30000, 0x30000, 0xf000, b1));
1347
1348 saving = gc.estimate(0x30000, 0xf000, em, old_extents, 0x10000);
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1344 in GarbageCollector_BasicTest_Test::TestBody()()
1338 *new BlueStore::Extent(0x30000, 0, 0xf000, b4)); // new extent
1339 b4->get_ref(coll.get(), 0, 0xf000);
1340 em.extent_map.insert(*new BlueStore::Extent(0x3f000, 0x3f000, 0x1000, b1));
1341 b1->get_ref(coll.get(), 0x3f000, 0x1000);
1342
1343 old_extents.push_back(*new BlueStore::OldExtent(0x8000, 0x8000, 0x8000, b1));
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(65536U, 65536U, 131072U, b1)" leaks it.
1344 old_extents.push_back(
1345 *new BlueStore::OldExtent(0x10000, 0x10000, 0x20000, b1));
1346 old_extents.push_back(*new BlueStore::OldExtent(0x30000, 0x30000, 0xf000, b1));
1347
1348 saving = gc.estimate(0x30000, 0xf000, em, old_extents, 0x10000);
1349 ASSERT_EQ(saving, 2);
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1346 in GarbageCollector_BasicTest_Test::TestBody()()
1340 em.extent_map.insert(*new BlueStore::Extent(0x3f000, 0x3f000, 0x1000, b1));
1341 b1->get_ref(coll.get(), 0x3f000, 0x1000);
1342
1343 old_extents.push_back(*new BlueStore::OldExtent(0x8000, 0x8000, 0x8000, b1));
1344 old_extents.push_back(
1345 *new BlueStore::OldExtent(0x10000, 0x10000, 0x20000, b1));
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(196608U, 196608U, 61440U, b1)" leaks it.
1346 old_extents.push_back(*new BlueStore::OldExtent(0x30000, 0x30000, 0xf000, b1));
1347
1348 saving = gc.estimate(0x30000, 0xf000, em, old_extents, 0x10000);
1349 ASSERT_EQ(saving, 2);
1350 auto& to_collect = gc.get_extents_to_collect();
1351 ASSERT_EQ(to_collect.size(), 2u);
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1392 in GarbageCollector_BasicTest_Test::TestBody()()
1386 em.extent_map.insert(*new BlueStore::Extent(0, 0, 0x3000, b1));
1387 b1->get_ref(coll.get(), 0, 0x3000);
1388 em.extent_map.insert(
1389 *new BlueStore::Extent(0x3000, 0, 0x4000, b2)); // new extent
1390 b2->get_ref(coll.get(), 0, 0x4000);
1391
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(12288U, 12288U, 4096U, b1)" leaks it.
1392 old_extents.push_back(*new BlueStore::OldExtent(0x3000, 0x3000, 0x1000, b1));
1393
1394 saving = gc.estimate(0x3000, 0x4000, em, old_extents, 0x1000);
1395 ASSERT_EQ(saving, 0);
1396 auto& to_collect = gc.get_extents_to_collect();
1397 ASSERT_EQ(to_collect.size(), 0u);
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1463 in GarbageCollector_BasicTest_Test::TestBody()()
1457 em.extent_map.insert(
1458 *new BlueStore::Extent(0x30000, 0, 0xf000, b4)); // new extent
1459 b4->get_ref(coll.get(), 0, 0xf000);
1460 em.extent_map.insert(*new BlueStore::Extent(0x3f000, 0x1f000, 0x1000, b1));
1461 b1->get_ref(coll.get(), 0x1f000, 0x1000);
1462
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(32768U, 32768U, 32768U, b0)" leaks it.
1463 old_extents.push_back(*new BlueStore::OldExtent(0x8000, 0x8000, 0x8000, b0));
1464 old_extents.push_back(
1465 *new BlueStore::OldExtent(0x10000, 0x10000, 0x10000, b0));
1466 old_extents.push_back(
1467 *new BlueStore::OldExtent(0x20000, 0x00000, 0x1f000, b1));
1468
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1464 in GarbageCollector_BasicTest_Test::TestBody()()
1458 *new BlueStore::Extent(0x30000, 0, 0xf000, b4)); // new extent
1459 b4->get_ref(coll.get(), 0, 0xf000);
1460 em.extent_map.insert(*new BlueStore::Extent(0x3f000, 0x1f000, 0x1000, b1));
1461 b1->get_ref(coll.get(), 0x1f000, 0x1000);
1462
1463 old_extents.push_back(*new BlueStore::OldExtent(0x8000, 0x8000, 0x8000, b0));
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(65536U, 65536U, 65536U, b0)" leaks it.
1464 old_extents.push_back(
1465 *new BlueStore::OldExtent(0x10000, 0x10000, 0x10000, b0));
1466 old_extents.push_back(
1467 *new BlueStore::OldExtent(0x20000, 0x00000, 0x1f000, b1));
1468
1469 saving = gc.estimate(0x30000, 0xf000, em, old_extents, 0x10000);
/home/brad/working/src/ceph/src/test/objectstore/test_bluestore_types.cc: 1466 in GarbageCollector_BasicTest_Test::TestBody()()
1460 em.extent_map.insert(*new BlueStore::Extent(0x3f000, 0x1f000, 0x1000, b1));
1461 b1->get_ref(coll.get(), 0x1f000, 0x1000);
1462
1463 old_extents.push_back(*new BlueStore::OldExtent(0x8000, 0x8000, 0x8000, b0));
1464 old_extents.push_back(
1465 *new BlueStore::OldExtent(0x10000, 0x10000, 0x10000, b0));
>>> CID 1403554: (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "new BlueStore::OldExtent(131072U, 0U, 126976U, b1)" leaks it.
1466 old_extents.push_back(
1467 *new BlueStore::OldExtent(0x20000, 0x00000, 0x1f000, b1));
1468
1469 saving = gc.estimate(0x30000, 0xf000, em, old_extents, 0x10000);
1470 ASSERT_EQ(saving, 2);
1471 auto& to_collect = gc.get_extents_to_collect();
** CID 1403555: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2745 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2755 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2764 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2774 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
________________________________________________________________________________________________________
*** CID 1403555: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2745 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
2739 old_extents->push_back(*oe);
2740 add(end,
2741 p->blob_offset + front + length,
2742 p->length - front - length,
2743 p->blob);
2744 p->length = front;
>>> CID 1403555: (RESOURCE_LEAK)
>>> Variable "oe" going out of scope leaks the storage it points to.
2745 break;
2746 } else {
2747 // deref tail
2748 assert(p->logical_end() > offset); // else seek_lextent bug
2749 uint64_t keep = offset - p->logical_offset;
2750 OldExtent* oe = OldExtent::create(c, offset, p->blob_offset + keep,
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2755 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
2749 uint64_t keep = offset - p->logical_offset;
2750 OldExtent* oe = OldExtent::create(c, offset, p->blob_offset + keep,
2751 p->length - keep, p->blob);
2752 old_extents->push_back(*oe);
2753 p->length = keep;
2754 ++p;
>>> CID 1403555: (RESOURCE_LEAK)
>>> Variable "oe" going out of scope leaks the storage it points to.
2755 continue;
2756 }
2757 }
2758 if (p->logical_offset + p->length <= end) {
2759 // deref whole lextent
2760 OldExtent* oe = OldExtent::create(c, p->logical_offset, p->blob_offset,
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2764 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
2758 if (p->logical_offset + p->length <= end) {
2759 // deref whole lextent
2760 OldExtent* oe = OldExtent::create(c, p->logical_offset, p->blob_offset,
2761 p->length, p->blob);
2762 old_extents->push_back(*oe);
2763 rm(p++);
>>> CID 1403555: (RESOURCE_LEAK)
>>> Variable "oe" going out of scope leaks the storage it points to.
2764 continue;
2765 }
2766 // deref head
2767 uint64_t keep = p->logical_end() - end;
2768 OldExtent* oe = OldExtent::create(c, p->logical_offset, p->blob_offset,
2769 p->length - keep, p->blob);
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 2774 in BlueStore::ExtentMap::punch_hole(boost::intrusive_ptr<BlueStore::Collection> &, unsigned long, unsigned long, boost::intrusive::list<BlueStore::OldExtent, boost::intrusive::member_hook<BlueStore::OldExtent, boost::intrusive::list_member_hook<void, void, void>, (&BlueStore::OldExtent::old_extent_item)>, void, void, void> *)()
2768 OldExtent* oe = OldExtent::create(c, p->logical_offset, p->blob_offset,
2769 p->length - keep, p->blob);
2770 old_extents->push_back(*oe);
2771
2772 add(end, p->blob_offset + p->length - keep, keep, p->blob);
2773 rm(p);
>>> CID 1403555: (RESOURCE_LEAK)
>>> Variable "oe" going out of scope leaks the storage it points to.
2774 break;
2775 }
2776 }
2777
2778 BlueStore::Extent *BlueStore::ExtentMap::set_lextent(
2779 CollectionRef &c,
** CID 1403556: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/common/test_mutex.cc: 66 in Mutex_DeleteLocked_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1403556: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/common/test_mutex.cc: 66 in Mutex_DeleteLocked_Test::TestBody()()
60 }
61
62 TEST(Mutex, DeleteLocked) {
63 Mutex* m = new Mutex("Recursive3",false);
64 m->Lock();
65 EXPECT_DEATH(delete m,".*");
>>> CID 1403556: Resource leaks (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
** CID 1403557: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/common/test_mutex.cc: 38 in Mutex_NormalAsserts_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1403557: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/common/test_mutex.cc: 38 in Mutex_NormalAsserts_Test::TestBody()()
32 }
33
34 TEST(Mutex, NormalAsserts) {
35 Mutex* m = new Mutex("Normal",false);
36 m->Lock();
37 EXPECT_THROW(m->Lock(), int);
>>> CID 1403557: Resource leaks (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
38 }
39
40 TEST(Mutex, RecursiveWithLockdep) {
41 do_init();
42 g_lockdep = 1;
43 Mutex* m = new Mutex("Recursive1",true);
** CID 1403558: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/osd/OSDMap.cc: 1865 in OSDMap::pg_to_raw_osds(pg_t, std::vector<int, std::allocator<int>> *, int *) const()
________________________________________________________________________________________________________
*** CID 1403558: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/osd/OSDMap.cc: 1865 in OSDMap::pg_to_raw_osds(pg_t, std::vector<int, std::allocator<int>> *, int *) const()
1859 *primary = -1;
1860 raw->clear();
1861 const pg_pool_t *pool = get_pg_pool(pg.pool());
1862 if (!pool)
1863 return 0;
1864 int r = _pg_to_raw_osds(*pool, pg, raw, NULL);
>>> CID 1403558: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "primary" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1865 if (primary)
1866 *primary = _pick_primary(*raw);
1867 return r;
1868 }
1869
1870 void OSDMap::pg_to_raw_up(pg_t pg, vector<int> *up, int *primary) const
** CID 1403559: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_osdomap_tool.cc: 28 in main()
________________________________________________________________________________________________________
*** CID 1403559: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/tools/ceph_osdomap_tool.cc: 28 in main()
22 #include "os/filestore/DBObjectMap.h"
23 #include "kv/KeyValueDB.h"
24
25 namespace po = boost::program_options;
26 using namespace std;
27
>>> CID 1403559: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
28 int main(int argc, char **argv) {
29 po::options_description desc("Allowed options");
30 string store_path, cmd, out_path, oid;
31 bool debug = false;
32 desc.add_options()
33 ("help", "produce help message")
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GYMtHP0iqDhJxrU2AKca4ybxq6StALc9b-2BGuPG3Yqi-2F9J4j3HDwRf2mwV2kze1N8-2FpItURbqegcqxi0Nphv3-2Fq314GLlAGn8fRnUOfhOtg0emKzA7b7PMg2Td2FqEZE2Cn2L4hfEGWlqk0ghg1o6yofSlbduOfL8lEuGtf8o0E-2Fo9YZYYSEjXLsCZHZLRK2us-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GYMtHP0iqDhJxrU2AKca4ybxq6StALc9b-2BGuPG3Yqi-2Fz1eOK5Q-2Btu6cS8EvVZdb5DrJUxs807FnfVQn5feiqNRW1qTsWr1MdcgOXPNj7wl2F6D3hDB2RwV-2BFZy-2BcvhEJ2lYyy9w6um6G8VqFpWyFEjW3kVyVOaqFVHH9r6mYM2a1BUEec-2BZoBPDjN0yFEcwFE-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-03-16 7:37 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-03-16 7:37 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
38 new defect(s) introduced to ceph found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 38 defect(s)
** CID 1351753: Memory - illegal accesses (WRAPPER_ESCAPE)
/home/brad/working/src/ceph/src/rgw/rgw_op.cc: 1238 in RGWGetObj::handle_slo_manifest(ceph::buffer::list &)()
________________________________________________________________________________________________________
*** CID 1351753: Memory - illegal accesses (WRAPPER_ESCAPE)
/home/brad/working/src/ceph/src/rgw/rgw_op.cc: 1238 in RGWGetObj::handle_slo_manifest(ceph::buffer::list &)()
1232 if (r < 0) {
1233 ldout(s->cct, 0) << "failed to read bucket policy for bucket "
1234 << bucket << dendl;
1235 return r;
1236 }
1237 buckets[bucket_name] = bucket;
>>> CID 1351753: Memory - illegal accesses (WRAPPER_ESCAPE)
>>> "bucket_policy" escapes into "policies[bucket_name]", but is a copy of an internal representation that is destroyed when it exits scope.
1238 policies[bucket_name] = bucket_policy;
1239 }
1240 } else {
1241 bucket = s->bucket;
1242 bucket_policy = s->bucket_acl;
1243 }
** CID 1402598: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 1584 in fix_zone_pool_dup(std::set<rgw_pool, std::less<rgw_pool>, std::allocator<rgw_pool>>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const rgw_pool &)()
________________________________________________________________________________________________________
*** CID 1402598: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 1584 in fix_zone_pool_dup(std::set<rgw_pool, std::less<rgw_pool>, std::allocator<rgw_pool>>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const rgw_pool &)()
1578 rgw_pool pool(prefix + suffix);
1579
1580 if (pools.find(pool) == pools.end()) {
1581 return pool;
1582 } else {
1583 while(true) {
>>> CID 1402598: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1584 pool = prefix + "_" + std::to_string(std::rand()) + suffix;
1585 if (pools.find(pool) == pools.end()) {
1586 return pool;
1587 }
1588 }
1589 }
** CID 1402599: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/librbd/api/Group.cc: 39 in librbd::api::Group<librbd::ImageCtx>::create(librados::IoCtx &, const char *)()
________________________________________________________________________________________________________
*** CID 1402599: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/librbd/api/Group.cc: 39 in librbd::api::Group<librbd::ImageCtx>::create(librados::IoCtx &, const char *)()
33 {
34 CephContext *cct = (CephContext *)io_ctx.cct();
35
36 Rados rados(io_ctx);
37 uint64_t bid = rados.get_instance_id();
38
>>> CID 1402599: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
39 uint32_t extra = rand() % 0xFFFFFFFF;
40 ostringstream bid_ss;
41 bid_ss << std::hex << bid << std::hex << extra;
42 string id = bid_ss.str();
43
44 ldout(cct, 2) << "adding consistency group to directory..." << dendl;
** CID 1402600: Incorrect expression (IDENTICAL_BRANCHES)
/home/brad/working/src/ceph/src/librbd/Journal.cc: 471 in librbd::Journal<librbd::ImageCtx>::is_tag_owner(librados::IoCtx &, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool *, ContextWQ *)()
________________________________________________________________________________________________________
*** CID 1402600: Incorrect expression (IDENTICAL_BRANCHES)
/home/brad/working/src/ceph/src/librbd/Journal.cc: 471 in librbd::Journal<librbd::ImageCtx>::is_tag_owner(librados::IoCtx &, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool *, ContextWQ *)()
465 int Journal<I>::is_tag_owner(librados::IoCtx& io_ctx, std::string& image_id,
466 bool *is_tag_owner, ContextWQ *op_work_queue) {
467 C_SaferCond ctx;
468 Journal<I>::is_tag_owner(io_ctx, image_id, is_tag_owner, op_work_queue, &ctx);
469
470 int r = ctx.wait();
>>> CID 1402600: Incorrect expression (IDENTICAL_BRANCHES)
>>> The same code is executed when the condition "r < 0" is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
471 if (r < 0) {
472 return r;
473 }
474 return r;
475 }
476
** CID 1402601: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1402601: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/rgw/test_rgw_common.h: 50 in old_rgw_bucket::encode(ceph::buffer::list &) const()
44 marker = "";
45 }
46 old_rgw_bucket(const char *t, const char *n, const char *dp, const char *ip, const char *m, const char *id, const char *h) :
47 tenant(t), name(n), data_pool(dp), index_pool(ip), marker(m), bucket_id(id) {}
48
49 void encode(bufferlist& bl) const {
>>> CID 1402601: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
50 ENCODE_START(8, 3, bl);
51 ::encode(name, bl);
52 ::encode(data_pool, bl);
53 ::encode(marker, bl);
54 ::encode(bucket_id, bl);
55 ::encode(index_pool, bl);
** CID 1402602: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1402602: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/rgw/test_rgw_common.h: 382 in old_rgw_obj::encode(ceph::buffer::list &) const()
376
377 bool is_in_extra_data() const {
378 return in_extra_data;
379 }
380
381 void encode(bufferlist& bl) const {
>>> CID 1402602: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
382 ENCODE_START(5, 3, bl);
383 ::encode(bucket.name, bl);
384 ::encode(loc, bl);
385 ::encode(ns, bl);
386 ::encode(object, bl);
387 ::encode(bucket, bl);
** CID 1402603: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1402603: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/rgw/test_rgw_manifest.cc: 42 in OldObjManifestPart::encode(ceph::buffer::list &) const()
36 uint64_t loc_ofs; /* the offset at that object where the data is located */
37 uint64_t size; /* the part size */
38
39 OldObjManifestPart() : loc_ofs(0), size(0) {}
40
41 void encode(bufferlist& bl) const {
>>> CID 1402603: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
42 ENCODE_START(2, 2, bl);
43 ::encode(loc, bl);
44 ::encode(loc_ofs, bl);
45 ::encode(size, bl);
46 ENCODE_FINISH(bl);
47 }
** CID 1402604: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1402604: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/rgw/test_rgw_manifest.cc: 89 in OldObjManifest::encode(ceph::buffer::list &) const()
83 void append(uint64_t ofs, const OldObjManifestPart& part) {
84 objs[ofs] = part;
85 obj_size = max(obj_size, ofs + part.size);
86 }
87
88 void encode(bufferlist& bl) const {
>>> CID 1402604: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
89 ENCODE_START(2, 2, bl);
90 ::encode(obj_size, bl);
91 ::encode(objs, bl);
92 ENCODE_FINISH(bl);
93 }
94
** CID 1402605: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1402605: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/rgw/rgw_common.h: 768 in rgw_pool::encode(ceph::buffer::list &) const()
762 return r;
763 }
764 return ns.compare(p.ns);
765 }
766
767 void encode(bufferlist& bl) const {
>>> CID 1402605: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
768 ENCODE_START(10, 10, bl);
769 ::encode(name, bl);
770 ::encode(ns, bl);
771 ENCODE_FINISH(bl);
772 }
773
** CID 1402606: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1402606: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/rgw/rgw_common.h: 875 in rgw_raw_obj::encode(ceph::buffer::list &) const()
869
870 bool empty() const {
871 return oid.empty();
872 }
873
874 void encode(bufferlist& bl) const {
>>> CID 1402606: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
875 ENCODE_START(6, 6, bl);
876 ::encode(pool, bl);
877 ::encode(oid, bl);
878 ::encode(loc, bl);
879 ENCODE_FINISH(bl);
880 }
** CID 1402607: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 605 in boost::detail::function::basic_vtable1<void, int>::assign_to<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, boost::detail::function::function_obj_tag) const()
________________________________________________________________________________________________________
*** CID 1402607: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 605 in boost::detail::function::basic_vtable1<void, int>::assign_to<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, boost::detail::function::function_obj_tag) const()
599 functor_wrapper_type* new_f = static_cast<functor_wrapper_type*>(copy);
600 functor.members.obj_ptr = new_f;
601 }
602
603 template<typename FunctionObj>
604 bool
>>> CID 1402607: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]" (size 224 bytes) by value.
605 assign_to(FunctionObj f, function_buffer& functor, function_obj_tag) const
606 {
607 if (!boost::detail::function::has_empty_target(boost::addressof(f))) {
608 assign_functor(f, functor,
609 mpl::bool_<(function_allows_small_object_optimization<FunctionObj>::value)>());
610 return true;
** CID 1402608: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 584 in boost::detail::function::basic_vtable1<void, int>::assign_functor<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, mpl_::bool_<(bool)0>) const()
________________________________________________________________________________________________________
*** CID 1402608: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 584 in boost::detail::function::basic_vtable1<void, int>::assign_functor<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &, mpl_::bool_<(bool)0>) const()
578 assign_functor(f,functor,mpl::true_());
579 }
580
581 // Assign to a function object allocated on the heap.
582 template<typename FunctionObj>
583 void
>>> CID 1402608: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]" (size 224 bytes) by value.
584 assign_functor(FunctionObj f, function_buffer& functor, mpl::false_) const
585 {
586 functor.members.obj_ptr = new FunctionObj(f);
587 }
588 template<typename FunctionObj,typename Allocator>
589 void
** CID 1402609: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 718 in boost::function1<void, int>::function1<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
________________________________________________________________________________________________________
*** CID 1402609: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 718 in boost::function1<void, int>::function1<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
712
713 BOOST_FUNCTION_FUNCTION() : function_base() { }
714
715 // MSVC chokes if the following two constructors are collapsed into
716 // one with a default parameter.
717 template<typename Functor>
>>> CID 1402609: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]" (size 224 bytes) by value.
718 BOOST_FUNCTION_FUNCTION(Functor BOOST_FUNCTION_TARGET_FIX(const &) f
719 #ifndef BOOST_NO_SFINAE
720 ,typename boost::enable_if_c<
721 !(is_integral<Functor>::value),
722 int>::type = 0
723 #endif // BOOST_NO_SFINAE
** CID 1402610: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 495 in boost::detail::function::basic_vtable1<void, int>::assign_to<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &) const()
________________________________________________________________________________________________________
*** CID 1402610: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 495 in boost::detail::function::basic_vtable1<void, int>::assign_to<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::detail::function::function_buffer &) const()
489
490 typedef result_type (*invoker_type)(function_buffer&
491 BOOST_FUNCTION_COMMA
492 BOOST_FUNCTION_TEMPLATE_ARGS);
493
494 template<typename F>
>>> CID 1402610: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]" (size 224 bytes) by value.
495 bool assign_to(F f, function_buffer& functor) const
496 {
497 typedef typename get_function_tag<F>::type tag;
498 return assign_to(f, functor, tag());
499 }
500 template<typename F,typename Allocator>
** CID 1402611: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 1065 in boost::function<void (int)>::function<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
________________________________________________________________________________________________________
*** CID 1402611: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 1065 in boost::function<void (int)>::function<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
1059
1060 public:
1061
1062 function() : base_type() {}
1063
1064 template<typename Functor>
>>> CID 1402611: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]" (size 224 bytes) by value.
1065 function(Functor f
1066 #ifndef BOOST_NO_SFINAE
1067 ,typename boost::enable_if_c<
1068 !(is_integral<Functor>::value),
1069 int>::type = 0
1070 #endif
** CID 1402612: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 917 in boost::function1<void, int>::assign_to<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1)()
________________________________________________________________________________________________________
*** CID 1402612: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 917 in boost::function1<void, int>::assign_to<librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]>(T1)()
911 get_vtable()->base.manager(f.functor, this->functor,
912 boost::detail::function::clone_functor_tag);
913 }
914 }
915
916 template<typename Functor>
>>> CID 1402612: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "librados::TestWatchNotify::execute_notify(librados::TestRadosClient *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long)::[lambda(int) (instance 1)]" (size 224 bytes) by value.
917 void assign_to(Functor f)
918 {
919 using boost::detail::function::vtable_base;
920
921 typedef typename boost::detail::function::get_function_tag<Functor>::type tag;
922 typedef boost::detail::function::BOOST_FUNCTION_GET_INVOKER<tag> get_invoker;
** CID 1402613: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 2624 in RGWPutObjProcessor_Atomic::complete_writing_data()()
________________________________________________________________________________________________________
*** CID 1402613: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 2624 in RGWPutObjProcessor_Atomic::complete_writing_data()()
2618 bufferlist bl;
2619 pending_data_bl.splice(0, max_write_size, &bl);
2620 uint64_t write_len = bl.length();
2621 int r = write_data(bl, data_ofs, &handle, &obj, false);
2622 if (r < 0) {
2623 ldout(store->ctx(), 0) << "ERROR: write_data() returned " << r << dendl;
>>> CID 1402613: Resource leaks (RESOURCE_LEAK)
>>> Variable "handle" going out of scope leaks the storage it points to.
2624 return r;
2625 }
2626 data_ofs += write_len;
2627 r = throttle_data(handle, obj, write_len, false);
2628 if (r < 0) {
2629 ldout(store->ctx(), 0) << "ERROR: throttle_data() returned " << r << dendl;
** CID 1402614: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 12966 in RGWRados::delete_raw_obj_aio(const rgw_raw_obj &, std::__cxx11::list<librados::AioCompletion *, std::allocator<librados::AioCompletion *>> &)()
________________________________________________________________________________________________________
*** CID 1402614: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 12966 in RGWRados::delete_raw_obj_aio(const rgw_raw_obj &, std::__cxx11::list<librados::AioCompletion *, std::allocator<librados::AioCompletion *>> &)()
12960 cls_rgw_remove_obj(op, prefixes);
12961
12962 AioCompletion *c = librados::Rados::aio_create_completion(NULL, NULL, NULL);
12963 ret = ref.ioctx.aio_operate(ref.oid, c, &op);
12964 if (ret < 0) {
12965 lderr(cct) << "ERROR: AioOperate failed with ret=" << ret << dendl;
>>> CID 1402614: Resource leaks (RESOURCE_LEAK)
>>> Variable "c" going out of scope leaks the storage it points to.
12966 return ret;
12967 }
12968
12969 handles.push_back(c);
12970
12971 return 0;
** CID 1402615: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 7692 in RGWRados::copy_obj_data(RGWObjectCtx &, RGWBucketInfo &, RGWRados::Object::Read &, long, rgw_obj &, rgw_obj &, unsigned long, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> &, RGWObjCatego
ry, unsigned long, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, std::__cxx11::basic_string<char, std::
char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, ceph::buffer::list *, rgw_err *)()
________________________________________________________________________________________________________
*** CID 1402615: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 7692 in RGWRados::copy_obj_data(RGWObjectCtx &, RGWBucketInfo &, RGWRados::Object::Read &, long, rgw_obj &, rgw_obj &, unsigned long, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> &, RGWObjCatego
ry, unsigned long, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, std::__cxx11::basic_string<char, std::
char_traits<char>, std::allocator<char>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, ceph::buffer::list *, rgw_err *)()
7686 do {
7687 void *handle;
7688 rgw_raw_obj obj;
7689
7690 ret = processor.handle_data(bl, ofs, &handle, &obj, &again);
7691 if (ret < 0) {
>>> CID 1402615: Resource leaks (RESOURCE_LEAK)
>>> Variable "handle" going out of scope leaks the storage it points to.
7692 return ret;
7693 }
7694 ret = processor.throttle_data(handle, obj, end - ofs + 1, false);
7695 if (ret < 0)
7696 return ret;
7697 } while (again);
** CID 1402616: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 13004 in RGWRados::delete_obj_aio(const rgw_obj &, RGWBucketInfo &, RGWObjState *, std::__cxx11::list<librados::AioCompletion *, std::allocator<librados::AioCompletion *>> &, bool)()
________________________________________________________________________________________________________
*** CID 1402616: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/rgw/rgw_rados.cc: 13004 in RGWRados::delete_obj_aio(const rgw_obj &, RGWBucketInfo &, RGWObjState *, std::__cxx11::list<librados::AioCompletion *, std::allocator<librados::AioCompletion *>> &, bool)()
12998 cls_rgw_remove_obj(op, prefixes);
12999
13000 AioCompletion *c = librados::Rados::aio_create_completion(NULL, NULL, NULL);
13001 ret = ref.ioctx.aio_operate(ref.oid, c, &op);
13002 if (ret < 0) {
13003 lderr(cct) << "ERROR: AioOperate failed with ret=" << ret << dendl;
>>> CID 1402616: Resource leaks (RESOURCE_LEAK)
>>> Variable "c" going out of scope leaks the storage it points to.
13004 return ret;
13005 }
13006
13007 handles.push_back(c);
13008
13009 if (keep_index_consistent) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GfQlGh3X238-2BpQ7Ww0V7r0k3azlSCcsuKGojMCI31G8L62To8QI4ZEYPuaVuurk-2BnlICVsFSEe-2FDPfVY9jmI7AVwwvEu-2FB9pCXjaiVO3f0WfETQoLXrVRnYfpahZzj7vcmq64aAay-2FXEgvfoNRRr9BzZfRomJASScXmEtmfEgCXIULyHyjqbtLVIcKs3-2Bnss0-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GfQlGh3X238-2BpQ7Ww0V7r0k3azlSCcsuKGojMCI31G8CYbu057LMT92ZgDgOU5mtjJHv9AeJSUAQyUZid6i-2BsaKYvrSBiX-2FE7RS8IDMyyppvIAJsJDDJQP7DHzWeC2-2FbQfK-2FtFadDWvdO2kyVeSjL4HLci8BJACNDzL3nMDvwyswitemCTAUaKf3IGblDOpn8-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-03-09 6:12 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-03-09 6:12 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
12 new defect(s) introduced to ceph found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 12 of 12 defect(s)
** CID 1402131: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 90 in generate_random_iomap(librbd::Image &, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 91 in generate_random_iomap(librbd::Image &, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
________________________________________________________________________________________________________
*** CID 1402131: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 90 in generate_random_iomap(librbd::Image &, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
84 stripe_count = image.get_stripe_count();
85
86 while (max_count-- > 0) {
87 // generate random image offset based on base random object
88 // number and object offset and then map that back to an
89 // object number based on stripe unit and count.
>>> CID 1402131: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
90 uint64_t ono = rand() % num_objects;
91 uint64_t offset = rand() % (object_size - TEST_IO_SIZE);
92 uint64_t imageoff = (ono * object_size) + offset;
93
94 file_layout_t layout;
95 layout.object_size = object_size;
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 91 in generate_random_iomap(librbd::Image &, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
85
86 while (max_count-- > 0) {
87 // generate random image offset based on base random object
88 // number and object offset and then map that back to an
89 // object number based on stripe unit and count.
90 uint64_t ono = rand() % num_objects;
>>> CID 1402131: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
91 uint64_t offset = rand() % (object_size - TEST_IO_SIZE);
92 uint64_t imageoff = (ono * object_size) + offset;
93
94 file_layout_t layout;
95 layout.object_size = object_size;
96 layout.stripe_unit = stripe_unit;
** CID 1402132: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1145 in TestInternal_FlattenNoEmptyObjects_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1402132: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1145 in TestInternal_FlattenNoEmptyObjects_Test::TestBody()()
1139 printf("made parent image \"%s\": %ldK (%d * %ldK)\n", m_image_name.c_str(),
1140 (unsigned long)m_image_size, object_num, info.obj_size/1024);
1141
1142 // write something into parent
1143 char test_data[TEST_IO_SIZE + 1];
1144 for (int i = 0; i < TEST_IO_SIZE; ++i) {
>>> CID 1402132: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1145 test_data[i] = (char) (rand() % (126 - 33) + 33);
1146 }
1147 test_data[TEST_IO_SIZE] = '\0';
1148
1149 // generate a random map which covers every objects with random
1150 // offset
** CID 1402133: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1008 in TestInternal_TestCoR_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1402133: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1008 in TestInternal_TestCoR_Test::TestBody()()
1002 printf("made parent image \"%s\": %ldK (%d * %ldK)\n", m_image_name.c_str(),
1003 (unsigned long)m_image_size, object_num, info.obj_size/1024);
1004
1005 // write something into parent
1006 char test_data[TEST_IO_SIZE + 1];
1007 for (int i = 0; i < TEST_IO_SIZE; ++i) {
>>> CID 1402133: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1008 test_data[i] = (char) (rand() % (126 - 33) + 33);
1009 }
1010 test_data[TEST_IO_SIZE] = '\0';
1011
1012 // generate a random map which covers every objects with random
1013 // offset
** CID 1402134: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 550 in rgw::RGWFileHandle::set_atime(const timespec &)()
________________________________________________________________________________________________________
*** CID 1402134: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 550 in rgw::RGWFileHandle::set_atime(const timespec &)()
544
545 void set_mtime(const struct timespec &ts) {
546 state.mtime = ts;
547 }
548
549 void set_atime(const struct timespec &ts) {
>>> CID 1402134: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->state.atime" without holding lock "rgw::RGWFileHandle.mtx". Elsewhere, "_ZN3rgw13RGWFileHandle5StateE.atime" is accessed with "rgw::RGWFileHandle.mtx" held 2 out of 5 times (2 of these accesses strongly imply that it is necessary).
550 state.atime = ts;
551 }
552
553 void encode(buffer::list& bl) const {
554 ENCODE_START(1, 1, bl);
555 ::encode(uint32_t(fh.fh_type), bl);
** CID 1402135: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 347 in rgw::RGWFileHandle::create_stat(stat *, unsigned int)()
________________________________________________________________________________________________________
*** CID 1402135: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 347 in rgw::RGWFileHandle::create_stat(stat *, unsigned int)()
341 default:
342 break;
343 }
344 }
345
346 if (mask & RGW_SETATTR_ATIME)
>>> CID 1402135: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->state.atime" without holding lock "rgw::RGWFileHandle.mtx". Elsewhere, "_ZN3rgw13RGWFileHandle5StateE.atime" is accessed with "rgw::RGWFileHandle.mtx" held 2 out of 5 times (2 of these accesses strongly imply that it is necessary).
347 state.atime = st->st_atim;
348 if (mask & RGW_SETATTR_MTIME)
349 state.mtime = st->st_mtim;
350 if (mask & RGW_SETATTR_CTIME)
351 state.ctime = st->st_ctim;
352 }
** CID 1402136: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/mds/PurgeQueue.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1402136: Parse warnings (PARSE_ERROR)
/home/brad/working/src/ceph/src/mds/PurgeQueue.cc: 1 in ()
>>> CID 1402136: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2015 Red Hat
** CID 1402137: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1102 in TestInternal_TestCoR_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1402137: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1102 in TestInternal_TestCoR_Test::TestBody()()
1096 ASSERT_EQ(0, image.close());
1097
1098 printf("check whether child image has the same set of objects as parent\n");
1099 ASSERT_EQ(0, m_rbd.open(m_ioctx, image, clonename.c_str(), NULL));
1100 ASSERT_EQ(0, image.stat(info, sizeof(info)));
1101
>>> CID 1402137: Resource leaks (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
1102 ASSERT_EQ(0, rados_nobjects_list_open(d_ioctx, &list_ctx));
1103 while (rados_nobjects_list_next(list_ctx, &entry, NULL, NULL) != -ENOENT) {
1104 if (strstr(entry, info.block_name_prefix)) {
1105 const char *block_name_suffix = entry + strlen(info.block_name_prefix) + 1;
1106 set<string>::iterator it = obj_checker.find(block_name_suffix);
1107 ASSERT_TRUE(it != obj_checker.end());
** CID 1402138: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1216 in TestInternal_FlattenNoEmptyObjects_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1402138: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librbd/test_internal.cc: 1216 in TestInternal_FlattenNoEmptyObjects_Test::TestBody()()
1210 printf("flattening clone: \"%s\"\n", clonename.c_str());
1211 ASSERT_EQ(0, image.flatten());
1212
1213 printf("check whether child image has the same set of objects as parent\n");
1214 ASSERT_EQ(0, image.stat(info, sizeof(info)));
1215
>>> CID 1402138: Resource leaks (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
1216 ASSERT_EQ(0, rados_nobjects_list_open(d_ioctx, &list_ctx));
1217 while (rados_nobjects_list_next(list_ctx, &entry, NULL, NULL) != -ENOENT) {
1218 if (strstr(entry, info.block_name_prefix)) {
1219 const char *block_name_suffix = entry + strlen(info.block_name_prefix) + 1;
1220 set<string>::iterator it = obj_checker.find(block_name_suffix);
1221 ASSERT_TRUE(it != obj_checker.end());
** CID 1402139: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 563 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 561 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 552 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 603 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 600 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 597 in LibRadosList_ListObjectsCursor_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1402139: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 563 in LibRadosList_ListObjectsCursor_Test::TestBody()()
557 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
558 cout << "> oid=" << oid << " cursor=" << ObjectCursor(cursor) << std::endl;
559 }
560 rados_nobjects_list_seek_cursor(ctx, first_cursor);
561 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
562 cout << "FIRST> seek to " << ObjectCursor(first_cursor) << " oid=" << string(entry) << std::endl;
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
563 }
564 rados_list_ctx_t ctx;
565 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
566
567 std::map<rados_object_list_cursor, string> cursor_to_obj;
568 int count = 0;
/home/brad/working/src/ceph/src/test/librados/list.cc: 561 in LibRadosList_ListObjectsCursor_Test::TestBody()()
555 while (rados_nobjects_list_next(ctx, &entry, NULL, NULL) == 0) {
556 string oid = entry;
557 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
558 cout << "> oid=" << oid << " cursor=" << ObjectCursor(cursor) << std::endl;
559 }
560 rados_nobjects_list_seek_cursor(ctx, first_cursor);
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
561 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
562 cout << "FIRST> seek to " << ObjectCursor(first_cursor) << " oid=" << string(entry) << std::endl;
563 }
564 rados_list_ctx_t ctx;
565 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
566
/home/brad/working/src/ceph/src/test/librados/list.cc: 552 in LibRadosList_ListObjectsCursor_Test::TestBody()()
546
547 {
548 rados_list_ctx_t ctx;
549 const char *entry;
550 rados_object_list_cursor cursor;
551 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
552 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
553 rados_object_list_cursor first_cursor = cursor;
554 cout << "x cursor=" << ObjectCursor(cursor) << std::endl;
555 while (rados_nobjects_list_next(ctx, &entry, NULL, NULL) == 0) {
556 string oid = entry;
557 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
/home/brad/working/src/ceph/src/test/librados/list.cc: 603 in LibRadosList_ListObjectsCursor_Test::TestBody()()
597 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598 cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599 // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
600 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601 cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602 cout << ": entry=" << entry << " expected=" << p->second << std::endl;
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
603 ASSERT_EQ(p->second, string(entry));
604
605 ++p;
606
607 rados_object_list_cursor_free(ctx, cursor);
608 }
/home/brad/working/src/ceph/src/test/librados/list.cc: 600 in LibRadosList_ListObjectsCursor_Test::TestBody()()
594 rados_object_list_cursor cursor;
595 rados_object_list_cursor oid(p->first);
596 rados_nobjects_list_seek_cursor(ctx, oid);
597 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598 cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599 // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
600 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601 cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602 cout << ": entry=" << entry << " expected=" << p->second << std::endl;
603 ASSERT_EQ(p->second, string(entry));
604
605 ++p;
/home/brad/working/src/ceph/src/test/librados/list.cc: 597 in LibRadosList_ListObjectsCursor_Test::TestBody()()
591 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
592 while (p != cursor_to_obj.rend()) {
593 cout << ": seek to " << ObjectCursor(p->first) << std::endl;
594 rados_object_list_cursor cursor;
595 rados_object_list_cursor oid(p->first);
596 rados_nobjects_list_seek_cursor(ctx, oid);
>>> CID 1402139: (RESOURCE_LEAK)
>>> Variable "cursor" going out of scope leaks the storage it points to.
597 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
598 cout << ": cursor()=" << ObjectCursor(cursor) << " expected=" << oid << std::endl;
599 // ASSERT_EQ(ObjectCursor(oid), ObjectCursor(cursor));
600 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
601 cout << "> " << ObjectCursor(cursor) << " -> " << entry << std::endl;
602 cout << ": entry=" << entry << " expected=" << p->second << std::endl;
** CID 1402140: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 551 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 565 in LibRadosList_ListObjectsCursor_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/list.cc: 609 in LibRadosList_ListObjectsCursor_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1402140: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/list.cc: 551 in LibRadosList_ListObjectsCursor_Test::TestBody()()
545 }
546
547 {
548 rados_list_ctx_t ctx;
549 const char *entry;
550 rados_object_list_cursor cursor;
>>> CID 1402140: (RESOURCE_LEAK)
>>> Variable "ctx" going out of scope leaks the storage it points to.
551 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
552 ASSERT_EQ(rados_nobjects_list_get_cursor(ctx, &cursor), 0);
553 rados_object_list_cursor first_cursor = cursor;
554 cout << "x cursor=" << ObjectCursor(cursor) << std::endl;
555 while (rados_nobjects_list_next(ctx, &entry, NULL, NULL) == 0) {
556 string oid = entry;
/home/brad/working/src/ceph/src/test/librados/list.cc: 565 in LibRadosList_ListObjectsCursor_Test::TestBody()()
559 }
560 rados_nobjects_list_seek_cursor(ctx, first_cursor);
561 ASSERT_EQ(rados_nobjects_list_next(ctx, &entry, NULL, NULL), 0);
562 cout << "FIRST> seek to " << ObjectCursor(first_cursor) << " oid=" << string(entry) << std::endl;
563 }
564 rados_list_ctx_t ctx;
>>> CID 1402140: (RESOURCE_LEAK)
>>> Variable "ctx" going out of scope leaks the storage it points to.
565 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &ctx));
566
567 std::map<rados_object_list_cursor, string> cursor_to_obj;
568 int count = 0;
569
570 const char *entry;
/home/brad/working/src/ceph/src/test/librados/list.cc: 609 in LibRadosList_ListObjectsCursor_Test::TestBody()()
603 ASSERT_EQ(p->second, string(entry));
604
605 ++p;
606
607 rados_object_list_cursor_free(ctx, cursor);
608 }
>>> CID 1402140: (RESOURCE_LEAK)
>>> Variable "ctx" going out of scope leaks the storage it points to.
609 }
610
611 TEST_F(LibRadosListEC, ListObjects) {
612 char buf[128];
613 memset(buf, 0xcc, sizeof(buf));
614 ASSERT_EQ(0, rados_write(ioctx, "foo", buf, sizeof(buf), 0));
** CID 1402141: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/librbd.cc: 88 in <unnamed>::C_OpenComplete::C_OpenComplete(librbd::ImageCtx *, librbd::io::AioCompletion *, void **)()
________________________________________________________________________________________________________
*** CID 1402141: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/librbd.cc: 88 in <unnamed>::C_OpenComplete::C_OpenComplete(librbd::ImageCtx *, librbd::io::AioCompletion *, void **)()
82 bool reopen;
83 C_OpenComplete(librbd::ImageCtx *ictx, librbd::io::AioCompletion* comp,
84 void **ictxp)
85 : ictx(ictx), comp(comp), ictxp(ictxp) {
86 comp->init_time(ictx, librbd::io::AIO_TYPE_OPEN);
87 comp->get();
>>> CID 1402141: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "reopen" is not initialized in this constructor nor in any functions that it calls.
88 }
89 void finish(int r) override {
90 ldout(ictx->cct, 20) << "C_OpenComplete::finish: r=" << r << dendl;
91 if (r < 0) {
92 *ictxp = nullptr;
93 comp->fail(r);
** CID 1402142: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/mds/StrayManager.cc: 80 in C_IO_PurgeStrayPurged::C_IO_PurgeStrayPurged(StrayManager *, CDentry *, bool)()
________________________________________________________________________________________________________
*** CID 1402142: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/mds/StrayManager.cc: 80 in C_IO_PurgeStrayPurged::C_IO_PurgeStrayPurged(StrayManager *, CDentry *, bool)()
74 CDentry *dn;
75 bool only_head;
76 // How many ops_in_flight were allocated to this purge?
77 uint32_t ops_allowance;
78 public:
79 C_IO_PurgeStrayPurged(StrayManager *sm_, CDentry *d, bool oh) :
>>> CID 1402142: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "ops_allowance" is not initialized in this constructor nor in any functions that it calls.
80 StrayManagerIOContext(sm_), dn(d), only_head(oh) { }
81 void finish(int r) override {
82 assert(r == 0 || r == -ENOENT);
83 sm->_purge_stray_purged(dn, ops_allowance, only_head);
84 }
85 };
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FRQrrp6gq4YQyADNej-2FNo2ZF19zjsiMvGCVYO1x7dweDPC2oAq79dhYTDCP2U6Ht4pBO8zH9V7v58jBhiCyIUS3zRjtQir2D8-2BZqxPlV4bjDIMczAsYIGMPdZvoQYzWjYEqxhDoa361z1j4i7-2FmGG9qistCltj2M3ofYxDH18i5LYJmYbmmVKvBr4qtjzExv4-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8FRQrrp6gq4YQyADNej-2FNo2ZF19zjsiMvGCVYO1x7dweAXRodHRN8fjeAvDpjDmqZJfNkHQT-2BKwfrn1E0oQUXw4L05l4v9-2Br5Ctyeo5zDGfQQMllbSVcYH7pjcWZVGyzvf2B-2B-2FViyy8E20bbc-2Bn2-2FK8xA4SrbkfLUrj1i1-2FeUYL0GeAxMp8TqwlYnIzIho5NX8-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-03-02 7:44 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-03-02 7:44 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
23 new defect(s) introduced to ceph found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 23 defect(s)
** CID 717332: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/filestore/FileJournal.h: 260 in FileJournal::aio_info::aio_info(ceph::buffer::list &, unsigned long, unsigned long)()
________________________________________________________________________________________________________
*** CID 717332: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/filestore/FileJournal.h: 260 in FileJournal::aio_info::aio_info(ceph::buffer::list &, unsigned long, unsigned long)()
254 uint64_t off, len; ///< these are for debug only
255 uint64_t seq; ///< seq number to complete on aio completion, if non-zero
256
257 aio_info(bufferlist& b, uint64_t o, uint64_t s)
258 : iov(NULL), done(false), off(o), len(b.length()), seq(s) {
259 bl.claim(b);
>>> CID 717332: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "iocb.aio_fildes" is not initialized in this constructor nor in any functions that it calls.
260 }
261 ~aio_info() {
262 delete[] iov;
263 }
264 };
265 Mutex aio_lock;
** CID 1251086: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2111 in std::function<void (boost::scoped_ptr<ObjectStore> &, unsigned long, unsigned long, unsigned long, unsigned long)>::function(const std::function<void (boost::scoped_ptr<ObjectStore> &, unsigned long, unsigned long, unsigned long, unsigned long)>&)()
________________________________________________________________________________________________________
*** CID 1251086: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2111 in std::function<void (boost::scoped_ptr<ObjectStore> &, unsigned long, unsigned long, unsigned long, unsigned long)>::function(const std::function<void (boost::scoped_ptr<ObjectStore> &, unsigned long, unsigned long, unsigned long, unsigned long)>&)()
2105 if (static_cast<bool>(__x))
2106 {
2107 __x._M_manager(_M_functor, __x._M_functor, __clone_functor);
2108 _M_invoker = __x._M_invoker;
2109 _M_manager = __x._M_manager;
2110 }
>>> CID 1251086: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
2111 }
2112
2113 template<typename _Res, typename... _ArgTypes>
2114 template<typename _Functor, typename, typename>
2115 function<_Res(_ArgTypes...)>::
2116 function(_Functor __f)
** CID 1369577: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2127 in std::function<void (boost::scoped_ptr<ObjectStore> &, unsigned long, unsigned long, unsigned long, unsigned long)>::function<void (*)(boost::scoped_ptr<ObjectStore> &, int, unsigned long, unsigned long, unsigned long), void, void>(T1)()
________________________________________________________________________________________________________
*** CID 1369577: Uninitialized members (UNINIT_CTOR)
/usr/include/c++/6.2.1/functional: 2127 in std::function<void (boost::scoped_ptr<ObjectStore> &, unsigned long, unsigned long, unsigned long, unsigned long)>::function<void (*)(boost::scoped_ptr<ObjectStore> &, int, unsigned long, unsigned long, unsigned long), void, void>(T1)()
2121 if (_My_handler::_M_not_empty_function(__f))
2122 {
2123 _My_handler::_M_init_functor(_M_functor, std::move(__f));
2124 _M_invoker = &_My_handler::_M_invoke;
2125 _M_manager = &_My_handler::_M_manager;
2126 }
>>> CID 1369577: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "_M_invoker" is not initialized in this constructor nor in any functions that it calls.
2127 }
2128
2129 template<typename _Res, typename... _ArgTypes>
2130 _Res
2131 function<_Res(_ArgTypes...)>::
2132 operator()(_ArgTypes... __args) const
** CID 1401633: Concurrent data access violations (ATOMICITY)
/home/brad/working/src/ceph/src/osd/OSD.cc: 9237 in OSD::ShardedOpWQ::_process(unsigned int, ceph::heartbeat_handle_d *)()
________________________________________________________________________________________________________
*** CID 1401633: Concurrent data access violations (ATOMICITY)
/home/brad/working/src/ceph/src/osd/OSD.cc: 9237 in OSD::ShardedOpWQ::_process(unsigned int, ceph::heartbeat_handle_d *)()
9231 pg->unlock();
9232 }
9233 sdata->sdata_op_ordering_lock.Unlock();
9234 return;
9235 }
9236 if (requeue_seq != slot.requeue_seq) {
>>> CID 1401633: Concurrent data access violations (ATOMICITY)
>>> Using an unreliable value of "requeue_seq" inside the second locked section. If the data that "requeue_seq" depends on was changed by another thread, this use might be incorrect.
9237 dout(20) << __func__ << " " << item.first
9238 << " requeue_seq " << slot.requeue_seq << " > our "
9239 << requeue_seq << ", we raced with wake_pg_waiters"
9240 << dendl;
9241 if (pg) {
9242 pg->unlock();
** CID 1401634: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/OSD.h: 481 in OSDService::maybe_inject_dispatch_delay()()
________________________________________________________________________________________________________
*** CID 1401634: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/OSD.h: 481 in OSDService::maybe_inject_dispatch_delay()()
475
476 void enqueue_back(spg_t pgid, PGQueueable qi);
477 void enqueue_front(spg_t pgid, PGQueueable qi);
478
479 void maybe_inject_dispatch_delay() {
480 if (g_conf->osd_debug_inject_dispatch_delay_probability > 0) {
>>> CID 1401634: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
481 if (rand() % 10000 <
482 g_conf->osd_debug_inject_dispatch_delay_probability * 10000) {
483 utime_t t;
484 t.set_from_double(g_conf->osd_debug_inject_dispatch_delay_duration);
485 t.sleep();
486 }
** CID 1401635: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/test/objectstore/store_test.cc: 5915 in StoreTestSpecificAUSize_garbageCollection_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1401635: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/test/objectstore/store_test.cc: 5915 in StoreTestSpecificAUSize_garbageCollection_Test::TestBody()()
5909 ASSERT_EQ(statfs.compressed_allocated, 0x20000);
5910 const PerfCounters* counters = store->get_perf_counters();
5911 ASSERT_EQ(counters->get(l_bluestore_gc_merged), 0x20000u);
5912 }
5913 {
5914 struct store_statfs_t statfs;
>>> CID 1401635: Incorrect expression (COPY_PASTE_ERROR)
>>> "overlap_offset" in "(uint64_t)overlap_offset - 1UL" looks like a copy-paste error.
5915 WRITE_AT(write_offset + 1, overlap_offset-1);
5916 int r = store->statfs(&statfs);
5917 ASSERT_EQ(r, 0);
5918 ASSERT_EQ(statfs.compressed_allocated, 0x20000);
5919 const PerfCounters* counters = store->get_perf_counters();
5920 ASSERT_EQ(counters->get(l_bluestore_gc_merged), 0x20000u);
** CID 1401636: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 1307 in generate_random_iomap(void *, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 1308 in generate_random_iomap(void *, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
________________________________________________________________________________________________________
*** CID 1401636: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 1307 in generate_random_iomap(void *, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
1301 ASSERT_EQ(0, rbd_get_stripe_count(image, &stripe_count));
1302
1303 while (max_count-- > 0) {
1304 // generate random image offset based on base random object
1305 // number and object offset and then map that back to an
1306 // object number based on stripe unit and count.
>>> CID 1401636: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1307 uint64_t ono = rand() % num_objects;
1308 uint64_t offset = rand() % (object_size - TEST_IO_SIZE);
1309 uint64_t imageoff = (ono * object_size) + offset;
1310
1311 file_layout_t layout;
1312 layout.object_size = object_size;
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 1308 in generate_random_iomap(void *, int, int, int, std::map<unsigned long, unsigned long, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, unsigned long>>> &)()
1302
1303 while (max_count-- > 0) {
1304 // generate random image offset based on base random object
1305 // number and object offset and then map that back to an
1306 // object number based on stripe unit and count.
1307 uint64_t ono = rand() % num_objects;
>>> CID 1401636: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1308 uint64_t offset = rand() % (object_size - TEST_IO_SIZE);
1309 uint64_t imageoff = (ono * object_size) + offset;
1310
1311 file_layout_t layout;
1312 layout.object_size = object_size;
1313 layout.stripe_unit = stripe_unit;
** CID 1401637: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI30bluestore_compression_header_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1401637: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI30bluestore_compression_header_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1401637: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1401638: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI17bluestore_onode_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1401638: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI17bluestore_onode_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1401638: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1401639: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI26bluestore_extent_ref_map_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1401639: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI26bluestore_extent_ref_map_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1401639: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1401640: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI27bluestore_wal_transaction_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1401640: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI27bluestore_wal_transaction_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1401640: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1401641: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI18bluestore_wal_op_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1401641: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI18bluestore_wal_op_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1401641: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1401642: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI17bluestore_cnode_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1401642: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI17bluestore_cnode_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1401642: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1401643: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI19bluestore_pextent_tE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1401643: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI19bluestore_pextent_tE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1401643: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() override {
152 return !nondeterministic;
** CID 1401644: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 970 in __event_prepare_filter_stack__librbd___aio_writesame_enter()
________________________________________________________________________________________________________
*** CID 1401644: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 970 in __event_prepare_filter_stack__librbd___aio_writesame_enter()
964
965 TRACEPOINT_EVENT(librbd, aio_complete_exit,
966 TP_ARGS(),
967 TP_FIELDS()
968 )
969
>>> CID 1401644: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
970 TRACEPOINT_EVENT(librbd, aio_writesame_enter,
971 TP_ARGS(
972 void*, imagectx,
973 const char*, name,
974 const char*, snap_name,
975 char, read_only,
** CID 1401645: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/mds/MDCache.cc: 2503 in MDCache::create_subtree_map()()
________________________________________________________________________________________________________
*** CID 1401645: Null pointer dereferences (NULL_RETURNS)
/home/brad/working/src/ceph/src/mds/MDCache.cc: 2503 in MDCache::create_subtree_map()()
2497 ESubtreeMap *le = new ESubtreeMap();
2498 mds->mdlog->_start_entry(le);
2499
2500 map<dirfrag_t, CDir*> dirs_to_add;
2501
2502 if (myin) {
>>> CID 1401645: Null pointer dereferences (NULL_RETURNS)
>>> Assigning: "mydir" = null return value from "get_dirfrag".
2503 CDir* mydir = myin->get_dirfrag(frag_t());
2504 dirs_to_add[mydir->dirfrag()] = mydir;
2505 }
2506
2507 // include all auth subtrees, and their bounds.
2508 // and a spanning tree to tie it to the root.
** CID 1401646: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 187 in __event_prepare_filter_stack__librbd___writesame_enter()
________________________________________________________________________________________________________
*** CID 1401646: Integer handling issues (NO_EFFECT)
/include/tracing/librbd.h: 187 in __event_prepare_filter_stack__librbd___writesame_enter()
181 int, retval),
182 TP_FIELDS(
183 ctf_integer(int, retval, retval)
184 )
185 )
186
>>> CID 1401646: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
187 TRACEPOINT_EVENT(librbd, writesame_enter,
188 TP_ARGS(
189 void*, imagectx,
190 const char*, name,
191 const char*, snap_name,
192 char, read_only,
** CID 1401647: (PASS_BY_VALUE)
/usr/include/c++/6.2.1/bits/list.tcc: 484 in std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>::remove_if<librbd::image::RemoveRequest<librbd::MockImageCtx>::filter_out_mirror_watchers()::[lambda(obj_watch_t &) (instance 1)]>(T1)()
/usr/include/c++/6.2.1/bits/list.tcc: 484 in std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>::remove_if<librbd::image::RemoveRequest<librbd::ImageCtx>::filter_out_mirror_watchers()::[lambda(obj_watch_t &) (instance 1)]>(T1)()
________________________________________________________________________________________________________
*** CID 1401647: (PASS_BY_VALUE)
/usr/include/c++/6.2.1/bits/list.tcc: 484 in std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>::remove_if<librbd::image::RemoveRequest<librbd::MockImageCtx>::filter_out_mirror_watchers()::[lambda(obj_watch_t &) (instance 1)]>(T1)()
478 }
479
480 template<typename _Tp, typename _Alloc>
481 template <typename _Predicate>
482 void
483 list<_Tp, _Alloc>::
>>> CID 1401647: (PASS_BY_VALUE)
>>> Passing parameter __pred of type "librbd::image::RemoveRequest<librbd::MockImageCtx>::filter_out_mirror_watchers()::[lambda(obj_watch_t &) (instance 1)]" (size 280 bytes) by value.
484 remove_if(_Predicate __pred)
485 {
486 iterator __first = begin();
487 iterator __last = end();
488 while (__first != __last)
489 {
/usr/include/c++/6.2.1/bits/list.tcc: 484 in std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>::remove_if<librbd::image::RemoveRequest<librbd::ImageCtx>::filter_out_mirror_watchers()::[lambda(obj_watch_t &) (instance 1)]>(T1)()
478 }
479
480 template<typename _Tp, typename _Alloc>
481 template <typename _Predicate>
482 void
483 list<_Tp, _Alloc>::
>>> CID 1401647: (PASS_BY_VALUE)
>>> Passing parameter __pred of type "librbd::image::RemoveRequest<librbd::ImageCtx>::filter_out_mirror_watchers()::[lambda(obj_watch_t &) (instance 1)]" (size 280 bytes) by value.
484 remove_if(_Predicate __pred)
485 {
486 iterator __first = begin();
487 iterator __last = end();
488 while (__first != __last)
489 {
** CID 1401648: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/tools/rbd_mirror/InstanceWatcher.cc: 92 in rbd::mirror::InstanceWatcher<librbd::ImageCtx>::remove_instance(librados::IoCtx &, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
/home/brad/working/src/ceph/src/tools/rbd_mirror/InstanceWatcher.cc: 92 in rbd::mirror::InstanceWatcher<librbd::<unnamed>::MockTestImageCtx>::remove_instance(librados::IoCtx &, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
________________________________________________________________________________________________________
*** CID 1401648: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/tools/rbd_mirror/InstanceWatcher.cc: 92 in rbd::mirror::InstanceWatcher<librbd::ImageCtx>::remove_instance(librados::IoCtx &, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
86 ContextWQ *work_queue,
87 const std::string &instance_id,
88 Context *on_finish) {
89 auto req = new RemoveInstanceRequest<I>(io_ctx, work_queue, instance_id,
90 on_finish);
91 req->send();
>>> CID 1401648: (RESOURCE_LEAK)
>>> Variable "req" going out of scope leaks the storage it points to.
92 }
93
94 template <typename I>
95 InstanceWatcher<I>::InstanceWatcher(librados::IoCtx &io_ctx,
96 ContextWQ *work_queue,
97 const boost::optional<std::string> &id)
/home/brad/working/src/ceph/src/tools/rbd_mirror/InstanceWatcher.cc: 92 in rbd::mirror::InstanceWatcher<librbd::<unnamed>::MockTestImageCtx>::remove_instance(librados::IoCtx &, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
86 ContextWQ *work_queue,
87 const std::string &instance_id,
88 Context *on_finish) {
89 auto req = new RemoveInstanceRequest<I>(io_ctx, work_queue, instance_id,
90 on_finish);
91 req->send();
>>> CID 1401648: (RESOURCE_LEAK)
>>> Variable "req" going out of scope leaks the storage it points to.
92 }
93
94 template <typename I>
95 InstanceWatcher<I>::InstanceWatcher(librados::IoCtx &io_ctx,
96 ContextWQ *work_queue,
97 const boost::optional<std::string> &id)
** CID 1401649: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 6061 in OSD::maybe_share_map(Session *, boost::intrusive_ptr<OpRequest>, std::shared_ptr<const OSDMap>)()
________________________________________________________________________________________________________
*** CID 1401649: Null pointer dereferences (REVERSE_INULL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 6061 in OSD::maybe_share_map(Session *, boost::intrusive_ptr<OpRequest>, std::shared_ptr<const OSDMap>)()
6055 const Message *m = op->get_req();
6056 service.share_map(
6057 m->get_source(),
6058 m->get_connection().get(),
6059 op->sent_epoch,
6060 osdmap,
>>> CID 1401649: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "session" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
6061 session ? &last_sent_epoch : NULL);
6062
6063 session->sent_epoch_lock.lock();
6064 if (session->last_sent_epoch < last_sent_epoch) {
6065 session->last_sent_epoch = last_sent_epoch;
6066 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Eo0ddxQLgim1t9h3RZhGlTH-2BvBf3jux2qSsSeJcAE-2FT1-2FrKYdyzl7Dvnz3caEpQ4qrEJDkuGcNtcFN7wsACxMoY264sCzoQRXTq29tL1VL4o6pqhnDs9CwbVoH8wC6jb-2BRFs-2F8H6SKtQhFuYUqEAq5UVf4MYC7TyGLOH413WfbWA4jt9vqmVYoJ9EyPJMlaFU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Eo0ddxQLgim1t9h3RZhGlTH-2BvBf3jux2qSsSeJcAE-2FT3L3Enill0f-2F8s7t6KnAn6mcAIv1GHFiHZsl8cDdSTZSfnNlxpTtxRfQ-2BEUwpAGaxhmHSvI0kmth3rj9nvuZ6yCMxyFu674aqXNqVmOHPgPCa6MjRxMXcFGv-2Fp9se3qn3oz8VOPdt-2BDrJuGhaEaiNA4-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-02-23 9:09 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-02-23 9:09 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
18 new defect(s) introduced to ceph found with Coverity Scan.
17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 18 of 18 defect(s)
** CID 1401431: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Export.cc: 228 in rbd::action::export_full::do_export_diff(librbd::Image &, const char *, const char *, bool, const char *, bool)()
________________________________________________________________________________________________________
*** CID 1401431: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Export.cc: 228 in rbd::action::export_full::do_export_diff(librbd::Image &, const char *, const char *, bool, const char *, bool)()
222
223 r = do_export_diff_fd(image, fromsnapname, endsnapname, whole_object, fd, no_progress, 1);
224
225 if (fd != 1)
226 close(fd);
227 if (r < 0 && fd != 1) {
>>> CID 1401431: Error handling issues (CHECKED_RETURN)
>>> Calling "remove(path)" without checking return value. This library function may fail and return an error code.
228 remove(path);
229 }
230
231 return r;
232 }
233
** CID 1401432: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 622 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int)()
________________________________________________________________________________________________________
*** CID 1401432: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 622 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int)()
616 goto done;
617 }
618 assert(bdev_size >= 0);
619 size = (uint64_t) bdev_size;
620 }
621 #ifdef HAVE_POSIX_FADVISE
>>> CID 1401432: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
622 posix_fadvise(fd, 0, 0, POSIX_FADV_SEQUENTIAL);
623 #endif
624 }
625
626 r = do_import_header(fd, import_format, size, opts);
627 if (r < 0) {
** CID 1401433: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/test/objectstore/store_test.cc: 5927 in StoreTest_garbageCollection_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1401433: Incorrect expression (COPY_PASTE_ERROR)
/home/brad/working/src/ceph/src/test/objectstore/store_test.cc: 5927 in StoreTest_garbageCollection_Test::TestBody()()
5921 ASSERT_EQ(statfs.compressed_allocated, 0x20000);
5922 const PerfCounters* counters = store->get_perf_counters();
5923 ASSERT_EQ(counters->get(l_bluestore_gc_merged), 0x20000u);
5924 }
5925 {
5926 struct store_statfs_t statfs;
>>> CID 1401433: Incorrect expression (COPY_PASTE_ERROR)
>>> "overlap_offset" in "(uint64_t)overlap_offset - 1UL" looks like a copy-paste error.
5927 WRITE_AT(write_offset + 1, overlap_offset-1);
5928 int r = store->statfs(&statfs);
5929 ASSERT_EQ(r, 0);
5930 ASSERT_EQ(statfs.compressed_allocated, 0x20000);
5931 const PerfCounters* counters = store->get_perf_counters();
5932 ASSERT_EQ(counters->get(l_bluestore_gc_merged), 0x20000u);
** CID 1401434: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/internal.cc: 1068 in librbd::clone(librados::IoCtx &, const char *, const char *, librados::IoCtx &, const char *, unsigned long, int *, unsigned long, int)()
________________________________________________________________________________________________________
*** CID 1401434: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/internal.cc: 1068 in librbd::clone(librados::IoCtx &, const char *, const char *, librados::IoCtx &, const char *, unsigned long, int *, unsigned long, int)()
1062 opts.set(RBD_IMAGE_OPTION_FEATURES, features);
1063 opts.set(RBD_IMAGE_OPTION_ORDER, order);
1064 opts.set(RBD_IMAGE_OPTION_STRIPE_UNIT, stripe_unit);
1065 opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count);
1066
1067 int r = clone(p_ioctx, p_name, p_snap_name, c_ioctx, c_name, opts);
>>> CID 1401434: Error handling issues (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 22 out of 27 times).
1068 opts.get(RBD_IMAGE_OPTION_ORDER, &order);
1069 *c_order = order;
1070 return r;
1071 }
1072
1073 int clone(IoCtx& p_ioctx, const char *p_name, const char *p_snap_name,
** CID 1401435: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/internal.cc: 1127 in librbd::clone(librbd::ImageCtx *, librados::IoCtx &, const char *, librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1401435: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/internal.cc: 1127 in librbd::clone(librbd::ImageCtx *, librados::IoCtx &, const char *, librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
1121 c_opts.is_set(RBD_IMAGE_OPTION_FORMAT, &default_format_set);
1122 if (!default_format_set) {
1123 c_opts.set(RBD_IMAGE_OPTION_FORMAT, static_cast<uint64_t>(2));
1124 }
1125
1126 uint64_t format = 0;
>>> CID 1401435: Error handling issues (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 22 out of 27 times).
1127 c_opts.get(RBD_IMAGE_OPTION_FORMAT, &format);
1128 if (format < 2) {
1129 lderr(cct) << "format 2 or later required for clone" << dendl;
1130 return -EINVAL;
1131 }
1132
** CID 1401436: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 147 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 148 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
________________________________________________________________________________________________________
*** CID 1401436: (CHECKED_RETURN)
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 147 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
141 m_features = util::get_rbd_default_features(m_cct);
142 m_negotiate_features = true;
143 }
144
145 uint64_t features_clear = 0;
146 uint64_t features_set = 0;
>>> CID 1401436: (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 22 out of 27 times).
147 image_options.get(RBD_IMAGE_OPTION_FEATURES_CLEAR, &features_clear);
148 image_options.get(RBD_IMAGE_OPTION_FEATURES_SET, &features_set);
149
150 uint64_t features_conflict = features_clear & features_set;
151 features_clear &= ~features_conflict;
152 features_set &= ~features_conflict;
/home/brad/working/src/ceph/src/librbd/image/CreateRequest.cc: 148 in librbd::image::CreateRequest<librbd::ImageCtx>::CreateRequest(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, const librbd::ImageOptions &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, ContextWQ *, Context *)()
142 m_negotiate_features = true;
143 }
144
145 uint64_t features_clear = 0;
146 uint64_t features_set = 0;
147 image_options.get(RBD_IMAGE_OPTION_FEATURES_CLEAR, &features_clear);
>>> CID 1401436: (CHECKED_RETURN)
>>> Calling "get" without checking return value (as is done elsewhere 22 out of 27 times).
148 image_options.get(RBD_IMAGE_OPTION_FEATURES_SET, &features_set);
149
150 uint64_t features_conflict = features_clear & features_set;
151 features_clear &= ~features_conflict;
152 features_set &= ~features_conflict;
153 m_features |= features_set;
** CID 1401437: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Export.cc: 518 in rbd::action::export_full::do_export(librbd::Image &, const char *, bool, int)()
________________________________________________________________________________________________________
*** CID 1401437: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/tools/rbd/action/Export.cc: 518 in rbd::action::export_full::do_export(librbd::Image &, const char *, bool, int)()
512 max_concurrent_ops = max(g_conf->rbd_concurrent_management_ops, 1);
513 fd = open(path, O_WRONLY | O_CREAT | O_EXCL, 0644);
514 if (fd < 0) {
515 return -errno;
516 }
517 #ifdef HAVE_POSIX_FADVISE
>>> CID 1401437: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
518 posix_fadvise(fd, 0, 0, POSIX_FADV_SEQUENTIAL);
519 #endif
520 }
521
522 utils::ProgressContext pc("Exporting image", no_progress);
523 uint64_t period = image.get_stripe_count() * (1ull << info.order);
** CID 1401438: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/tools/rbd_nbd/rbd-nbd.cc: 641 in do_map(int, const char **)()
________________________________________________________________________________________________________
*** CID 1401438: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/tools/rbd_nbd/rbd-nbd.cc: 641 in do_map(int, const char **)()
635 r = ioctl(nbd, NBD_SET_BLKSIZE, RBD_NBD_BLKSIZE);
636 if (r < 0) {
637 r = -errno;
638 goto close_nbd;
639 }
640
>>> CID 1401438: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>>> "info.size > 18446744073709551615UL /* 9223372036854775807L * 2UL + 1UL */" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
641 if (info.size > ULONG_MAX) {
642 r = -EFBIG;
643 cerr << "rbd-nbd: image is too large (" << prettybyte_t(info.size)
644 << ", max is " << prettybyte_t(ULONG_MAX) << ")" << std::endl;
645 goto close_nbd;
646 }
** CID 1401439: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 425 in rbd::action::import::do_import_header(int, int, unsigned long &, librbd::ImageOptions &)()
________________________________________________________________________________________________________
*** CID 1401439: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 425 in rbd::action::import::do_import_header(int, int, unsigned long &, librbd::ImageOptions &)()
419 opts.set(RBD_IMAGE_OPTION_STRIPE_COUNT, stripe_count);
420 }
421 } else {
422 std::cerr << "rbd: invalid tag in image properties zone: " << tag << "Skip it." << std::endl;
423 if (fd == STDIN_FILENO) {
424 // read the appending data out to skip this tag.
>>> CID 1401439: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "char buf[4096];".
425 char buf[4096];
426 uint64_t len = min(length, uint64_t(4096));
427 while (len > 0) {
428 r = safe_read_exact(fd, buf, len);
429 if (r < 0)
430 return r;
** CID 1401440: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1151 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1401440: Control flow issues (MISMATCHED_ITERATOR)
/home/brad/working/src/ceph/src/osd/PG.cc: 1151 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
1145 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >=
1146 auth_log_shard->second.log_tail) {
1147 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl;
1148 want[i] = acting[i];
1149 ++usable;
1150 } else if (!restrict_to_up_acting) {
>>> CID 1401440: Control flow issues (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to "all_info_by_shard[shard_id_t(i)]->end()" from "all_info_by_shard[shard_id_t(i)]".
1151 for (set<pg_shard_t>::iterator j = all_info_by_shard[shard_id_t(i)].begin();
1152 j != all_info_by_shard[shard_id_t(i)].end();
1153 ++j) {
1154 assert(j->shard == i);
1155 if (!all_info.find(*j)->second.is_incomplete() &&
1156 all_info.find(*j)->second.last_update >=
** CID 1401441: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 302 in rbd::mirror::ImageReplayer<librbd::ImageCtx>::ImageReplayer(rbd::mirror::Threads *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::ImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 302 in rbd::mirror::ImageReplayer<librbd::<unnamed>::MockTestImageCtx>::ImageReplayer(rbd::mirror::Threads *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::<unnamed>::MockTestImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1401441: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 302 in rbd::mirror::ImageReplayer<librbd::ImageCtx>::ImageReplayer(rbd::mirror::Threads *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::ImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
296 pool_name = stringify(m_local_pool_id);
297 }
298 m_name = pool_name + "/" + m_global_image_id;
299
300 m_asok_hook = new ImageReplayerAdminSocketHook<I>(g_ceph_context, m_name,
301 this);
>>> CID 1401441: (UNINIT_CTOR)
>>> Non-static class member "m_do_resync" is not initialized in this constructor nor in any functions that it calls.
302 }
303
304 template <typename I>
305 ImageReplayer<I>::~ImageReplayer()
306 {
307 assert(m_event_preprocessor == nullptr);
/home/brad/working/src/ceph/src/tools/rbd_mirror/ImageReplayer.cc: 302 in rbd::mirror::ImageReplayer<librbd::<unnamed>::MockTestImageCtx>::ImageReplayer(rbd::mirror::Threads *, std::shared_ptr<rbd::mirror::ImageDeleter>, std::shared_ptr<rbd::mirror::ImageSyncThrottler<librbd::<unnamed>::MockTestImageCtx>>, std::shared_ptr<librados::Rados>, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, long, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
296 pool_name = stringify(m_local_pool_id);
297 }
298 m_name = pool_name + "/" + m_global_image_id;
299
300 m_asok_hook = new ImageReplayerAdminSocketHook<I>(g_ceph_context, m_name,
301 this);
>>> CID 1401441: (UNINIT_CTOR)
>>> Non-static class member "m_do_resync" is not initialized in this constructor nor in any functions that it calls.
302 }
303
304 template <typename I>
305 ImageReplayer<I>::~ImageReplayer()
306 {
307 assert(m_event_preprocessor == nullptr);
** CID 1401442: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/io/ObjectRequest.cc: 350 in librbd::io::AbstractObjectWriteRequest::AbstractObjectWriteRequest(librbd::ImageCtx *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, unsigned long, unsigned long, const SnapContext &, Context *, bool)()
________________________________________________________________________________________________________
*** CID 1401442: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/io/ObjectRequest.cc: 350 in librbd::io::AbstractObjectWriteRequest::AbstractObjectWriteRequest(librbd::ImageCtx *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long, unsigned long, unsigned long, const SnapContext &, Context *, bool)()
344 bool hide_enoent)
345 : ObjectRequest(ictx, oid, object_no, object_off, len, CEPH_NOSNAP,
346 completion, hide_enoent),
347 m_state(LIBRBD_AIO_WRITE_FLAT), m_snap_seq(snapc.seq.val)
348 {
349 m_snaps.insert(m_snaps.end(), snapc.snaps.begin(), snapc.snaps.end());
>>> CID 1401442: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_object_exist" is not initialized in this constructor nor in any functions that it calls.
350 }
351
352 void AbstractObjectWriteRequest::guard_write()
353 {
354 if (has_parent()) {
355 m_state = LIBRBD_AIO_WRITE_GUARD;
** CID 1401443: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/io/ImageRequest.cc: 204 in librbd::io::ImageReadRequest<librbd::ImageCtx>::ImageReadRequest(librbd::ImageCtx &, librbd::io::AioCompletion *, std::vector<std::pair<unsigned long, unsigned long>, std::allocator<std::pair<unsigned long, unsigned long>>> &&, librbd::io::ReadResult &&, int)()
________________________________________________________________________________________________________
*** CID 1401443: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/io/ImageRequest.cc: 204 in librbd::io::ImageReadRequest<librbd::ImageCtx>::ImageReadRequest(librbd::ImageCtx &, librbd::io::AioCompletion *, std::vector<std::pair<unsigned long, unsigned long>, std::allocator<std::pair<unsigned long, unsigned long>>> &&, librbd::io::ReadResult &&, int)()
198 Extents &&image_extents,
199 ReadResult &&read_result,
200 int op_flags)
201 : ImageRequest<I>(image_ctx, aio_comp, std::move(image_extents)),
202 m_op_flags(op_flags) {
203 aio_comp->read_result = std::move(read_result);
>>> CID 1401443: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_pbl" is not initialized in this constructor nor in any functions that it calls.
204 }
205
206 template <typename I>
207 void ImageReadRequest<I>::send_request() {
208 I &image_ctx = this->m_image_ctx;
209 CephContext *cct = image_ctx.cct;
** CID 1401444: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.h: 867 in BlueStore::GarbageCollector::GarbageCollector(CephContext *)()
________________________________________________________________________________________________________
*** CID 1401444: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.h: 867 in BlueStore::GarbageCollector::GarbageCollector(CephContext *)()
861 uint64_t min_alloc_size);
862
863 /// return a collection of extents to perform GC on
864 const vector<AllocExtent>& get_extents_to_collect() const {
865 return extents_to_collect;
866 }
>>> CID 1401444: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "gc_end_offset" is not initialized in this constructor nor in any functions that it calls.
867 GarbageCollector(CephContext* _cct) : cct(_cct) {}
868
869 private:
870 struct BlobInfo {
871 uint64_t referenced_bytes = 0; ///< amount of bytes referenced in blob
872 int64_t expected_allocations = 0; ///< new alloc units required
** CID 1401445: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 645 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int)()
________________________________________________________________________________________________________
*** CID 1401445: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 645 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int)()
639 if (r < 0) {
640 std::cerr << "rbd: failed to open image" << std::endl;
641 goto err;
642 }
643
644 if (import_format == 1) {
>>> CID 1401445: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "rbd::action::import::do_import_v1(fd, image, size, imgblklen, throttle, pc)" to "r" here, but that stored value is overwritten before it can be used.
645 r = do_import_v1(fd, image, size, imgblklen, throttle, pc);
646 } else {
647 r = do_import_v2(fd, image, size, imgblklen, throttle, pc);
648 }
649
650 r = image.close();
** CID 1401446: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 647 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int)()
________________________________________________________________________________________________________
*** CID 1401446: Code maintainability issues (UNUSED_VALUE)
/home/brad/working/src/ceph/src/tools/rbd/action/Import.cc: 647 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool, int)()
641 goto err;
642 }
643
644 if (import_format == 1) {
645 r = do_import_v1(fd, image, size, imgblklen, throttle, pc);
646 } else {
>>> CID 1401446: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "rbd::action::import::do_import_v2(fd, image, size, imgblklen, throttle, pc)" to "r" here, but that stored value is overwritten before it can be used.
647 r = do_import_v2(fd, image, size, imgblklen, throttle, pc);
648 }
649
650 r = image.close();
651 err:
652 if (r < 0)
** CID 1401447: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/OSDMapMapping.h: 246 in OSDMapMapping::OSDMapMapping()()
________________________________________________________________________________________________________
*** CID 1401447: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/OSDMapMapping.h: 246 in OSDMapMapping::OSDMapMapping()()
240 };
241
242 mempool::osdmap_mapping::map<int64_t,PoolMapping> pools;
243 mempool::osdmap_mapping::vector<
244 mempool::osdmap_mapping::vector<pg_t>> acting_rmap; // osd -> pg
245 //unused: mempool::osdmap_mapping::vector<std::vector<pg_t>> up_rmap; // osd -> pg
>>> CID 1401447: Uninitialized members (UNINIT_CTOR)
>>> The compiler-generated constructor for this class does not initialize "epoch".
246 epoch_t epoch;
247 uint64_t num_pgs = 0;
248
249 void _init_mappings(const OSDMap& osdmap);
250 void _update_range(
251 const OSDMap& map,
** CID 1401448: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/io/ReadResult.h: 63 in librbd::io::ReadResult::C_SparseReadRequest<librbd::ImageCtx>::C_SparseReadRequest(librbd::io::AioCompletion *)()
________________________________________________________________________________________________________
*** CID 1401448: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/io/ReadResult.h: 63 in librbd::io::ReadResult::C_SparseReadRequest<librbd::ImageCtx>::C_SparseReadRequest(librbd::io::AioCompletion *)()
57 template <typename ImageCtxT>
58 struct C_SparseReadRequest : public C_SparseReadRequestBase {
59 ObjectReadRequest<ImageCtxT> *request;
60
61 C_SparseReadRequest(AioCompletion *aio_completion)
62 : C_SparseReadRequestBase(aio_completion) {
>>> CID 1401448: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "request" is not initialized in this constructor nor in any functions that it calls.
63 }
64
65 void finish(int r) override {
66 C_SparseReadRequestBase::finish(request->get_extent_map(),
67 request->get_buffer_extents(),
68 request->get_offset(),
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GIpUz3Dj-2B62dGZZqNgtGNkeDrE1RZk7o2DQTsiOU-2B2EzFc-2Bf-2FmKUs4dfJJcemiVct8rcyNQUFPnFqNI9GPBinKFJKuNoEIILsvcU35xbysUNHmfCPHNNcoeqwknEg6M5mXRUpDGNcvPVEIKXRwpM5SrtezMkD12J1JTW32pVz64fJHdCMqucC4ibgmiig0xmw-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GIpUz3Dj-2B62dGZZqNgtGNkeDrE1RZk7o2DQTsiOU-2B2E3xYA-2FN2skl0lpGO1BRV6vQ0DiG-2F-2Fy4SUMq2EeK9NGa2wiGYmwFl58KU50D4XlP0TapAgp-2Bx3BYpFt4BKObS7uRanpWWWem2I3cAaSnyd00GM9Dx42uh-2FC0OOr2MdhBh0alZ58CbDzj8Zz9UJW4ejYY-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
[not found] ` <CAJE9aOMoxWjhq=g+25hfhMhxSCnHAOwAyNhXvkxS1wwBEd3j+A@mail.gmail.com>
@ 2017-02-17 5:19 ` kefu chai
0 siblings, 0 replies; 124+ messages in thread
From: kefu chai @ 2017-02-17 5:19 UTC (permalink / raw)
To: ceph-devel
resending in plain-text
On Fri, Feb 17, 2017 at 1:18 PM, kefu chai <tchaikov@gmail.com> wrote:
> rocksdb related fixes posted to
> https://github.com/facebook/rocksdb/pull/1879
>
> ceph related fixes posted to https://github.com/ceph/ceph/pull/13473
>
> @Bartłomiej i also left a comment at
> https://github.com/ceph/ceph/pull/12829. could you take a look?
>
>
> On Fri, Feb 17, 2017 at 10:29 AM, <scan-admin@coverity.com> wrote:
>>
>>
>> Hi,
>>
>> Please find the latest report on new defect(s) introduced to ceph found
>> with Coverity Scan.
>>
>> 18 new defect(s) introduced to ceph found with Coverity Scan.
>> 32 defect(s), reported by Coverity Scan earlier, were marked fixed in the
>> recent build analyzed by Coverity Scan.
>>
>> New defect(s) Reported-by: Coverity Scan
>> Showing 18 of 18 defect(s)
>>
>>
>> ** CID 1400653: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>> /home/brad/working/src/ceph/src/tools/rbd_nbd/rbd-nbd.cc: 632 in
>> do_map()()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400653: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>> /home/brad/working/src/ceph/src/tools/rbd_nbd/rbd-nbd.cc: 632 in
>> do_map()()
>> 626 r = ioctl(nbd, NBD_SET_BLKSIZE, RBD_NBD_BLKSIZE);
>> 627 if (r < 0) {
>> 628 r = -errno;
>> 629 goto close_nbd;
>> 630 }
>> 631
>> >>> CID 1400653: Integer handling issues
>> >>> (CONSTANT_EXPRESSION_RESULT)
>> >>> "info.size > 18446744073709551615UL /* 9223372036854775807L * 2UL
>> >>> + 1UL */" is always false regardless of the values of its operands. This
>> >>> occurs as the logical operand of "if".
>> 632 if (info.size > ULONG_MAX) {
>> 633 r = -EFBIG;
>> 634 cerr << "rbd-nbd: image is too large (" <<
>> prettybyte_t(info.size)
>> 635 << ", max is " << prettybyte_t(ULONG_MAX) << ")" <<
>> std::endl;
>> 636 goto close_nbd;
>> 637 }
>>
>> ** CID 1400654: Resource leaks (CTOR_DTOR_LEAK)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 276 in
>> rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const
>> rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &,
>> rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *,
>> rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *,
>> rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long,
>> std::allocator<unsigned long>>, unsigned long,
>> std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>> &, rocksdb::CompactionJobStats *)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400654: Resource leaks (CTOR_DTOR_LEAK)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 276 in
>> rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const
>> rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &,
>> rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *,
>> rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *,
>> rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long,
>> std::allocator<unsigned long>>, unsigned long,
>> std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>> &, rocksdb::CompactionJobStats *)()
>> 270 std::vector<SequenceNumber> existing_snapshots,
>> 271 SequenceNumber earliest_write_conflict_snapshot,
>> 272 std::shared_ptr<Cache> table_cache, EventLogger* event_logger,
>> 273 bool paranoid_file_checks, bool measure_io_stats, const
>> std::string& dbname,
>> 274 CompactionJobStats* compaction_job_stats)
>> 275 : job_id_(job_id),
>> >>> CID 1400654: Resource leaks (CTOR_DTOR_LEAK)
>> >>> The constructor allocates field "compact_" of
>> >>> "rocksdb::CompactionJob" but the destructor and whatever functions it calls
>> >>> do not free it.
>> 276 compact_(new CompactionState(compaction)),
>> 277 compaction_job_stats_(compaction_job_stats),
>> 278 compaction_stats_(1),
>> 279 dbname_(dbname),
>> 280 db_options_(db_options),
>> 281 env_options_(env_options),
>>
>> ** CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
>> /home/brad/working/src/ceph/src/osdc/Objecter.cc: 2792 in
>> Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
>> /home/brad/working/src/ceph/src/osdc/Objecter.cc: 2792 in
>> Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()
>> 2786 if (acting_primary == -1) {
>> 2787 t->osd = -1;
>> 2788 } else {
>> 2789 int osd;
>> 2790 bool read = is_read && !is_write;
>> 2791 if (read && (t->flags & CEPH_OSD_FLAG_BALANCE_READS)) {
>> >>> CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
>> >>> "rand" should not be used for security related applications, as
>> >>> linear congruential algorithms are too easy to break.
>> 2792 int p = rand() % acting.size();
>> 2793 if (p)
>> 2794 t->used_replica = true;
>> 2795 osd = acting[p];
>> 2796 ldout(cct, 10) << " chose random osd." << osd << " of " <<
>> acting
>> 2797 << dendl;
>>
>> ** CID 1400656: Incorrect expression (NO_EFFECT)
>> /home/brad/working/src/ceph/src/msg/async/AsyncConnection.cc: 1077 in
>> AsyncConnection::_process_connection()()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400656: Incorrect expression (NO_EFFECT)
>> /home/brad/working/src/ceph/src/msg/async/AsyncConnection.cc: 1077 in
>> AsyncConnection::_process_connection()()
>> 1071 goto fail;
>> 1072 } else if (r > 0) {
>> 1073 break;
>> 1074 }
>> 1075
>> 1076 connect_reply = *((ceph_msg_connect_reply*)state_buffer);
>> >>> CID 1400656: Incorrect expression (NO_EFFECT)
>> >>> Assigning "this->connect_reply.features" to itself has no effect.
>> 1077 connect_reply.features = connect_reply.features;
>> 1078
>> 1079 ldout(async_msgr->cct, 20) << __func__ << " connect got
>> reply tag " << (int)connect_reply.tag
>> 1080 << " connect_seq " <<
>> connect_reply.connect_seq << " global_seq "
>> 1081 << connect_reply.global_seq << "
>> proto " << connect_reply.protocol_version
>> 1082 << " flags " <<
>> (int)connect_reply.flags << " features "
>>
>> ** CID 1400657: Incorrect expression (NO_EFFECT)
>> /home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 1152 in
>> Pipe::connect()()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400657: Incorrect expression (NO_EFFECT)
>> /home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 1152 in
>> Pipe::connect()()
>> 1146 if (rc < 0) {
>> 1147 ldout(msgr->cct,2) << "connect read reply " <<
>> cpp_strerror(rc) << dendl;
>> 1148 goto fail;
>> 1149 }
>> 1150
>> 1151 // sanitize features
>> >>> CID 1400657: Incorrect expression (NO_EFFECT)
>> >>> Assigning "reply.features" to itself has no effect.
>> 1152 reply.features = reply.features;
>> 1153
>> 1154 ldout(msgr->cct,20) << "connect got reply tag " <<
>> (int)reply.tag
>> 1155 << " connect_seq " << reply.connect_seq
>> 1156 << " global_seq " << reply.global_seq
>> 1157 << " proto " << reply.protocol_version
>>
>> ** CID 1400658: Incorrect expression (NO_EFFECT)
>> /home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 431 in
>> Pipe::accept()()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400658: Incorrect expression (NO_EFFECT)
>> /home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 431 in
>> Pipe::accept()()
>> 425 if (tcp_read((char*)&connect, sizeof(connect)) < 0) {
>> 426 ldout(msgr->cct,10) << "accept couldn't read connect" <<
>> dendl;
>> 427 goto fail_unlocked;
>> 428 }
>> 429
>> 430 // sanitize features
>> >>> CID 1400658: Incorrect expression (NO_EFFECT)
>> >>> Assigning "connect.features" to itself has no effect.
>> 431 connect.features = connect.features;
>> 432
>> 433 authorizer.clear();
>> 434 if (connect.authorizer_len) {
>> 435 bp = buffer::create(connect.authorizer_len);
>> 436 if (tcp_read(bp.c_str(), connect.authorizer_len) < 0) {
>>
>> ** CID 1400659: (RETURN_LOCAL)
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in
>> rocksdb::ForwardIterator::RebuildIterators(bool)()
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in
>> rocksdb::ForwardIterator::RebuildIterators(bool)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400659: (RETURN_LOCAL)
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in
>> rocksdb::ForwardIterator::RebuildIterators(bool)()
>> 561 // Clean up
>> 562 Cleanup(refresh_sv);
>> 563 if (refresh_sv) {
>> 564 // New
>> 565 sv_ = cfd_->GetReferencedSuperVersion(&(db_->mutex_));
>> 566 }
>> >>> CID 1400659: (RETURN_LOCAL)
>> >>> Temporary variable of type "rocksdb::InternalKeyComparator" goes
>> >>> out of scope.
>> 567 RangeDelAggregator range_del_agg(
>> 568 InternalKeyComparator(cfd_->internal_comparator()), {} /*
>> snapshots */);
>> 569 mutable_iter_ = sv_->mem->NewIterator(read_options_, &arena_);
>> 570 sv_->imm->AddIterators(read_options_, &imm_iters_, &arena_);
>> 571 if (!read_options_.ignore_range_deletions) {
>> 572 std::unique_ptr<InternalIterator> range_del_iter(
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in
>> rocksdb::ForwardIterator::RebuildIterators(bool)()
>> 561 // Clean up
>> 562 Cleanup(refresh_sv);
>> 563 if (refresh_sv) {
>> 564 // New
>> 565 sv_ = cfd_->GetReferencedSuperVersion(&(db_->mutex_));
>> 566 }
>> >>> CID 1400659: (RETURN_LOCAL)
>> >>> Temporary variable of type "rocksdb::InternalKeyComparator" goes
>> >>> out of scope.
>> 567 RangeDelAggregator range_del_agg(
>> 568 InternalKeyComparator(cfd_->internal_comparator()), {} /*
>> snapshots */);
>> 569 mutable_iter_ = sv_->mem->NewIterator(read_options_, &arena_);
>> 570 sv_->imm->AddIterators(read_options_, &imm_iters_, &arena_);
>> 571 if (!read_options_.ignore_range_deletions) {
>> 572 std::unique_ptr<InternalIterator> range_del_iter(
>>
>> ** CID 1400660: (RETURN_LOCAL)
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in
>> rocksdb::ForwardIterator::RenewIterators()()
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in
>> rocksdb::ForwardIterator::RenewIterators()()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400660: (RETURN_LOCAL)
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in
>> rocksdb::ForwardIterator::RenewIterators()()
>> 616 DeleteIterator(m, true /* is_arena */);
>> 617 }
>> 618 imm_iters_.clear();
>> 619
>> 620 mutable_iter_ = svnew->mem->NewIterator(read_options_, &arena_);
>> 621 svnew->imm->AddIterators(read_options_, &imm_iters_, &arena_);
>> >>> CID 1400660: (RETURN_LOCAL)
>> >>> Temporary variable of type "rocksdb::InternalKeyComparator" goes
>> >>> out of scope.
>> 622 RangeDelAggregator range_del_agg(
>> 623 InternalKeyComparator(cfd_->internal_comparator()), {} /*
>> snapshots */);
>> 624 if (!read_options_.ignore_range_deletions) {
>> 625 std::unique_ptr<InternalIterator> range_del_iter(
>> 626 svnew->mem->NewRangeTombstoneIterator(read_options_));
>> 627 range_del_agg.AddTombstones(std::move(range_del_iter));
>> /home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in
>> rocksdb::ForwardIterator::RenewIterators()()
>> 616 DeleteIterator(m, true /* is_arena */);
>> 617 }
>> 618 imm_iters_.clear();
>> 619
>> 620 mutable_iter_ = svnew->mem->NewIterator(read_options_, &arena_);
>> 621 svnew->imm->AddIterators(read_options_, &imm_iters_, &arena_);
>> >>> CID 1400660: (RETURN_LOCAL)
>> >>> Temporary variable of type "rocksdb::InternalKeyComparator" goes
>> >>> out of scope.
>> 622 RangeDelAggregator range_del_agg(
>> 623 InternalKeyComparator(cfd_->internal_comparator()), {} /*
>> snapshots */);
>> 624 if (!read_options_.ignore_range_deletions) {
>> 625 std::unique_ptr<InternalIterator> range_del_iter(
>> 626 svnew->mem->NewRangeTombstoneIterator(read_options_));
>> 627 range_del_agg.AddTombstones(std::move(range_del_iter));
>>
>> ** CID 1400661: Uninitialized variables (UNINIT)
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400661: Uninitialized variables (UNINIT)
>> /home/brad/working/src/ceph/src/messages/MOSDBackoff.h: 41 in
>> MOSDBackoff::MOSDBackoff()()
>> 35 }
>> 36 epoch_t get_map_epoch() const override {
>> 37 return map_epoch;
>> 38 }
>> 39
>> 40 MOSDBackoff()
>> >>> CID 1400661: Uninitialized variables (UNINIT)
>> >>> Using uninitialized value "this->COMPAT_VERSION" when calling
>> >>> "MOSDFastDispatchOp".
>> 41 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION,
>> COMPAT_VERSION) {}
>> 42 MOSDBackoff(spg_t pgid_, epoch_t ep, uint8_t op_, uint64_t id_,
>> 43 hobject_t begin_, hobject_t end_)
>> 44 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION,
>> COMPAT_VERSION),
>> 45 pgid(pgid_),
>> 46 map_epoch(ep),
>>
>> ** CID 1400662: Uninitialized variables (UNINIT)
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400662: Uninitialized variables (UNINIT)
>> /home/brad/working/src/ceph/src/messages/MOSDBackoff.h: 44 in
>> MOSDBackoff::MOSDBackoff(spg_t, unsigned int, unsigned char, unsigned long,
>> hobject_t, hobject_t)()
>> 38 }
>> 39
>> 40 MOSDBackoff()
>> 41 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION,
>> COMPAT_VERSION) {}
>> 42 MOSDBackoff(spg_t pgid_, epoch_t ep, uint8_t op_, uint64_t id_,
>> 43 hobject_t begin_, hobject_t end_)
>> >>> CID 1400662: Uninitialized variables (UNINIT)
>> >>> Using uninitialized value "this->COMPAT_VERSION" when calling
>> >>> "MOSDFastDispatchOp".
>> 44 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION,
>> COMPAT_VERSION),
>> 45 pgid(pgid_),
>> 46 map_epoch(ep),
>> 47 op(op_),
>> 48 id(id_),
>> 49 begin(begin_),
>>
>> ** CID 1400663: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 71 in
>> rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *,
>> const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long,
>> std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long,
>> rocksdb::Env *, bool, rocksdb::RangeDelAggregator *,
>> std::unique_ptr<rocksdb::CompactionIterator::CompactionProxy,
>> std::default_delete<rocksdb::CompactionIterator::CompactionProxy>>, const
>> rocksdb::CompactionFilter *, const std::atomic<bool> *)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400663: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 71 in
>> rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *,
>> const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long,
>> std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long,
>> rocksdb::Env *, bool, rocksdb::RangeDelAggregator *,
>> std::unique_ptr<rocksdb::CompactionIterator::CompactionProxy,
>> std::default_delete<rocksdb::CompactionIterator::CompactionProxy>>, const
>> rocksdb::CompactionFilter *, const std::atomic<bool> *)()
>> 65 if (compaction_filter_ != nullptr &&
>> compaction_filter_->IgnoreSnapshots()) {
>> 66 ignore_snapshots_ = true;
>> 67 } else {
>> 68 ignore_snapshots_ = false;
>> 69 }
>> 70 input_->SetPinnedItersMgr(&pinned_iters_mgr_);
>> >>> CID 1400663: Uninitialized members (UNINIT_CTOR)
>> >>> Non-static class member "current_user_key_snapshot_" is not
>> >>> initialized in this constructor nor in any functions that it calls.
>> 71 }
>> 72
>> 73 CompactionIterator::~CompactionIterator() {
>> 74 // input_ Iteartor lifetime is longer than pinned_iters_mgr_
>> lifetime
>> 75 input_->SetPinnedItersMgr(nullptr);
>> 76 }
>>
>> ** CID 1400664: Control flow issues (UNREACHABLE)
>> /home/brad/working/src/ceph/src/rocksdb/util/env_posix.cc: 386 in
>> rocksdb::<unnamed>::PosixEnv::ReuseWritableFile(const
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>> &, const std::__cxx11::basic_string<char,
>> std::char_traits<char>, std::allocator<char>> &,
>> std::unique_ptr<rocksdb::WritableFile,
>> std::default_delete<rocksdb::WritableFile>> *, const rocksdb::EnvOptions
>> &)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400664: Control flow issues (UNREACHABLE)
>> /home/brad/working/src/ceph/src/rocksdb/util/env_posix.cc: 386 in
>> rocksdb::<unnamed>::PosixEnv::ReuseWritableFile(const
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>> &, const std::__cxx11::basic_string<char,
>> std::char_traits<char>, std::allocator<char>> &,
>> std::unique_ptr<rocksdb::WritableFile,
>> std::default_delete<rocksdb::WritableFile>> *, const rocksdb::EnvOptions
>> &)()
>> 380 EnvOptions no_mmap_writes_options = options;
>> 381 no_mmap_writes_options.use_mmap_writes = false;
>> 382 result->reset(new PosixWritableFile(fname, fd,
>> no_mmap_writes_options));
>> 383 }
>> 384 return s;
>> 385
>> >>> CID 1400664: Control flow issues (UNREACHABLE)
>> >>> This code cannot be reached: "return rocksdb::Status(s);".
>> 386 return s;
>> 387 }
>> 388
>> 389 virtual Status NewRandomRWFile(const std::string& fname,
>> 390 unique_ptr<RandomRWFile>* result,
>> 391 const EnvOptions& options)
>> override {
>>
>> ** CID 1400665: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 26 in
>> rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *,
>> const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long,
>> std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long,
>> rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, const
>> rocksdb::Compaction *, const rocksdb::CompactionFilter *, const
>> std::atomic<bool> *)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400665: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 26 in
>> rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *,
>> const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long,
>> std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long,
>> rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, const
>> rocksdb::Compaction *, const rocksdb::CompactionFilter *, const
>> std::atomic<bool> *)()
>> 20 : CompactionIterator(
>> 21 input, cmp, merge_helper, last_sequence, snapshots,
>> 22 earliest_write_conflict_snapshot, env,
>> expect_valid_internal_key,
>> 23 range_del_agg,
>> 24 std::unique_ptr<CompactionProxy>(
>> 25 compaction ? new CompactionProxy(compaction) :
>> nullptr),
>> >>> CID 1400665: Uninitialized members (UNINIT_CTOR)
>> >>> Non-static class member "current_user_key_snapshot_" is not
>> >>> initialized in this constructor nor in any functions that it calls.
>> 26 compaction_filter, shutting_down) {}
>> 27
>> 28 CompactionIterator::CompactionIterator(
>> 29 InternalIterator* input, const Comparator* cmp, MergeHelper*
>> merge_helper,
>> 30 SequenceNumber last_sequence, std::vector<SequenceNumber>*
>> snapshots,
>> 31 SequenceNumber earliest_write_conflict_snapshot, Env* env,
>>
>> ** CID 1400666: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/dbformat.h: 531 in
>> rocksdb::RangeTombstone::RangeTombstone()()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400666: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/dbformat.h: 531 in
>> rocksdb::RangeTombstone::RangeTombstone()()
>> 525 // the struct here is a easy-understood form
>> 526 // start/end_key_ is the start/end user key of the range to be
>> deleted
>> 527 struct RangeTombstone {
>> 528 Slice start_key_;
>> 529 Slice end_key_;
>> 530 SequenceNumber seq_;
>> >>> CID 1400666: Uninitialized members (UNINIT_CTOR)
>> >>> Non-static class member "seq_" is not initialized in this
>> >>> constructor nor in any functions that it calls.
>> 531 RangeTombstone() = default;
>> 532 RangeTombstone(Slice sk, Slice ek, SequenceNumber sn)
>> 533 : start_key_(sk), end_key_(ek), seq_(sn) {}
>> 534
>> 535 RangeTombstone(ParsedInternalKey parsed_key, Slice value) {
>> 536 start_key_ = parsed_key.user_key;
>>
>> ** CID 1400667: (UNINIT_CTOR)
>> /usr/include/c++/6.2.1/bits/regex_executor.h: 86 in
>> std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>>, std::__cxx11::regex_traits<char>,
>> (bool)0>::_Executor(__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char
>> *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>
>> >>> &, const std::__cxx11::basic_regex<char,
>> std::__cxx11::regex_traits<char>> &,
>> std::regex_constants::match_flag_type)()
>> /usr/include/c++/6.2.1/bits/regex_executor.h: 86 in
>> std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>>, std::__cxx11::regex_traits<char>,
>> (bool)1>::_Executor(__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char
>> *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>
>> >>> &, const std::__cxx11::basic_regex<char,
>> std::__cxx11::regex_traits<char>> &,
>> std::regex_constants::match_flag_type)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400667: (UNINIT_CTOR)
>> /usr/include/c++/6.2.1/bits/regex_executor.h: 86 in
>> std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>>, std::__cxx11::regex_traits<char>,
>> (bool)0>::_Executor(__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char
>> *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>
>> >>> &, const std::__cxx11::basic_regex<char,
>> std::__cxx11::regex_traits<char>> &,
>> std::regex_constants::match_flag_type)()
>> 80 _M_states(_M_nfa._M_start(), _M_nfa.size()),
>> 81 _M_flags((__flags & regex_constants::match_prev_avail)
>> 82 ? (__flags
>> 83 & ~regex_constants::match_not_bol
>> 84 & ~regex_constants::match_not_bow)
>> 85 : __flags)
>> >>> CID 1400667: (UNINIT_CTOR)
>> >>> Non-static class member "_M_has_sol" is not initialized in this
>> >>> constructor nor in any functions that it calls.
>> 86 { }
>> 87
>> 88 // Set matched when string exactly matches the pattern.
>> 89 bool
>> 90 _M_match()
>> 91 {
>> /usr/include/c++/6.2.1/bits/regex_executor.h: 86 in
>> std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>>, std::__cxx11::regex_traits<char>,
>> (bool)1>::_Executor(__gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *,
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>,
>> std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char
>> *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>>,
>> std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const
>> char *, std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>>>
>> >>> &, const std::__cxx11::basic_regex<char,
>> std::__cxx11::regex_traits<char>> &,
>> std::regex_constants::match_flag_type)()
>> 80 _M_states(_M_nfa._M_start(), _M_nfa.size()),
>> 81 _M_flags((__flags & regex_constants::match_prev_avail)
>> 82 ? (__flags
>> 83 & ~regex_constants::match_not_bol
>> 84 & ~regex_constants::match_not_bow)
>> 85 : __flags)
>> >>> CID 1400667: (UNINIT_CTOR)
>> >>> Non-static class member "_M_has_sol" is not initialized in this
>> >>> constructor nor in any functions that it calls.
>> 86 { }
>> 87
>> 88 // Set matched when string exactly matches the pattern.
>> 89 bool
>> 90 _M_match()
>> 91 {
>>
>> ** CID 1400668: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/util/thread_local.cc: 41 in
>> rocksdb::ThreadData::ThreadData(rocksdb::ThreadLocalPtr::StaticMeta *)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400668: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/util/thread_local.cc: 41 in
>> rocksdb::ThreadData::ThreadData(rocksdb::ThreadLocalPtr::StaticMeta *)()
>> 35 // ---------------------------------------------------
>> 36 // | thread 2 | void* | void* | void* | <-
>> ThreadData
>> 37 // ---------------------------------------------------
>> 38 // | thread 3 | void* | void* | void* | <-
>> ThreadData
>> 39 // ---------------------------------------------------
>> 40 struct ThreadData {
>> >>> CID 1400668: Uninitialized members (UNINIT_CTOR)
>> >>> Non-static class member "prev" is not initialized in this
>> >>> constructor nor in any functions that it calls.
>> 41 explicit ThreadData(ThreadLocalPtr::StaticMeta* _inst) :
>> entries(), inst(_inst) {}
>> 42 std::vector<Entry> entries;
>> 43 ThreadData* next;
>> 44 ThreadData* prev;
>> 45 ThreadLocalPtr::StaticMeta* inst;
>> 46 };
>>
>> ** CID 1400669: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 303 in
>> rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const
>> rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &,
>> rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *,
>> rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *,
>> rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long,
>> std::allocator<unsigned long>>, unsigned long,
>> std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>> &, rocksdb::CompactionJobStats *)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400669: Uninitialized members (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 303 in
>> rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const
>> rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &,
>> rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *,
>> rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *,
>> rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long,
>> std::allocator<unsigned long>>, unsigned long,
>> std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const
>> std::__cxx11::basic_string<char, std::char_traits<char>,
>> std::allocator<char>> &, rocksdb::CompactionJobStats *)()
>> 297 assert(log_buffer_ != nullptr);
>> 298 const auto* cfd = compact_->compaction->column_family_data();
>> 299 ThreadStatusUtil::SetColumnFamily(cfd, cfd->ioptions()->env,
>> 300
>> db_options_.enable_thread_tracking);
>> 301
>> ThreadStatusUtil::SetThreadOperation(ThreadStatus::OP_COMPACTION);
>> 302 ReportStartedCompaction(compaction);
>> >>> CID 1400669: Uninitialized members (UNINIT_CTOR)
>> >>> Non-static class member "bottommost_level_" is not initialized in
>> >>> this constructor nor in any functions that it calls.
>> 303 }
>> 304
>> 305 CompactionJob::~CompactionJob() {
>> 306 assert(compact_ == nullptr);
>> 307 ThreadStatusUtil::ResetThreadStatus();
>> 308 }
>>
>> ** CID 1400670: (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in
>> PerfHistogram<(int)3>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
>> /home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in
>> PerfHistogram<(int)2>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
>>
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1400670: (UNINIT_CTOR)
>> /home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in
>> PerfHistogram<(int)3>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
>> 70 "Quantization unit must be non-zero positive integer
>> value");
>> 71
>> 72 m_axes_config[i++] = ac;
>> 73 }
>> 74
>> 75 m_rawData.reset(new atomic64_t[get_raw_size()]);
>> >>> CID 1400670: (UNINIT_CTOR)
>> >>> Non-static class member field "m_axes_config.m_buckets" is not
>> >>> initialized in this constructor nor in any functions that it calls.
>> 76 }
>> 77
>> 78 /// Copy from other histogram object
>> 79 PerfHistogram(const PerfHistogram &other)
>> 80 : m_axes_config(other.m_axes_config) {
>> 81 int64_t size = get_raw_size();
>> /home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in
>> PerfHistogram<(int)2>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
>> 70 "Quantization unit must be non-zero positive integer
>> value");
>> 71
>> 72 m_axes_config[i++] = ac;
>> 73 }
>> 74
>> 75 m_rawData.reset(new atomic64_t[get_raw_size()]);
>> >>> CID 1400670: (UNINIT_CTOR)
>> >>> Non-static class member field "m_axes_config.m_buckets" is not
>> >>> initialized in this constructor nor in any functions that it calls.
>> 76 }
>> 77
>> 78 /// Copy from other histogram object
>> 79 PerfHistogram(const PerfHistogram &other)
>> 80 : m_axes_config(other.m_axes_config) {
>> 81 int64_t size = get_raw_size();
>>
>>
>>
>> ________________________________________________________________________________________________________
>> To view the defects in Coverity Scan visit,
>> https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8H4KF1IlXLD-2BqrKefpd88Z5Qn-2BCdL-2Fafidv7i7JbWnbYk2XkuOyRjm7mXKjIHSkA92ObTvjIEq-2B5i2MmktPXrNNvXGakHrXTM3wVp3hqJlVTnu2NfhoRcCwEL0hTK4iUF8mfcRFEYXJ8-2BPbpX9ipo3XzvQgcITqg6E1Pr7dF9-2B7jr50RALwBCrj2W3qAey0ubs-3D
>>
>> To manage Coverity Scan email notifications for
>> "ceph-devel@vger.kernel.org", click
>> https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8H4KF1IlXLD-2BqrKefpd88Z5Qn-2BCdL-2Fafidv7i7JbWnbYj3UFll0kLEXj1l8hL4GuqmBx-2FvovAjGpFTlH-2FaIcjDnBBxKBJTwcEG4iy7vZfeeugTV1lawq4rA-2BeUmFeCA-2FFXIX2wyMhco9kl6-2BRDnMz1sgDM7n0Ea67Ff92t-2B9rYiCTqGkRx16OZcOHkIZM-2B-2FPaw-3D
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
>
>
> --
> Regards
> Kefu Chai
--
Regards
Kefu Chai
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-02-17 2:29 scan-admin
[not found] ` <CAJE9aOMoxWjhq=g+25hfhMhxSCnHAOwAyNhXvkxS1wwBEd3j+A@mail.gmail.com>
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2017-02-17 2:29 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
18 new defect(s) introduced to ceph found with Coverity Scan.
32 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 18 of 18 defect(s)
** CID 1400653: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/tools/rbd_nbd/rbd-nbd.cc: 632 in do_map()()
________________________________________________________________________________________________________
*** CID 1400653: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/home/brad/working/src/ceph/src/tools/rbd_nbd/rbd-nbd.cc: 632 in do_map()()
626 r = ioctl(nbd, NBD_SET_BLKSIZE, RBD_NBD_BLKSIZE);
627 if (r < 0) {
628 r = -errno;
629 goto close_nbd;
630 }
631
>>> CID 1400653: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>>> "info.size > 18446744073709551615UL /* 9223372036854775807L * 2UL + 1UL */" is always false regardless of the values of its operands. This occurs as the logical operand of "if".
632 if (info.size > ULONG_MAX) {
633 r = -EFBIG;
634 cerr << "rbd-nbd: image is too large (" << prettybyte_t(info.size)
635 << ", max is " << prettybyte_t(ULONG_MAX) << ")" << std::endl;
636 goto close_nbd;
637 }
** CID 1400654: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 276 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
________________________________________________________________________________________________________
*** CID 1400654: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 276 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
270 std::vector<SequenceNumber> existing_snapshots,
271 SequenceNumber earliest_write_conflict_snapshot,
272 std::shared_ptr<Cache> table_cache, EventLogger* event_logger,
273 bool paranoid_file_checks, bool measure_io_stats, const std::string& dbname,
274 CompactionJobStats* compaction_job_stats)
275 : job_id_(job_id),
>>> CID 1400654: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "compact_" of "rocksdb::CompactionJob" but the destructor and whatever functions it calls do not free it.
276 compact_(new CompactionState(compaction)),
277 compaction_job_stats_(compaction_job_stats),
278 compaction_stats_(1),
279 dbname_(dbname),
280 db_options_(db_options),
281 env_options_(env_options),
** CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2792 in Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()
________________________________________________________________________________________________________
*** CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2792 in Objecter::_calc_target(Objecter::op_target_t *, Connection *, bool)()
2786 if (acting_primary == -1) {
2787 t->osd = -1;
2788 } else {
2789 int osd;
2790 bool read = is_read && !is_write;
2791 if (read && (t->flags & CEPH_OSD_FLAG_BALANCE_READS)) {
>>> CID 1400655: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2792 int p = rand() % acting.size();
2793 if (p)
2794 t->used_replica = true;
2795 osd = acting[p];
2796 ldout(cct, 10) << " chose random osd." << osd << " of " << acting
2797 << dendl;
** CID 1400656: Incorrect expression (NO_EFFECT)
/home/brad/working/src/ceph/src/msg/async/AsyncConnection.cc: 1077 in AsyncConnection::_process_connection()()
________________________________________________________________________________________________________
*** CID 1400656: Incorrect expression (NO_EFFECT)
/home/brad/working/src/ceph/src/msg/async/AsyncConnection.cc: 1077 in AsyncConnection::_process_connection()()
1071 goto fail;
1072 } else if (r > 0) {
1073 break;
1074 }
1075
1076 connect_reply = *((ceph_msg_connect_reply*)state_buffer);
>>> CID 1400656: Incorrect expression (NO_EFFECT)
>>> Assigning "this->connect_reply.features" to itself has no effect.
1077 connect_reply.features = connect_reply.features;
1078
1079 ldout(async_msgr->cct, 20) << __func__ << " connect got reply tag " << (int)connect_reply.tag
1080 << " connect_seq " << connect_reply.connect_seq << " global_seq "
1081 << connect_reply.global_seq << " proto " << connect_reply.protocol_version
1082 << " flags " << (int)connect_reply.flags << " features "
** CID 1400657: Incorrect expression (NO_EFFECT)
/home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 1152 in Pipe::connect()()
________________________________________________________________________________________________________
*** CID 1400657: Incorrect expression (NO_EFFECT)
/home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 1152 in Pipe::connect()()
1146 if (rc < 0) {
1147 ldout(msgr->cct,2) << "connect read reply " << cpp_strerror(rc) << dendl;
1148 goto fail;
1149 }
1150
1151 // sanitize features
>>> CID 1400657: Incorrect expression (NO_EFFECT)
>>> Assigning "reply.features" to itself has no effect.
1152 reply.features = reply.features;
1153
1154 ldout(msgr->cct,20) << "connect got reply tag " << (int)reply.tag
1155 << " connect_seq " << reply.connect_seq
1156 << " global_seq " << reply.global_seq
1157 << " proto " << reply.protocol_version
** CID 1400658: Incorrect expression (NO_EFFECT)
/home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 431 in Pipe::accept()()
________________________________________________________________________________________________________
*** CID 1400658: Incorrect expression (NO_EFFECT)
/home/brad/working/src/ceph/src/msg/simple/Pipe.cc: 431 in Pipe::accept()()
425 if (tcp_read((char*)&connect, sizeof(connect)) < 0) {
426 ldout(msgr->cct,10) << "accept couldn't read connect" << dendl;
427 goto fail_unlocked;
428 }
429
430 // sanitize features
>>> CID 1400658: Incorrect expression (NO_EFFECT)
>>> Assigning "connect.features" to itself has no effect.
431 connect.features = connect.features;
432
433 authorizer.clear();
434 if (connect.authorizer_len) {
435 bp = buffer::create(connect.authorizer_len);
436 if (tcp_read(bp.c_str(), connect.authorizer_len) < 0) {
** CID 1400659: (RETURN_LOCAL)
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in rocksdb::ForwardIterator::RebuildIterators(bool)()
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in rocksdb::ForwardIterator::RebuildIterators(bool)()
________________________________________________________________________________________________________
*** CID 1400659: (RETURN_LOCAL)
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in rocksdb::ForwardIterator::RebuildIterators(bool)()
561 // Clean up
562 Cleanup(refresh_sv);
563 if (refresh_sv) {
564 // New
565 sv_ = cfd_->GetReferencedSuperVersion(&(db_->mutex_));
566 }
>>> CID 1400659: (RETURN_LOCAL)
>>> Temporary variable of type "rocksdb::InternalKeyComparator" goes out of scope.
567 RangeDelAggregator range_del_agg(
568 InternalKeyComparator(cfd_->internal_comparator()), {} /* snapshots */);
569 mutable_iter_ = sv_->mem->NewIterator(read_options_, &arena_);
570 sv_->imm->AddIterators(read_options_, &imm_iters_, &arena_);
571 if (!read_options_.ignore_range_deletions) {
572 std::unique_ptr<InternalIterator> range_del_iter(
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 567 in rocksdb::ForwardIterator::RebuildIterators(bool)()
561 // Clean up
562 Cleanup(refresh_sv);
563 if (refresh_sv) {
564 // New
565 sv_ = cfd_->GetReferencedSuperVersion(&(db_->mutex_));
566 }
>>> CID 1400659: (RETURN_LOCAL)
>>> Temporary variable of type "rocksdb::InternalKeyComparator" goes out of scope.
567 RangeDelAggregator range_del_agg(
568 InternalKeyComparator(cfd_->internal_comparator()), {} /* snapshots */);
569 mutable_iter_ = sv_->mem->NewIterator(read_options_, &arena_);
570 sv_->imm->AddIterators(read_options_, &imm_iters_, &arena_);
571 if (!read_options_.ignore_range_deletions) {
572 std::unique_ptr<InternalIterator> range_del_iter(
** CID 1400660: (RETURN_LOCAL)
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in rocksdb::ForwardIterator::RenewIterators()()
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in rocksdb::ForwardIterator::RenewIterators()()
________________________________________________________________________________________________________
*** CID 1400660: (RETURN_LOCAL)
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in rocksdb::ForwardIterator::RenewIterators()()
616 DeleteIterator(m, true /* is_arena */);
617 }
618 imm_iters_.clear();
619
620 mutable_iter_ = svnew->mem->NewIterator(read_options_, &arena_);
621 svnew->imm->AddIterators(read_options_, &imm_iters_, &arena_);
>>> CID 1400660: (RETURN_LOCAL)
>>> Temporary variable of type "rocksdb::InternalKeyComparator" goes out of scope.
622 RangeDelAggregator range_del_agg(
623 InternalKeyComparator(cfd_->internal_comparator()), {} /* snapshots */);
624 if (!read_options_.ignore_range_deletions) {
625 std::unique_ptr<InternalIterator> range_del_iter(
626 svnew->mem->NewRangeTombstoneIterator(read_options_));
627 range_del_agg.AddTombstones(std::move(range_del_iter));
/home/brad/working/src/ceph/src/rocksdb/db/forward_iterator.cc: 622 in rocksdb::ForwardIterator::RenewIterators()()
616 DeleteIterator(m, true /* is_arena */);
617 }
618 imm_iters_.clear();
619
620 mutable_iter_ = svnew->mem->NewIterator(read_options_, &arena_);
621 svnew->imm->AddIterators(read_options_, &imm_iters_, &arena_);
>>> CID 1400660: (RETURN_LOCAL)
>>> Temporary variable of type "rocksdb::InternalKeyComparator" goes out of scope.
622 RangeDelAggregator range_del_agg(
623 InternalKeyComparator(cfd_->internal_comparator()), {} /* snapshots */);
624 if (!read_options_.ignore_range_deletions) {
625 std::unique_ptr<InternalIterator> range_del_iter(
626 svnew->mem->NewRangeTombstoneIterator(read_options_));
627 range_del_agg.AddTombstones(std::move(range_del_iter));
** CID 1400661: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 1400661: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/messages/MOSDBackoff.h: 41 in MOSDBackoff::MOSDBackoff()()
35 }
36 epoch_t get_map_epoch() const override {
37 return map_epoch;
38 }
39
40 MOSDBackoff()
>>> CID 1400661: Uninitialized variables (UNINIT)
>>> Using uninitialized value "this->COMPAT_VERSION" when calling "MOSDFastDispatchOp".
41 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION, COMPAT_VERSION) {}
42 MOSDBackoff(spg_t pgid_, epoch_t ep, uint8_t op_, uint64_t id_,
43 hobject_t begin_, hobject_t end_)
44 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION, COMPAT_VERSION),
45 pgid(pgid_),
46 map_epoch(ep),
** CID 1400662: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 1400662: Uninitialized variables (UNINIT)
/home/brad/working/src/ceph/src/messages/MOSDBackoff.h: 44 in MOSDBackoff::MOSDBackoff(spg_t, unsigned int, unsigned char, unsigned long, hobject_t, hobject_t)()
38 }
39
40 MOSDBackoff()
41 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION, COMPAT_VERSION) {}
42 MOSDBackoff(spg_t pgid_, epoch_t ep, uint8_t op_, uint64_t id_,
43 hobject_t begin_, hobject_t end_)
>>> CID 1400662: Uninitialized variables (UNINIT)
>>> Using uninitialized value "this->COMPAT_VERSION" when calling "MOSDFastDispatchOp".
44 : MOSDFastDispatchOp(CEPH_MSG_OSD_BACKOFF, HEAD_VERSION, COMPAT_VERSION),
45 pgid(pgid_),
46 map_epoch(ep),
47 op(op_),
48 id(id_),
49 begin(begin_),
** CID 1400663: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 71 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, std::unique_ptr<rocksdb::CompactionIterator::CompactionProxy, std::default_delete<rocksdb::CompactionIterator::CompactionProxy>>, const rocksdb::CompactionFilter *, const std::atomic<bool> *)()
________________________________________________________________________________________________________
*** CID 1400663: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 71 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, std::unique_ptr<rocksdb::CompactionIterator::CompactionProxy, std::default_delete<rocksdb::CompactionIterator::CompactionProxy>>, const rocksdb::CompactionFilter *, const std::atomic<bool> *)()
65 if (compaction_filter_ != nullptr && compaction_filter_->IgnoreSnapshots()) {
66 ignore_snapshots_ = true;
67 } else {
68 ignore_snapshots_ = false;
69 }
70 input_->SetPinnedItersMgr(&pinned_iters_mgr_);
>>> CID 1400663: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "current_user_key_snapshot_" is not initialized in this constructor nor in any functions that it calls.
71 }
72
73 CompactionIterator::~CompactionIterator() {
74 // input_ Iteartor lifetime is longer than pinned_iters_mgr_ lifetime
75 input_->SetPinnedItersMgr(nullptr);
76 }
** CID 1400664: Control flow issues (UNREACHABLE)
/home/brad/working/src/ceph/src/rocksdb/util/env_posix.cc: 386 in rocksdb::<unnamed>::PosixEnv::ReuseWritableFile(const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, std::unique_ptr<rocksdb::WritableFile, std::default_delete<rocksdb::WritableFile>> *, const rocksdb::EnvOptions &)()
________________________________________________________________________________________________________
*** CID 1400664: Control flow issues (UNREACHABLE)
/home/brad/working/src/ceph/src/rocksdb/util/env_posix.cc: 386 in rocksdb::<unnamed>::PosixEnv::ReuseWritableFile(const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, std::unique_ptr<rocksdb::WritableFile, std::default_delete<rocksdb::WritableFile>> *, const rocksdb::EnvOptions &)()
380 EnvOptions no_mmap_writes_options = options;
381 no_mmap_writes_options.use_mmap_writes = false;
382 result->reset(new PosixWritableFile(fname, fd, no_mmap_writes_options));
383 }
384 return s;
385
>>> CID 1400664: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "return rocksdb::Status(s);".
386 return s;
387 }
388
389 virtual Status NewRandomRWFile(const std::string& fname,
390 unique_ptr<RandomRWFile>* result,
391 const EnvOptions& options) override {
** CID 1400665: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 26 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, const rocksdb::Compaction *, const rocksdb::CompactionFilter *, const std::atomic<bool> *)()
________________________________________________________________________________________________________
*** CID 1400665: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_iterator.cc: 26 in rocksdb::CompactionIterator::CompactionIterator(rocksdb::InternalIterator *, const rocksdb::Comparator *, rocksdb::MergeHelper *, unsigned long, std::vector<unsigned long, std::allocator<unsigned long>> *, unsigned long, rocksdb::Env *, bool, rocksdb::RangeDelAggregator *, const rocksdb::Compaction *, const rocksdb::CompactionFilter *, const std::atomic<bool> *)()
20 : CompactionIterator(
21 input, cmp, merge_helper, last_sequence, snapshots,
22 earliest_write_conflict_snapshot, env, expect_valid_internal_key,
23 range_del_agg,
24 std::unique_ptr<CompactionProxy>(
25 compaction ? new CompactionProxy(compaction) : nullptr),
>>> CID 1400665: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "current_user_key_snapshot_" is not initialized in this constructor nor in any functions that it calls.
26 compaction_filter, shutting_down) {}
27
28 CompactionIterator::CompactionIterator(
29 InternalIterator* input, const Comparator* cmp, MergeHelper* merge_helper,
30 SequenceNumber last_sequence, std::vector<SequenceNumber>* snapshots,
31 SequenceNumber earliest_write_conflict_snapshot, Env* env,
** CID 1400666: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/dbformat.h: 531 in rocksdb::RangeTombstone::RangeTombstone()()
________________________________________________________________________________________________________
*** CID 1400666: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/dbformat.h: 531 in rocksdb::RangeTombstone::RangeTombstone()()
525 // the struct here is a easy-understood form
526 // start/end_key_ is the start/end user key of the range to be deleted
527 struct RangeTombstone {
528 Slice start_key_;
529 Slice end_key_;
530 SequenceNumber seq_;
>>> CID 1400666: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "seq_" is not initialized in this constructor nor in any functions that it calls.
531 RangeTombstone() = default;
532 RangeTombstone(Slice sk, Slice ek, SequenceNumber sn)
533 : start_key_(sk), end_key_(ek), seq_(sn) {}
534
535 RangeTombstone(ParsedInternalKey parsed_key, Slice value) {
536 start_key_ = parsed_key.user_key;
** CID 1400667: (UNINIT_CTOR)
/usr/include/c++/6.2.1/bits/regex_executor.h: 86 in std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>>, std::__cxx11::regex_traits<char>, (bool)0>::_Executor(__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<cha
r>, std::allocator<char>>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>
>>> &, const std::__cxx11::basic_regex<char, std::__cxx11::regex_traits<char>> &, std::regex_constants::match_flag_type)()
/usr/include/c++/6.2.1/bits/regex_executor.h: 86 in std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>>, std::__cxx11::regex_traits<char>, (bool)1>::_Executor(__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<cha
r>, std::allocator<char>>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>
>>> &, const std::__cxx11::basic_regex<char, std::__cxx11::regex_traits<char>> &, std::regex_constants::match_flag_type)()
________________________________________________________________________________________________________
*** CID 1400667: (UNINIT_CTOR)
/usr/include/c++/6.2.1/bits/regex_executor.h: 86 in std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>>, std::__cxx11::regex_traits<char>, (bool)0>::_Executor(__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<cha
r>, std::allocator<char>>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>
>>> &, const std::__cxx11::basic_regex<char, std::__cxx11::regex_traits<char>> &, std::regex_constants::match_flag_type)()
80 _M_states(_M_nfa._M_start(), _M_nfa.size()),
81 _M_flags((__flags & regex_constants::match_prev_avail)
82 ? (__flags
83 & ~regex_constants::match_not_bol
84 & ~regex_constants::match_not_bow)
85 : __flags)
>>> CID 1400667: (UNINIT_CTOR)
>>> Non-static class member "_M_has_sol" is not initialized in this constructor nor in any functions that it calls.
86 { }
87
88 // Set matched when string exactly matches the pattern.
89 bool
90 _M_match()
91 {
/usr/include/c++/6.2.1/bits/regex_executor.h: 86 in std::__detail::_Executor<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>>>, std::__cxx11::regex_traits<char>, (bool)1>::_Executor(__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, __gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::vector<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<cha
r>, std::allocator<char>>>>, std::allocator<std::__cxx11::sub_match<__gnu_cxx::__normal_iterator<const char *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>
>>> &, const std::__cxx11::basic_regex<char, std::__cxx11::regex_traits<char>> &, std::regex_constants::match_flag_type)()
80 _M_states(_M_nfa._M_start(), _M_nfa.size()),
81 _M_flags((__flags & regex_constants::match_prev_avail)
82 ? (__flags
83 & ~regex_constants::match_not_bol
84 & ~regex_constants::match_not_bow)
85 : __flags)
>>> CID 1400667: (UNINIT_CTOR)
>>> Non-static class member "_M_has_sol" is not initialized in this constructor nor in any functions that it calls.
86 { }
87
88 // Set matched when string exactly matches the pattern.
89 bool
90 _M_match()
91 {
** CID 1400668: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/util/thread_local.cc: 41 in rocksdb::ThreadData::ThreadData(rocksdb::ThreadLocalPtr::StaticMeta *)()
________________________________________________________________________________________________________
*** CID 1400668: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/util/thread_local.cc: 41 in rocksdb::ThreadData::ThreadData(rocksdb::ThreadLocalPtr::StaticMeta *)()
35 // ---------------------------------------------------
36 // | thread 2 | void* | void* | void* | <- ThreadData
37 // ---------------------------------------------------
38 // | thread 3 | void* | void* | void* | <- ThreadData
39 // ---------------------------------------------------
40 struct ThreadData {
>>> CID 1400668: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "prev" is not initialized in this constructor nor in any functions that it calls.
41 explicit ThreadData(ThreadLocalPtr::StaticMeta* _inst) : entries(), inst(_inst) {}
42 std::vector<Entry> entries;
43 ThreadData* next;
44 ThreadData* prev;
45 ThreadLocalPtr::StaticMeta* inst;
46 };
** CID 1400669: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 303 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
________________________________________________________________________________________________________
*** CID 1400669: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rocksdb/db/compaction_job.cc: 303 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::ImmutableDBOptions &, const rocksdb::EnvOptions &, rocksdb::VersionSet *, const std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, rocksdb::InstrumentedMutex *, rocksdb::Status *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, rocksdb::CompactionJobStats *)()
297 assert(log_buffer_ != nullptr);
298 const auto* cfd = compact_->compaction->column_family_data();
299 ThreadStatusUtil::SetColumnFamily(cfd, cfd->ioptions()->env,
300 db_options_.enable_thread_tracking);
301 ThreadStatusUtil::SetThreadOperation(ThreadStatus::OP_COMPACTION);
302 ReportStartedCompaction(compaction);
>>> CID 1400669: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "bottommost_level_" is not initialized in this constructor nor in any functions that it calls.
303 }
304
305 CompactionJob::~CompactionJob() {
306 assert(compact_ == nullptr);
307 ThreadStatusUtil::ResetThreadStatus();
308 }
** CID 1400670: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in PerfHistogram<(int)3>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
/home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in PerfHistogram<(int)2>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
________________________________________________________________________________________________________
*** CID 1400670: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in PerfHistogram<(int)3>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
70 "Quantization unit must be non-zero positive integer value");
71
72 m_axes_config[i++] = ac;
73 }
74
75 m_rawData.reset(new atomic64_t[get_raw_size()]);
>>> CID 1400670: (UNINIT_CTOR)
>>> Non-static class member field "m_axes_config.m_buckets" is not initialized in this constructor nor in any functions that it calls.
76 }
77
78 /// Copy from other histogram object
79 PerfHistogram(const PerfHistogram &other)
80 : m_axes_config(other.m_axes_config) {
81 int64_t size = get_raw_size();
/home/brad/working/src/ceph/src/common/perf_histogram.h: 76 in PerfHistogram<(int)2>::PerfHistogram(std::initializer_list<PerfHistogramCommon::axis_config_d>)()
70 "Quantization unit must be non-zero positive integer value");
71
72 m_axes_config[i++] = ac;
73 }
74
75 m_rawData.reset(new atomic64_t[get_raw_size()]);
>>> CID 1400670: (UNINIT_CTOR)
>>> Non-static class member field "m_axes_config.m_buckets" is not initialized in this constructor nor in any functions that it calls.
76 }
77
78 /// Copy from other histogram object
79 PerfHistogram(const PerfHistogram &other)
80 : m_axes_config(other.m_axes_config) {
81 int64_t size = get_raw_size();
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8H4KF1IlXLD-2BqrKefpd88Z5Qn-2BCdL-2Fafidv7i7JbWnbYk2XkuOyRjm7mXKjIHSkA92ObTvjIEq-2B5i2MmktPXrNNvXGakHrXTM3wVp3hqJlVTnu2NfhoRcCwEL0hTK4iUF8mfcRFEYXJ8-2BPbpX9ipo3XzvQgcITqg6E1Pr7dF9-2B7jr50RALwBCrj2W3qAey0ubs-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8H4KF1IlXLD-2BqrKefpd88Z5Qn-2BCdL-2Fafidv7i7JbWnbYj3UFll0kLEXj1l8hL4GuqmBx-2FvovAjGpFTlH-2FaIcjDnBBxKBJTwcEG4iy7vZfeeugTV1lawq4rA-2BeUmFeCA-2FFXIX2wyMhco9kl6-2BRDnMz1sgDM7n0Ea67Ff92t-2B9rYiCTqGkRx16OZcOHkIZM-2B-2FPaw-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-02-05 10:08 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-02-05 10:08 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
32 new defect(s) introduced to ceph found with Coverity Scan.
33 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 32 defect(s)
** CID 1400089: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/OSD.cc: 8735 in OSD::handle_op(boost::intrusive_ptr<OpRequest> &, std::shared_ptr<const OSDMap> &)()
________________________________________________________________________________________________________
*** CID 1400089: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/OSD.cc: 8735 in OSD::handle_op(boost::intrusive_ptr<OpRequest> &, std::shared_ptr<const OSDMap> &)()
8729 if (client_session) {
8730 client_session->put();
8731 }
8732
8733 if (cct->_conf->osd_debug_drop_op_probability > 0 &&
8734 !m->get_source().is_mds()) {
>>> CID 1400089: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
8735 if ((double)rand() / (double)RAND_MAX < cct->_conf->osd_debug_drop_op_probability) {
8736 dout(0) << "handle_op DEBUG artificially dropping op " << *m << dendl;
8737 return;
8738 }
8739 }
8740
** CID 1400090: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/mon/LogMonitor.cc: 378 in LogMonitor::preprocess_command(boost::intrusive_ptr<MonOpRequest>)()
________________________________________________________________________________________________________
*** CID 1400090: Control flow issues (DEADCODE)
/home/brad/working/src/ceph/src/mon/LogMonitor.cc: 378 in LogMonitor::preprocess_command(boost::intrusive_ptr<MonOpRequest>)()
372 op->mark_logmon_event("preprocess_command");
373 int r = -1;
374 bufferlist rdata;
375 stringstream ss;
376
377 if (r != -1) {
>>> CID 1400090: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "rs.basic_string();".
378 string rs;
379 getline(ss, rs);
380 mon->reply_command(op, r, rs, rdata, get_last_committed());
381 return true;
382 } else
383 return false;
** CID 1400091: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1157 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1162 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1156 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1166 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1344 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1349 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1343 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1353 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
________________________________________________________________________________________________________
*** CID 1400091: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1157 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1151
1152 hobject_t candidate;
1153 if (mcand == lcand) {
1154 candidate = mcand;
1155 if (!mcand.is_max()) {
1156 ++ls_iter;
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1157 ++missing_iter;
1158 }
1159 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1160 candidate = mcand;
1161 assert(!mcand.is_max());
1162 ++missing_iter;
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1162 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1156 ++ls_iter;
1157 ++missing_iter;
1158 }
1159 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1160 candidate = mcand;
1161 assert(!mcand.is_max());
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1162 ++missing_iter;
1163 } else {
1164 candidate = lcand;
1165 assert(!lcand.is_max());
1166 ++ls_iter;
1167 }
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1156 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1150 *ls_iter;
1151
1152 hobject_t candidate;
1153 if (mcand == lcand) {
1154 candidate = mcand;
1155 if (!mcand.is_max()) {
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1156 ++ls_iter;
1157 ++missing_iter;
1158 }
1159 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1160 candidate = mcand;
1161 assert(!mcand.is_max());
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1166 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1160 candidate = mcand;
1161 assert(!mcand.is_max());
1162 ++missing_iter;
1163 } else {
1164 candidate = lcand;
1165 assert(!lcand.is_max());
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1166 ++ls_iter;
1167 }
1168
1169 dout(10) << " pgnls candidate 0x" << std::hex << candidate.get_hash()
1170 << " vs lower bound 0x" << lower_bound.get_hash() << dendl;
1171
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1344 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1338
1339 hobject_t candidate;
1340 if (mcand == lcand) {
1341 candidate = mcand;
1342 if (!mcand.is_max()) {
1343 ++ls_iter;
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1344 ++missing_iter;
1345 }
1346 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1347 candidate = mcand;
1348 assert(!mcand.is_max());
1349 ++missing_iter;
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1349 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1343 ++ls_iter;
1344 ++missing_iter;
1345 }
1346 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1347 candidate = mcand;
1348 assert(!mcand.is_max());
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1349 ++missing_iter;
1350 } else {
1351 candidate = lcand;
1352 assert(!lcand.is_max());
1353 ++ls_iter;
1354 }
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1343 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1337 *ls_iter;
1338
1339 hobject_t candidate;
1340 if (mcand == lcand) {
1341 candidate = mcand;
1342 if (!mcand.is_max()) {
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1343 ++ls_iter;
1344 ++missing_iter;
1345 }
1346 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1347 candidate = mcand;
1348 assert(!mcand.is_max());
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1353 in PrimaryLogPG::do_pg_op(boost::intrusive_ptr<OpRequest>)()
1347 candidate = mcand;
1348 assert(!mcand.is_max());
1349 ++missing_iter;
1350 } else {
1351 candidate = lcand;
1352 assert(!lcand.is_max());
>>> CID 1400091: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1353 ++ls_iter;
1354 }
1355
1356 if (cmp(candidate, next, get_sort_bitwise()) >= 0) {
1357 break;
1358 }
** CID 1400092: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/mds/Locker.cc: 474 in Locker::acquire_locks(boost::intrusive_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
/home/brad/working/src/ceph/src/mds/Locker.cc: 474 in Locker::acquire_locks(boost::intrusive_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
________________________________________________________________________________________________________
*** CID 1400092: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/mds/Locker.cc: 474 in Locker::acquire_locks(boost::intrusive_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
468 dout(10) << " already rdlocked " << *have << " " << *have->get_parent() << dendl;
469 continue;
470 }
471 }
472
473 // hose any stray locks
>>> CID 1400092: (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "existing" though it is already past the end of its container.
474 if (*existing == *p) {
475 assert(need_wrlock || need_remote_wrlock);
476 SimpleLock *lock = *existing;
477 if (mdr->wrlocks.count(lock)) {
478 if (!need_wrlock)
479 dout(10) << " unlocking extra " << *lock << " " << *lock->get_parent() << dendl;
/home/brad/working/src/ceph/src/mds/Locker.cc: 474 in Locker::acquire_locks(boost::intrusive_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
468 dout(10) << " already rdlocked " << *have << " " << *have->get_parent() << dendl;
469 continue;
470 }
471 }
472
473 // hose any stray locks
>>> CID 1400092: (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "existing" though it is already past the end of its container.
474 if (*existing == *p) {
475 assert(need_wrlock || need_remote_wrlock);
476 SimpleLock *lock = *existing;
477 if (mdr->wrlocks.count(lock)) {
478 if (!need_wrlock)
479 dout(10) << " unlocking extra " << *lock << " " << *lock->get_parent() << dendl;
** CID 1400093: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 21967 in __pyx_pw_3rbd_5Image_99lock_break()
________________________________________________________________________________________________________
*** CID 1400093: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 21967 in __pyx_pw_3rbd_5Image_99lock_break()
21961 }
21962 kw_args = PyDict_Size(__pyx_kwds);
21963 switch (pos_args) {
21964 case 0:
21965 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_mode)) != 0)) kw_args--;
21966 else goto __pyx_L5_argtuple_error;
>>> CID 1400093: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
21967 case 1:
21968 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_owner)) != 0)) kw_args--;
21969 else {
21970 __Pyx_RaiseArgtupleInvalid("lock_break", 1, 2, 2, 1); __PYX_ERR(0, 2118, __pyx_L3_error)
21971 }
21972 }
** CID 1400094: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25768 in __pyx_pw_3rbd_5Image_127aio_discard()
________________________________________________________________________________________________________
*** CID 1400094: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25768 in __pyx_pw_3rbd_5Image_127aio_discard()
25762 }
25763 kw_args = PyDict_Size(__pyx_kwds);
25764 switch (pos_args) {
25765 case 0:
25766 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
25767 else goto __pyx_L5_argtuple_error;
>>> CID 1400094: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25768 case 1:
25769 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
25770 else {
25771 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 1); __PYX_ERR(0, 2417, __pyx_L3_error)
25772 }
25773 case 2:
** CID 1400095: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 22873 in __pyx_pw_3rbd_5Image_107break_lock()
________________________________________________________________________________________________________
*** CID 1400095: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 22873 in __pyx_pw_3rbd_5Image_107break_lock()
22867 }
22868 kw_args = PyDict_Size(__pyx_kwds);
22869 switch (pos_args) {
22870 case 0:
22871 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_client)) != 0)) kw_args--;
22872 else goto __pyx_L5_argtuple_error;
>>> CID 1400095: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
22873 case 1:
22874 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
22875 else {
22876 __Pyx_RaiseArgtupleInvalid("break_lock", 1, 2, 2, 1); __PYX_ERR(0, 2177, __pyx_L3_error)
22877 }
22878 }
** CID 1400096: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18714 in __pyx_pw_3rbd_5Image_71diff_iterate()
________________________________________________________________________________________________________
*** CID 1400096: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18714 in __pyx_pw_3rbd_5Image_71diff_iterate()
18708 }
18709 kw_args = PyDict_Size(__pyx_kwds);
18710 switch (pos_args) {
18711 case 0:
18712 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
18713 else goto __pyx_L5_argtuple_error;
>>> CID 1400096: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18714 case 1:
18715 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
18716 else {
18717 __Pyx_RaiseArgtupleInvalid("diff_iterate", 0, 4, 6, 1); __PYX_ERR(0, 1837, __pyx_L3_error)
18718 }
18719 case 2:
** CID 1400097: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 19480 in __pyx_pw_3rbd_5Image_75discard()
________________________________________________________________________________________________________
*** CID 1400097: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 19480 in __pyx_pw_3rbd_5Image_75discard()
19474 }
19475 kw_args = PyDict_Size(__pyx_kwds);
19476 switch (pos_args) {
19477 case 0:
19478 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
19479 else goto __pyx_L5_argtuple_error;
>>> CID 1400097: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
19480 case 1:
19481 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
19482 else {
19483 __Pyx_RaiseArgtupleInvalid("discard", 1, 2, 2, 1); __PYX_ERR(0, 1930, __pyx_L3_error)
19484 }
19485 }
** CID 1400098: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 19036 in __pyx_pw_3rbd_5Image_73write()
________________________________________________________________________________________________________
*** CID 1400098: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 19036 in __pyx_pw_3rbd_5Image_73write()
19030 }
19031 kw_args = PyDict_Size(__pyx_kwds);
19032 switch (pos_args) {
19033 case 0:
19034 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
19035 else goto __pyx_L5_argtuple_error;
>>> CID 1400098: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
19036 case 1:
19037 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
19038 else {
19039 __Pyx_RaiseArgtupleInvalid("write", 0, 2, 3, 1); __PYX_ERR(0, 1895, __pyx_L3_error)
19040 }
19041 case 2:
** CID 1400099: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24657 in __pyx_pw_3rbd_5Image_123aio_read()
________________________________________________________________________________________________________
*** CID 1400099: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24657 in __pyx_pw_3rbd_5Image_123aio_read()
24651 }
24652 case 2:
24653 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
24654 else {
24655 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 2); __PYX_ERR(0, 2316, __pyx_L3_error)
24656 }
>>> CID 1400099: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24657 case 3:
24658 if (kw_args > 0) {
24659 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fadvise_flags);
24660 if (value) { values[3] = value; kw_args--; }
24661 }
24662 }
** CID 1400100: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25334 in __pyx_pw_3rbd_5Image_125aio_write()
________________________________________________________________________________________________________
*** CID 1400100: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25334 in __pyx_pw_3rbd_5Image_125aio_write()
25328 }
25329 kw_args = PyDict_Size(__pyx_kwds);
25330 switch (pos_args) {
25331 case 0:
25332 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
25333 else goto __pyx_L5_argtuple_error;
>>> CID 1400100: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25334 case 1:
25335 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
25336 else {
25337 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 1); __PYX_ERR(0, 2371, __pyx_L3_error)
25338 }
25339 case 2:
** CID 1400101: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25773 in __pyx_pw_3rbd_5Image_127aio_discard()
________________________________________________________________________________________________________
*** CID 1400101: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25773 in __pyx_pw_3rbd_5Image_127aio_discard()
25767 else goto __pyx_L5_argtuple_error;
25768 case 1:
25769 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
25770 else {
25771 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 1); __PYX_ERR(0, 2417, __pyx_L3_error)
25772 }
>>> CID 1400101: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25773 case 2:
25774 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
25775 else {
25776 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 2); __PYX_ERR(0, 2417, __pyx_L3_error)
25777 }
25778 }
** CID 1400102: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18734 in __pyx_pw_3rbd_5Image_71diff_iterate()
________________________________________________________________________________________________________
*** CID 1400102: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18734 in __pyx_pw_3rbd_5Image_71diff_iterate()
18728 }
18729 case 4:
18730 if (kw_args > 0) {
18731 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_include_parent);
18732 if (value) { values[4] = value; kw_args--; }
18733 }
>>> CID 1400102: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18734 case 5:
18735 if (kw_args > 0) {
18736 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_whole_object);
18737 if (value) { values[5] = value; kw_args--; }
18738 }
18739 }
** CID 1400103: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 19041 in __pyx_pw_3rbd_5Image_73write()
________________________________________________________________________________________________________
*** CID 1400103: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 19041 in __pyx_pw_3rbd_5Image_73write()
19035 else goto __pyx_L5_argtuple_error;
19036 case 1:
19037 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
19038 else {
19039 __Pyx_RaiseArgtupleInvalid("write", 0, 2, 3, 1); __PYX_ERR(0, 1895, __pyx_L3_error)
19040 }
>>> CID 1400103: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
19041 case 2:
19042 if (kw_args > 0) {
19043 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fadvise_flags);
19044 if (value) { values[2] = value; kw_args--; }
19045 }
19046 }
** CID 1400104: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18729 in __pyx_pw_3rbd_5Image_71diff_iterate()
________________________________________________________________________________________________________
*** CID 1400104: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18729 in __pyx_pw_3rbd_5Image_71diff_iterate()
18723 }
18724 case 3:
18725 if (likely((values[3] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_iterate_cb)) != 0)) kw_args--;
18726 else {
18727 __Pyx_RaiseArgtupleInvalid("diff_iterate", 0, 4, 6, 3); __PYX_ERR(0, 1837, __pyx_L3_error)
18728 }
>>> CID 1400104: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18729 case 4:
18730 if (kw_args > 0) {
18731 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_include_parent);
18732 if (value) { values[4] = value; kw_args--; }
18733 }
18734 case 5:
** CID 1400105: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24647 in __pyx_pw_3rbd_5Image_123aio_read()
________________________________________________________________________________________________________
*** CID 1400105: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24647 in __pyx_pw_3rbd_5Image_123aio_read()
24641 }
24642 kw_args = PyDict_Size(__pyx_kwds);
24643 switch (pos_args) {
24644 case 0:
24645 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
24646 else goto __pyx_L5_argtuple_error;
>>> CID 1400105: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24647 case 1:
24648 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
24649 else {
24650 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 1); __PYX_ERR(0, 2316, __pyx_L3_error)
24651 }
24652 case 2:
** CID 1400106: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18318 in __pyx_pw_3rbd_5Image_69read()
________________________________________________________________________________________________________
*** CID 1400106: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 18318 in __pyx_pw_3rbd_5Image_69read()
18312 else goto __pyx_L5_argtuple_error;
18313 case 1:
18314 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
18315 else {
18316 __Pyx_RaiseArgtupleInvalid("read", 0, 2, 3, 1); __PYX_ERR(0, 1792, __pyx_L3_error)
18317 }
>>> CID 1400106: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
18318 case 2:
18319 if (kw_args > 0) {
18320 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fadvise_flags);
18321 if (value) { values[2] = value; kw_args--; }
18322 }
18323 }
** CID 1400107: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24652 in __pyx_pw_3rbd_5Image_123aio_read()
________________________________________________________________________________________________________
*** CID 1400107: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24652 in __pyx_pw_3rbd_5Image_123aio_read()
24646 else goto __pyx_L5_argtuple_error;
24647 case 1:
24648 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
24649 else {
24650 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 1); __PYX_ERR(0, 2316, __pyx_L3_error)
24651 }
>>> CID 1400107: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24652 case 2:
24653 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
24654 else {
24655 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 2); __PYX_ERR(0, 2316, __pyx_L3_error)
24656 }
24657 case 3:
** CID 1400108: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25344 in __pyx_pw_3rbd_5Image_125aio_write()
________________________________________________________________________________________________________
*** CID 1400108: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25344 in __pyx_pw_3rbd_5Image_125aio_write()
25338 }
25339 case 2:
25340 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
25341 else {
25342 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 2); __PYX_ERR(0, 2371, __pyx_L3_error)
25343 }
>>> CID 1400108: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25344 case 3:
25345 if (kw_args > 0) {
25346 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fadvise_flags);
25347 if (value) { values[3] = value; kw_args--; }
25348 }
25349 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G4SfPGNSD3RvuUtY7CjQxWAKKd4QPmcbrq2J59s0UdIDHqWajxEGzhGhsaMdSuD-2FVjfkcDDG8SEmjXlcbu8v85WFGgN5Z7AjKrr7OB-2FQBZH7WNTcLiDxZJdCMr-2FUhyOt-2FWIbOSmmYJBc31VbudKj9OR65I-2BXPWr6IkBtbGdU6ntJv3j68DFXHlW-2Fb3GTb-2B484-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8G4SfPGNSD3RvuUtY7CjQxWAKKd4QPmcbrq2J59s0UdIGa4K-2Bq51d-2BhzkdCcM3W0q744vfLK5cnnjh4CJ8DDEdRUDbZrBxlxHtAJ0zThSDmi2v0i2c7-2FcE2y0g8vs-2BVLuM1Lnqr2CuWU-2BTzou7CSEZQZk3xdiycCHA-2BD6armhqWP9CNPR-2FNi1uSk1sfm2k8jww-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-01-27 13:22 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-01-27 13:22 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
24 new defect(s) introduced to ceph found with Coverity Scan.
13 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 24 defect(s)
** CID 1291023: (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1487 in sort_typeBstar()
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1602 in sort_typeBstar()
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1603 in sort_typeBstar()
________________________________________________________________________________________________________
*** CID 1291023: (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1487 in sort_typeBstar()
1481 */
1482
1483 /* Calculate the index of start/end point of each bucket. */
1484 for(c0 = 0, i = 0, j = 0; c0 < ALPHABET_SIZE; ++c0) {
1485 t = i + BUCKET_A(c0);
1486 BUCKET_A(c0) = i + j; /* start point */
>>> CID 1291023: (TAINTED_SCALAR)
>>> Using tainted variable "(c0 << 8) | c0" as an index to pointer "bucket_B".
1487 i = t + BUCKET_B(c0, c0);
1488 for(c1 = c0 + 1; c1 < ALPHABET_SIZE; ++c1) {
1489 j += BUCKET_BSTAR(c0, c1);
1490 BUCKET_BSTAR(c0, c1) = j; /* end point */
1491 i += BUCKET_B(c0, c1);
1492 }
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1602 in sort_typeBstar()
1596
1597 /* Move all type B* suffixes to the correct position. */
1598 for(i = t, j = BUCKET_BSTAR(c0, c1);
1599 j <= k;
1600 --i, --k) { SA[i] = SA[k]; }
1601 }
>>> CID 1291023: (TAINTED_SCALAR)
>>> Using tainted variable "(c0 << 8) | c0" as an index to pointer "bucket_B".
1602 BUCKET_BSTAR(c0, c0 + 1) = i - BUCKET_B(c0, c0) + 1; /* start point */
1603 BUCKET_B(c0, c0) = i; /* end point */
1604 }
1605 }
1606
1607 return m;
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1603 in sort_typeBstar()
1597 /* Move all type B* suffixes to the correct position. */
1598 for(i = t, j = BUCKET_BSTAR(c0, c1);
1599 j <= k;
1600 --i, --k) { SA[i] = SA[k]; }
1601 }
1602 BUCKET_BSTAR(c0, c0 + 1) = i - BUCKET_B(c0, c0) + 1; /* start point */
>>> CID 1291023: (TAINTED_SCALAR)
>>> Using tainted variable "(c0 << 8) | c0" as an index to pointer "bucket_B".
1603 BUCKET_B(c0, c0) = i; /* end point */
1604 }
1605 }
1606
1607 return m;
1608 }
** CID 1291034: (UNINIT)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1229 in tr_introsort()
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1229 in tr_introsort()
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1230 in tr_introsort()
________________________________________________________________________________________________________
*** CID 1291034: (UNINIT)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1229 in tr_introsort()
1223 } else {
1224 STACK_POP5(ISAd, first, last, limit, trlink);
1225 }
1226 }
1227 } else if(limit == -2) {
1228 /* tandem repeat copy */
>>> CID 1291034: (UNINIT)
>>> Using uninitialized value "stack[--ssize].b".
1229 a = stack[--ssize].b, b = stack[ssize].c;
1230 if(stack[ssize].d == 0) {
1231 tr_copy(ISA, SA, first, a, b, last, ISAd - ISA);
1232 } else {
1233 if(0 <= trlink) { stack[trlink].d = -1; }
1234 tr_partialcopy(ISA, SA, first, a, b, last, ISAd - ISA);
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1229 in tr_introsort()
1223 } else {
1224 STACK_POP5(ISAd, first, last, limit, trlink);
1225 }
1226 }
1227 } else if(limit == -2) {
1228 /* tandem repeat copy */
>>> CID 1291034: (UNINIT)
>>> Using uninitialized value "stack[ssize].c".
1229 a = stack[--ssize].b, b = stack[ssize].c;
1230 if(stack[ssize].d == 0) {
1231 tr_copy(ISA, SA, first, a, b, last, ISAd - ISA);
1232 } else {
1233 if(0 <= trlink) { stack[trlink].d = -1; }
1234 tr_partialcopy(ISA, SA, first, a, b, last, ISAd - ISA);
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 1230 in tr_introsort()
1224 STACK_POP5(ISAd, first, last, limit, trlink);
1225 }
1226 }
1227 } else if(limit == -2) {
1228 /* tandem repeat copy */
1229 a = stack[--ssize].b, b = stack[ssize].c;
>>> CID 1291034: (UNINIT)
>>> Using uninitialized value "stack[ssize].d".
1230 if(stack[ssize].d == 0) {
1231 tr_copy(ISA, SA, first, a, b, last, ISAd - ISA);
1232 } else {
1233 if(0 <= trlink) { stack[trlink].d = -1; }
1234 tr_partialcopy(ISA, SA, first, a, b, last, ISAd - ISA);
1235 }
** CID 1291063: Memory - illegal accesses (OVERRUN)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 217 in ss_isqrt()
________________________________________________________________________________________________________
*** CID 1291063: Memory - illegal accesses (OVERRUN)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/divsufsort.c: 217 in ss_isqrt()
211 y = sqq_table[x >> ((e - 6) - (e & 1))] << ((e >> 1) - 7);
212 if(e >= 24) { y = (y + 1 + x / y) >> 1; }
213 y = (y + 1 + x / y) >> 1;
214 } else if(e >= 8) {
215 y = (sqq_table[x >> ((e - 6) - (e & 1))] >> (7 - (e >> 1))) + 1;
216 } else {
>>> CID 1291063: Memory - illegal accesses (OVERRUN)
>>> Overrunning array "sqq_table" of 256 4-byte elements at element index 1048575 (byte offset 4194300) using index "x" (which evaluates to 1048575).
217 return sqq_table[x] >> 4;
218 }
219
220 return (x < (y * y)) ? y - 1 : y;
221 }
222
** CID 1399573: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 62 in librbd::managed_lock::AcquireRequest<librbd::MockImageCtx>::AcquireRequest(librados::IoCtx &, librbd::MockImageWatcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, bool, unsigned int, Context *)()
________________________________________________________________________________________________________
*** CID 1399573: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 62 in librbd::managed_lock::AcquireRequest<librbd::MockImageCtx>::AcquireRequest(librados::IoCtx &, librbd::MockImageWatcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, bool, unsigned int, Context *)()
56 : m_ioctx(ioctx), m_watcher(watcher),
57 m_cct(reinterpret_cast<CephContext *>(m_ioctx.cct())),
58 m_work_queue(work_queue), m_oid(oid), m_cookie(cookie),
59 m_exclusive(exclusive),
60 m_blacklist_on_break_lock(blacklist_on_break_lock),
61 m_blacklist_expire_seconds(blacklist_expire_seconds),
>>> CID 1399573: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::managed_lock::AcquireRequest<librbd::MockImageCtx>" but the destructor and whatever functions it calls do not free it.
62 m_on_finish(new C_AsyncCallback<ContextWQ>(work_queue, on_finish)) {
63 }
64
65 template <typename I>
66 AcquireRequest<I>::~AcquireRequest() {
67 }
** CID 1399574: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 62 in librbd::managed_lock::AcquireRequest<librbd::ImageCtx>::AcquireRequest(librados::IoCtx &, librbd::Watcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, bool, unsigned int, Context *)()
________________________________________________________________________________________________________
*** CID 1399574: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 62 in librbd::managed_lock::AcquireRequest<librbd::ImageCtx>::AcquireRequest(librados::IoCtx &, librbd::Watcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool, bool, unsigned int, Context *)()
56 : m_ioctx(ioctx), m_watcher(watcher),
57 m_cct(reinterpret_cast<CephContext *>(m_ioctx.cct())),
58 m_work_queue(work_queue), m_oid(oid), m_cookie(cookie),
59 m_exclusive(exclusive),
60 m_blacklist_on_break_lock(blacklist_on_break_lock),
61 m_blacklist_expire_seconds(blacklist_expire_seconds),
>>> CID 1399574: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::managed_lock::AcquireRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
62 m_on_finish(new C_AsyncCallback<ContextWQ>(work_queue, on_finish)) {
63 }
64
65 template <typename I>
66 AcquireRequest<I>::~AcquireRequest() {
67 }
** CID 1399575: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3402 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3411 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3413 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1399575: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3402 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
3396
3397 // write something into parent
3398 char test_data[TEST_IO_SIZE + 1];
3399 char zero_data[TEST_IO_SIZE + 1];
3400 int i;
3401 for (i = 0; i < TEST_IO_SIZE; ++i)
>>> CID 1399575: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3402 test_data[i] = (char) (rand() % (126 - 33) + 33);
3403 test_data[TEST_IO_SIZE] = '\0';
3404 memset(zero_data, 0, sizeof(zero_data));
3405
3406 // generate a random map which covers every objects with random
3407 // offset
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3411 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
3405
3406 // generate a random map which covers every objects with random
3407 // offset
3408 int count = 0;
3409 map<uint64_t, uint64_t> write_tracker;
3410 while (count < 10) {
>>> CID 1399575: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3411 uint64_t ono = rand() % object_num;
3412 if (write_tracker.find(ono) == write_tracker.end()) {
3413 uint64_t offset = rand() % (object_size - TEST_IO_SIZE);
3414 write_tracker.insert(pair<uint64_t, uint64_t>(ono, offset));
3415 count++;
3416 }
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3413 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
3407 // offset
3408 int count = 0;
3409 map<uint64_t, uint64_t> write_tracker;
3410 while (count < 10) {
3411 uint64_t ono = rand() % object_num;
3412 if (write_tracker.find(ono) == write_tracker.end()) {
>>> CID 1399575: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
3413 uint64_t offset = rand() % (object_size - TEST_IO_SIZE);
3414 write_tracker.insert(pair<uint64_t, uint64_t>(ono, offset));
3415 count++;
3416 }
3417 }
3418
** CID 1399576: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/image/RefreshRequest.cc: 34 in librbd::image::RefreshRequest<librbd::<unnamed>::MockRefreshImageCtx>::RefreshRequest(librbd::<unnamed>::MockRefreshImageCtx &, bool, bool, Context *)()
/home/brad/working/src/ceph/src/librbd/image/RefreshRequest.cc: 34 in librbd::image::RefreshRequest<librbd::ImageCtx>::RefreshRequest(librbd::ImageCtx &, bool, bool, Context *)()
________________________________________________________________________________________________________
*** CID 1399576: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/image/RefreshRequest.cc: 34 in librbd::image::RefreshRequest<librbd::<unnamed>::MockRefreshImageCtx>::RefreshRequest(librbd::<unnamed>::MockRefreshImageCtx &, bool, bool, Context *)()
28
29 template <typename I>
30 RefreshRequest<I>::RefreshRequest(I &image_ctx, bool acquiring_lock,
31 bool skip_open_parent, Context *on_finish)
32 : m_image_ctx(image_ctx), m_acquiring_lock(acquiring_lock),
33 m_skip_open_parent_image(skip_open_parent),
>>> CID 1399576: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::image::RefreshRequest<librbd::<unnamed>::MockRefreshImageCtx>" but the destructor and whatever functions it calls do not free it.
34 m_on_finish(create_async_context_callback(m_image_ctx, on_finish)),
35 m_error_result(0), m_flush_aio(false), m_exclusive_lock(nullptr),
36 m_object_map(nullptr), m_journal(nullptr), m_refresh_parent(nullptr) {
37 }
38
39 template <typename I>
/home/brad/working/src/ceph/src/librbd/image/RefreshRequest.cc: 34 in librbd::image::RefreshRequest<librbd::ImageCtx>::RefreshRequest(librbd::ImageCtx &, bool, bool, Context *)()
28
29 template <typename I>
30 RefreshRequest<I>::RefreshRequest(I &image_ctx, bool acquiring_lock,
31 bool skip_open_parent, Context *on_finish)
32 : m_image_ctx(image_ctx), m_acquiring_lock(acquiring_lock),
33 m_skip_open_parent_image(skip_open_parent),
>>> CID 1399576: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::image::RefreshRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
34 m_on_finish(create_async_context_callback(m_image_ctx, on_finish)),
35 m_error_result(0), m_flush_aio(false), m_exclusive_lock(nullptr),
36 m_object_map(nullptr), m_journal(nullptr), m_refresh_parent(nullptr) {
37 }
38
39 template <typename I>
** CID 1399577: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 37 in librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>::PreReleaseRequest(librbd::MockImageCtx &, bool, Context *)()
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 37 in librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>::PreReleaseRequest(librbd::ImageCtx &, bool, Context *)()
________________________________________________________________________________________________________
*** CID 1399577: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 37 in librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>::PreReleaseRequest(librbd::MockImageCtx &, bool, Context *)()
31 }
32
33 template <typename I>
34 PreReleaseRequest<I>::PreReleaseRequest(I &image_ctx, bool shutting_down,
35 Context *on_finish)
36 : m_image_ctx(image_ctx),
>>> CID 1399577: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>" but the destructor and whatever functions it calls do not free it.
37 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
38 m_shutting_down(shutting_down), m_error_result(0), m_object_map(nullptr),
39 m_journal(nullptr) {
40 }
41
42 template <typename I>
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 37 in librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>::PreReleaseRequest(librbd::ImageCtx &, bool, Context *)()
31 }
32
33 template <typename I>
34 PreReleaseRequest<I>::PreReleaseRequest(I &image_ctx, bool shutting_down,
35 Context *on_finish)
36 : m_image_ctx(image_ctx),
>>> CID 1399577: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
37 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
38 m_shutting_down(shutting_down), m_error_result(0), m_object_map(nullptr),
39 m_journal(nullptr) {
40 }
41
42 template <typename I>
** CID 1399578: (FORWARD_NULL)
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
________________________________________________________________________________________________________
*** CID 1399578: (FORWARD_NULL)
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
523
524 int AsyncMessenger::_send_message(Message *m, const entity_inst_t& dest)
525 {
526 FUNCTRACE();
527 if (m && m->get_type() == CEPH_MSG_OSD_OP)
528 OID_EVENT_TRACE(((MOSDOp *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP");
>>> CID 1399578: (FORWARD_NULL)
>>> Comparing "m" to null implies that "m" might be null.
529 else if (m && m->get_type() == CEPH_MSG_OSD_OPREPLY)
530 OID_EVENT_TRACE(((MOSDOpReply *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP_REPLY");
531
532 ldout(cct, 1) << __func__ << "--> " << dest.name << " "
533 << dest.addr << " -- " << *m << " -- ?+"
534 << m->get_data().length() << " " << m << dendl;
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
523
524 int AsyncMessenger::_send_message(Message *m, const entity_inst_t& dest)
525 {
526 FUNCTRACE();
527 if (m && m->get_type() == CEPH_MSG_OSD_OP)
528 OID_EVENT_TRACE(((MOSDOp *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP");
>>> CID 1399578: (FORWARD_NULL)
>>> Comparing "m" to null implies that "m" might be null.
529 else if (m && m->get_type() == CEPH_MSG_OSD_OPREPLY)
530 OID_EVENT_TRACE(((MOSDOpReply *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP_REPLY");
531
532 ldout(cct, 1) << __func__ << "--> " << dest.name << " "
533 << dest.addr << " -- " << *m << " -- ?+"
534 << m->get_data().length() << " " << m << dendl;
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
523
524 int AsyncMessenger::_send_message(Message *m, const entity_inst_t& dest)
525 {
526 FUNCTRACE();
527 if (m && m->get_type() == CEPH_MSG_OSD_OP)
528 OID_EVENT_TRACE(((MOSDOp *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP");
>>> CID 1399578: (FORWARD_NULL)
>>> Comparing "m" to null implies that "m" might be null.
529 else if (m && m->get_type() == CEPH_MSG_OSD_OPREPLY)
530 OID_EVENT_TRACE(((MOSDOpReply *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP_REPLY");
531
532 ldout(cct, 1) << __func__ << "--> " << dest.name << " "
533 << dest.addr << " -- " << *m << " -- ?+"
534 << m->get_data().length() << " " << m << dendl;
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 529 in AsyncMessenger::_send_message(Message *, const entity_inst_t &)()
523
524 int AsyncMessenger::_send_message(Message *m, const entity_inst_t& dest)
525 {
526 FUNCTRACE();
527 if (m && m->get_type() == CEPH_MSG_OSD_OP)
528 OID_EVENT_TRACE(((MOSDOp *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP");
>>> CID 1399578: (FORWARD_NULL)
>>> Comparing "m" to null implies that "m" might be null.
529 else if (m && m->get_type() == CEPH_MSG_OSD_OPREPLY)
530 OID_EVENT_TRACE(((MOSDOpReply *)m)->get_oid().name.c_str(), "SEND_MSG_OSD_OP_REPLY");
531
532 ldout(cct, 1) << __func__ << "--> " << dest.name << " "
533 << dest.addr << " -- " << *m << " -- ?+"
534 << m->get_data().length() << " " << m << dendl;
** CID 1399579: Program hangs (LOCK)
/home/brad/working/src/ceph/src/msg/simple/SimpleMessenger.cc: 315 in SimpleMessenger::client_bind(const entity_addr_t &)()
________________________________________________________________________________________________________
*** CID 1399579: Program hangs (LOCK)
/home/brad/working/src/ceph/src/msg/simple/SimpleMessenger.cc: 315 in SimpleMessenger::client_bind(const entity_addr_t &)()
309
310 int SimpleMessenger::client_bind(const entity_addr_t &bind_addr)
311 {
312 lock.Lock();
313 if (did_bind) {
314 assert(my_inst.addr == bind_addr);
>>> CID 1399579: Program hangs (LOCK)
>>> Returning without unlocking "this->lock._m".
315 return 0;
316 }
317 if (started) {
318 ldout(cct,10) << "rank.bind already started" << dendl;
319 lock.Unlock();
320 return -1;
** CID 1399580: Program hangs (LOCK)
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 388 in AsyncMessenger::client_bind(const entity_addr_t &)()
________________________________________________________________________________________________________
*** CID 1399580: Program hangs (LOCK)
/home/brad/working/src/ceph/src/msg/async/AsyncMessenger.cc: 388 in AsyncMessenger::client_bind(const entity_addr_t &)()
382
383 int AsyncMessenger::client_bind(const entity_addr_t &bind_addr)
384 {
385 lock.Lock();
386 if (did_bind) {
387 assert(my_inst.addr == bind_addr);
>>> CID 1399580: Program hangs (LOCK)
>>> Returning without unlocking "this->lock._m".
388 return 0;
389 }
390 if (started) {
391 ldout(cct, 10) << __func__ << " already started" << dendl;
392 lock.Unlock();
393 return -1;
** CID 1399581: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 536 in rgw::RGWFileHandle::set_times(std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>)()
________________________________________________________________________________________________________
*** CID 1399581: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/rgw/rgw_file.h: 536 in rgw::RGWFileHandle::set_times(std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>)()
530 state.size = size;
531 }
532
533 void set_times(real_time t) {
534 state.ctime = real_clock::to_timespec(t);
535 state.mtime = state.ctime;
>>> CID 1399581: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->state.atime" without holding lock "rgw::RGWFileHandle.mtx". Elsewhere, "_ZN3rgw13RGWFileHandle5StateE.atime" is accessed with "rgw::RGWFileHandle.mtx" held 2 out of 3 times (2 of these accesses strongly imply that it is necessary).
536 state.atime = state.ctime;
537 }
538
539 void set_ctime(const struct timespec &ts) {
540 state.ctime = ts;
541 }
** CID 1399582: Integer handling issues (NO_EFFECT)
/home/brad/working/src/ceph/src/osd/PG.cc: 2536 in PG::_update_calc_stats()()
________________________________________________________________________________________________________
*** CID 1399582: Integer handling issues (NO_EFFECT)
/home/brad/working/src/ceph/src/osd/PG.cc: 2536 in PG::_update_calc_stats()()
2530 osd_missing = peer_missing[p].num_missing();
2531 object_copies += peer_info[p].stats.stats.sum.num_objects;
2532 }
2533 missing += osd_missing;
2534 // Count non-missing objects not in up as misplaced
2535 if (!in_up)
>>> CID 1399582: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "0UL > num_objects - osd_missing".
2536 misplaced += MAX(0, num_objects - osd_missing);
2537 } else {
2538 assert(in_up && !in_acting);
2539
2540 // If this peer has more objects then it should, ignore them
2541 backfilled += MIN(num_objects, peer_info[p].stats.stats.sum.num_objects);
** CID 1399583: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5041 in TestLibRBD_ExclusiveLock_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1399583: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 5041 in TestLibRBD_ExclusiveLock_Test::TestBody()()
5035 char *lock_owners[1];
5036 size_t max_lock_owners = 0;
5037 ASSERT_EQ(-ERANGE, rbd_lock_get_owners(image1, &lock_mode, lock_owners,
5038 &max_lock_owners));
5039 ASSERT_EQ(1U, max_lock_owners);
5040
>>> CID 1399583: Memory - corruptions (OVERRUN)
>>> Assigning: "max_lock_owners" = "2UL".
5041 max_lock_owners = 2;
5042 ASSERT_EQ(0, rbd_lock_get_owners(image1, &lock_mode, lock_owners,
5043 &max_lock_owners));
5044 ASSERT_EQ(RBD_LOCK_MODE_EXCLUSIVE, lock_mode);
5045 ASSERT_STRNE("", lock_owners[0]);
5046 ASSERT_EQ(1U, max_lock_owners);
** CID 1399584: Memory - illegal accesses (OVERRUN)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_opt.h: 523 in ZSTD_compressBlock_opt_generic()
________________________________________________________________________________________________________
*** CID 1399584: Memory - illegal accesses (OVERRUN)
/home/brad/working/src/ceph/src/zstd/lib/compress/zstd_opt.h: 523 in ZSTD_compressBlock_opt_generic()
517 opt[cur].rep[0] = ((opt[cur].off==ZSTD_REP_MOVE_OPT) && (mlen != 1)) ? (opt[cur-mlen].rep[0] - 1) : (opt[cur-mlen].rep[opt[cur].off]);
518 }
519
520 best_mlen = minMatch;
521 { U32 i, last_i = ZSTD_REP_CHECK + (mlen != 1);
522 for (i=(opt[cur].mlen != 1); i<last_i; i++) { /* check rep */
>>> CID 1399584: Memory - illegal accesses (OVERRUN)
>>> Overrunning array "(opt + cur).rep" of 3 4-byte elements at element index 4 (byte offset 16) using index "i" (which evaluates to 4).
523 const S32 repCur = (i==ZSTD_REP_MOVE_OPT) ? (opt[cur].rep[0] - 1) : opt[cur].rep[i];
524 if ( (repCur > 0) && (repCur < (S32)(inr-prefixStart))
525 && (MEM_readMINMATCH(inr, minMatch) == MEM_readMINMATCH(inr - repCur, minMatch))) {
526 mlen = (U32)ZSTD_count(inr+minMatch, inr+minMatch - repCur, iend) + minMatch;
527
528 if (mlen > sufficient_len || cur + mlen >= ZSTD_OPT_NUM) {
** CID 1399585: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3483 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1399585: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librbd/test_librbd.cc: 3483 in TestLibRBD_FlattenNoEmptyObjects_Test::TestBody()()
3477 printf("flattening clone: \"%s\"\n", child_name.c_str());
3478 ASSERT_EQ(0, rbd_flatten(child));
3479
3480 printf("check whether child image has the same set of objects as parent\n");
3481 rbd_image_info_t c_info;
3482 ASSERT_EQ(0, rbd_stat(child, &c_info, sizeof(c_info)));
>>> CID 1399585: Resource leaks (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
3483 ASSERT_EQ(0, rados_nobjects_list_open(d_ioctx, &list_ctx));
3484 while (rados_nobjects_list_next(list_ctx, &entry, NULL, NULL) != -ENOENT) {
3485 if (strstr(entry, c_info.block_name_prefix)) {
3486 const char *block_name_suffix = entry + strlen(c_info.block_name_prefix) + 1;
3487 set<string>::iterator it = obj_checker.find(block_name_suffix);
3488 ASSERT_TRUE(it != obj_checker.end());
** CID 1399586: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1827 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1826 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1825 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1823 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1821 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1819 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1818 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1817 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1816 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1815 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1813 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1811 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1810 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1809 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1807 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1805 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1800 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1799 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1798 in LibCephFS_OperationsOnRoot_Test::TestBody()()
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1797 in LibCephFS_OperationsOnRoot_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1399586: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1827 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
1823 ASSERT_EQ(ceph_mknod(cmount, "/", 0, 0), -EEXIST);
1824
1825 ASSERT_EQ(ceph_symlink(cmount, "/", "/"), -EEXIST);
1826 ASSERT_EQ(ceph_symlink(cmount, dirname, "/"), -EEXIST);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1827 ASSERT_EQ(ceph_symlink(cmount, "nonExistingDir", "/"), -EEXIST);
1828
1829 ceph_shutdown(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1826 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1820
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
1823 ASSERT_EQ(ceph_mknod(cmount, "/", 0, 0), -EEXIST);
1824
1825 ASSERT_EQ(ceph_symlink(cmount, "/", "/"), -EEXIST);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1826 ASSERT_EQ(ceph_symlink(cmount, dirname, "/"), -EEXIST);
1827 ASSERT_EQ(ceph_symlink(cmount, "nonExistingDir", "/"), -EEXIST);
1828
1829 ceph_shutdown(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1825 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
1823 ASSERT_EQ(ceph_mknod(cmount, "/", 0, 0), -EEXIST);
1824
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1825 ASSERT_EQ(ceph_symlink(cmount, "/", "/"), -EEXIST);
1826 ASSERT_EQ(ceph_symlink(cmount, dirname, "/"), -EEXIST);
1827 ASSERT_EQ(ceph_symlink(cmount, "nonExistingDir", "/"), -EEXIST);
1828
1829 ceph_shutdown(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1823 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1823 ASSERT_EQ(ceph_mknod(cmount, "/", 0, 0), -EEXIST);
1824
1825 ASSERT_EQ(ceph_symlink(cmount, "/", "/"), -EEXIST);
1826 ASSERT_EQ(ceph_symlink(cmount, dirname, "/"), -EEXIST);
1827 ASSERT_EQ(ceph_symlink(cmount, "nonExistingDir", "/"), -EEXIST);
1828
1829 ceph_shutdown(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1821 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
1823 ASSERT_EQ(ceph_mknod(cmount, "/", 0, 0), -EEXIST);
1824
1825 ASSERT_EQ(ceph_symlink(cmount, "/", "/"), -EEXIST);
1826 ASSERT_EQ(ceph_symlink(cmount, dirname, "/"), -EEXIST);
1827 ASSERT_EQ(ceph_symlink(cmount, "nonExistingDir", "/"), -EEXIST);
1828
1829 ceph_shutdown(cmount);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1819 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
1823 ASSERT_EQ(ceph_mknod(cmount, "/", 0, 0), -EEXIST);
1824
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1818 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1812
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
1823 ASSERT_EQ(ceph_mknod(cmount, "/", 0, 0), -EEXIST);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1817 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
1822
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1816 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
1821 ASSERT_EQ(ceph_mkdir(cmount, "/", 0777), -EEXIST);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1815 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1809 ASSERT_EQ(ceph_link(cmount, "/", "/"), -EEXIST);
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
1819 ASSERT_EQ(ceph_rename(cmount, "/", "nonExistingDir"), -EBUSY);
1820
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1813 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1807 ASSERT_EQ(ceph_rmdir(cmount, "/"), -EBUSY);
1808
1809 ASSERT_EQ(ceph_link(cmount, "/", "/"), -EEXIST);
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
1817 ASSERT_EQ(ceph_rename(cmount, "nonExistingDir", "/"), -EBUSY);
1818 ASSERT_EQ(ceph_rename(cmount, "/", dirname), -EBUSY);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1811 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1805 ASSERT_EQ(ceph_mkdir(cmount, dirname, 0755), 0);
1806
1807 ASSERT_EQ(ceph_rmdir(cmount, "/"), -EBUSY);
1808
1809 ASSERT_EQ(ceph_link(cmount, "/", "/"), -EEXIST);
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
1816 ASSERT_EQ(ceph_rename(cmount, dirname, "/"), -EBUSY);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1810 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1804
1805 ASSERT_EQ(ceph_mkdir(cmount, dirname, 0755), 0);
1806
1807 ASSERT_EQ(ceph_rmdir(cmount, "/"), -EBUSY);
1808
1809 ASSERT_EQ(ceph_link(cmount, "/", "/"), -EEXIST);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
1815 ASSERT_EQ(ceph_rename(cmount, "/", "/"), -EBUSY);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1809 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1803 sprintf(dirname, "/somedir%x", getpid());
1804
1805 ASSERT_EQ(ceph_mkdir(cmount, dirname, 0755), 0);
1806
1807 ASSERT_EQ(ceph_rmdir(cmount, "/"), -EBUSY);
1808
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1809 ASSERT_EQ(ceph_link(cmount, "/", "/"), -EEXIST);
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
1813 ASSERT_EQ(ceph_unlink(cmount, "/"), -EISDIR);
1814
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1807 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1801
1802 char dirname[32];
1803 sprintf(dirname, "/somedir%x", getpid());
1804
1805 ASSERT_EQ(ceph_mkdir(cmount, dirname, 0755), 0);
1806
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1807 ASSERT_EQ(ceph_rmdir(cmount, "/"), -EBUSY);
1808
1809 ASSERT_EQ(ceph_link(cmount, "/", "/"), -EEXIST);
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
1811 ASSERT_EQ(ceph_link(cmount, "nonExisitingDir", "/"), -ENOENT);
1812
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1805 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1799 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1800 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1801
1802 char dirname[32];
1803 sprintf(dirname, "/somedir%x", getpid());
1804
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1805 ASSERT_EQ(ceph_mkdir(cmount, dirname, 0755), 0);
1806
1807 ASSERT_EQ(ceph_rmdir(cmount, "/"), -EBUSY);
1808
1809 ASSERT_EQ(ceph_link(cmount, "/", "/"), -EEXIST);
1810 ASSERT_EQ(ceph_link(cmount, dirname, "/"), -EEXIST);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1800 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1794 TEST(LibCephFS, OperationsOnRoot)
1795 {
1796 struct ceph_mount_info *cmount;
1797 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1798 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1799 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1800 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1801
1802 char dirname[32];
1803 sprintf(dirname, "/somedir%x", getpid());
1804
1805 ASSERT_EQ(ceph_mkdir(cmount, dirname, 0755), 0);
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1799 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1793
1794 TEST(LibCephFS, OperationsOnRoot)
1795 {
1796 struct ceph_mount_info *cmount;
1797 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1798 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1799 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1800 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1801
1802 char dirname[32];
1803 sprintf(dirname, "/somedir%x", getpid());
1804
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1798 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1792 }
1793
1794 TEST(LibCephFS, OperationsOnRoot)
1795 {
1796 struct ceph_mount_info *cmount;
1797 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1798 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1799 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1800 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1801
1802 char dirname[32];
1803 sprintf(dirname, "/somedir%x", getpid());
/home/brad/working/src/ceph/src/test/libcephfs/test.cc: 1797 in LibCephFS_OperationsOnRoot_Test::TestBody()()
1791 ceph_shutdown(cmount);
1792 }
1793
1794 TEST(LibCephFS, OperationsOnRoot)
1795 {
1796 struct ceph_mount_info *cmount;
>>> CID 1399586: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1797 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1798 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1799 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1800 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1801
1802 char dirname[32];
** CID 1399587: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/msg/async/net_handler.cc: 178 in ceph::NetHandler::generic_connect(const entity_addr_t &, const entity_addr_t &, bool)()
/home/brad/working/src/ceph/src/msg/async/net_handler.cc: 178 in ceph::NetHandler::generic_connect(const entity_addr_t &, const entity_addr_t &, bool)()
________________________________________________________________________________________________________
*** CID 1399587: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/msg/async/net_handler.cc: 178 in ceph::NetHandler::generic_connect(const entity_addr_t &, const entity_addr_t &, bool)()
172 if (cct->_conf->ms_bind_before_connect && (!addr.is_blank_ip())) {
173 addr.set_port(0);
174 ret = ::bind(s, addr.get_sockaddr(), addr.get_sockaddr_len());
175 if (ret < 0) {
176 ret = -errno;
177 ldout(cct, 2) << __func__ << " client bind error " << ", " << cpp_strerror(ret) << dendl;
>>> CID 1399587: (RESOURCE_LEAK)
>>> Handle variable "s" going out of scope leaks the handle.
178 return ret;
179 }
180 }
181 }
182
183 ret = ::connect(s, addr.get_sockaddr(), addr.get_sockaddr_len());
/home/brad/working/src/ceph/src/msg/async/net_handler.cc: 178 in ceph::NetHandler::generic_connect(const entity_addr_t &, const entity_addr_t &, bool)()
172 if (cct->_conf->ms_bind_before_connect && (!addr.is_blank_ip())) {
173 addr.set_port(0);
174 ret = ::bind(s, addr.get_sockaddr(), addr.get_sockaddr_len());
175 if (ret < 0) {
176 ret = -errno;
177 ldout(cct, 2) << __func__ << " client bind error " << ", " << cpp_strerror(ret) << dendl;
>>> CID 1399587: (RESOURCE_LEAK)
>>> Handle variable "s" going out of scope leaks the handle.
178 return ret;
179 }
180 }
181 }
182
183 ret = ::connect(s, addr.get_sockaddr(), addr.get_sockaddr_len());
** CID 1399588: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/zdict.c: 908 in ZDICT_trainFromBuffer_unsafe()
________________________________________________________________________________________________________
*** CID 1399588: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/zstd/lib/dictBuilder/zdict.c: 908 in ZDICT_trainFromBuffer_unsafe()
902 DISPLAYLEVEL(3, "list %u best segments \n", nb-1);
903 for (u=1; u<nb; u++) {
904 U32 const pos = dictList[u].pos;
905 U32 const length = dictList[u].length;
906 U32 const printedLength = MIN(40, length);
907 if ((pos > samplesBuffSize) || ((pos + length) > samplesBuffSize))
>>> CID 1399588: Resource leaks (RESOURCE_LEAK)
>>> Variable "dictList" going out of scope leaks the storage it points to.
908 return ERROR(GENERIC); /* should never happen */
909 DISPLAYLEVEL(3, "%3u:%3u bytes at pos %8u, savings %7u bytes |",
910 u, length, pos, dictList[u].savings);
911 ZDICT_printHex((const char*)samplesBuffer+pos, printedLength);
912 DISPLAYLEVEL(3, "| \n");
913 } }
** CID 1399589: Insecure data handling (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/librbd/managed_lock/Utils.cc: 26 in librbd::managed_lock::util::decode_lock_cookie(const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long *)()
________________________________________________________________________________________________________
*** CID 1399589: Insecure data handling (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/librbd/managed_lock/Utils.cc: 26 in librbd::managed_lock::util::decode_lock_cookie(const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long *)()
20 return WATCHER_LOCK_TAG;
21 }
22
23 bool decode_lock_cookie(const std::string &tag, uint64_t *handle) {
24 std::string prefix;
25 std::istringstream ss(tag);
>>> CID 1399589: Insecure data handling (TAINTED_SCALAR)
>>> Calling function "operator >>" taints argument "prefix".
26 if (!(ss >> prefix >> *handle) || prefix != WATCHER_LOCK_COOKIE_PREFIX) {
27 return false;
28 }
29 return true;
30 }
31
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F-2FSrHHeUw77GfuYhRonfTSUes-2BsyNAqZdZ1oRr4a8LOG1uIo5p-2BRfIuyaLcYfJLSymmhxUQRzPrY0KRXLG1StoyD-2FaQLAlf6yMJ5vQ3JKxioFg44aeyf1d-2BlyRDrqHpTPUd-2FTEWlme5vhYmdCVjz1F65XvYKrfS5baCrOiX4fajHr85QkbZLMTloo-2BWHpf2nU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8F-2FSrHHeUw77GfuYhRonfTSUes-2BsyNAqZdZ1oRr4a8LOE-2FT7TFobtNXgClUIMSV4gHSPiLdtSjqtCKUkKTXFN5gtFEBuydTCHyxLsf-2FcAHKFEH6xecGTCHAo2x-2Bi-2FuPnxuovxBwkhwu66p1h0Ls5bbb9qHnhIhZ7eqc9uURoDPEYEVJZEQMCc4n7m83lSx-2BFew-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-01-17 3:01 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-01-17 3:01 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
88 new defect(s) introduced to ceph found with Coverity Scan.
35 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 88 defect(s)
** CID 1019567: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1019567: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 4106 in OSD::handle_osd_ping(MOSDPing *)()
4100 << ", " << heartbeat_drop->second
4101 << " remaining to drop" << dendl;
4102 break;
4103 }
4104 }
4105
>>> CID 1019567: Program hangs (ORDER_REVERSAL)
>>> Calling "is_healthy" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 5 / 10).
4106 if (!cct->get_heartbeat_map()->is_healthy()) {
4107 dout(10) << "internal heartbeat not healthy, dropping ping request" << dendl;
4108 break;
4109 }
4110
4111 Message *r = new MOSDPing(monc->get_fsid(),
** CID 1231682: (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1231682: (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 2703 in OSD::shutdown()()
2697 service.start_shutdown();
2698
2699 clear_waiting_sessions();
2700
2701 // Shutdown PGs
2702 {
>>> CID 1231682: (ORDER_REVERSAL)
>>> Calling "RLocker" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 5 / 10).
2703 RWLock::RLocker l(pg_map_lock);
2704 for (ceph::unordered_map<spg_t, PG*>::iterator p = pg_map.begin();
2705 p != pg_map.end();
2706 ++p) {
2707 dout(20) << " kicking pg " << p->first << dendl;
2708 p->second->lock();
/home/brad/working/src/ceph/src/osd/OSD.cc: 2813 in OSD::shutdown()()
2807
2808 // Remove PGs
2809 #ifdef PG_DEBUG_REFS
2810 service.dump_live_pgids();
2811 #endif
2812 {
>>> CID 1231682: (ORDER_REVERSAL)
>>> Calling "RLocker" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 5 / 10).
2813 RWLock::RLocker l(pg_map_lock);
2814 for (ceph::unordered_map<spg_t, PG*>::iterator p = pg_map.begin();
2815 p != pg_map.end();
2816 ++p) {
2817 dout(20) << " kicking pg " << p->first << dendl;
2818 p->second->lock();
** CID 1395483: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1395483: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/mds/MDSDaemon.cc: 415 in MDSDaemon::handle_conf_change(const md_config_t *, const std::set<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &)()
409 mds_rank->op_tracker.set_history_size_and_duration(conf->mds_op_history_size,
410 conf->mds_op_history_duration);
411 }
412 }
413 if (changed.count("mds_enable_op_tracker")) {
414 if (mds_rank) {
>>> CID 1395483: Program hangs (ORDER_REVERSAL)
>>> Calling "set_tracking" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 5 / 10).
415 mds_rank->op_tracker.set_tracking(conf->mds_enable_op_tracker);
416 }
417 }
418 if (changed.count("clog_to_monitors") ||
419 changed.count("clog_to_syslog") ||
420 changed.count("clog_to_syslog_level") ||
** CID 1398823: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/ReleaseRequest.cc: 41 in librbd::managed_lock::ReleaseRequest<librbd::MockImageCtx>::ReleaseRequest(librados::IoCtx &, librbd::MockImageWatcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
________________________________________________________________________________________________________
*** CID 1398823: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/ReleaseRequest.cc: 41 in librbd::managed_lock::ReleaseRequest<librbd::MockImageCtx>::ReleaseRequest(librados::IoCtx &, librbd::MockImageWatcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
35
36 template <typename I>
37 ReleaseRequest<I>::ReleaseRequest(librados::IoCtx& ioctx, Watcher *watcher,
38 ContextWQ *work_queue, const string& oid,
39 const string& cookie, Context *on_finish)
40 : m_ioctx(ioctx), m_watcher(watcher), m_oid(oid), m_cookie(cookie),
>>> CID 1398823: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::managed_lock::ReleaseRequest<librbd::MockImageCtx>" but the destructor and whatever functions it calls do not free it.
41 m_on_finish(new C_AsyncCallback<ContextWQ>(work_queue, on_finish)) {
42 }
43
44 template <typename I>
45 ReleaseRequest<I>::~ReleaseRequest() {
46 }
** CID 1398824: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreAcquireRequest.cc: 34 in librbd::exclusive_lock::PreAcquireRequest<librbd::<unnamed>::MockTestImageCtx>::PreAcquireRequest(librbd::<unnamed>::MockTestImageCtx &, Context *)()
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreAcquireRequest.cc: 34 in librbd::exclusive_lock::PreAcquireRequest<librbd::ImageCtx>::PreAcquireRequest(librbd::ImageCtx &, Context *)()
________________________________________________________________________________________________________
*** CID 1398824: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreAcquireRequest.cc: 34 in librbd::exclusive_lock::PreAcquireRequest<librbd::<unnamed>::MockTestImageCtx>::PreAcquireRequest(librbd::<unnamed>::MockTestImageCtx &, Context *)()
28 return new PreAcquireRequest(image_ctx, on_finish);
29 }
30
31 template <typename I>
32 PreAcquireRequest<I>::PreAcquireRequest(I &image_ctx, Context *on_finish)
33 : m_image_ctx(image_ctx),
>>> CID 1398824: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreAcquireRequest<librbd::<unnamed>::MockTestImageCtx>" but the destructor and whatever functions it calls do not free it.
34 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
35 m_error_result(0) {
36 }
37
38 template <typename I>
39 PreAcquireRequest<I>::~PreAcquireRequest() {
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreAcquireRequest.cc: 34 in librbd::exclusive_lock::PreAcquireRequest<librbd::ImageCtx>::PreAcquireRequest(librbd::ImageCtx &, Context *)()
28 return new PreAcquireRequest(image_ctx, on_finish);
29 }
30
31 template <typename I>
32 PreAcquireRequest<I>::PreAcquireRequest(I &image_ctx, Context *on_finish)
33 : m_image_ctx(image_ctx),
>>> CID 1398824: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreAcquireRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
34 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
35 m_error_result(0) {
36 }
37
38 template <typename I>
39 PreAcquireRequest<I>::~PreAcquireRequest() {
** CID 1398825: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 74 in librbd::managed_lock::AcquireRequest<librbd::ImageCtx>::AcquireRequest(librados::IoCtx &, librbd::Watcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
________________________________________________________________________________________________________
*** CID 1398825: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 74 in librbd::managed_lock::AcquireRequest<librbd::ImageCtx>::AcquireRequest(librados::IoCtx &, librbd::Watcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
68 AcquireRequest<I>::AcquireRequest(librados::IoCtx& ioctx, Watcher *watcher,
69 ContextWQ *work_queue, const string& oid,
70 const string& cookie, Context *on_finish)
71 : m_ioctx(ioctx), m_watcher(watcher),
72 m_cct(reinterpret_cast<CephContext *>(m_ioctx.cct())),
73 m_work_queue(work_queue), m_oid(oid), m_cookie(cookie),
>>> CID 1398825: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::managed_lock::AcquireRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
74 m_on_finish(new C_AsyncCallback<ContextWQ>(work_queue, on_finish)),
75 m_error_result(0) {
76 }
77
78 template <typename I>
79 AcquireRequest<I>::~AcquireRequest() {
** CID 1398826: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2775 in Objecter::_calc_target(Objecter::op_target_t *, bool)()
________________________________________________________________________________________________________
*** CID 1398826: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osdc/Objecter.cc: 2775 in Objecter::_calc_target(Objecter::op_target_t *, bool)()
2769 if (acting_primary == -1) {
2770 t->osd = -1;
2771 } else {
2772 int osd;
2773 bool read = is_read && !is_write;
2774 if (read && (t->flags & CEPH_OSD_FLAG_BALANCE_READS)) {
>>> CID 1398826: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
2775 int p = rand() % acting.size();
2776 if (p)
2777 t->used_replica = true;
2778 osd = acting[p];
2779 ldout(cct, 10) << " chose random osd." << osd << " of " << acting
2780 << dendl;
** CID 1398827: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 74 in librbd::managed_lock::AcquireRequest<librbd::MockImageCtx>::AcquireRequest(librados::IoCtx &, librbd::MockImageWatcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
________________________________________________________________________________________________________
*** CID 1398827: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/AcquireRequest.cc: 74 in librbd::managed_lock::AcquireRequest<librbd::MockImageCtx>::AcquireRequest(librados::IoCtx &, librbd::MockImageWatcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
68 AcquireRequest<I>::AcquireRequest(librados::IoCtx& ioctx, Watcher *watcher,
69 ContextWQ *work_queue, const string& oid,
70 const string& cookie, Context *on_finish)
71 : m_ioctx(ioctx), m_watcher(watcher),
72 m_cct(reinterpret_cast<CephContext *>(m_ioctx.cct())),
73 m_work_queue(work_queue), m_oid(oid), m_cookie(cookie),
>>> CID 1398827: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::managed_lock::AcquireRequest<librbd::MockImageCtx>" but the destructor and whatever functions it calls do not free it.
74 m_on_finish(new C_AsyncCallback<ContextWQ>(work_queue, on_finish)),
75 m_error_result(0) {
76 }
77
78 template <typename I>
79 AcquireRequest<I>::~AcquireRequest() {
** CID 1398828: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 39 in librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>::PreReleaseRequest(librbd::MockImageCtx &, Context *, Context *, bool)()
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 39 in librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>::PreReleaseRequest(librbd::ImageCtx &, Context *, Context *, bool)()
________________________________________________________________________________________________________
*** CID 1398828: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 39 in librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>::PreReleaseRequest(librbd::MockImageCtx &, Context *, Context *, bool)()
33 }
34
35 template <typename I>
36 PreReleaseRequest<I>::PreReleaseRequest(I &image_ctx, Context *on_releasing,
37 Context *on_finish, bool shutting_down)
38 : m_image_ctx(image_ctx), m_on_releasing(on_releasing),
>>> CID 1398828: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreReleaseRequest<librbd::MockImageCtx>" but the destructor and whatever functions it calls do not free it.
39 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
40 m_shutting_down(shutting_down), m_error_result(0), m_object_map(nullptr),
41 m_journal(nullptr) {
42 }
43
44 template <typename I>
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PreReleaseRequest.cc: 39 in librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>::PreReleaseRequest(librbd::ImageCtx &, Context *, Context *, bool)()
33 }
34
35 template <typename I>
36 PreReleaseRequest<I>::PreReleaseRequest(I &image_ctx, Context *on_releasing,
37 Context *on_finish, bool shutting_down)
38 : m_image_ctx(image_ctx), m_on_releasing(on_releasing),
>>> CID 1398828: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PreReleaseRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
39 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
40 m_shutting_down(shutting_down), m_error_result(0), m_object_map(nullptr),
41 m_journal(nullptr) {
42 }
43
44 template <typename I>
** CID 1398829: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/Journal.cc: 74 in librbd::<unnamed>::C_IsTagOwner<librbd::ImageCtx>::C_IsTagOwner(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool *, ContextWQ *, Context *)()
________________________________________________________________________________________________________
*** CID 1398829: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/Journal.cc: 74 in librbd::<unnamed>::C_IsTagOwner<librbd::ImageCtx>::C_IsTagOwner(librados::IoCtx &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, bool *, ContextWQ *, Context *)()
68
69 C_IsTagOwner(librados::IoCtx &io_ctx, const std::string &image_id,
70 bool *is_tag_owner, ContextWQ *op_work_queue, Context *on_finish)
71 : io_ctx(io_ctx), image_id(image_id), is_tag_owner(is_tag_owner),
72 op_work_queue(op_work_queue), on_finish(on_finish),
73 cct(reinterpret_cast<CephContext*>(io_ctx.cct())),
>>> CID 1398829: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "journaler" of "librbd::<unnamed>::C_IsTagOwner<librbd::ImageCtx>" but there is no destructor.
74 journaler(new Journaler(io_ctx, image_id, Journal<>::IMAGE_CLIENT_ID,
75 {})) {
76 }
77
78 virtual void finish(int r) {
79 ldout(cct, 20) << this << " C_IsTagOwner::" << __func__ << ": r=" << r
** CID 1398830: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PostAcquireRequest.cc: 47 in librbd::exclusive_lock::PostAcquireRequest<librbd::<unnamed>::MockTestImageCtx>::PostAcquireRequest(librbd::<unnamed>::MockTestImageCtx &, Context *, Context *)()
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PostAcquireRequest.cc: 47 in librbd::exclusive_lock::PostAcquireRequest<librbd::ImageCtx>::PostAcquireRequest(librbd::ImageCtx &, Context *, Context *)()
________________________________________________________________________________________________________
*** CID 1398830: (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PostAcquireRequest.cc: 47 in librbd::exclusive_lock::PostAcquireRequest<librbd::<unnamed>::MockTestImageCtx>::PostAcquireRequest(librbd::<unnamed>::MockTestImageCtx &, Context *, Context *)()
41
42 template <typename I>
43 PostAcquireRequest<I>::PostAcquireRequest(I &image_ctx, Context *on_acquire,
44 Context *on_finish)
45 : m_image_ctx(image_ctx),
46 m_on_acquire(on_acquire),
>>> CID 1398830: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PostAcquireRequest<librbd::<unnamed>::MockTestImageCtx>" but the destructor and whatever functions it calls do not free it.
47 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
48 m_object_map(nullptr), m_journal(nullptr), m_error_result(0) {
49 }
50
51 template <typename I>
52 PostAcquireRequest<I>::~PostAcquireRequest() {
/home/brad/working/src/ceph/src/librbd/exclusive_lock/PostAcquireRequest.cc: 47 in librbd::exclusive_lock::PostAcquireRequest<librbd::ImageCtx>::PostAcquireRequest(librbd::ImageCtx &, Context *, Context *)()
41
42 template <typename I>
43 PostAcquireRequest<I>::PostAcquireRequest(I &image_ctx, Context *on_acquire,
44 Context *on_finish)
45 : m_image_ctx(image_ctx),
46 m_on_acquire(on_acquire),
>>> CID 1398830: (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::exclusive_lock::PostAcquireRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
47 m_on_finish(create_async_context_callback(image_ctx, on_finish)),
48 m_object_map(nullptr), m_journal(nullptr), m_error_result(0) {
49 }
50
51 template <typename I>
52 PostAcquireRequest<I>::~PostAcquireRequest() {
** CID 1398831: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/ReleaseRequest.cc: 41 in librbd::managed_lock::ReleaseRequest<librbd::ImageCtx>::ReleaseRequest(librados::IoCtx &, librbd::Watcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
________________________________________________________________________________________________________
*** CID 1398831: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/librbd/managed_lock/ReleaseRequest.cc: 41 in librbd::managed_lock::ReleaseRequest<librbd::ImageCtx>::ReleaseRequest(librados::IoCtx &, librbd::Watcher *, ContextWQ *, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, Context *)()
35
36 template <typename I>
37 ReleaseRequest<I>::ReleaseRequest(librados::IoCtx& ioctx, Watcher *watcher,
38 ContextWQ *work_queue, const string& oid,
39 const string& cookie, Context *on_finish)
40 : m_ioctx(ioctx), m_watcher(watcher), m_oid(oid), m_cookie(cookie),
>>> CID 1398831: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_on_finish" of "librbd::managed_lock::ReleaseRequest<librbd::ImageCtx>" but the destructor and whatever functions it calls do not free it.
41 m_on_finish(new C_AsyncCallback<ContextWQ>(work_queue, on_finish)) {
42 }
43
44 template <typename I>
45 ReleaseRequest<I>::~ReleaseRequest() {
46 }
** CID 1398832: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 788 in __event_prepare_filter_stack__osd___do_osd_op_post()
________________________________________________________________________________________________________
*** CID 1398832: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 788 in __event_prepare_filter_stack__osd___do_osd_op_post()
782 ctf_integer(uint64_t, snap, snap)
783 ctf_integer_hex(uint16_t, op, op)
784 ctf_string(opname, opname)
785 )
786 )
787
>>> CID 1398832: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "4294967295U < 0U".
788 TRACEPOINT_EVENT(osd, do_osd_op_post,
789 TP_ARGS(
790 const char*, oid,
791 uint64_t, snap,
792 uint16_t, op,
793 const char*, opname,
** CID 1398833: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 678 in __event_prepare_filter_stack__osd___do_osd_op_pre_omap_cmp()
________________________________________________________________________________________________________
*** CID 1398833: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 678 in __event_prepare_filter_stack__osd___do_osd_op_pre_omap_cmp()
672 ctf_string(oid, oid)
673 ctf_integer(uint64_t, snap, snap)
674 ctf_string(keys, keys)
675 )
676 )
677
>>> CID 1398833: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
678 TRACEPOINT_EVENT(osd, do_osd_op_pre_omap_cmp,
679 TP_ARGS(
680 const char*, oid,
681 uint64_t, snap,
682 const char*, keys),
683 TP_FIELDS(
** CID 1398834: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 626 in __event_prepare_filter_stack__osd___do_osd_op_pre_omapgetkeys()
________________________________________________________________________________________________________
*** CID 1398834: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 626 in __event_prepare_filter_stack__osd___do_osd_op_pre_omapgetkeys()
620 TP_FIELDS(
621 ctf_string(oid, oid)
622 ctf_integer(uint64_t, snap, snap)
623 )
624 )
625
>>> CID 1398834: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
626 TRACEPOINT_EVENT(osd, do_osd_op_pre_omapgetkeys,
627 TP_ARGS(
628 const char*, oid,
629 uint64_t, snap,
630 const char*, start_after,
631 uint64_t, max_return),
** CID 1398835: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 250 in __event_prepare_filter_stack__osd___do_osd_op_pre_getxattrs()
________________________________________________________________________________________________________
*** CID 1398835: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 250 in __event_prepare_filter_stack__osd___do_osd_op_pre_getxattrs()
244 ctf_string(oid, oid)
245 ctf_integer(uint64_t, snap, snap)
246 ctf_string(aname, aname)
247 )
248 )
249
>>> CID 1398835: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
250 TRACEPOINT_EVENT(osd, do_osd_op_pre_getxattrs,
251 TP_ARGS(
252 const char*, oid,
253 uint64_t, snap),
254 TP_FIELDS(
255 ctf_string(oid, oid)
** CID 1398836: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 396 in __event_prepare_filter_stack__osd___do_osd_op_pre_writesame()
________________________________________________________________________________________________________
*** CID 1398836: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 396 in __event_prepare_filter_stack__osd___do_osd_op_pre_writesame()
390 ctf_integer(uint64_t, osize, osize)
391 ctf_integer(uint64_t, offset, offset)
392 ctf_integer(uint64_t, length, length)
393 )
394 )
395
>>> CID 1398836: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
396 TRACEPOINT_EVENT(osd, do_osd_op_pre_writesame,
397 TP_ARGS(
398 const char*, oid,
399 uint64_t, snap,
400 uint64_t, osize,
401 uint64_t, offset,
** CID 1398837: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 496 in __event_prepare_filter_stack__osd___do_osd_op_pre_watch()
________________________________________________________________________________________________________
*** CID 1398837: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 496 in __event_prepare_filter_stack__osd___do_osd_op_pre_watch()
490 ctf_integer(uint64_t, offset, offset)
491 ctf_integer(uint64_t, length, length)
492 ctf_integer(uint64_t, src_offset, src_offset)
493 )
494 )
495
>>> CID 1398837: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
496 TRACEPOINT_EVENT(osd, do_osd_op_pre_watch,
497 TP_ARGS(
498 const char*, oid,
499 uint64_t, snap,
500 uint64_t, cookie,
501 uint8_t, op),
** CID 1398838: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 740 in __event_prepare_filter_stack__osd___do_osd_op_pre_copy_get()
________________________________________________________________________________________________________
*** CID 1398838: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 740 in __event_prepare_filter_stack__osd___do_osd_op_pre_copy_get()
734 TP_FIELDS(
735 ctf_string(oid, oid)
736 ctf_integer(uint64_t, snap, snap)
737 )
738 )
739
>>> CID 1398838: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
740 TRACEPOINT_EVENT(osd, do_osd_op_pre_copy_get,
741 TP_ARGS(
742 const char*, oid,
743 uint64_t, snap),
744 TP_FIELDS(
745 ctf_string(oid, oid)
** CID 1398839: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 30 in __event_prepare_filter_stack__osd___prepare_tx_exit()
________________________________________________________________________________________________________
*** CID 1398839: Integer handling issues (NO_EFFECT)
/include/tracing/osd.h: 30 in __event_prepare_filter_stack__osd___prepare_tx_exit()
24 ctf_integer(int64_t, num, num)
25 ctf_integer(uint64_t, tid, tid)
26 ctf_integer(int32_t, inc, inc)
27 )
28 )
29
>>> CID 1398839: Integer handling issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "18446744073709551615UL < 0UL".
30 TRACEPOINT_EVENT(osd, prepare_tx_exit,
31 TP_ARGS(
32 // osd_reqid_t
33 uint8_t, type,
34 int64_t, num,
35 uint64_t, tid,
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E7Ilp3hIRx8pD79hCpT6dWOj5uDWQoRRvMwB-2Fk12Re3A-2FlJor-2FNUK0cQgaXnnFNvyRkBlZ-2F01qGbIFxZiBrt-2BDUaUzogA-2Bg6fLDDn32ARgZAe6SxD5DO-2FkUDXDyWiWhwdel-2B6apKTMYOcHWDftfTt8nPDzjI1CaKa-2Fa1fFMNsXRE5wnWRWTwvZwVT-2BO5GVq-2F8-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E7Ilp3hIRx8pD79hCpT6dWOj5uDWQoRRvMwB-2Fk12Re3KPAf7RrdehYo8AnLOFuXsNG8dqxANOgPzSFAP-2Br7fhNYcMy92fiRTtAy1okD-2FmPPWhgT2C9dfXHFIe5SXc2nAglDpn1Qnh7Ep5n5FiyOWN-2FiqKClFNWD-2FigyXMImEq53Pkm6CoknrE0fPs179Y1sUM-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2017-01-09 10:05 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2017-01-09 10:05 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
20 new defect(s) introduced to ceph found with Coverity Scan.
26 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 20 defect(s)
** CID 1398500: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/civetweb/src/civetweb.c: 10820 in refresh_trust()
________________________________________________________________________________________________________
*** CID 1398500: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/civetweb/src/civetweb.c: 10820 in refresh_trust()
10814 if ((pem = conn->ctx->config[SSL_CERTIFICATE]) == NULL
10815 && conn->ctx->callbacks.init_ssl == NULL) {
10816 return 0;
10817 }
10818
10819 t = data_check;
>>> CID 1398500: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "pem" to "stat", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
10820 if (stat(pem, &cert_buf) != -1) {
10821 t = (long int)cert_buf.st_mtime;
10822 }
10823
10824 if (data_check != t) {
10825 data_check = t;
** CID 1398501: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 21760 in __pyx_pw_3rbd_5Image_97lock_break()
________________________________________________________________________________________________________
*** CID 1398501: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 21760 in __pyx_pw_3rbd_5Image_97lock_break()
21754 }
21755 kw_args = PyDict_Size(__pyx_kwds);
21756 switch (pos_args) {
21757 case 0:
21758 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_mode)) != 0)) kw_args--;
21759 else goto __pyx_L5_argtuple_error;
>>> CID 1398501: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
21760 case 1:
21761 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_lock_owner)) != 0)) kw_args--;
21762 else {
21763 __Pyx_RaiseArgtupleInvalid("lock_break", 1, 2, 2, 1); __PYX_ERR(0, 2100, __pyx_L3_error)
21764 }
21765 }
** CID 1398502: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 22666 in __pyx_pw_3rbd_5Image_105break_lock()
________________________________________________________________________________________________________
*** CID 1398502: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 22666 in __pyx_pw_3rbd_5Image_105break_lock()
22660 }
22661 kw_args = PyDict_Size(__pyx_kwds);
22662 switch (pos_args) {
22663 case 0:
22664 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_client)) != 0)) kw_args--;
22665 else goto __pyx_L5_argtuple_error;
>>> CID 1398502: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
22666 case 1:
22667 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
22668 else {
22669 __Pyx_RaiseArgtupleInvalid("break_lock", 1, 2, 2, 1); __PYX_ERR(0, 2159, __pyx_L3_error)
22670 }
22671 }
** CID 1398503: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24445 in __pyx_pw_3rbd_5Image_121aio_read()
________________________________________________________________________________________________________
*** CID 1398503: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24445 in __pyx_pw_3rbd_5Image_121aio_read()
24439 else goto __pyx_L5_argtuple_error;
24440 case 1:
24441 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
24442 else {
24443 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 1); __PYX_ERR(0, 2298, __pyx_L3_error)
24444 }
>>> CID 1398503: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24445 case 2:
24446 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
24447 else {
24448 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 2); __PYX_ERR(0, 2298, __pyx_L3_error)
24449 }
24450 case 3:
** CID 1398504: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25561 in __pyx_pw_3rbd_5Image_125aio_discard()
________________________________________________________________________________________________________
*** CID 1398504: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25561 in __pyx_pw_3rbd_5Image_125aio_discard()
25555 }
25556 kw_args = PyDict_Size(__pyx_kwds);
25557 switch (pos_args) {
25558 case 0:
25559 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
25560 else goto __pyx_L5_argtuple_error;
>>> CID 1398504: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25561 case 1:
25562 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
25563 else {
25564 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 1); __PYX_ERR(0, 2399, __pyx_L3_error)
25565 }
25566 case 2:
** CID 1398505: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25132 in __pyx_pw_3rbd_5Image_123aio_write()
________________________________________________________________________________________________________
*** CID 1398505: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25132 in __pyx_pw_3rbd_5Image_123aio_write()
25126 else goto __pyx_L5_argtuple_error;
25127 case 1:
25128 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
25129 else {
25130 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 1); __PYX_ERR(0, 2353, __pyx_L3_error)
25131 }
>>> CID 1398505: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25132 case 2:
25133 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
25134 else {
25135 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 2); __PYX_ERR(0, 2353, __pyx_L3_error)
25136 }
25137 case 3:
** CID 1398506: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24450 in __pyx_pw_3rbd_5Image_121aio_read()
________________________________________________________________________________________________________
*** CID 1398506: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24450 in __pyx_pw_3rbd_5Image_121aio_read()
24444 }
24445 case 2:
24446 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
24447 else {
24448 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 2); __PYX_ERR(0, 2298, __pyx_L3_error)
24449 }
>>> CID 1398506: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24450 case 3:
24451 if (kw_args > 0) {
24452 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fadvise_flags);
24453 if (value) { values[3] = value; kw_args--; }
24454 }
24455 }
** CID 1398507: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25127 in __pyx_pw_3rbd_5Image_123aio_write()
________________________________________________________________________________________________________
*** CID 1398507: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25127 in __pyx_pw_3rbd_5Image_123aio_write()
25121 }
25122 kw_args = PyDict_Size(__pyx_kwds);
25123 switch (pos_args) {
25124 case 0:
25125 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
25126 else goto __pyx_L5_argtuple_error;
>>> CID 1398507: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25127 case 1:
25128 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
25129 else {
25130 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 1); __PYX_ERR(0, 2353, __pyx_L3_error)
25131 }
25132 case 2:
** CID 1398508: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 22193 in __pyx_pw_3rbd_5Image_101lock_shared()
________________________________________________________________________________________________________
*** CID 1398508: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 22193 in __pyx_pw_3rbd_5Image_101lock_shared()
22187 }
22188 kw_args = PyDict_Size(__pyx_kwds);
22189 switch (pos_args) {
22190 case 0:
22191 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
22192 else goto __pyx_L5_argtuple_error;
>>> CID 1398508: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
22193 case 1:
22194 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_tag)) != 0)) kw_args--;
22195 else {
22196 __Pyx_RaiseArgtupleInvalid("lock_shared", 1, 2, 2, 1); __PYX_ERR(0, 2130, __pyx_L3_error)
22197 }
22198 }
** CID 1398509: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25566 in __pyx_pw_3rbd_5Image_125aio_discard()
________________________________________________________________________________________________________
*** CID 1398509: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25566 in __pyx_pw_3rbd_5Image_125aio_discard()
25560 else goto __pyx_L5_argtuple_error;
25561 case 1:
25562 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
25563 else {
25564 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 1); __PYX_ERR(0, 2399, __pyx_L3_error)
25565 }
>>> CID 1398509: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25566 case 2:
25567 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
25568 else {
25569 __Pyx_RaiseArgtupleInvalid("aio_discard", 1, 3, 3, 2); __PYX_ERR(0, 2399, __pyx_L3_error)
25570 }
25571 }
** CID 1398510: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25137 in __pyx_pw_3rbd_5Image_123aio_write()
________________________________________________________________________________________________________
*** CID 1398510: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 25137 in __pyx_pw_3rbd_5Image_123aio_write()
25131 }
25132 case 2:
25133 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete)) != 0)) kw_args--;
25134 else {
25135 __Pyx_RaiseArgtupleInvalid("aio_write", 0, 3, 4, 2); __PYX_ERR(0, 2353, __pyx_L3_error)
25136 }
>>> CID 1398510: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
25137 case 3:
25138 if (kw_args > 0) {
25139 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fadvise_flags);
25140 if (value) { values[3] = value; kw_args--; }
25141 }
25142 }
** CID 1398511: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24440 in __pyx_pw_3rbd_5Image_121aio_read()
________________________________________________________________________________________________________
*** CID 1398511: Control flow issues (MISSING_BREAK)
/src/pybind/rbd/rbd.c: 24440 in __pyx_pw_3rbd_5Image_121aio_read()
24434 }
24435 kw_args = PyDict_Size(__pyx_kwds);
24436 switch (pos_args) {
24437 case 0:
24438 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
24439 else goto __pyx_L5_argtuple_error;
>>> CID 1398511: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
24440 case 1:
24441 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length)) != 0)) kw_args--;
24442 else {
24443 __Pyx_RaiseArgtupleInvalid("aio_read", 0, 3, 4, 1); __PYX_ERR(0, 2298, __pyx_L3_error)
24444 }
24445 case 2:
** CID 1398512: Performance inefficiencies (PASS_BY_VALUE)
/usr/include/c++/6.2.1/bits/list.tcc: 484 in std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>::remove_if<librbd::<unnamed>::filter_out_mirror_watchers(librbd::ImageCtx *, std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>*)::[lambda(obj_watch_t &) (instance 1)]>(T1)()
________________________________________________________________________________________________________
*** CID 1398512: Performance inefficiencies (PASS_BY_VALUE)
/usr/include/c++/6.2.1/bits/list.tcc: 484 in std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>::remove_if<librbd::<unnamed>::filter_out_mirror_watchers(librbd::ImageCtx *, std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t>>*)::[lambda(obj_watch_t &) (instance 1)]>(T1)()
478 }
479
480 template<typename _Tp, typename _Alloc>
481 template <typename _Predicate>
482 void
483 list<_Tp, _Alloc>::
>>> CID 1398512: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter __pred of type "librbd::<unnamed>::filter_out_mirror_watchers(librbd::ImageCtx *, std::__cxx11::list<obj_watch_t, std::allocator<obj_watch_t> > *)::[lambda(obj_watch_t &) (instance 1)]" (size 280 bytes) by value.
484 remove_if(_Predicate __pred)
485 {
486 iterator __first = begin();
487 iterator __last = end();
488 while (__first != __last)
489 {
** CID 1398513: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 771 in LibRadosSnapshotsSelfManagedECPP_SnapPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 790 in LibRadosSnapshotsSelfManagedECPP_SnapPP_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1398513: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 771 in LibRadosSnapshotsSelfManagedECPP_SnapPP_Test::TestBody()()
765 bl1.append(buf, bsize);
766 ASSERT_EQ(0, ioctx.write("foo", bl1, bsize, 0));
767
768 my_snaps.push_back(-2);
769 librados::AioCompletion *completion = cluster.aio_create_completion();
770 ioctx.aio_selfmanaged_snap_create(&my_snaps.back(), completion);
>>> CID 1398513: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
771 ASSERT_EQ(0, completion->wait_for_complete());
772 completion->release();
773 ::std::reverse(my_snaps.begin(), my_snaps.end());
774 ASSERT_EQ(0, ioctx.selfmanaged_snap_set_write_ctx(my_snaps[0], my_snaps));
775 ::std::reverse(my_snaps.begin(), my_snaps.end());
776 char *buf2 = (char *)new char[bsize];
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 790 in LibRadosSnapshotsSelfManagedECPP_SnapPP_Test::TestBody()()
784 bufferlist bl3;
785 ASSERT_EQ(bsize, ioctx.read("foo", bl3, bsize*3, 0));
786 ASSERT_EQ(0, memcmp(bl3.c_str(), buf, bsize));
787
788 completion = cluster.aio_create_completion();
789 ioctx.aio_selfmanaged_snap_remove(my_snaps.back(), completion);
>>> CID 1398513: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
790 ASSERT_EQ(0, completion->wait_for_complete());
791 completion->release();
792 my_snaps.pop_back();
793 ASSERT_EQ(0, ioctx.selfmanaged_snap_remove(my_snaps.back()));
794 my_snaps.pop_back();
795 ioctx.snap_set_read(LIBRADOS_SNAP_HEAD);
** CID 1398514: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 183 in LibRadosSnapshotsSelfManaged_Snap_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 203 in LibRadosSnapshotsSelfManaged_Snap_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1398514: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 183 in LibRadosSnapshotsSelfManaged_Snap_Test::TestBody()()
177 char buf[bufsize];
178 memset(buf, 0xcc, sizeof(buf));
179 ASSERT_EQ(0, rados_write(ioctx, "foo", buf, sizeof(buf), 0));
180
181 my_snaps.push_back(-2);
182 rados_completion_t completion;
>>> CID 1398514: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
183 ASSERT_EQ(0, rados_aio_create_completion(nullptr, nullptr, nullptr,
184 &completion));
185 rados_aio_ioctx_selfmanaged_snap_create(ioctx, &my_snaps.back(), completion);
186 ASSERT_EQ(0, rados_aio_wait_for_complete(completion));
187 rados_aio_release(completion);
188 ::std::reverse(my_snaps.begin(), my_snaps.end());
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 203 in LibRadosSnapshotsSelfManaged_Snap_Test::TestBody()()
197 ASSERT_EQ(-ENOENT, rados_read(ioctx, "foo", buf3, sizeof(buf3), 0));
198
199 rados_ioctx_snap_set_read(ioctx, my_snaps[1]);
200 ASSERT_EQ((int)sizeof(buf3), rados_read(ioctx, "foo", buf3, sizeof(buf3), 0));
201 ASSERT_EQ(0, memcmp(buf3, buf, sizeof(buf)));
202
>>> CID 1398514: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
203 ASSERT_EQ(0, rados_aio_create_completion(nullptr, nullptr, nullptr,
204 &completion));
205 rados_aio_ioctx_selfmanaged_snap_remove(ioctx, my_snaps.back(), completion);
206 ASSERT_EQ(0, rados_aio_wait_for_complete(completion));
207 rados_aio_release(completion);
208 my_snaps.pop_back();
** CID 1398515: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 681 in LibRadosSnapshotsSelfManagedEC_Snap_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 701 in LibRadosSnapshotsSelfManagedEC_Snap_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1398515: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 681 in LibRadosSnapshotsSelfManagedEC_Snap_Test::TestBody()()
675 char *buf = (char *)new char[bsize];
676 memset(buf, 0xcc, bsize);
677 ASSERT_EQ(0, rados_write(ioctx, "foo", buf, bsize, 0));
678
679 my_snaps.push_back(-2);
680 rados_completion_t completion;
>>> CID 1398515: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
681 ASSERT_EQ(0, rados_aio_create_completion(nullptr, nullptr, nullptr,
682 &completion));
683 rados_aio_ioctx_selfmanaged_snap_create(ioctx, &my_snaps.back(), completion);
684 ASSERT_EQ(0, rados_aio_wait_for_complete(completion));
685 rados_aio_release(completion);
686 ::std::reverse(my_snaps.begin(), my_snaps.end());
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 701 in LibRadosSnapshotsSelfManagedEC_Snap_Test::TestBody()()
695 ASSERT_EQ(-ENOENT, rados_read(ioctx, "foo", buf3, bsize*2, 0));
696
697 rados_ioctx_snap_set_read(ioctx, my_snaps[1]);
698 ASSERT_EQ(bsize, rados_read(ioctx, "foo", buf3, bsize*2, 0));
699 ASSERT_EQ(0, memcmp(buf3, buf, bsize));
700
>>> CID 1398515: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
701 ASSERT_EQ(0, rados_aio_create_completion(nullptr, nullptr, nullptr,
702 &completion));
703 rados_aio_ioctx_selfmanaged_snap_remove(ioctx, my_snaps.back(), completion);
704 ASSERT_EQ(0, rados_aio_wait_for_complete(completion));
705 rados_aio_release(completion);
706 my_snaps.pop_back();
** CID 1398516: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 266 in LibRadosSnapshotsSelfManagedPP_SnapPP_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 284 in LibRadosSnapshotsSelfManagedPP_SnapPP_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1398516: (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 266 in LibRadosSnapshotsSelfManagedPP_SnapPP_Test::TestBody()()
260 bl1.append(buf, sizeof(buf));
261 ASSERT_EQ(0, ioctx.write("foo", bl1, sizeof(buf), 0));
262
263 my_snaps.push_back(-2);
264 librados::AioCompletion *completion = cluster.aio_create_completion();
265 ioctx.aio_selfmanaged_snap_create(&my_snaps.back(), completion);
>>> CID 1398516: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
266 ASSERT_EQ(0, completion->wait_for_complete());
267 completion->release();
268 ::std::reverse(my_snaps.begin(), my_snaps.end());
269 ASSERT_EQ(0, ioctx.selfmanaged_snap_set_write_ctx(my_snaps[0], my_snaps));
270 ::std::reverse(my_snaps.begin(), my_snaps.end());
271 char buf2[sizeof(buf)];
/home/brad/working/src/ceph/src/test/librados/snapshots.cc: 284 in LibRadosSnapshotsSelfManagedPP_SnapPP_Test::TestBody()()
278 bufferlist bl3;
279 ASSERT_EQ((int)sizeof(buf), ioctx.read("foo", bl3, sizeof(buf), 0));
280 ASSERT_EQ(0, memcmp(bl3.c_str(), buf, sizeof(buf)));
281
282 completion = cluster.aio_create_completion();
283 ioctx.aio_selfmanaged_snap_remove(my_snaps.back(), completion);
>>> CID 1398516: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
284 ASSERT_EQ(0, completion->wait_for_complete());
285 completion->release();
286 my_snaps.pop_back();
287 ASSERT_EQ(0, ioctx.selfmanaged_snap_remove(my_snaps.back()));
288 my_snaps.pop_back();
289 ioctx.snap_set_read(LIBRADOS_SNAP_HEAD);
** CID 1398517: Security best practices violations (STRING_OVERFLOW)
/home/brad/working/src/ceph/src/test/librbd/exclusive_lock/test_mock_BreakRequest.cc: 55 in librbd::exclusive_lock::TestMockExclusiveLockBreakRequest::expect_list_watchers(librbd::<unnamed>::MockTestImageCtx &, int, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
________________________________________________________________________________________________________
*** CID 1398517: Security best practices violations (STRING_OVERFLOW)
/home/brad/working/src/ceph/src/test/librbd/exclusive_lock/test_mock_BreakRequest.cc: 55 in librbd::exclusive_lock::TestMockExclusiveLockBreakRequest::expect_list_watchers(librbd::<unnamed>::MockTestImageCtx &, int, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, unsigned long)()
49 auto &expect = EXPECT_CALL(get_mock_io_ctx(mock_image_ctx.md_ctx),
50 list_watchers(mock_image_ctx.header_oid, _));
51 if (r < 0) {
52 expect.WillOnce(Return(r));
53 } else {
54 obj_watch_t watcher;
>>> CID 1398517: Security best practices violations (STRING_OVERFLOW)
>>> You might overrun the 256-character fixed-size string "watcher.addr" by copying the return value of "c_str" without checking the length.
55 strcpy(watcher.addr, (address + ":0/0").c_str());
56 watcher.cookie = watch_handle;
57
58 std::list<obj_watch_t> watchers;
59 watchers.push_back(watcher);
60
** CID 1398518: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/BreakRequest.h: 75 in librbd::exclusive_lock::BreakRequest<librbd::<unnamed>::MockTestImageCtx>::BreakRequest(librbd::<unnamed>::MockTestImageCtx &, const librbd::exclusive_lock::Locker &, bool, bool, Context *)()
/home/brad/working/src/ceph/src/librbd/exclusive_lock/BreakRequest.h: 75 in librbd::exclusive_lock::BreakRequest<librbd::ImageCtx>::BreakRequest(librbd::ImageCtx &, const librbd::exclusive_lock::Locker &, bool, bool, Context *)()
________________________________________________________________________________________________________
*** CID 1398518: (UNINIT_CTOR)
/home/brad/working/src/ceph/src/librbd/exclusive_lock/BreakRequest.h: 75 in librbd::exclusive_lock::BreakRequest<librbd::<unnamed>::MockTestImageCtx>::BreakRequest(librbd::<unnamed>::MockTestImageCtx &, const librbd::exclusive_lock::Locker &, bool, bool, Context *)()
69 BreakRequest(ImageCtxT &image_ctx, const Locker &locker,
70 bool blacklist_locker, bool force_break_lock,
71 Context *on_finish)
72 : m_image_ctx(image_ctx), m_locker(locker),
73 m_blacklist_locker(blacklist_locker),
74 m_force_break_lock(force_break_lock), m_on_finish(on_finish) {
>>> CID 1398518: (UNINIT_CTOR)
>>> Non-static class member "m_watchers_ret_val" is not initialized in this constructor nor in any functions that it calls.
75 }
76
77 void send_get_watchers();
78 void handle_get_watchers(int r);
79
80 void send_blacklist();
/home/brad/working/src/ceph/src/librbd/exclusive_lock/BreakRequest.h: 75 in librbd::exclusive_lock::BreakRequest<librbd::ImageCtx>::BreakRequest(librbd::ImageCtx &, const librbd::exclusive_lock::Locker &, bool, bool, Context *)()
69 BreakRequest(ImageCtxT &image_ctx, const Locker &locker,
70 bool blacklist_locker, bool force_break_lock,
71 Context *on_finish)
72 : m_image_ctx(image_ctx), m_locker(locker),
73 m_blacklist_locker(blacklist_locker),
74 m_force_break_lock(force_break_lock), m_on_finish(on_finish) {
>>> CID 1398518: (UNINIT_CTOR)
>>> Non-static class member "m_watchers_ret_val" is not initialized in this constructor nor in any functions that it calls.
75 }
76
77 void send_get_watchers();
78 void handle_get_watchers(int r);
79
80 void send_blacklist();
** CID 1398519: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/exclusive_lock/test_mock_AcquireRequest.cc: 73 in librbd::exclusive_lock::GetLockerRequest<librbd::<unnamed>::MockTestImageCtx>::GetLockerRequest()()
________________________________________________________________________________________________________
*** CID 1398519: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/test/librbd/exclusive_lock/test_mock_AcquireRequest.cc: 73 in librbd::exclusive_lock::GetLockerRequest<librbd::<unnamed>::MockTestImageCtx>::GetLockerRequest()()
67 s_instance->on_finish = on_finish;
68 return s_instance;
69 }
70
71 GetLockerRequest() {
72 s_instance = this;
>>> CID 1398519: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "on_finish" is not initialized in this constructor nor in any functions that it calls.
73 }
74
75 MOCK_METHOD0(send, void());
76 };
77
78 BreakRequest<librbd::MockTestImageCtx> *BreakRequest<librbd::MockTestImageCtx>::s_instance = nullptr;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GZX1JbV4p59iDYT3T-2FG3xR0QhHOyubCeQVFcE1DBLfv53DXk4NoNohCrs9QYfXU0zWv2XF-2FKoqp295uxOLTRCpKxpMW2tZXF3uCbwLxYtAUyAtjH6hrxN5XPuBdTxFr5owNjaS6EgpFqPII5BbJqTe4UjBAhJ54sYFHprvGWdNtDaumHWcZewzfofaWkSj-2Brk-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GZX1JbV4p59iDYT3T-2FG3xR0QhHOyubCeQVFcE1DBLfv5tpq4sKgD1ElADcbgVSD1YAAUuXE5iMZMIKUFKREcNcJhnW6rCU9bXwjQHObs33FNIpJStXJjP9YTOEzHAvyuimmhmteEzbQymTObDpWOjUeFB9W-2BSk60VpHG7zRgWVuheJi2P8mZZsnq-2BXnfUfRFo-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-12-30 8:33 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-12-30 8:33 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
16 new defect(s) introduced to ceph found with Coverity Scan.
12 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 16 of 16 defect(s)
** CID 1213584: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1213584: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 9042 in C_CompleteSplits::finish(int)()
9036 return;
9037 PG::RecoveryCtx rctx = osd->create_context();
9038 for (set<boost::intrusive_ptr<PG> >::iterator i = pgs.begin();
9039 i != pgs.end();
9040 ++i) {
9041 osd->pg_map_lock.get_write();
>>> CID 1213584: Program hangs (ORDER_REVERSAL)
>>> Calling "lock" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 11).
9042 (*i)->lock();
9043 osd->add_newly_split_pg(&**i, &rctx);
9044 if (!((*i)->deleting)) {
9045 set<spg_t> to_complete;
9046 to_complete.insert((*i)->info.pgid);
9047 osd->service.complete_split(to_complete);
** CID 1351530: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1351530: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 5117 in OSD::queue_want_up_thru(unsigned int)()
5111 }
5112
5113 void OSD::queue_want_up_thru(epoch_t want)
5114 {
5115 map_lock.get_read();
5116 epoch_t cur = osdmap->get_up_thru(whoami);
>>> CID 1351530: Program hangs (ORDER_REVERSAL)
>>> Calling "Locker" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 11).
5117 Mutex::Locker l(mon_report_lock);
5118 if (want > up_thru_wanted) {
5119 dout(10) << "queue_want_up_thru now " << want << " (was " << up_thru_wanted << ")"
5120 << ", currently " << cur
5121 << dendl;
5122 up_thru_wanted = want;
** CID 1351531: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1351531: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 4820 in OSD::ms_handle_connect(Connection *)()
4814 if (is_preboot()) {
4815 start_boot();
4816 } else if (is_booting()) {
4817 _send_boot(); // resend boot message
4818 } else {
4819 map_lock.get_read();
>>> CID 1351531: Program hangs (ORDER_REVERSAL)
>>> Calling "Locker" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 11).
4820 Mutex::Locker l2(mon_report_lock);
4821
4822 utime_t now = ceph_clock_now();
4823 last_mon_report = now;
4824
4825 // resend everything, it's a new session
** CID 1351532: (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1351532: (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 4411 in OSD::tick_without_osd_lock()()
4405 if (is_active() || is_waiting_for_healthy()) {
4406 heartbeat_lock.Lock();
4407 heartbeat_check();
4408 heartbeat_lock.Unlock();
4409
4410 map_lock.get_read();
>>> CID 1351532: (ORDER_REVERSAL)
>>> Calling "Locker" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 11).
4411 Mutex::Locker l(mon_report_lock);
4412
4413 // mon report?
4414 bool reset = false;
4415 bool report = false;
4416 utime_t now = ceph_clock_now();
/home/brad/working/src/ceph/src/osd/OSD.cc: 4417 in OSD::tick_without_osd_lock()()
4411 Mutex::Locker l(mon_report_lock);
4412
4413 // mon report?
4414 bool reset = false;
4415 bool report = false;
4416 utime_t now = ceph_clock_now();
>>> CID 1351532: (ORDER_REVERSAL)
>>> Calling "Lock" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 11).
4417 pg_stat_queue_lock.Lock();
4418 double backoff = stats_ack_timeout / cct->_conf->osd_mon_ack_timeout;
4419 double adjusted_min = cct->_conf->osd_mon_report_interval_min * backoff;
4420 // note: we shouldn't adjust max because it must remain < the
4421 // mon's mon_osd_report_timeout (which defaults to 1.5x our
4422 // value).
** CID 1398195: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/os/bluestore/BitAllocator.cc: 798 in BitMapAreaIN::BitMapAreaIN(CephContext *, long, long)()
________________________________________________________________________________________________________
*** CID 1398195: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/os/bluestore/BitAllocator.cc: 798 in BitMapAreaIN::BitMapAreaIN(CephContext *, long, long)()
792 }
793
794 BitMapAreaIN::BitMapAreaIN(CephContext* cct,int64_t total_blocks,
795 int64_t area_idx)
796 : BitMapArea(cct)
797 {
>>> CID 1398195: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "m_child_list" of "BitMapAreaIN" but the destructor and whatever functions it calls do not free it.
798 init(total_blocks, area_idx, false);
799 }
800
801 BitMapAreaIN::BitMapAreaIN(CephContext* cct, int64_t total_blocks,
802 int64_t area_idx, bool def)
803 : BitMapArea(cct)
** CID 1398196: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/OSD.cc: 6537 in OSDService::ScrubJob::ScrubJob(CephContext *, const spg_t &, const utime_t &, double, double, bool)()
________________________________________________________________________________________________________
*** CID 1398196: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/OSD.cc: 6537 in OSDService::ScrubJob::ScrubJob(CephContext *, const spg_t &, const utime_t &, double, double, bool)()
6531 double scrub_min_interval = pool_scrub_min_interval > 0 ?
6532 pool_scrub_min_interval : cct->_conf->osd_scrub_min_interval;
6533 double scrub_max_interval = pool_scrub_max_interval > 0 ?
6534 pool_scrub_max_interval : cct->_conf->osd_scrub_max_interval;
6535
6536 sched_time += scrub_min_interval;
>>> CID 1398196: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
6537 double r = rand() / (double)RAND_MAX;
6538 sched_time +=
6539 scrub_min_interval * cct->_conf->osd_scrub_interval_randomize_ratio * r;
6540 deadline += scrub_max_interval;
6541 }
6542 }
** CID 1398197: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1398197: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/osd/OSD.cc: 7035 in OSD::_committed_osd_maps(unsigned int, unsigned int, MOSDMap *)()
7029 osdmap->is_up(*p) && // in old map
7030 newmap->is_down(*p)) { // but not the new one
7031 if (!waited_for_reservations) {
7032 service.await_reserved_maps();
7033 waited_for_reservations = true;
7034 }
>>> CID 1398197: Program hangs (ORDER_REVERSAL)
>>> Calling "note_down_osd" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 11).
7035 note_down_osd(*p);
7036 } else if (*p != whoami &&
7037 osdmap->is_down(*p) &&
7038 newmap->is_up(*p)) {
7039 note_up_osd(*p);
7040 }
** CID 1398198: (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1398198: (TAINTED_SCALAR)
/home/brad/working/src/ceph/src/os/kstore/KStore.cc: 295 in get_object_key(CephContext *, const ghobject_t &, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)()
289 // sanity check
290 if (true) {
291 ghobject_t t;
292 int r = get_key_object(*key, &t);
293 if (r || t != oid) {
294 derr << " r " << r << dendl;
>>> CID 1398198: (TAINTED_SCALAR)
>>> Passing tainted variable "key" to a tainted sink.
295 derr << "key " << pretty_binary_string(*key) << dendl;
296 derr << "oid " << oid << dendl;
297 derr << " t " << t << dendl;
298 assert(t == oid);
299 }
300 }
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.cc: 328 in get_object_key(CephContext *, const ghobject_t &, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *)()
322 // sanity check
323 if (true) {
324 ghobject_t t;
325 int r = get_key_object(*key, &t);
326 if (r || t != oid) {
327 derr << " r " << r << dendl;
>>> CID 1398198: (TAINTED_SCALAR)
>>> Passing tainted variable "key" to a tainted sink.
328 derr << "key " << pretty_binary_string(*key) << dendl;
329 derr << "oid " << oid << dendl;
330 derr << " t " << t << dendl;
331 assert(r == 0 && t == oid);
332 }
333 }
** CID 1398199: Insecure data handling (TAINTED_STRING)
/home/brad/working/src/ceph/src/test/admin_socket.cc: 113 in AdminSocket_SendTooLongRequest_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1398199: Insecure data handling (TAINTED_STRING)
/home/brad/working/src/ceph/src/test/admin_socket.cc: 113 in AdminSocket_SendTooLongRequest_Test::TestBody()()
107
108 TEST(AdminSocket, SendTooLongRequest) {
109 std::unique_ptr<AdminSocket>
110 asokc(new AdminSocket(g_ceph_context));
111 AdminSocketTest asoct(asokc.get());
112 ASSERT_EQ(true, asoct.shutdown());
>>> CID 1398199: Insecure data handling (TAINTED_STRING)
>>> Call to function "basic_string" with tainted argument "get_rand_socket_path()" transitively taints "<temporary>". [Note: The source code implementation of the function has been overridden by a builtin model.]
113 ASSERT_EQ(true, asoct.init(get_rand_socket_path()));
114 AdminSocketClient client(get_rand_socket_path());
115 string version;
116 string request(16384, 'a');
117 //if admin_socket cannot handle it, segfault will happened.
118 ASSERT_NE("", client.do_request(request, &version));
** CID 1398200: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/kstore/KStore.h: 87 in KStore::Onode::Onode(CephContext *, const ghobject_t &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
________________________________________________________________________________________________________
*** CID 1398200: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/kstore/KStore.h: 87 in KStore::Onode::Onode(CephContext *, const ghobject_t &, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
81 : cct(cct),
82 nref(0),
83 oid(o),
84 key(k),
85 dirty(false),
86 exists(false) {
>>> CID 1398200: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "tail_offset" is not initialized in this constructor nor in any functions that it calls.
87 }
88
89 void flush();
90 void get() {
91 ++nref;
92 }
** CID 1398201: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 78 in PGLSFilter::PGLSFilter()()
________________________________________________________________________________________________________
*** CID 1398201: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 78 in PGLSFilter::PGLSFilter()()
72 #include <errno.h>
73
74 MEMPOOL_DEFINE_OBJECT_FACTORY(PrimaryLogPG, replicatedpg, osd);
75
76 PGLSFilter::PGLSFilter()
77 {
>>> CID 1398201: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "cct" is not initialized in this constructor nor in any functions that it calls.
78 }
79
80 PGLSFilter::~PGLSFilter()
81 {
82 }
83
** CID 1398202: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.h: 846 in BlueStore::Cache::Cache(CephContext *)()
________________________________________________________________________________________________________
*** CID 1398202: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BlueStore.h: 846 in BlueStore::Cache::Cache(CephContext *)()
840 std::atomic<uint64_t> num_blobs = {0};
841
842 size_t last_trim_seq = 0;
843
844 static Cache *create(CephContext* cct, string type, PerfCounters *logger);
845
>>> CID 1398202: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "logger" is not initialized in this constructor nor in any functions that it calls.
846 Cache(CephContext* cct) : cct(cct) {}
847 virtual ~Cache() {}
848
849 virtual void _add_onode(OnodeRef& o, int level) = 0;
850 virtual void _rm_onode(OnodeRef& o) = 0;
851 virtual void _touch_onode(OnodeRef& o) = 0;
** CID 1398203: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/OSD.h: 641 in OSDService::ScrubJob::ScrubJob()()
________________________________________________________________________________________________________
*** CID 1398203: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/OSD.h: 641 in OSDService::ScrubJob::ScrubJob()()
635 spg_t pgid;
636 /// a time scheduled for scrub. but the scrub could be delayed if system
637 /// load is too high or it fails to fall in the scrub hours
638 utime_t sched_time;
639 /// the hard upper bound of scrub time
640 utime_t deadline;
>>> CID 1398203: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "cct" is not initialized in this constructor nor in any functions that it calls.
641 ScrubJob() {}
642 explicit ScrubJob(CephContext* cct, const spg_t& pg,
643 const utime_t& timestamp,
644 double pool_scrub_min_interval = 0,
645 double pool_scrub_max_interval = 0, bool must = true);
646 /// order the jobs by sched_time
** CID 1398204: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BitAllocator.cc: 746 in BitMapAreaIN::BitMapAreaIN(CephContext *)()
________________________________________________________________________________________________________
*** CID 1398204: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BitAllocator.cc: 746 in BitMapAreaIN::BitMapAreaIN(CephContext *)()
740 * BitMapArea Leaf and Internal
741 */
742 BitMapAreaIN::BitMapAreaIN(CephContext* cct)
743 : BitMapArea(cct)
744 {
745 // nothing
>>> CID 1398204: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_child_list" is not initialized in this constructor nor in any functions that it calls.
746 }
747
748 void BitMapAreaIN::init_common(int64_t total_blocks, int64_t area_idx, bool def)
749 {
750 m_area_index = area_idx;
751 m_total_blocks = total_blocks;
** CID 1398205: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BitmapFreelistManager.cc: 58 in BitmapFreelistManager::BitmapFreelistManager(CephContext *, KeyValueDB *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
________________________________________________________________________________________________________
*** CID 1398205: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BitmapFreelistManager.cc: 58 in BitmapFreelistManager::BitmapFreelistManager(CephContext *, KeyValueDB *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
52 string bitmap_prefix)
53 : FreelistManager(cct),
54 meta_prefix(meta_prefix),
55 bitmap_prefix(bitmap_prefix),
56 kvdb(db)
57 {
>>> CID 1398205: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "enumerate_bl_pos" is not initialized in this constructor nor in any functions that it calls.
58 }
59
60 int BitmapFreelistManager::create(uint64_t new_size, KeyValueDB::Transaction txn)
61 {
62 bytes_per_block = cct->_conf->bdev_block_size;
63 assert(ISP2(bytes_per_block));
** CID 1398206: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BitAllocator.h: 266 in BitMapArea::BitMapArea(CephContext *)()
________________________________________________________________________________________________________
*** CID 1398206: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/os/bluestore/BitAllocator.h: 266 in BitMapArea::BitMapArea(CephContext *)()
260
261 int64_t child_count();
262 int64_t get_index();
263 int64_t get_level();
264 bmap_area_type_t get_type();
265 virtual void dump_state(int& count) = 0;
>>> CID 1398206: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_type" is not initialized in this constructor nor in any functions that it calls.
266 BitMapArea(CephContext* cct) : cct(cct) {}
267 virtual ~BitMapArea() { }
268 };
269
270 class BitMapAreaList {
271
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GeYWMm9JqZsVcnFzXBYjl53tnd5pIjk0s2bDmef6l12PA7mZ7O9u5r3WS-2BU3nibfzbSSWxRXF3CZD1O4IZ9CZYtv-2FsavwISp6O0FsgdG8snJ7me-2B4d1eZSdqn9S7HthXiVLJWoX8OsRvQXeAdbQ4m7DDH85yQviZceNEMjx5tcUyh597nVhmeB8FEkQQfeZwA-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8GeYWMm9JqZsVcnFzXBYjl53tnd5pIjk0s2bDmef6l12AlBVifsKopcZFxig-2FYB1QcaVQn30ZzwOE-2B-2FOCWPo9qtbNW2ALu-2FHmoJvjmXc1ndtDwk7gPI5BLVislPd0cPn9BQisiica1dsFH8g5Ijtrdge4V2iuP6rtUhoIcfCkbrsbyXZ-2FABfRva5R8z5Gw7vh0-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-12-23 9:16 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-12-23 9:16 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
8 new defect(s) introduced to ceph found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 1397726: Integer handling issues (BAD_SHIFT)
/home/brad/working/src/ceph/src/test/objectstore/BitAllocator_test.cc: 323 in BitAllocator_test_zone_alloc_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1397726: Integer handling issues (BAD_SHIFT)
/home/brad/working/src/ceph/src/test/objectstore/BitAllocator_test.cc: 323 in BitAllocator_test_zone_alloc_Test::TestBody()()
317 {
318 int64_t blk_size = 1;
319 AllocExtentVector extents = AllocExtentVector
320 (zone->size() / 2, AllocExtent(-1, -1));
321
322 for (int i = 1; i <= total_blocks - BmapEntry::size(); i = i << 1) {
>>> CID 1397726: Integer handling issues (BAD_SHIFT)
>>> In expression "1 << j", left shifting by more than 31 bits has undefined behavior. The shift amount, "j", is as much as 64.
323 for (int64_t j = 0; j <= BmapEntry::size(); j = 1 << j) {
324 ExtentList *block_list = new ExtentList(&extents, blk_size);
325 zone = new BitMapZone(total_blocks, 0);
326 lock = zone->lock_excl_try();
327 bmap_test_assert(lock);
328
** CID 1397727: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/bluestore/StupidAllocator.cc: 163 in StupidAllocator::allocate_int(unsigned long, unsigned long, long, unsigned long *, unsigned int *)()
________________________________________________________________________________________________________
*** CID 1397727: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/os/bluestore/StupidAllocator.cc: 163 in StupidAllocator::allocate_int(unsigned long, unsigned long, long, unsigned long *, unsigned int *)()
157 if (skew)
158 skew = alloc_unit - skew;
159 *offset = p.get_start() + skew;
160 *length = MIN(MAX(alloc_unit, want_size), p.get_len() - skew);
161 if (g_conf->bluestore_debug_small_allocations) {
162 uint64_t max =
>>> CID 1397727: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
163 alloc_unit * (rand() % g_conf->bluestore_debug_small_allocations);
164 if (max && *length > max) {
165 dout(10) << __func__ << " shortening allocation of 0x" << std::hex
166 << *length << " -> 0x"
167 << max << " due to debug_small_allocations" << std::dec << dendl;
168 *length = max;
** CID 1397728: (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/os/bluestore/StupidAllocator.cc: 156 in StupidAllocator::allocate_int(unsigned long, unsigned long, long, unsigned long *, unsigned int *)()
/home/brad/working/src/ceph/src/os/bluestore/StupidAllocator.cc: 156 in StupidAllocator::allocate_int(unsigned long, unsigned long, long, unsigned long *, unsigned int *)()
________________________________________________________________________________________________________
*** CID 1397728: (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/os/bluestore/StupidAllocator.cc: 156 in StupidAllocator::allocate_int(unsigned long, unsigned long, long, unsigned long *, unsigned int *)()
150 }
151 }
152
153 return -ENOSPC;
154
155 found:
>>> CID 1397728: (DIVIDE_BY_ZERO)
>>> In expression "p.get_start() % alloc_unit", modulo by expression "alloc_unit" which may be zero has undefined behavior.
156 uint64_t skew = p.get_start() % alloc_unit;
157 if (skew)
158 skew = alloc_unit - skew;
159 *offset = p.get_start() + skew;
160 *length = MIN(MAX(alloc_unit, want_size), p.get_len() - skew);
161 if (g_conf->bluestore_debug_small_allocations) {
/home/brad/working/src/ceph/src/os/bluestore/StupidAllocator.cc: 156 in StupidAllocator::allocate_int(unsigned long, unsigned long, long, unsigned long *, unsigned int *)()
150 }
151 }
152
153 return -ENOSPC;
154
155 found:
>>> CID 1397728: (DIVIDE_BY_ZERO)
>>> In expression "p.get_start() % alloc_unit", modulo by expression "alloc_unit" which may be zero has undefined behavior.
156 uint64_t skew = p.get_start() % alloc_unit;
157 if (skew)
158 skew = alloc_unit - skew;
159 *offset = p.get_start() + skew;
160 *length = MIN(MAX(alloc_unit, want_size), p.get_len() - skew);
161 if (g_conf->bluestore_debug_small_allocations) {
** CID 1397729: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_rest_s3.cc: 3653 in RGW_Auth_S3::authorize_v4(RGWRados *, req_state *, bool)()
________________________________________________________________________________________________________
*** CID 1397729: Null pointer dereferences (FORWARD_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_rest_s3.cc: 3653 in RGW_Auth_S3::authorize_v4(RGWRados *, req_state *, bool)()
3647 const char *d = s->info.env->get("HTTP_X_AMZ_DATE");
3648 struct tm t;
3649 if (!parse_iso8601(d, &t, NULL, false)) {
3650 dout(10) << "error reading date via http_x_amz_date" << dendl;
3651 return -EACCES;
3652 }
>>> CID 1397729: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "d" to "operator =", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
3653 s->aws4_auth->date = d;
3654 }
3655
3656 /* AKIAIVKTAZLOCF43WNQD/AAAAMMDD/region/host/aws4_request */
3657 dout(10) << "v4 credential format = " << s->aws4_auth->credential << dendl;
3658
** CID 1397730: Program hangs (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1397730: Program hangs (ORDER_REVERSAL)
/home/brad/working/src/ceph/src/common/ceph_context.h: 134 in CephContext::lookup_or_create_singleton_object<<unnamed>::MempoolObs>(T1 *&, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &)()
128 bufferlist *out);
129
130 template<typename T>
131 void lookup_or_create_singleton_object(T*& p, const std::string &name) {
132 ceph_spin_lock(&_associated_objs_lock);
133 if (!_associated_objs.count(name)) {
>>> CID 1397730: Program hangs (ORDER_REVERSAL)
>>> Calling "MempoolObs" acquires lock "Mutex._m" while holding lock "ceph_spinlock_t.lock" (count: 1 / 20).
134 p = new T(this);
135 _associated_objs[name] = new TypedSingletonWrapper<T>(p);
136 } else {
137 TypedSingletonWrapper<T> *wrapper =
138 dynamic_cast<TypedSingletonWrapper<T> *>(_associated_objs[name]);
139 assert(wrapper != NULL);
** CID 1397731: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/objectstore/BitAllocator_test.cc: 323 in BitAllocator_test_zone_alloc_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1397731: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
/home/brad/working/src/ceph/src/test/objectstore/BitAllocator_test.cc: 323 in BitAllocator_test_zone_alloc_Test::TestBody()()
317 {
318 int64_t blk_size = 1;
319 AllocExtentVector extents = AllocExtentVector
320 (zone->size() / 2, AllocExtent(-1, -1));
321
322 for (int i = 1; i <= total_blocks - BmapEntry::size(); i = i << 1) {
>>> CID 1397731: Integer handling issues (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "1 << j" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "int64_t" (64 bits, signed).
323 for (int64_t j = 0; j <= BmapEntry::size(); j = 1 << j) {
324 ExtentList *block_list = new ExtentList(&extents, blk_size);
325 zone = new BitMapZone(total_blocks, 0);
326 lock = zone->lock_excl_try();
327 bmap_test_assert(lock);
328
** CID 1397732: (PARSE_ERROR)
/home/brad/working/src/ceph/src/common/config_opts.h: 195 in ()
/home/brad/working/src/ceph/src/common/config_opts.h: 196 in ()
/home/brad/working/src/ceph/src/common/config_opts.h: 197 in ()
/home/brad/working/src/ceph/src/common/config_opts.h: 198 in ()
/home/brad/working/src/ceph/src/common/config_opts.h: 199 in ()
________________________________________________________________________________________________________
*** CID 1397732: (PARSE_ERROR)
/home/brad/working/src/ceph/src/common/config_opts.h: 195 in ()
189 OPTION(ms_die_on_skipped_message, OPT_BOOL, false) // assert if we skip a seq (kernel client does this intentionally)
190 OPTION(ms_dispatch_throttle_bytes, OPT_U64, 100 << 20)
191 OPTION(ms_bind_ipv6, OPT_BOOL, false)
192 OPTION(ms_bind_port_min, OPT_INT, 6800)
193 OPTION(ms_bind_port_max, OPT_INT, 7300)
194 OPTION(ms_bind_retry_count, OPT_INT, 3) // If binding fails, how many times do we retry to bind
>>> CID 1397732: (PARSE_ERROR)
>>> detected during instantiation of "std::enable_if<std::is_destructible<T>::value, md_config_t::validator_t>::type <unnamed>::create_validator<T>() [with T=md_config_t::option_ms_bind_retry_delay_t]" at line 195 of "/home/brad/working/src/ceph/src/common/config_opts.h"
195 OPTION(ms_bind_retry_delay, OPT_INT, 5) // Delay between attemps to bind
196 OPTION(ms_rwthread_stack_bytes, OPT_U64, 1024 << 10)
197 OPTION(ms_tcp_read_timeout, OPT_U64, 900)
198 OPTION(ms_pq_max_tokens_per_priority, OPT_U64, 16777216)
199 OPTION(ms_pq_min_cost, OPT_U64, 65536)
200 OPTION(ms_inject_socket_failures, OPT_U64, 0)
/home/brad/working/src/ceph/src/common/config_opts.h: 196 in ()
190 OPTION(ms_dispatch_throttle_bytes, OPT_U64, 100 << 20)
191 OPTION(ms_bind_ipv6, OPT_BOOL, false)
192 OPTION(ms_bind_port_min, OPT_INT, 6800)
193 OPTION(ms_bind_port_max, OPT_INT, 7300)
194 OPTION(ms_bind_retry_count, OPT_INT, 3) // If binding fails, how many times do we retry to bind
195 OPTION(ms_bind_retry_delay, OPT_INT, 5) // Delay between attemps to bind
>>> CID 1397732: (PARSE_ERROR)
>>> detected during instantiation of "std::enable_if<std::is_destructible<T>::value, md_config_t::validator_t>::type <unnamed>::create_validator<T>() [with T=md_config_t::option_ms_rwthread_stack_bytes_t]" at line 196 of "/home/brad/working/src/ceph/src/common/config_opts.h"
196 OPTION(ms_rwthread_stack_bytes, OPT_U64, 1024 << 10)
197 OPTION(ms_tcp_read_timeout, OPT_U64, 900)
198 OPTION(ms_pq_max_tokens_per_priority, OPT_U64, 16777216)
199 OPTION(ms_pq_min_cost, OPT_U64, 65536)
200 OPTION(ms_inject_socket_failures, OPT_U64, 0)
201 OPTION(ms_inject_delay_type, OPT_STR, "") // "osd mds mon client" allowed
/home/brad/working/src/ceph/src/common/config_opts.h: 197 in ()
191 OPTION(ms_bind_ipv6, OPT_BOOL, false)
192 OPTION(ms_bind_port_min, OPT_INT, 6800)
193 OPTION(ms_bind_port_max, OPT_INT, 7300)
194 OPTION(ms_bind_retry_count, OPT_INT, 3) // If binding fails, how many times do we retry to bind
195 OPTION(ms_bind_retry_delay, OPT_INT, 5) // Delay between attemps to bind
196 OPTION(ms_rwthread_stack_bytes, OPT_U64, 1024 << 10)
>>> CID 1397732: (PARSE_ERROR)
>>> detected during instantiation of "std::enable_if<std::is_destructible<T>::value, md_config_t::validator_t>::type <unnamed>::create_validator<T>() [with T=md_config_t::option_ms_tcp_read_timeout_t]" at line 197 of "/home/brad/working/src/ceph/src/common/config_opts.h"
197 OPTION(ms_tcp_read_timeout, OPT_U64, 900)
198 OPTION(ms_pq_max_tokens_per_priority, OPT_U64, 16777216)
199 OPTION(ms_pq_min_cost, OPT_U64, 65536)
200 OPTION(ms_inject_socket_failures, OPT_U64, 0)
201 OPTION(ms_inject_delay_type, OPT_STR, "") // "osd mds mon client" allowed
202 OPTION(ms_inject_delay_msg_type, OPT_STR, "") // the type of message to delay, as returned by Message::get_type_name(). This is an additional restriction on the general type filter ms_inject_delay_type.
/home/brad/working/src/ceph/src/common/config_opts.h: 198 in ()
192 OPTION(ms_bind_port_min, OPT_INT, 6800)
193 OPTION(ms_bind_port_max, OPT_INT, 7300)
194 OPTION(ms_bind_retry_count, OPT_INT, 3) // If binding fails, how many times do we retry to bind
195 OPTION(ms_bind_retry_delay, OPT_INT, 5) // Delay between attemps to bind
196 OPTION(ms_rwthread_stack_bytes, OPT_U64, 1024 << 10)
197 OPTION(ms_tcp_read_timeout, OPT_U64, 900)
>>> CID 1397732: (PARSE_ERROR)
>>> detected during instantiation of "std::enable_if<std::is_destructible<T>::value, md_config_t::validator_t>::type <unnamed>::create_validator<T>() [with T=md_config_t::option_ms_pq_max_tokens_per_priority_t]" at line 198 of "/home/brad/working/src/ceph/src/common/config_opts.h"
198 OPTION(ms_pq_max_tokens_per_priority, OPT_U64, 16777216)
199 OPTION(ms_pq_min_cost, OPT_U64, 65536)
200 OPTION(ms_inject_socket_failures, OPT_U64, 0)
201 OPTION(ms_inject_delay_type, OPT_STR, "") // "osd mds mon client" allowed
202 OPTION(ms_inject_delay_msg_type, OPT_STR, "") // the type of message to delay, as returned by Message::get_type_name(). This is an additional restriction on the general type filter ms_inject_delay_type.
203 OPTION(ms_inject_delay_max, OPT_DOUBLE, 1) // seconds
/home/brad/working/src/ceph/src/common/config_opts.h: 199 in ()
193 OPTION(ms_bind_port_max, OPT_INT, 7300)
194 OPTION(ms_bind_retry_count, OPT_INT, 3) // If binding fails, how many times do we retry to bind
195 OPTION(ms_bind_retry_delay, OPT_INT, 5) // Delay between attemps to bind
196 OPTION(ms_rwthread_stack_bytes, OPT_U64, 1024 << 10)
197 OPTION(ms_tcp_read_timeout, OPT_U64, 900)
198 OPTION(ms_pq_max_tokens_per_priority, OPT_U64, 16777216)
>>> CID 1397732: (PARSE_ERROR)
>>> detected during instantiation of "std::enable_if<std::is_destructible<T>::value, md_config_t::validator_t>::type <unnamed>::create_validator<T>() [with T=md_config_t::option_ms_pq_min_cost_t]" at line 199 of "/home/brad/working/src/ceph/src/common/config_opts.h"
199 OPTION(ms_pq_min_cost, OPT_U64, 65536)
200 OPTION(ms_inject_socket_failures, OPT_U64, 0)
201 OPTION(ms_inject_delay_type, OPT_STR, "") // "osd mds mon client" allowed
202 OPTION(ms_inject_delay_msg_type, OPT_STR, "") // the type of message to delay, as returned by Message::get_type_name(). This is an additional restriction on the general type filter ms_inject_delay_type.
203 OPTION(ms_inject_delay_max, OPT_DOUBLE, 1) // seconds
204 OPTION(ms_inject_delay_probability, OPT_DOUBLE, 0) // range [0, 1]
** CID 1397733: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/TracepointProvider.cc: 43 in TracepointProvider::verify_config(const md_config_t *)()
________________________________________________________________________________________________________
*** CID 1397733: Resource leaks (RESOURCE_LEAK)
/home/brad/working/src/ceph/src/common/TracepointProvider.cc: 43 in TracepointProvider::verify_config(const md_config_t *)()
37 }
38
39 void *handle = dlopen(m_library.c_str(), RTLD_NOW);
40 if (handle != NULL) {
41 m_enabled = true;
42 }
>>> CID 1397733: Resource leaks (RESOURCE_LEAK)
>>> Variable "handle" going out of scope leaks the storage it points to.
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HpCKeLP9IQPF5VGstDbQFyNFVW-2FjZ9agwE3-2B7uh79rStpGx854Z3iAf7QRK5e-2FocrxwNdXtnUWRkYJNg8OImTtizI2M3y6VZUHc6GnLOpBiQf1LS2fea-2BgHRrMhamqn2eXfC2GGxLY0ZWRR9su4GhfjiCnYNE8YUO3UrIwihUIcMxmN7sI22YVzg-2FevKXhbcU-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8HpCKeLP9IQPF5VGstDbQFyNFVW-2FjZ9agwE3-2B7uh79rStChJCKES3IofNj8jInXP3Zelvy-2F1Eh72Yfb4C3TPn0SIzaI8C4-2Bw4oNBXW4HNsuOOkrS0oVnKHwdDmiD5iBn4YEYWvWbuSFx4XzsAhAB1p-2BEIF8Dk1MBrFCnpbcVlX9EjRN6ydpQrPxkCxYX-2BSYId0-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-12-16 8:54 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-12-16 8:54 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
13 new defect(s) introduced to ceph found with Coverity Scan.
10 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 13 of 13 defect(s)
** CID 1397254: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 11969 in PrimaryLogPG::agent_setup()()
________________________________________________________________________________________________________
*** CID 1397254: Security best practices violations (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 11969 in PrimaryLogPG::agent_setup()()
11963
11964 // choose random starting position
11965 agent_state->position = hobject_t();
11966 agent_state->position.pool = info.pgid.pool();
11967 agent_state->position.set_hash(pool.info.get_random_pg_position(
11968 info.pgid.pgid,
>>> CID 1397254: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
11969 rand()));
11970 agent_state->start = agent_state->position;
11971
11972 dout(10) << __func__ << " allocated new state, position "
11973 << agent_state->position << dendl;
11974 } else {
** CID 1397255: Incorrect expression (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/osd/OSDMap.cc: 2995 in OSDMap::summarize_mapping_stats(OSDMap*, const std::set<long, std::less<long>, std::allocator<long>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, ceph::Formatter *) const()
________________________________________________________________________________________________________
*** CID 1397255: Incorrect expression (DIVIDE_BY_ZERO)
/home/brad/working/src/ceph/src/osd/OSDMap.cc: 2995 in OSDMap::summarize_mapping_stats(OSDMap*, const std::set<long, std::less<long>, std::allocator<long>> *, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> *, ceph::Formatter *) const()
2989 f->open_object_section("utilization");
2990 if (newmap) {
2991 if (f) {
2992 f->dump_unsigned("moved_pgs", moved_pg);
2993 f->dump_unsigned("total_pgs", total_pg);
2994 } else {
>>> CID 1397255: Incorrect expression (DIVIDE_BY_ZERO)
>>> In expression "(float)moved_pg * 100. / (float)total_pg", division by expression "total_pg" which may be zero has undefined behavior.
2995 ss << "moved " << moved_pg << " / " << total_pg
2996 << " (" << ((float)moved_pg * 100.0 / (float)total_pg) << "%)\n";
2997 }
2998 }
2999 if (f) {
3000 f->dump_float("avg_pgs", avg_pg);
** CID 1397256: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1153 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1158 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1152 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1162 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1340 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1345 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1339 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1349 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
________________________________________________________________________________________________________
*** CID 1397256: (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1153 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1147
1148 hobject_t candidate;
1149 if (mcand == lcand) {
1150 candidate = mcand;
1151 if (!mcand.is_max()) {
1152 ++ls_iter;
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1153 ++missing_iter;
1154 }
1155 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1156 candidate = mcand;
1157 assert(!mcand.is_max());
1158 ++missing_iter;
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1158 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1152 ++ls_iter;
1153 ++missing_iter;
1154 }
1155 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1156 candidate = mcand;
1157 assert(!mcand.is_max());
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1158 ++missing_iter;
1159 } else {
1160 candidate = lcand;
1161 assert(!lcand.is_max());
1162 ++ls_iter;
1163 }
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1152 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1146 *ls_iter;
1147
1148 hobject_t candidate;
1149 if (mcand == lcand) {
1150 candidate = mcand;
1151 if (!mcand.is_max()) {
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1152 ++ls_iter;
1153 ++missing_iter;
1154 }
1155 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1156 candidate = mcand;
1157 assert(!mcand.is_max());
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1162 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1156 candidate = mcand;
1157 assert(!mcand.is_max());
1158 ++missing_iter;
1159 } else {
1160 candidate = lcand;
1161 assert(!lcand.is_max());
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1162 ++ls_iter;
1163 }
1164
1165 dout(10) << " pgnls candidate 0x" << std::hex << candidate.get_hash()
1166 << " vs lower bound 0x" << lower_bound.get_hash() << dendl;
1167
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1340 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1334
1335 hobject_t candidate;
1336 if (mcand == lcand) {
1337 candidate = mcand;
1338 if (!mcand.is_max()) {
1339 ++ls_iter;
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1340 ++missing_iter;
1341 }
1342 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1343 candidate = mcand;
1344 assert(!mcand.is_max());
1345 ++missing_iter;
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1345 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1339 ++ls_iter;
1340 ++missing_iter;
1341 }
1342 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1343 candidate = mcand;
1344 assert(!mcand.is_max());
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "missing_iter" though it is already past the end of its container.
1345 ++missing_iter;
1346 } else {
1347 candidate = lcand;
1348 assert(!lcand.is_max());
1349 ++ls_iter;
1350 }
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1339 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1333 *ls_iter;
1334
1335 hobject_t candidate;
1336 if (mcand == lcand) {
1337 candidate = mcand;
1338 if (!mcand.is_max()) {
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1339 ++ls_iter;
1340 ++missing_iter;
1341 }
1342 } else if (cmp(mcand, lcand, get_sort_bitwise()) < 0) {
1343 candidate = mcand;
1344 assert(!mcand.is_max());
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.cc: 1349 in PrimaryLogPG::do_pg_op(std::shared_ptr<OpRequest>)()
1343 candidate = mcand;
1344 assert(!mcand.is_max());
1345 ++missing_iter;
1346 } else {
1347 candidate = lcand;
1348 assert(!lcand.is_max());
>>> CID 1397256: (INVALIDATE_ITERATOR)
>>> Incrementing iterator "ls_iter" though it is already past the end of its container.
1349 ++ls_iter;
1350 }
1351
1352 if (cmp(candidate, next, get_sort_bitwise()) >= 0) {
1353 break;
1354 }
** CID 1397257: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 13276 in __pyx_pw_6cephfs_9LibCephFS_77readlink()
________________________________________________________________________________________________________
*** CID 1397257: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 13276 in __pyx_pw_6cephfs_9LibCephFS_77readlink()
13270 }
13271 kw_args = PyDict_Size(__pyx_kwds);
13272 switch (pos_args) {
13273 case 0:
13274 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_path)) != 0)) kw_args--;
13275 else goto __pyx_L5_argtuple_error;
>>> CID 1397257: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13276 case 1:
13277 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_size)) != 0)) kw_args--;
13278 else {
13279 __Pyx_RaiseArgtupleInvalid("readlink", 1, 2, 2, 1); __PYX_ERR(0, 868, __pyx_L3_error)
13280 }
13281 }
** CID 1397258: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 14157 in __pyx_pw_6cephfs_9LibCephFS_83mds_command()
________________________________________________________________________________________________________
*** CID 1397258: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 14157 in __pyx_pw_6cephfs_9LibCephFS_83mds_command()
14151 }
14152 kw_args = PyDict_Size(__pyx_kwds);
14153 switch (pos_args) {
14154 case 0:
14155 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mds_spec)) != 0)) kw_args--;
14156 else goto __pyx_L5_argtuple_error;
>>> CID 1397258: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
14157 case 1:
14158 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_args)) != 0)) kw_args--;
14159 else {
14160 __Pyx_RaiseArgtupleInvalid("mds_command", 1, 3, 3, 1); __PYX_ERR(0, 911, __pyx_L3_error)
14161 }
14162 case 2:
** CID 1397259: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 13844 in __pyx_pw_6cephfs_9LibCephFS_81rename()
________________________________________________________________________________________________________
*** CID 1397259: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 13844 in __pyx_pw_6cephfs_9LibCephFS_81rename()
13838 }
13839 kw_args = PyDict_Size(__pyx_kwds);
13840 switch (pos_args) {
13841 case 0:
13842 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_src)) != 0)) kw_args--;
13843 else goto __pyx_L5_argtuple_error;
>>> CID 1397259: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13844 case 1:
13845 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_dst)) != 0)) kw_args--;
13846 else {
13847 __Pyx_RaiseArgtupleInvalid("rename", 1, 2, 2, 1); __PYX_ERR(0, 896, __pyx_L3_error)
13848 }
13849 }
** CID 1397260: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 14162 in __pyx_pw_6cephfs_9LibCephFS_83mds_command()
________________________________________________________________________________________________________
*** CID 1397260: Control flow issues (MISSING_BREAK)
/src/pybind/cephfs/cephfs.c: 14162 in __pyx_pw_6cephfs_9LibCephFS_83mds_command()
14156 else goto __pyx_L5_argtuple_error;
14157 case 1:
14158 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_args)) != 0)) kw_args--;
14159 else {
14160 __Pyx_RaiseArgtupleInvalid("mds_command", 1, 3, 3, 1); __PYX_ERR(0, 911, __pyx_L3_error)
14161 }
>>> CID 1397260: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
14162 case 2:
14163 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_input_data)) != 0)) kw_args--;
14164 else {
14165 __Pyx_RaiseArgtupleInvalid("mds_command", 1, 3, 3, 2); __PYX_ERR(0, 911, __pyx_L3_error)
14166 }
14167 }
** CID 1397261: Integer handling issues (NEGATIVE_RETURNS)
/src/pybind/cephfs/cephfs.c: 13408 in __pyx_pf_6cephfs_9LibCephFS_76readlink()
________________________________________________________________________________________________________
*** CID 1397261: Integer handling issues (NEGATIVE_RETURNS)
/src/pybind/cephfs/cephfs.c: 13408 in __pyx_pf_6cephfs_9LibCephFS_76readlink()
13402 * char* _path = path
13403 * int64_t _size = size # <<<<<<<<<<<<<<
13404 * char *buf = NULL
13405 *
13406 */
13407 __pyx_t_7 = __Pyx_PyInt_As_int64_t(__pyx_v_size); if (unlikely((__pyx_t_7 == (int64_t)-1) && PyErr_Occurred())) __PYX_ERR(0, 874, __pyx_L1_error)
>>> CID 1397261: Integer handling issues (NEGATIVE_RETURNS)
>>> Assigning: signed variable "__pyx_v__size" = "__pyx_t_7".
13408 __pyx_v__size = __pyx_t_7;
13409
13410 /* "cephfs.pyx":875
13411 * char* _path = path
13412 * int64_t _size = size
13413 * char *buf = NULL # <<<<<<<<<<<<<<
** CID 1397262: Resource leaks (RESOURCE_LEAK)
/src/pybind/cephfs/cephfs.c: 14709 in __pyx_pf_6cephfs_9LibCephFS_82mds_command()
________________________________________________________________________________________________________
*** CID 1397262: Resource leaks (RESOURCE_LEAK)
/src/pybind/cephfs/cephfs.c: 14709 in __pyx_pf_6cephfs_9LibCephFS_82mds_command()
14703 __Pyx_XDECREF(__pyx_v_my_outbuf);
14704 __Pyx_XDECREF(__pyx_v_mds_spec);
14705 __Pyx_XDECREF(__pyx_v_args);
14706 __Pyx_XDECREF(__pyx_v_input_data);
14707 __Pyx_XGIVEREF(__pyx_r);
14708 __Pyx_RefNannyFinishContext();
>>> CID 1397262: Resource leaks (RESOURCE_LEAK)
>>> Variable "__pyx_v__cmd" going out of scope leaks the storage it points to.
14709 return __pyx_r;
14710 }
14711
14712 /* "cephfs.pyx":318
14713 * """libcephfs python wrapper"""
14714 *
** CID 1397263: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_main.cc: 194 in main()
________________________________________________________________________________________________________
*** CID 1397263: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/rgw/rgw_main.cc: 194 in main()
188 }
189
190
191 /*
192 * start up the RADOS connection and then handle HTTP messages as they come in
193 */
>>> CID 1397263: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "std::length_error" is thrown and never caught.
194 int main(int argc, const char **argv)
195 {
196 // dout() messages will be sent to stderr, but FCGX wants messages on stdout
197 // Redirect stderr to stdout.
198 TEMP_FAILURE_RETRY(close(STDERR_FILENO));
199 if (TEMP_FAILURE_RETRY(dup2(STDOUT_FILENO, STDERR_FILENO) < 0)) {
** CID 1397264: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.h: 607 in PrimaryLogPG::OpContext::OpContext(std::shared_ptr<OpRequest>, osd_reqid_t, std::vector<OSDOp, std::allocator<OSDOp>> &, PrimaryLogPG*)()
________________________________________________________________________________________________________
*** CID 1397264: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/PrimaryLogPG.h: 607 in PrimaryLogPG::OpContext::OpContext(std::shared_ptr<OpRequest>, osd_reqid_t, std::vector<OSDOp, std::allocator<OSDOp>> &, PrimaryLogPG*)()
601 data_off(0), reply(NULL), pg(_pg),
602 num_read(0),
603 num_write(0),
604 copy_cb(NULL),
605 async_read_result(0),
606 inflightreads(0),
>>> CID 1397264: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "sent_disk" is not initialized in this constructor nor in any functions that it calls.
607 lock_type(ObjectContext::RWState::RWNONE) {}
608 void reset_obs(ObjectContextRef obc) {
609 new_obs = ObjectState(obc->obs.oi, obc->obs.exists);
610 if (obc->ssc) {
611 new_snapset = obc->ssc->snapset;
612 snapset = &obc->ssc->snapset;
** CID 1397265: Control flow issues (UNREACHABLE)
/src/pybind/cephfs/cephfs.c: 13537 in __pyx_pf_6cephfs_9LibCephFS_76readlink()
________________________________________________________________________________________________________
*** CID 1397265: Control flow issues (UNREACHABLE)
/src/pybind/cephfs/cephfs.c: 13537 in __pyx_pf_6cephfs_9LibCephFS_76readlink()
13531 * return buf
13532 * finally:
13533 * free(buf) # <<<<<<<<<<<<<<
13534 *
13535 * def unlink(self, path):
13536 */
>>> CID 1397265: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
PyThreadState *__...".
13537 /*finally:*/ {
13538 /*exception exit:*/{
13539 __Pyx_PyThreadState_declare
13540 __pyx_L4_error:;
13541 __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0;
13542 __Pyx_PyThreadState_assign
** CID 1397266: Control flow issues (UNREACHABLE)
/src/pybind/cephfs/cephfs.c: 14636 in __pyx_pf_6cephfs_9LibCephFS_82mds_command()
________________________________________________________________________________________________________
*** CID 1397266: Control flow issues (UNREACHABLE)
/src/pybind/cephfs/cephfs.c: 14636 in __pyx_pf_6cephfs_9LibCephFS_82mds_command()
14630
14631 /* "cephfs.pyx":950
14632 * return (ret, b"", "")
14633 * finally:
14634 * free(_cmd) # <<<<<<<<<<<<<<
14635 */
>>> CID 1397266: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
PyThreadState *__...".
14636 /*finally:*/ {
14637 /*exception exit:*/{
14638 __Pyx_PyThreadState_declare
14639 __pyx_L4_error:;
14640 __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0;
14641 __Pyx_PyThreadState_assign
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EV4BzaJIlzRXqRxG3hN3Fxx-2FvUji7A24kBoNYghIuggPgSu6Km0-2FLuYD2BMcdWsPcqIFkzDferUw0a6cf0mAg0kF8PWAMsux2sv64NiMXcyyBwGkwGeFT7uxKwdpoW81Pk4BsBydBMY9QrFy5bBBNxPCMFFJ5wePNN5wN4T5xSws4PdxVCrXn5ITdCr6STldk-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8EV4BzaJIlzRXqRxG3hN3Fxx-2FvUji7A24kBoNYghIuggCmCxC-2B57BvUu9wAxEmfWblEJ1K-2BJrbewJW10hK11l4T0Jgd9TNNTEiO2f-2FfGzFg5ZKc13LuMQ-2Bn9FG5wLgaffgOisReLi9Y-2FBS4Q8hroRU7SccRqnpT7H9PwFyHrSPvVAZ7dX-2Fljt2MLA3-2FywlY-2FCY-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-12-09 11:29 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-12-09 11:29 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
63 new defect(s) introduced to ceph found with Coverity Scan.
56 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 63 defect(s)
** CID 1396921: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38132 in __pyx_pw_5rados_5Ioctx_93set_omap()
________________________________________________________________________________________________________
*** CID 1396921: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38132 in __pyx_pw_5rados_5Ioctx_93set_omap()
38126 }
38127 kw_args = PyDict_Size(__pyx_kwds);
38128 switch (pos_args) {
38129 case 0:
38130 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_write_op)) != 0)) kw_args--;
38131 else goto __pyx_L5_argtuple_error;
>>> CID 1396921: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
38132 case 1:
38133 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_keys)) != 0)) kw_args--;
38134 else {
38135 __Pyx_RaiseArgtupleInvalid("set_omap", 1, 3, 3, 1); __PYX_ERR(0, 3066, __pyx_L3_error)
38136 }
38137 case 2:
** CID 1396922: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38824 in __pyx_pw_5rados_5Ioctx_97operate_aio_write_op()
________________________________________________________________________________________________________
*** CID 1396922: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38824 in __pyx_pw_5rados_5Ioctx_97operate_aio_write_op()
38818 }
38819 kw_args = PyDict_Size(__pyx_kwds);
38820 switch (pos_args) {
38821 case 0:
38822 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_write_op)) != 0)) kw_args--;
38823 else goto __pyx_L5_argtuple_error;
>>> CID 1396922: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
38824 case 1:
38825 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oid)) != 0)) kw_args--;
38826 else {
38827 __Pyx_RaiseArgtupleInvalid("operate_aio_write_op", 0, 2, 6, 1); __PYX_ERR(0, 3126, __pyx_L3_error)
38828 }
38829 case 2:
** CID 1396923: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41380 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
________________________________________________________________________________________________________
*** CID 1396923: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41380 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
41374 }
41375 case 3:
41376 if (kw_args > 0) {
41377 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_desc);
41378 if (value) { values[3] = value; kw_args--; }
41379 }
>>> CID 1396923: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
41380 case 4:
41381 if (kw_args > 0) {
41382 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_duration);
41383 if (value) { values[4] = value; kw_args--; }
41384 }
41385 case 5:
** CID 1396924: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 35734 in __pyx_pw_5rados_5Ioctx_67set_xattr()
________________________________________________________________________________________________________
*** CID 1396924: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 35734 in __pyx_pw_5rados_5Ioctx_67set_xattr()
35728 else goto __pyx_L5_argtuple_error;
35729 case 1:
35730 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_xattr_name)) != 0)) kw_args--;
35731 else {
35732 __Pyx_RaiseArgtupleInvalid("set_xattr", 1, 3, 3, 1); __PYX_ERR(0, 2855, __pyx_L3_error)
35733 }
>>> CID 1396924: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
35734 case 2:
35735 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_xattr_value)) != 0)) kw_args--;
35736 else {
35737 __Pyx_RaiseArgtupleInvalid("set_xattr", 1, 3, 3, 2); __PYX_ERR(0, 2855, __pyx_L3_error)
35738 }
35739 }
** CID 1396925: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 34553 in __pyx_pw_5rados_5Ioctx_59trunc()
________________________________________________________________________________________________________
*** CID 1396925: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 34553 in __pyx_pw_5rados_5Ioctx_59trunc()
34547 }
34548 kw_args = PyDict_Size(__pyx_kwds);
34549 switch (pos_args) {
34550 case 0:
34551 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
34552 else goto __pyx_L5_argtuple_error;
>>> CID 1396925: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
34553 case 1:
34554 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_size)) != 0)) kw_args--;
34555 else {
34556 __Pyx_RaiseArgtupleInvalid("trunc", 1, 2, 2, 1); __PYX_ERR(0, 2745, __pyx_L3_error)
34557 }
34558 }
** CID 1396926: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 33426 in __pyx_pw_5rados_5Ioctx_53execute()
________________________________________________________________________________________________________
*** CID 1396926: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 33426 in __pyx_pw_5rados_5Ioctx_53execute()
33420 }
33421 case 3:
33422 if (likely((values[3] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
33423 else {
33424 __Pyx_RaiseArgtupleInvalid("execute", 0, 4, 5, 3); __PYX_ERR(0, 2614, __pyx_L3_error)
33425 }
>>> CID 1396926: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
33426 case 4:
33427 if (kw_args > 0) {
33428 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length);
33429 if (value) { values[4] = value; kw_args--; }
33430 }
33431 }
** CID 1396927: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39254 in __pyx_pw_5rados_5Ioctx_99operate_read_op()
________________________________________________________________________________________________________
*** CID 1396927: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39254 in __pyx_pw_5rados_5Ioctx_99operate_read_op()
39248 else goto __pyx_L5_argtuple_error;
39249 case 1:
39250 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oid)) != 0)) kw_args--;
39251 else {
39252 __Pyx_RaiseArgtupleInvalid("operate_read_op", 0, 2, 3, 1); __PYX_ERR(0, 3168, __pyx_L3_error)
39253 }
>>> CID 1396927: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
39254 case 2:
39255 if (kw_args > 0) {
39256 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_flag);
39257 if (value) { values[2] = value; kw_args--; }
39258 }
39259 }
** CID 1396928: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38137 in __pyx_pw_5rados_5Ioctx_93set_omap()
________________________________________________________________________________________________________
*** CID 1396928: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38137 in __pyx_pw_5rados_5Ioctx_93set_omap()
38131 else goto __pyx_L5_argtuple_error;
38132 case 1:
38133 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_keys)) != 0)) kw_args--;
38134 else {
38135 __Pyx_RaiseArgtupleInvalid("set_omap", 1, 3, 3, 1); __PYX_ERR(0, 3066, __pyx_L3_error)
38136 }
>>> CID 1396928: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
38137 case 2:
38138 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_values)) != 0)) kw_args--;
38139 else {
38140 __Pyx_RaiseArgtupleInvalid("set_omap", 1, 3, 3, 2); __PYX_ERR(0, 3066, __pyx_L3_error)
38141 }
38142 }
** CID 1396929: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41375 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
________________________________________________________________________________________________________
*** CID 1396929: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41375 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
41369 }
41370 case 2:
41371 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cookie)) != 0)) kw_args--;
41372 else {
41373 __Pyx_RaiseArgtupleInvalid("lock_exclusive", 0, 3, 6, 2); __PYX_ERR(0, 3349, __pyx_L3_error)
41374 }
>>> CID 1396929: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
41375 case 3:
41376 if (kw_args > 0) {
41377 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_desc);
41378 if (value) { values[3] = value; kw_args--; }
41379 }
41380 case 4:
** CID 1396930: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39535 in __pyx_pw_5rados_5Ioctx_101operate_aio_read_op()
________________________________________________________________________________________________________
*** CID 1396930: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39535 in __pyx_pw_5rados_5Ioctx_101operate_aio_read_op()
39529 else goto __pyx_L5_argtuple_error;
39530 case 1:
39531 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oid)) != 0)) kw_args--;
39532 else {
39533 __Pyx_RaiseArgtupleInvalid("operate_aio_read_op", 0, 2, 5, 1); __PYX_ERR(0, 3190, __pyx_L3_error)
39534 }
>>> CID 1396930: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
39535 case 2:
39536 if (kw_args > 0) {
39537 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete);
39538 if (value) { values[2] = value; kw_args--; }
39539 }
39540 case 3:
** CID 1396931: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39540 in __pyx_pw_5rados_5Ioctx_101operate_aio_read_op()
________________________________________________________________________________________________________
*** CID 1396931: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39540 in __pyx_pw_5rados_5Ioctx_101operate_aio_read_op()
39534 }
39535 case 2:
39536 if (kw_args > 0) {
39537 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete);
39538 if (value) { values[2] = value; kw_args--; }
39539 }
>>> CID 1396931: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
39540 case 3:
39541 if (kw_args > 0) {
39542 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_onsafe);
39543 if (value) { values[3] = value; kw_args--; }
39544 }
39545 case 4:
** CID 1396932: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41385 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
________________________________________________________________________________________________________
*** CID 1396932: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41385 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
41379 }
41380 case 4:
41381 if (kw_args > 0) {
41382 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_duration);
41383 if (value) { values[4] = value; kw_args--; }
41384 }
>>> CID 1396932: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
41385 case 5:
41386 if (kw_args > 0) {
41387 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_flags);
41388 if (value) { values[5] = value; kw_args--; }
41389 }
41390 }
** CID 1396933: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 31693 in __pyx_pw_5rados_5Ioctx_45write()
________________________________________________________________________________________________________
*** CID 1396933: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 31693 in __pyx_pw_5rados_5Ioctx_45write()
31687 else goto __pyx_L5_argtuple_error;
31688 case 1:
31689 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
31690 else {
31691 __Pyx_RaiseArgtupleInvalid("write", 0, 2, 3, 1); __PYX_ERR(0, 2467, __pyx_L3_error)
31692 }
>>> CID 1396933: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
31693 case 2:
31694 if (kw_args > 0) {
31695 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset);
31696 if (value) { values[2] = value; kw_args--; }
31697 }
31698 }
** CID 1396934: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38829 in __pyx_pw_5rados_5Ioctx_97operate_aio_write_op()
________________________________________________________________________________________________________
*** CID 1396934: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 38829 in __pyx_pw_5rados_5Ioctx_97operate_aio_write_op()
38823 else goto __pyx_L5_argtuple_error;
38824 case 1:
38825 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oid)) != 0)) kw_args--;
38826 else {
38827 __Pyx_RaiseArgtupleInvalid("operate_aio_write_op", 0, 2, 6, 1); __PYX_ERR(0, 3126, __pyx_L3_error)
38828 }
>>> CID 1396934: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
38829 case 2:
38830 if (kw_args > 0) {
38831 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_oncomplete);
38832 if (value) { values[2] = value; kw_args--; }
38833 }
38834 case 3:
** CID 1396935: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 32951 in __pyx_pw_5rados_5Ioctx_51read()
________________________________________________________________________________________________________
*** CID 1396935: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 32951 in __pyx_pw_5rados_5Ioctx_51read()
32945 else goto __pyx_L5_argtuple_error;
32946 case 1:
32947 if (kw_args > 0) {
32948 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_length);
32949 if (value) { values[1] = value; kw_args--; }
32950 }
>>> CID 1396935: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
32951 case 2:
32952 if (kw_args > 0) {
32953 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset);
32954 if (value) { values[2] = value; kw_args--; }
32955 }
32956 }
** CID 1396936: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41365 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
________________________________________________________________________________________________________
*** CID 1396936: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 41365 in __pyx_pw_5rados_5Ioctx_113lock_exclusive()
41359 }
41360 kw_args = PyDict_Size(__pyx_kwds);
41361 switch (pos_args) {
41362 case 0:
41363 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
41364 else goto __pyx_L5_argtuple_error;
>>> CID 1396936: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
41365 case 1:
41366 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name_2)) != 0)) kw_args--;
41367 else {
41368 __Pyx_RaiseArgtupleInvalid("lock_exclusive", 0, 3, 6, 1); __PYX_ERR(0, 3349, __pyx_L3_error)
41369 }
41370 case 2:
** CID 1396937: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 32531 in __pyx_pw_5rados_5Ioctx_49append()
________________________________________________________________________________________________________
*** CID 1396937: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 32531 in __pyx_pw_5rados_5Ioctx_49append()
32525 }
32526 kw_args = PyDict_Size(__pyx_kwds);
32527 switch (pos_args) {
32528 case 0:
32529 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
32530 else goto __pyx_L5_argtuple_error;
>>> CID 1396937: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
32531 case 1:
32532 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_data)) != 0)) kw_args--;
32533 else {
32534 __Pyx_RaiseArgtupleInvalid("append", 1, 2, 2, 1); __PYX_ERR(0, 2538, __pyx_L3_error)
32535 }
32536 }
** CID 1396938: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39545 in __pyx_pw_5rados_5Ioctx_101operate_aio_read_op()
________________________________________________________________________________________________________
*** CID 1396938: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 39545 in __pyx_pw_5rados_5Ioctx_101operate_aio_read_op()
39539 }
39540 case 3:
39541 if (kw_args > 0) {
39542 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_onsafe);
39543 if (value) { values[3] = value; kw_args--; }
39544 }
>>> CID 1396938: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
39545 case 4:
39546 if (kw_args > 0) {
39547 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_flag);
39548 if (value) { values[4] = value; kw_args--; }
39549 }
39550 }
** CID 1396939: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 40329 in __pyx_pw_5rados_5Ioctx_105get_omap_keys()
________________________________________________________________________________________________________
*** CID 1396939: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 40329 in __pyx_pw_5rados_5Ioctx_105get_omap_keys()
40323 else goto __pyx_L5_argtuple_error;
40324 case 1:
40325 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_start_after)) != 0)) kw_args--;
40326 else {
40327 __Pyx_RaiseArgtupleInvalid("get_omap_keys", 1, 3, 3, 1); __PYX_ERR(0, 3256, __pyx_L3_error)
40328 }
>>> CID 1396939: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
40329 case 2:
40330 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_max_return)) != 0)) kw_args--;
40331 else {
40332 __Pyx_RaiseArgtupleInvalid("get_omap_keys", 1, 3, 3, 2); __PYX_ERR(0, 3256, __pyx_L3_error)
40333 }
40334 }
** CID 1396940: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 42551 in __pyx_pw_5rados_5Ioctx_117unlock()
________________________________________________________________________________________________________
*** CID 1396940: Control flow issues (MISSING_BREAK)
/src/pybind/rados/rados.c: 42551 in __pyx_pw_5rados_5Ioctx_117unlock()
42545 }
42546 kw_args = PyDict_Size(__pyx_kwds);
42547 switch (pos_args) {
42548 case 0:
42549 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_key)) != 0)) kw_args--;
42550 else goto __pyx_L5_argtuple_error;
>>> CID 1396940: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
42551 case 1:
42552 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name_2)) != 0)) kw_args--;
42553 else {
42554 __Pyx_RaiseArgtupleInvalid("unlock", 1, 3, 3, 1); __PYX_ERR(0, 3453, __pyx_L3_error)
42555 }
42556 case 2:
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Hd0C1yAhYLb22f6o9wAmve2fEeIz02AMBDg8oR8mkf9-2BXdU60d8KwPO65vKVmektJzP3sgthKROqNEXl2RGAbBrB6UaKDxoUJw-2FQdFXWETnD0U2HE1GpRMtPkOzCq-2Bs8RMFPosIT1iJs9CtlEWQu4uI0yALovJ0KAb4-2FBYGB57jWFhQYEYy4IO-2B9oLeDtrHc0-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8Hd0C1yAhYLb22f6o9wAmve2fEeIz02AMBDg8oR8mkf980R3Y-2FbAmkHRZ4mu60R4ob1iksRD6ANkt-2B-2F-2FaG14P4ztBpmJcCCl-2BmetB4lEHjsa-2Ff3JXgCq1k3ZmXt1v68R4jF5JsomMlTt9Wm4LRSLrFGrwz9tf8m3KIm-2BnQp4DnuKdQOSW1BJQo1vs5S-2BlBC5EM-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-12-02 11:08 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-12-02 11:08 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
22 new defect(s) introduced to ceph found with Coverity Scan.
35 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 22 defect(s)
** CID 1396677: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librados/misc.cc: 96 in LibRadosMiscPool_PoolCreationRace_Test::TestBody()()
/home/brad/working/src/ceph/src/test/librados/misc.cc: 105 in LibRadosMiscPool_PoolCreationRace_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1396677: (DC.WEAK_CRYPTO)
/home/brad/working/src/ceph/src/test/librados/misc.cc: 96 in LibRadosMiscPool_PoolCreationRace_Test::TestBody()()
90 ASSERT_EQ(0, rados_conf_parse_env(cluster_b, NULL));
91 ASSERT_EQ(0, rados_conf_set(cluster_b,
92 "objecter_debug_inject_relock_delay", "true"));
93 ASSERT_EQ(0, rados_connect(cluster_b));
94
95 char poolname[80];
>>> CID 1396677: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
96 snprintf(poolname, sizeof(poolname), "poolrace.%d", rand());
97 rados_pool_create(cluster_a, poolname);
98 rados_ioctx_t a, b;
99 rados_ioctx_create(cluster_a, poolname, &a);
100 int64_t poolid = rados_ioctx_get_id(a);
101
/home/brad/working/src/ceph/src/test/librados/misc.cc: 105 in LibRadosMiscPool_PoolCreationRace_Test::TestBody()()
99 rados_ioctx_create(cluster_a, poolname, &a);
100 int64_t poolid = rados_ioctx_get_id(a);
101
102 rados_ioctx_create2(cluster_b, poolid+1, &b);
103
104 char pool2name[80];
>>> CID 1396677: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
105 snprintf(pool2name, sizeof(pool2name), "poolrace2.%d", rand());
106 rados_pool_create(cluster_a, pool2name);
107
108 list<rados_completion_t> cls;
109 while (true) {
110 rados_completion_t c;
** CID 1396678: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd7journal7TagDataEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396678: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd7journal7TagDataEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396678: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396679: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI12cls_rbd_snapE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396679: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI12cls_rbd_snapE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396679: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396680: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI14cls_rbd_parentE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396680: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseI14cls_rbd_parentE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396680: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396681: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN10rbd_replay6action10DependencyEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396681: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN10rbd_replay6action10DependencyEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396681: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396682: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd12watch_notify15ResponseMessageEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396682: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd12watch_notify15ResponseMessageEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396682: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396683: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN10rbd_replay6action11ActionEntryEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396683: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN10rbd_replay6action11ActionEntryEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396683: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396684: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd17mirroring_watcher13NotifyMessageEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396684: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd17mirroring_watcher13NotifyMessageEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396684: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396685: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN3cls3rbd11MirrorImageEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396685: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN3cls3rbd11MirrorImageEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396685: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396686: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd7journal10ClientDataEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396686: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd7journal10ClientDataEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396686: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396687: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN3cls3rbd10MirrorPeerEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396687: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN3cls3rbd10MirrorPeerEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396687: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396688: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd7journal10EventEntryEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396688: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd7journal10EventEntryEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396688: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396689: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd12watch_notify13NotifyMessageEE16select_generatedB5cxx11Ej()
________________________________________________________________________________________________________
*** CID 1396689: API usage errors (INVALIDATE_ITERATOR)
/home/brad/working/src/ceph/src/test/encoding/ceph_dencoder.cc: 147 in _ZN12DencoderBaseIN6librbd12watch_notify13NotifyMessageEE16select_generatedB5cxx11Ej()
141 if (i == 0)
142 i = m_list.size();
143 if ((i == 0) || (i > m_list.size()))
144 return "invalid id for generated object";
145 typename list<T*>::iterator p = m_list.begin();
146 for (i--; i > 0 && p != m_list.end(); ++p, --i) ;
>>> CID 1396689: API usage errors (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
147 m_object = *p;
148 return string();
149 }
150
151 bool is_deterministic() {
152 return !nondeterministic;
** CID 1396690: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1396690: Memory - corruptions (OVERRUN)
/home/brad/working/src/ceph/src/crush/CrushWrapper.cc: 1201 in CrushWrapper::encode(ceph::buffer::list &, unsigned long) const()
1195 __u32 yes = crush->rules[i] ? 1:0;
1196 ::encode(yes, bl);
1197 if (!yes)
1198 continue;
1199
1200 ::encode(crush->rules[i]->len, bl);
>>> CID 1396690: Memory - corruptions (OVERRUN)
>>> Overrunning struct type crush_rule_mask of 4 bytes by passing it to a function which accesses it at byte offset 7.
1201 ::encode(crush->rules[i]->mask, bl);
1202 for (unsigned j=0; j<crush->rules[i]->len; j++)
1203 ::encode(crush->rules[i]->steps[j], bl);
1204 }
1205
1206 // name info
** CID 1396691: Memory - illegal accesses (STRING_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_cr_rados.h: 498 in _ZN20RGWSimpleRadosLockCR17gen_random_cookieB5cxx11EP11CephContext()
________________________________________________________________________________________________________
*** CID 1396691: Memory - illegal accesses (STRING_NULL)
/home/brad/working/src/ceph/src/rgw/rgw_cr_rados.h: 498 in _ZN20RGWSimpleRadosLockCR17gen_random_cookieB5cxx11EP11CephContext()
492 int request_complete();
493
494 static std::string gen_random_cookie(CephContext* cct) {
495 #define COOKIE_LEN 16
496 char buf[COOKIE_LEN + 1];
497 gen_rand_alphanumeric(cct, buf, sizeof(buf) - 1);
>>> CID 1396691: Memory - illegal accesses (STRING_NULL)
>>> Passing unterminated string "buf" to "basic_string", which expects a null-terminated string. [Note: The source code implementation of the function has been overridden by a builtin model.]
498 return buf;
499 }
500 };
501
502 class RGWSimpleRadosUnlockCR : public RGWSimpleCoroutine {
503 RGWAsyncRadosProcessor *async_rados;
** CID 1396692: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
________________________________________________________________________________________________________
*** CID 1396692: (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396692: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396692: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396692: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396692: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396692: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "_ZN5boost16exception_detail10clone_implINS0_19error_info_injectorINSt8ios_base7failureB5cxx11EEEEE" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1396693: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
________________________________________________________________________________________________________
*** CID 1396693: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396693: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1396694: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
________________________________________________________________________________________________________
*** CID 1396694: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396694: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::<unnamed>::ClassUniqueToAlwaysTrue" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1396695: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
________________________________________________________________________________________________________
*** CID 1396695: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/unit.cc: 36 in main()
30
31 /*
32 * You only need to include this file if you are testing Ceph internal code. If
33 * you are testing library code, the library init() interfaces will handle
34 * initialization for you.
35 */
>>> CID 1396695: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::GoogleTestFailureException" is thrown and never caught.
36 int main(int argc, char **argv) {
37 std::vector<const char*> args(argv, argv + argc);
38 env_to_vec(args);
39 auto cct = global_init(NULL, args,
40 CEPH_ENTITY_TYPE_CLIENT,
41 CODE_ENVIRONMENT_UTILITY, 0);
** CID 1396696: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/main.cc: 38 in main()
________________________________________________________________________________________________________
*** CID 1396696: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/test/libcephfs/main.cc: 38 in main()
32 out:
33 ceph_shutdown(admin);
34 return r;
35 }
36
37
>>> CID 1396696: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::<unnamed>::ClassUniqueToAlwaysTrue" is thrown and never caught.
38 int main(int argc, char **argv)
39 {
40 int r = update_root_mode();
41 if (r < 0)
42 exit(1);
43
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E6gieVoPvzNTvjh-2FkR30jCCDmK2fypQAwErAoYacO-2FBVD6rT5XMXrGEb0rfpo4nd6WHJxjU82JTIwEJ-2FEjmgu8NmgBf-2Brcd7CiuW6mRjlPrO0p75JTlyD7MFHl-2BxJcfF-2BeK1wwqowjdsA7sHqA5TZifylnc9I-2FgY-2FMsAVr1-2FrlkmuK1CAMP83dKTD42Z5ovDI-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E6gieVoPvzNTvjh-2FkR30jCCDmK2fypQAwErAoYacO-2FBXNRpQMNprAz14DgxpnUyCl6-2BsH-2BrDlAN2HzaPAWcD8eE1hO8cLFWsRCEhaKIZTy1s8KmFRfBvnxQ4Kkd-2FMXcfZo207l9JNnBgSYDCaO5EgCmelaIzLpPm94JS7mm-2FSnOTBqXmMqsAYasLdYEHHGsVI-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-11-25 7:55 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-11-25 7:55 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
571 new defect(s) introduced to ceph found with Coverity Scan.
477 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 571 defect(s)
** CID 241636: Security best practices violations (SECURE_TEMP)
/home/brad/working/src/ceph/src/lua/src/liolib.c: 282 in io_tmpfile()
________________________________________________________________________________________________________
*** CID 241636: Security best practices violations (SECURE_TEMP)
/home/brad/working/src/ceph/src/lua/src/liolib.c: 282 in io_tmpfile()
276 return (p->f == NULL) ? luaL_fileresult(L, 0, filename) : 1;
277 }
278
279
280 static int io_tmpfile (lua_State *L) {
281 LStream *p = newfile(L);
>>> CID 241636: Security best practices violations (SECURE_TEMP)
>>> "tmpfile" creates files with predictable names, which is unsafe.
282 p->f = tmpfile();
283 return (p->f == NULL) ? luaL_fileresult(L, 0, NULL) : 1;
284 }
285
286
287 static FILE *getiofile (lua_State *L, const char *findex) {
** CID 241637: Security best practices violations (SECURE_TEMP)
/home/brad/working/src/ceph/src/lua/src/loslib.c: 158 in os_tmpname()
________________________________________________________________________________________________________
*** CID 241637: Security best practices violations (SECURE_TEMP)
/home/brad/working/src/ceph/src/lua/src/loslib.c: 158 in os_tmpname()
152 }
153
154
155 static int os_tmpname (lua_State *L) {
156 char buff[LUA_TMPNAMBUFSIZE];
157 int err;
>>> CID 241637: Security best practices violations (SECURE_TEMP)
>>> Calling "mkstemp" without securely setting umask first.
158 lua_tmpnam(buff, err);
159 if (err)
160 return luaL_error(L, "unable to generate a unique filename");
161 lua_pushstring(L, buff);
162 return 1;
163 }
** CID 703209: Error handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 980 in testing::internal::CapturedStream::CapturedStream(int)()
________________________________________________________________________________________________________
*** CID 703209: Error handling issues (NEGATIVE_RETURNS)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 980 in testing::internal::CapturedStream::CapturedStream(int)()
974 char name_template[] = "/tmp/captured_stream.XXXXXX";
975 # endif // GTEST_OS_LINUX_ANDROID
976 const int captured_fd = mkstemp(name_template);
977 filename_ = name_template;
978 # endif // GTEST_OS_WINDOWS
979 fflush(NULL);
>>> CID 703209: Error handling issues (NEGATIVE_RETURNS)
>>> "captured_fd" is passed to a parameter that cannot be negative.
980 dup2(captured_fd, fd_);
981 close(captured_fd);
982 }
983
984 ~CapturedStream() {
985 remove(filename_.c_str());
** CID 703274: Security best practices violations (SECURE_TEMP)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 976 in testing::internal::CapturedStream::CapturedStream(int)()
________________________________________________________________________________________________________
*** CID 703274: Security best practices violations (SECURE_TEMP)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 976 in testing::internal::CapturedStream::CapturedStream(int)()
970 // other OEM-customized locations. Never rely on these, and always
971 // use /sdcard.
972 char name_template[] = "/sdcard/gtest_captured_stream.XXXXXX";
973 # else
974 char name_template[] = "/tmp/captured_stream.XXXXXX";
975 # endif // GTEST_OS_LINUX_ANDROID
>>> CID 703274: Security best practices violations (SECURE_TEMP)
>>> Calling "mkstemp" without securely setting umask first.
976 const int captured_fd = mkstemp(name_template);
977 filename_ = name_template;
978 # endif // GTEST_OS_WINDOWS
979 fflush(NULL);
980 dup2(captured_fd, fd_);
981 close(captured_fd);
** CID 716871: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 157 in main()
________________________________________________________________________________________________________
*** CID 716871: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/test/multi_stress_watch.cc: 157 in main()
151 }
152 ret = cluster.conf_parse_env(NULL);
153 if (ret) {
154 std::cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
155 return ret;
156 }
>>> CID 716871: Error handling issues (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 21 out of 24 times).
157 cluster.connect();
158
159 if (type == "rep")
160 test_replicated(cluster, pool_name, obj_name);
161 else if (type == "ec")
162 test_erasure(cluster, pool_name, obj_name);
163
164 sem_destroy(&sem);
165 return 0;
** CID 716938: Insecure data handling (INTEGER_OVERFLOW)
/home/brad/working/src/ceph/src/auth/Crypto.cc: 61 in get_random(unsigned long, unsigned long)()
________________________________________________________________________________________________________
*** CID 716938: Insecure data handling (INTEGER_OVERFLOW)
/home/brad/working/src/ceph/src/auth/Crypto.cc: 61 in get_random(unsigned long, unsigned long)()
55
56 uint64_t get_random(uint64_t min_val, uint64_t max_val)
57 {
58 uint64_t r;
59 get_random_bytes((char *)&r, sizeof(r));
60 r = min_val + r % (max_val - min_val + 1);
>>> CID 716938: Insecure data handling (INTEGER_OVERFLOW)
>>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "r" used as return value.
61 return r;
62 }
63
64
65 // ---------------------------------------------------
66
** CID 717145: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_fuse.cc: 70 in main()
________________________________________________________________________________________________________
*** CID 717145: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_fuse.cc: 70 in main()
64 " use root_directory as the mounted root, rather than the full Ceph tree.\n"
65 "\n";
66 fuse_usage();
67 generic_client_usage();
68 }
69
>>> CID 717145: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
70 int main(int argc, const char **argv, const char *envp[]) {
71 int filer_flags = 0;
72 //cerr << "ceph-fuse starting " << myrank << "/" << world << std::endl;
73 vector<const char*> args;
74 argv_to_vec(argc, argv, args);
75 if (args.empty()) {
** CID 717147: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_mds.cc: 88 in main()
________________________________________________________________________________________________________
*** CID 717147: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/ceph_mds.cc: 88 in main()
82 static void handle_mds_signal(int signum)
83 {
84 if (mds)
85 mds->handle_signal(signum);
86 }
87
>>> CID 717147: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
88 int main(int argc, const char **argv)
89 {
90 vector<const char*> args;
91 argv_to_vec(argc, argv, args);
92 env_to_vec(args);
93
** CID 717336: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/ClassHandler.h: 72 in ClassHandler::ClassData::ClassData()()
________________________________________________________________________________________________________
*** CID 717336: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/osd/ClassHandler.h: 72 in ClassHandler::ClassData::ClassData()()
66 set<ClassData *> missing_dependencies; /* only missing dependencies */
67
68 ClassMethod *_get_method(const char *mname);
69
70 ClassData() : status(CLASS_UNKNOWN),
71 handler(NULL),
>>> CID 717336: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "whitelisted" is not initialized in this constructor nor in any functions that it calls.
72 handle(NULL) {}
73 ~ClassData() { }
74
75 ClassMethod *register_method(const char *mname, int flags, cls_method_call_t func);
76 ClassMethod *register_cxx_method(const char *mname, int flags, cls_method_cxx_call_t func);
77 void unregister_method(ClassMethod *method);
** CID 717379: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_op.h: 174 in RGWGetObj::RGWGetObj()()
________________________________________________________________________________________________________
*** CID 717379: Uninitialized members (UNINIT_CTOR)
/home/brad/working/src/ceph/src/rgw/rgw_op.h: 174 in RGWGetObj::RGWGetObj()()
168 first_block = 0;
169 last_block = 0;
170 q_ofs = 0;
171 q_len = 0;
172 first_data = true;
173 cur_ofs = 0;
>>> CID 717379: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "rgwx_stat" is not initialized in this constructor nor in any functions that it calls.
174 }
175
176 bool prefetch_data();
177
178 void set_get_data(bool get_data) {
179 this->get_data = get_data;
** CID 727970: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/key_value_store/kv_flat_btree_async.cc: 1874 in KvFlatBtreeAsync::set_many(const std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> &)()
________________________________________________________________________________________________________
*** CID 727970: Concurrent data access violations (MISSING_LOCK)
/home/brad/working/src/ceph/src/key_value_store/kv_flat_btree_async.cc: 1874 in KvFlatBtreeAsync::set_many(const std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> &)()
1868 }
1869
1870 big_map.insert(to_delete[to_delete.size() - 1].omap.begin(),
1871 to_delete[to_delete.size() - 1].omap.end());
1872 }
1873
>>> CID 727970: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->client_index" without holding lock "Mutex._m". Elsewhere, "KvFlatBtreeAsync.client_index" is accessed with "Mutex._m" held 4 out of 6 times (4 of these accesses strongly imply that it is necessary).
1874 to_create.push_back(object_data(
1875 to_string(client_name, client_index++)));
1876 to_create[0].min_kdata = to_delete[0].min_kdata;
1877
1878 for(map<string, bufferlist>::iterator it = big_map.begin();
1879 it != big_map.end(); ++it) {
** CID 736293: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 1065 in boost::function<void (int)>::function<boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long>>>>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
________________________________________________________________________________________________________
*** CID 736293: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 1065 in boost::function<void (int)>::function<boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long>>>>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
1059
1060 public:
1061
1062 function() : base_type() {}
1063
1064 template<typename Functor>
>>> CID 736293: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long> > >" (size 152 bytes) by value.
1065 function(Functor f
1066 #ifndef BOOST_NO_SFINAE
1067 ,typename boost::enable_if_c<
1068 !(is_integral<Functor>::value),
1069 int>::type = 0
1070 #endif
** CID 736294: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 917 in boost::function1<void, int>::assign_to<boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long>>>>(T1)()
________________________________________________________________________________________________________
*** CID 736294: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 917 in boost::function1<void, int>::assign_to<boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long>>>>(T1)()
911 get_vtable()->base.manager(f.functor, this->functor,
912 boost::detail::function::clone_functor_tag);
913 }
914 }
915
916 template<typename Functor>
>>> CID 736294: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long> > >" (size 152 bytes) by value.
917 void assign_to(Functor f)
918 {
919 using boost::detail::function::vtable_base;
920
921 typedef typename boost::detail::function::get_function_tag<Functor>::type tag;
922 typedef boost::detail::function::BOOST_FUNCTION_GET_INVOKER<tag> get_invoker;
** CID 736295: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 718 in boost::function1<void, int>::function1<boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long>>>>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
________________________________________________________________________________________________________
*** CID 736295: Performance inefficiencies (PASS_BY_VALUE)
/boost/include/boost/function/function_template.hpp: 718 in boost::function1<void, int>::function1<boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, const std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>> &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>>>, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long>>>>(T1, boost::enable_if_c<(!(boost::is_integral<T1>::value)), int>::type)()
712
713 BOOST_FUNCTION_FUNCTION() : function_base() { }
714
715 // MSVC chokes if the following two constructors are collapsed into
716 // one with a default parameter.
717 template<typename Functor>
>>> CID 736295: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter f of type "boost::_bi::bind_t<void, boost::_mfi::mf3<void, librados::TestWatchNotify, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const &, ceph::buffer::list &, unsigned long>, boost::_bi::list4<boost::_bi::value<librados::TestWatchNotify *>, boost::_bi::value<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, boost::_bi::value<ceph::buffer::list>, boost::_bi::value<unsigned long> > >" (size 152 bytes) by value.
718 BOOST_FUNCTION_FUNCTION(Functor BOOST_FUNCTION_TARGET_FIX(const &) f
719 #ifndef BOOST_NO_SFINAE
720 ,typename boost::enable_if_c<
721 !(is_integral<Functor>::value),
722 int>::type = 0
723 #endif // BOOST_NO_SFINAE
** CID 742176: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 985 in testing::internal::CapturedStream::~CapturedStream()()
________________________________________________________________________________________________________
*** CID 742176: Error handling issues (CHECKED_RETURN)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 985 in testing::internal::CapturedStream::~CapturedStream()()
979 fflush(NULL);
980 dup2(captured_fd, fd_);
981 close(captured_fd);
982 }
983
984 ~CapturedStream() {
>>> CID 742176: Error handling issues (CHECKED_RETURN)
>>> Calling "remove(this->filename_.c_str())" without checking return value. This library function may fail and return an error code.
985 remove(filename_.c_str());
986 }
987
988 std::string GetCapturedString() {
989 if (uncaptured_fd_ != -1) {
990 // Restores the original stream.
** CID 742182: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 936 in testing::internal::CapturedStream::CapturedStream(int)()
________________________________________________________________________________________________________
*** CID 742182: Resource leaks (CTOR_DTOR_LEAK)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest-port.cc: 936 in testing::internal::CapturedStream::CapturedStream(int)()
930 #if GTEST_HAS_STREAM_REDIRECTION
931
932 // Object that captures an output stream (stdout/stderr).
933 class CapturedStream {
934 public:
935 // The ctor redirects the stream to a temporary file.
>>> CID 742182: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "uncaptured_fd_" of "testing::internal::CapturedStream" but the destructor and whatever functions it calls do not free it.
936 explicit CapturedStream(int fd) : fd_(fd), uncaptured_fd_(dup(fd)) {
937 # if GTEST_OS_WINDOWS
938 char temp_dir_path[MAX_PATH + 1] = { '\0' }; // NOLINT
939 char temp_file_path[MAX_PATH + 1] = { '\0' }; // NOLINT
940
941 ::GetTempPathA(sizeof(temp_dir_path), temp_dir_path);
** CID 742242: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest_main.cc: 34 in main()
________________________________________________________________________________________________________
*** CID 742242: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest_main.cc: 34 in main()
28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
30 #include <stdio.h>
31
32 #include "gtest/gtest.h"
33
>>> CID 742242: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::<unnamed>::ClassUniqueToAlwaysTrue" is thrown and never caught.
34 GTEST_API_ int main(int argc, char **argv) {
35 printf("Running main() from gtest_main.cc\n");
36 testing::InitGoogleTest(&argc, argv);
37 return RUN_ALL_TESTS();
** CID 742243: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest_main.cc: 34 in main()
________________________________________________________________________________________________________
*** CID 742243: Error handling issues (UNCAUGHT_EXCEPT)
/home/brad/working/src/ceph/src/googletest/googletest/src/gtest_main.cc: 34 in main()
28 // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29
30 #include <stdio.h>
31
32 #include "gtest/gtest.h"
33
>>> CID 742243: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "testing::internal::GoogleTestFailureException" is thrown and never caught.
34 GTEST_API_ int main(int argc, char **argv) {
35 printf("Running main() from gtest_main.cc\n");
36 testing::InitGoogleTest(&argc, argv);
37 return RUN_ALL_TESTS();
** CID 751307: Uninitialized members (UNINIT_CTOR)
/boost/include/boost/asio/detail/buffer_sequence_adapter.hpp: 115 in boost::asio::detail::buffer_sequence_adapter<boost::asio::const_buffer, boost::asio::detail::consuming_buffers<boost::asio::const_buffer, boost::asio::const_buffers_1>>::buffer_sequence_adapter(const boost::asio::detail::consuming_buffers<boost::asio::const_buffer, boost::asio::const_buffers_1> &)()
________________________________________________________________________________________________________
*** CID 751307: Uninitialized members (UNINIT_CTOR)
/boost/include/boost/asio/detail/buffer_sequence_adapter.hpp: 115 in boost::asio::detail::buffer_sequence_adapter<boost::asio::const_buffer, boost::asio::detail::consuming_buffers<boost::asio::const_buffer, boost::asio::const_buffers_1>>::buffer_sequence_adapter(const boost::asio::detail::consuming_buffers<boost::asio::const_buffer, boost::asio::const_buffers_1> &)()
109 for (; iter != end && count_ < max_buffers; ++iter, ++count_)
110 {
111 Buffer buffer(*iter);
112 init_native_buffer(buffers_[count_], buffer);
113 total_buffer_size_ += boost::asio::buffer_size(buffer);
114 }
>>> CID 751307: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "buffers_.iov_len" is not initialized in this constructor nor in any functions that it calls.
115 }
116
117 native_buffer_type* buffers()
118 {
119 return buffers_;
120 }
** CID 751308: Uninitialized members (UNINIT_CTOR)
/boost/include/boost/asio/detail/consuming_buffers.hpp: 54 in boost::asio::detail::consuming_buffers_iterator<boost::asio::const_buffer, const boost::asio::const_buffer *>::consuming_buffers_iterator()()
________________________________________________________________________________________________________
*** CID 751308: Uninitialized members (UNINIT_CTOR)
/boost/include/boost/asio/detail/consuming_buffers.hpp: 54 in boost::asio::detail::consuming_buffers_iterator<boost::asio::const_buffer, const boost::asio::const_buffer *>::consuming_buffers_iterator()()
48 typedef std::forward_iterator_tag iterator_category;
49
50 // Default constructor creates an end iterator.
51 consuming_buffers_iterator()
52 : at_end_(true)
53 {
>>> CID 751308: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "max_size_" is not initialized in this constructor nor in any functions that it calls.
54 }
55
56 // Construct with a buffer for the first entry and an iterator
57 // range for the remaining entries.
58 consuming_buffers_iterator(bool at_end, const Buffer& first,
59 Buffer_Iterator begin_remainder, Buffer_Iterator end_remainder,
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaGCnxtQO9E3gxlB2GxVsWFENryh7bC5hIb-2FQBVM85YLQ-3D-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E0eKxoWGBuHkFwxOZeOe5PI-2Bbcsr6tQSnc9tVa3u-2FbK4gI5-2Bj1KFhVT-2FqKt3ST-2BS5C2G-2FR-2Fg4esuav13LzJjeBVhJ7JiW5se2WO3seQh7vRlquG0-2F5D05IZe-2BWcgsJ4hURDuUGMWFAczNEXWTvVpjvncidzDEV-2B372GG603Vyhn8kX5mdNESPnPfiiKi5kbt4-3D
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4Bco8jcmzhh7FSyvoR0E3-2BDgRcBCQ6OuthHBtaTCGNq9zoLsiw8NWrIF2zsdhfTt-2FbHjZ2ToL3Et9v1-2BrDLungAOjHpQtOY-2BsyLiTVCQEUCU-3D_2sw0G7ICm9mxCh1lYW1t9y1lfDrIerWzLwB67LZ-2Bn8E0eKxoWGBuHkFwxOZeOe5PI-2Bbcsr6tQSnc9tVa3u-2FbKxaLdtQjVCT5IYYfJWC2tbsa7HfgSYE3-2Fqr1UXcDtJ-2BoNSM86-2BbOfMmTgjTw2k1aQ5J2qq58FagkPQtnbwiwp7YP1v4SiRamBj7ZIOb3SgKRA-2FdU1d6r8dO-2B4jsbcC2LQx12Ozi4AgqnjxXlYPw-2FwL8-3D
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-03-19 17:58 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-03-19 17:58 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
7 new defect(s) introduced to ceph found with Coverity Scan.
17 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 7 of 7 defect(s)
** CID 1356901: Error handling issues (CHECKED_RETURN)
/tools/scratchtoolpp.cc: 68 in main()
________________________________________________________________________________________________________
*** CID 1356901: Error handling issues (CHECKED_RETURN)
/tools/scratchtoolpp.cc: 68 in main()
62 }
63
64 if (rados.conf_read_file(NULL)) {
65 cerr << "couldn't read configuration file." << std::endl;
66 exit(1);
67 }
>>> CID 1356901: Error handling issues (CHECKED_RETURN)
>>> Calling "conf_parse_argv" without checking return value (as is done elsewhere 4 out of 5 times).
68 rados.conf_parse_argv(argc, argv);
69
70 if (!rados.conf_set("config option that doesn't exist",
71 "some random value")) {
72 printf("error: succeeded in setting nonexistent config option\n");
73 exit(1);
** CID 1356903: Program hangs (INFINITE_LOOP)
/librados/IoCtxImpl.cc: 688 in librados::IoCtxImpl::operate(const object_t &, ObjectOperation *, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, int)()
________________________________________________________________________________________________________
*** CID 1356903: Program hangs (INFINITE_LOOP)
/librados/IoCtxImpl.cc: 688 in librados::IoCtxImpl::operate(const object_t &, ObjectOperation *, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, int)()
682 Objecter::Op *objecter_op = objecter->prepare_mutate_op(oid, oloc,
683 *o, snapc, ut, flags,
684 NULL, oncommit, &ver);
685 objecter->op_submit(objecter_op);
686
687 mylock.Lock();
>>> CID 1356903: Program hangs (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
688 while (!done)
689 cond.Wait(mylock);
690 mylock.Unlock();
691 ldout(client->cct, 10) << "Objecter returned from "
692 << ceph_osd_op_name(op) << " r=" << r << dendl;
693
** CID 1356904: (NULL_RETURNS)
/osd/OSD.cc: 3567 in OSD::handle_pg_peering_evt(spg_t, const pg_history_t &, std::map<unsigned int, pg_interval_t, std::less<unsigned int>, std::allocator<std::pair<const unsigned int, pg_interval_t>>> &, unsigned int, bool, std::shared_ptr<PG::CephPeeringEvt>)()
/osd/OSD.cc: 3575 in OSD::handle_pg_peering_evt(spg_t, const pg_history_t &, std::map<unsigned int, pg_interval_t, std::less<unsigned int>, std::allocator<std::pair<const unsigned int, pg_interval_t>>> &, unsigned int, bool, std::shared_ptr<PG::CephPeeringEvt>)()
________________________________________________________________________________________________________
*** CID 1356904: (NULL_RETURNS)
/osd/OSD.cc: 3567 in OSD::handle_pg_peering_evt(spg_t, const pg_history_t &, std::map<unsigned int, pg_interval_t, std::less<unsigned int>, std::allocator<std::pair<const unsigned int, pg_interval_t>>> &, unsigned int, bool, std::shared_ptr<PG::CephPeeringEvt>)()
3561 return;
3562 }
3563 }
3564 } else {
3565 // already had it. did the mapping change?
3566 PG *pg = _lookup_lock_pg(pgid);
>>> CID 1356904: (NULL_RETURNS)
>>> Dereferencing a null pointer "pg".
3567 if (same_primary && epoch < pg->info.history.same_primary_since) {
3568 dout(10) << "get_or_create_pg " << pgid << " primary changed in "
3569 << pg->info.history.same_primary_since
3570 << " (msg from " << epoch << ")"
3571 << dendl;
3572 pg->unlock();
/osd/OSD.cc: 3575 in OSD::handle_pg_peering_evt(spg_t, const pg_history_t &, std::map<unsigned int, pg_interval_t, std::less<unsigned int>, std::allocator<std::pair<const unsigned int, pg_interval_t>>> &, unsigned int, bool, std::shared_ptr<PG::CephPeeringEvt>)()
3569 << pg->info.history.same_primary_since
3570 << " (msg from " << epoch << ")"
3571 << dendl;
3572 pg->unlock();
3573 return;
3574 }
>>> CID 1356904: (NULL_RETURNS)
>>> Dereferencing a null pointer "pg".
3575 if (!same_primary && epoch < pg->info.history.same_interval_since) {
3576 dout(10) << *pg << " get_or_create_pg acting changed in "
3577 << pg->info.history.same_interval_since
3578 << " (msg from " << epoch << ")" << dendl;
3579 pg->unlock();
3580 return;
** CID 1356905: Resource leaks (RESOURCE_LEAK)
/rgw/rgw_rados.cc: 6566 in RGWRados::fetch_remote_obj(RGWObjectCtx &, const rgw_user &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, req_info *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, rgw_obj &, rgw_obj &, RGWBucketInfo &, RGWBucketInfo &, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, const std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *,
const std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, bool, const char *, const char *, RGWRados::AttrsMod, bo
ol, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> &, RGWObjCategory, unsigned long, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, rgw_err *, void (*)(long, void *), void *)()
________________________________________________________________________________________________________
*** CID 1356905: Resource leaks (RESOURCE_LEAK)
/rgw/rgw_rados.cc: 6566 in RGWRados::fetch_remote_obj(RGWObjectCtx &, const rgw_user &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, req_info *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, rgw_obj &, rgw_obj &, RGWBucketInfo &, RGWBucketInfo &, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, const std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *,
const std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>> *, bool, const char *, const char *, RGWRados::AttrsMod, bo
ol, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> &, RGWObjCategory, unsigned long, std::chrono::time_point<ceph::time_detail::real_clock, std::chrono::duration<unsigned long, std::ratio<(long)1, (long)1000000000>>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, rgw_err *, void (*)(long, void *), void *)()
6560 ret = 0;
6561 }
6562 int r = opstate.set_state(state);
6563 if (r < 0) {
6564 ldout(cct, 0) << "ERROR: failed to set opstate r=" << ret << dendl;
6565 }
>>> CID 1356905: Resource leaks (RESOURCE_LEAK)
>>> Variable "in_stream_req" going out of scope leaks the storage it points to.
6566 return ret;
6567 }
6568
6569
6570 int RGWRados::copy_obj_to_remote_dest(RGWObjState *astate,
6571 map<string, bufferlist>& src_attrs,
** CID 1356906: Uninitialized members (UNINIT_CTOR)
/tools/rbd_mirror/image_sync/ObjectCopyRequest.cc: 38 in rbd::mirror::image_sync::ObjectCopyRequest<librbd::ImageCtx>::ObjectCopyRequest(librbd::ImageCtx *, librbd::ImageCtx *, const std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long>>, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, std::vector<unsigned long, std::allocator<unsigned long>>>>> *, unsigned long, Context *)()
________________________________________________________________________________________________________
*** CID 1356906: Uninitialized members (UNINIT_CTOR)
/tools/rbd_mirror/image_sync/ObjectCopyRequest.cc: 38 in rbd::mirror::image_sync::ObjectCopyRequest<librbd::ImageCtx>::ObjectCopyRequest(librbd::ImageCtx *, librbd::ImageCtx *, const std::map<unsigned long, std::vector<unsigned long, std::allocator<unsigned long>>, std::less<unsigned long>, std::allocator<std::pair<const unsigned long, std::vector<unsigned long, std::allocator<unsigned long>>>>> *, unsigned long, Context *)()
32
33 m_local_io_ctx.dup(m_local_image_ctx->data_ctx);
34 m_local_oid = m_local_image_ctx->get_object_name(object_number);
35
36 m_remote_io_ctx.dup(m_remote_image_ctx->data_ctx);
37 m_remote_oid = m_remote_image_ctx->get_object_name(object_number);
>>> CID 1356906: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_snap_ret" is not initialized in this constructor nor in any functions that it calls.
38 }
39
40 template <typename I>
41 void ObjectCopyRequest<I>::send() {
42 send_list_snaps();
43 }
** CID 1356907: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 2285 in RGWRados::Object::Stat::Result::Result()()
________________________________________________________________________________________________________
*** CID 1356907: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 2285 in RGWRados::Object::Stat::Result::Result()()
2279 RGWObjManifest manifest;
2280 bool has_manifest;
2281 uint64_t size;
2282 struct timespec mtime;
2283 map<string, bufferlist> attrs;
2284
>>> CID 1356907: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "mtime.tv_nsec" is not initialized in this constructor nor in any functions that it calls.
2285 Result() : has_manifest(false), size(0) {}
2286 } result;
2287
2288 struct State {
2289 librados::IoCtx io_ctx;
2290 librados::AioCompletion *completion;
** CID 1356908: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_cr_rados.h: 25 in RGWAsyncRadosRequest::RGWAsyncRadosRequest(RGWCoroutine *, RGWAioCompletionNotifier *)()
________________________________________________________________________________________________________
*** CID 1356908: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_cr_rados.h: 25 in RGWAsyncRadosRequest::RGWAsyncRadosRequest(RGWCoroutine *, RGWAioCompletionNotifier *)()
19 protected:
20 virtual int _send_request() = 0;
21 public:
22 RGWAsyncRadosRequest(RGWCoroutine *_caller, RGWAioCompletionNotifier *_cn) : caller(_caller), notifier(_cn),
23 done(false), lock("RGWAsyncRadosRequest::lock") {
24 caller->get();
>>> CID 1356908: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "retcode" is not initialized in this constructor nor in any functions that it calls.
25 }
26 virtual ~RGWAsyncRadosRequest() {
27 caller->put();
28 }
29
30 void send_request() {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-03-13 17:40 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-03-13 17:40 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
6 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 1352184: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_lib.h: 35 in rgw::RGWLib::RGWLib()()
________________________________________________________________________________________________________
*** CID 1352184: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_lib.h: 35 in rgw::RGWLib::RGWLib()()
29 rgw::LDAPHelper* ldh;
30 RGWREST rest; // XXX needed for RGWProcessEnv
31 RGWRados* store;
32
33 public:
34 RGWLib() : fec(nullptr), fe(nullptr), olog(nullptr), store(nullptr)
>>> CID 1352184: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "ldh" is not initialized in this constructor nor in any functions that it calls.
35 {}
36 ~RGWLib() {}
37
38 RGWRados* get_store() { return store; }
39
40 RGWLibFrontend* get_fe() { return fe; }
** CID 1355599: Error handling issues (CHECKED_RETURN)
/rgw/rgw_token.h: 89 in rgw::RGWToken::RGWToken(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 1355599: Error handling issues (CHECKED_RETURN)
/rgw/rgw_token.h: 89 in rgw::RGWToken::RGWToken(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
83 RGWToken(enum token_type _type, const std::string& _id,
84 const std::string& _key)
85 : type(_type), id(_id), key(_key) {};
86
87 RGWToken(const string& json) {
88 JSONParser p;
>>> CID 1355599: Error handling issues (CHECKED_RETURN)
>>> Calling "parse" without checking return value (as is done elsewhere 35 out of 36 times).
89 p.parse(json.c_str(), json.length());
90 JSONDecoder::decode_json(RGWToken::type_name, *this, &p);
91 }
92
93 void encode(bufferlist& bl) const {
94 uint32_t ver = version();
** CID 1355600: Error handling issues (UNCAUGHT_EXCEPT)
/rgw/rgw_token.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 1355600: Error handling issues (UNCAUGHT_EXCEPT)
/rgw/rgw_token.cc: 60 in main()
54 << std::endl;
55 cout << "\t <token type> := ad | ldap" << std::endl;
56 cout << "\n";
57 generic_client_usage();
58 }
59
>>> CID 1355600: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "JSONDecoder::err" is thrown and never caught.
60 int main(int argc, char **argv)
61 {
62 std::string val;
63 vector<const char*> args;
64 argv_to_vec(argc, (const char **)argv, args);
65 env_to_vec(args);
** CID 1355601: Error handling issues (UNCAUGHT_EXCEPT)
/rgw/rgw_token.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 1355601: Error handling issues (UNCAUGHT_EXCEPT)
/rgw/rgw_token.cc: 60 in main()
54 << std::endl;
55 cout << "\t <token type> := ad | ldap" << std::endl;
56 cout << "\n";
57 generic_client_usage();
58 }
59
>>> CID 1355601: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::bad_get" is thrown and never caught.
60 int main(int argc, char **argv)
61 {
62 std::string val;
63 vector<const char*> args;
64 argv_to_vec(argc, (const char **)argv, args);
65 env_to_vec(args);
** CID 1355602: (UNCAUGHT_EXCEPT)
/rgw/rgw_token.cc: 60 in main()
/rgw/rgw_token.cc: 60 in main()
________________________________________________________________________________________________________
*** CID 1355602: (UNCAUGHT_EXCEPT)
/rgw/rgw_token.cc: 60 in main()
54 << std::endl;
55 cout << "\t <token type> := ad | ldap" << std::endl;
56 cout << "\n";
57 generic_client_usage();
58 }
59
>>> CID 1355602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
60 int main(int argc, char **argv)
61 {
62 std::string val;
63 vector<const char*> args;
64 argv_to_vec(argc, (const char **)argv, args);
65 env_to_vec(args);
/rgw/rgw_token.cc: 60 in main()
54 << std::endl;
55 cout << "\t <token type> := ad | ldap" << std::endl;
56 cout << "\n";
57 generic_client_usage();
58 }
59
>>> CID 1355602: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
60 int main(int argc, char **argv)
61 {
62 std::string val;
63 vector<const char*> args;
64 argv_to_vec(argc, (const char **)argv, args);
65 env_to_vec(args);
** CID 1355603: Control flow issues (UNREACHABLE)
/rgw/rgw_token.h: 65 in rgw::RGWToken::from_type(rgw::RGWToken::token_type)()
________________________________________________________________________________________________________
*** CID 1355603: Control flow issues (UNREACHABLE)
/rgw/rgw_token.h: 65 in rgw::RGWToken::from_type(rgw::RGWToken::token_type)()
59 case TOKEN_KEYSTONE:
60 return "keystone";
61 break;
62 default:
63 return "none";
64 };
>>> CID 1355603: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "return "none";".
65 return "none";
66 }
67
68 token_type type;
69 string id;
70 string key;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-03-12 18:04 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-03-12 18:04 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
15 new defect(s) introduced to ceph found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 15 of 15 defect(s)
** CID 1355567: Error handling issues (CHECKED_RETURN)
/os/filestore/FileStore.cc: 3249 in FileStore::_write(const coll_t &, const ghobject_t &, unsigned long, unsigned long, const ceph::buffer::list &, unsigned int)()
________________________________________________________________________________________________________
*** CID 1355567: Error handling issues (CHECKED_RETURN)
/os/filestore/FileStore.cc: 3249 in FileStore::_write(const coll_t &, const ghobject_t &, unsigned long, unsigned long, const ceph::buffer::list &, unsigned int)()
3243 int rc = backend->_crc_update_write(**fd, offset, len, bl);
3244 assert(rc >= 0);
3245 }
3246
3247 if (replaying || m_disable_wbthrottle) {
3248 if (fadvise_flags & CEPH_OSD_OP_FLAG_FADVISE_DONTNEED) {
>>> CID 1355567: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(**fd, 0L, 0L, 4)" without checking return value. This library function may fail and return an error code.
3249 posix_fadvise(**fd, 0, 0, POSIX_FADV_DONTNEED);
3250 }
3251 } else {
3252 wbthrottle.queue_wb(fd, oid, offset, len,
3253 fadvise_flags & CEPH_OSD_OP_FLAG_FADVISE_DONTNEED);
3254 }
** CID 1355568: Error handling issues (CHECKED_RETURN)
/global/global_init.cc: 186 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *, bool)()
________________________________________________________________________________________________________
*** CID 1355568: Error handling issues (CHECKED_RETURN)
/global/global_init.cc: 186 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *, bool)()
180 if (g_conf->setgroup.length() > 0) {
181 gid = atoi(g_conf->setgroup.c_str());
182 if (!gid) {
183 char buf[4096];
184 struct group gr;
185 struct group *g = 0;
>>> CID 1355568: Error handling issues (CHECKED_RETURN)
>>> Calling "getgrnam_r(g_conf->setgroup.c_str(), &gr, buf, 4096UL, &g)" without checking return value. This library function may fail and return an error code.
186 getgrnam_r(g_conf->setgroup.c_str(), &gr, buf, sizeof(buf), &g);
187 if (!g) {
188 cerr << "unable to look up group '" << g_conf->setgroup << "'"
189 << std::endl;
190 exit(1);
191 }
** CID 1355569: Incorrect expression (COPY_PASTE_ERROR)
/osd/OSDMap.cc: 3021 in OSDMap::summarize_mapping_stats(OSDMap*, const std::set<long, std::less<long>, std::allocator<long>> *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, ceph::Formatter *) const()
________________________________________________________________________________________________________
*** CID 1355569: Incorrect expression (COPY_PASTE_ERROR)
/osd/OSDMap.cc: 3021 in OSDMap::summarize_mapping_stats(OSDMap*, const std::set<long, std::less<long>, std::allocator<long>> *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*, ceph::Formatter *) const()
3015 if (f) {
3016 f->dump_unsigned("max_osd", max);
3017 f->dump_unsigned("max_osd_pgs", max_base_pg);
3018 if (newmap)
3019 f->dump_unsigned("new_max_osd_pgs", max_new_pg);
3020 } else {
>>> CID 1355569: Incorrect expression (COPY_PASTE_ERROR)
>>> "min" in "(ss << "max osd.") << min" looks like a copy-paste error.
3021 ss << "max osd." << min << " with " << max_base_pg;
3022 if (newmap)
3023 ss << " -> " << max_new_pg;
3024 ss << " pgs (" << (float)max_base_pg / avg_pg;
3025 if (newmap)
3026 ss << " -> " << (float)max_new_pg / avg_pg;
** CID 1355570: Security best practices violations (DC.WEAK_CRYPTO)
/osd/OSD.h: 793 in OSDService::promote_throttle()()
________________________________________________________________________________________________________
*** CID 1355570: Security best practices violations (DC.WEAK_CRYPTO)
/osd/OSD.h: 793 in OSDService::promote_throttle()()
787 utime_t last_recalibrate;
788 unsigned long promote_max_objects, promote_max_bytes;
789
790 bool promote_throttle() {
791 // NOTE: lockless! we rely on the probability being a single word.
792 promote_counter.attempt();
>>> CID 1355570: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
793 if ((unsigned)rand() % 1000 > promote_probability_millis.read())
794 return true; // yes throttle (no promote)
795 if (promote_max_objects &&
796 promote_counter.objects.read() > promote_max_objects)
797 return true; // yes throttle
798 if (promote_max_bytes &&
** CID 1355571: Control flow issues (DEADCODE)
/mon/MDSMonitor.cc: 618 in MDSMonitor::prepare_beacon(std::shared_ptr<MonOpRequest>)()
________________________________________________________________________________________________________
*** CID 1355571: Control flow issues (DEADCODE)
/mon/MDSMonitor.cc: 618 in MDSMonitor::prepare_beacon(std::shared_ptr<MonOpRequest>)()
612 } else if (m->get_standby_for_rank() >= 0) {
613 // TODO get this from MDS message
614 // >>
615 fs_cluster_id_t target_ns = FS_CLUSTER_ID_NONE;
616 // <<
617
>>> CID 1355571: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "info.standby_for_ns" inside this statement: "target_role.mds_role_t(((ta...".
618 mds_role_t target_role = {
619 target_ns == FS_CLUSTER_ID_NONE ?
620 pending_fsmap.legacy_client_fscid : info.standby_for_ns,
621 m->get_standby_for_rank()};
622
623 if (target_role.fscid != FS_CLUSTER_ID_NONE) {
** CID 1355572: (INFINITE_LOOP)
/tools/cephfs/Resetter.cc: 57 in Resetter::reset(mds_role_t)()
/tools/cephfs/Resetter.cc: 95 in Resetter::reset(mds_role_t)()
________________________________________________________________________________________________________
*** CID 1355572: (INFINITE_LOOP)
/tools/cephfs/Resetter.cc: 57 in Resetter::reset(mds_role_t)()
51
52 lock.Lock();
53 journaler.recover(new C_SafeCond(&mylock, &cond, &done, &r));
54 lock.Unlock();
55
56 mylock.Lock();
>>> CID 1355572: (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
57 while (!done)
58 cond.Wait(mylock);
59 mylock.Unlock();
60
61 if (r != 0) {
62 if (r == -ENOENT) {
/tools/cephfs/Resetter.cc: 95 in Resetter::reset(mds_role_t)()
89
90 cout << "writing journal head" << std::endl;
91 journaler.write_head(new C_SafeCond(&mylock, &cond, &done, &r));
92 lock.Unlock();
93
94 mylock.Lock();
>>> CID 1355572: (INFINITE_LOOP)
>>> If "done" is initially false then it will remain false.
95 while (!done)
96 cond.Wait(mylock);
97 mylock.Unlock();
98
99 lock.Lock();
100 if (r != 0) {
** CID 1355573: Concurrent data access violations (MISSING_LOCK)
/tools/cephfs/MDSUtility.cc: 150 in MDSUtility::handle_mds_map(MFSMap *)()
________________________________________________________________________________________________________
*** CID 1355573: Concurrent data access violations (MISSING_LOCK)
/tools/cephfs/MDSUtility.cc: 150 in MDSUtility::handle_mds_map(MFSMap *)()
144
145 void MDSUtility::handle_mds_map(MFSMap* m)
146 {
147 fsmap->decode(m->get_encoded());
148 if (waiting_for_mds_map) {
149 waiting_for_mds_map->complete(0);
>>> CID 1355573: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->waiting_for_mds_map" without holding lock "Mutex._m". Elsewhere, "MDSUtility.waiting_for_mds_map" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
150 waiting_for_mds_map = NULL;
151 }
152 }
153
154
155 bool MDSUtility::ms_get_authorizer(int dest_type, AuthAuthorizer **authorizer,
** CID 1355574: Error handling issues (NEGATIVE_RETURNS)
/log/Log.cc: 144 in ceph::log::Log::reopen_log_file()()
________________________________________________________________________________________________________
*** CID 1355574: Error handling issues (NEGATIVE_RETURNS)
/log/Log.cc: 144 in ceph::log::Log::reopen_log_file()()
138 m_flush_mutex_holder = pthread_self();
139 if (m_fd >= 0)
140 VOID_TEMP_FAILURE_RETRY(::close(m_fd));
141 if (m_log_file.length()) {
142 m_fd = ::open(m_log_file.c_str(), O_CREAT|O_WRONLY|O_APPEND, 0644);
143 if (m_uid || m_gid) {
>>> CID 1355574: Error handling issues (NEGATIVE_RETURNS)
>>> "this->m_fd" is passed to a parameter that cannot be negative.
144 int r = ::fchown(m_fd, m_uid, m_gid);
145 if (r < 0) {
146 r = -errno;
147 cerr << "failed to chown " << m_log_file << ": " << cpp_strerror(r)
148 << std::endl;
149 }
** CID 1355575: Null pointer dereferences (NULL_RETURNS)
/mds/ScrubStack.cc: 148 in ScrubStack::scrub_dir_inode(CInode *, bool *, bool *, bool *)()
________________________________________________________________________________________________________
*** CID 1355575: Null pointer dereferences (NULL_RETURNS)
/mds/ScrubStack.cc: 148 in ScrubStack::scrub_dir_inode(CInode *, bool *, bool *, bool *)()
142 dout(20) << __func__ << " iterating over " << scrubbing_frags.size()
143 << " scrubbing frags" << dendl;
144 for (list<frag_t>::iterator i = scrubbing_frags.begin();
145 i != scrubbing_frags.end();
146 ++i) {
147 // turn frags into CDir *
>>> CID 1355575: Null pointer dereferences (NULL_RETURNS)
>>> Assigning: "dir" = null return value from "get_dirfrag".
148 CDir *dir = in->get_dirfrag(*i);
149 scrubbing_cdirs.push_back(dir);
150 dout(25) << __func__ << " got CDir " << *dir << " presently scrubbing" << dendl;
151 }
152
153
** CID 1355576: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1355576: Memory - corruptions (OVERRUN)
/mds/FSMap.cc: 216 in FSMap::encode(ceph::buffer::list &, unsigned long) const()
210 fs->mds_map.get_health(summary, detail);
211 }
212 }
213
214 void FSMap::encode(bufferlist& bl, uint64_t features) const
215 {
>>> CID 1355576: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
216 ENCODE_START(6, 6, bl);
217 ::encode(epoch, bl);
218 ::encode(next_filesystem_id, bl);
219 ::encode(legacy_client_fscid, bl);
220 ::encode(compat, bl);
221 ::encode(enable_multiple, bl);
** CID 1355577: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1355577: Memory - corruptions (OVERRUN)
/mds/FSMap.cc: 363 in Filesystem::encode(ceph::buffer::list &) const()
357 DECODE_FINISH(p);
358 }
359
360
361 void Filesystem::encode(bufferlist& bl) const
362 {
>>> CID 1355577: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
363 ENCODE_START(1, 1, bl);
364 ::encode(fscid, bl);
365 bufferlist mdsmap_bl;
366 mds_map.encode(mdsmap_bl, CEPH_FEATURE_PGID64 | CEPH_FEATURE_MDSENC);
367 ::encode(mdsmap_bl, bl);
368 ENCODE_FINISH(bl);
** CID 1355578: Performance inefficiencies (PASS_BY_VALUE)
/mds/FSMap.h: 339 in FSMap::update_compat(CompatSet)()
________________________________________________________________________________________________________
*** CID 1355578: Performance inefficiencies (PASS_BY_VALUE)
/mds/FSMap.h: 339 in FSMap::update_compat(CompatSet)()
333
334 /**
335 * A daemon has told us it's compat, and it's too new
336 * for the one we had previously. Impose the new one
337 * on all filesystems.
338 */
>>> CID 1355578: Performance inefficiencies (PASS_BY_VALUE)
>>> Passing parameter c of type "CompatSet" (size 168 bytes) by value.
339 void update_compat(CompatSet c)
340 {
341 // We could do something more complicated here to enable
342 // different filesystems to be served by different MDS versions,
343 // but this is a lot simpler because it doesn't require us to
344 // track the compat versions for standby daemons.
** CID 1355579: (RESOURCE_LEAK)
/test/libcephfs/test.cc: 1342 in LibCephFS_OpenNoClose_Test::TestBody()()
/test/libcephfs/test.cc: 1338 in LibCephFS_OpenNoClose_Test::TestBody()()
/test/libcephfs/test.cc: 1335 in LibCephFS_OpenNoClose_Test::TestBody()()
/test/libcephfs/test.cc: 1330 in LibCephFS_OpenNoClose_Test::TestBody()()
/test/libcephfs/test.cc: 1329 in LibCephFS_OpenNoClose_Test::TestBody()()
/test/libcephfs/test.cc: 1328 in LibCephFS_OpenNoClose_Test::TestBody()()
/test/libcephfs/test.cc: 1327 in LibCephFS_OpenNoClose_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1355579: (RESOURCE_LEAK)
/test/libcephfs/test.cc: 1342 in LibCephFS_OpenNoClose_Test::TestBody()()
1336
1337 struct ceph_dir_result *ls_dir = NULL;
1338 ASSERT_EQ(ceph_opendir(cmount, str_buf, &ls_dir), 0);
1339
1340 sprintf(str_buf, "open_no_close_file%d", mypid);
1341 int fd = ceph_open(cmount, str_buf, O_RDONLY|O_CREAT, 0666);
>>> CID 1355579: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1342 ASSERT_LT(0, fd);
1343
1344 // shutdown should force close opened file/dir
1345 ceph_shutdown(cmount);
/test/libcephfs/test.cc: 1338 in LibCephFS_OpenNoClose_Test::TestBody()()
1332 pid_t mypid = getpid();
1333 char str_buf[256];
1334 sprintf(str_buf, "open_no_close_dir%d", mypid);
1335 ASSERT_EQ(0, ceph_mkdirs(cmount, str_buf, 0777));
1336
1337 struct ceph_dir_result *ls_dir = NULL;
>>> CID 1355579: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1338 ASSERT_EQ(ceph_opendir(cmount, str_buf, &ls_dir), 0);
1339
1340 sprintf(str_buf, "open_no_close_file%d", mypid);
1341 int fd = ceph_open(cmount, str_buf, O_RDONLY|O_CREAT, 0666);
1342 ASSERT_LT(0, fd);
1343
1344 // shutdown should force close opened file/dir
1345 ceph_shutdown(cmount);
/test/libcephfs/test.cc: 1335 in LibCephFS_OpenNoClose_Test::TestBody()()
1329 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1330 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1331
1332 pid_t mypid = getpid();
1333 char str_buf[256];
1334 sprintf(str_buf, "open_no_close_dir%d", mypid);
>>> CID 1355579: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1335 ASSERT_EQ(0, ceph_mkdirs(cmount, str_buf, 0777));
1336
1337 struct ceph_dir_result *ls_dir = NULL;
1338 ASSERT_EQ(ceph_opendir(cmount, str_buf, &ls_dir), 0);
1339
1340 sprintf(str_buf, "open_no_close_file%d", mypid);
/test/libcephfs/test.cc: 1330 in LibCephFS_OpenNoClose_Test::TestBody()()
1324
1325 TEST(LibCephFS, OpenNoClose) {
1326 struct ceph_mount_info *cmount;
1327 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1328 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1329 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
>>> CID 1355579: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1330 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1331
1332 pid_t mypid = getpid();
1333 char str_buf[256];
1334 sprintf(str_buf, "open_no_close_dir%d", mypid);
1335 ASSERT_EQ(0, ceph_mkdirs(cmount, str_buf, 0777));
/test/libcephfs/test.cc: 1329 in LibCephFS_OpenNoClose_Test::TestBody()()
1323 }
1324
1325 TEST(LibCephFS, OpenNoClose) {
1326 struct ceph_mount_info *cmount;
1327 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1328 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
>>> CID 1355579: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1329 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1330 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1331
1332 pid_t mypid = getpid();
1333 char str_buf[256];
1334 sprintf(str_buf, "open_no_close_dir%d", mypid);
/test/libcephfs/test.cc: 1328 in LibCephFS_OpenNoClose_Test::TestBody()()
1322 ceph_shutdown(cmount);
1323 }
1324
1325 TEST(LibCephFS, OpenNoClose) {
1326 struct ceph_mount_info *cmount;
1327 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
>>> CID 1355579: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1328 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1329 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1330 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1331
1332 pid_t mypid = getpid();
1333 char str_buf[256];
/test/libcephfs/test.cc: 1327 in LibCephFS_OpenNoClose_Test::TestBody()()
1321
1322 ceph_shutdown(cmount);
1323 }
1324
1325 TEST(LibCephFS, OpenNoClose) {
1326 struct ceph_mount_info *cmount;
>>> CID 1355579: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
1327 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
1328 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
1329 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
1330 ASSERT_EQ(ceph_mount(cmount, "/"), 0);
1331
1332 pid_t mypid = getpid();
** CID 1355580: Resource leaks (RESOURCE_LEAK)
/global/global_init.cc: 286 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *, bool)()
________________________________________________________________________________________________________
*** CID 1355580: Resource leaks (RESOURCE_LEAK)
/global/global_init.cc: 286 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *, bool)()
280 // test leak checking
281 if (g_conf->debug_deliberately_leak_memory) {
282 derr << "deliberately leaking some memory" << dendl;
283 char *s = new char[1234567];
284 (void)s;
285 // cppcheck-suppress memleak
>>> CID 1355580: Resource leaks (RESOURCE_LEAK)
>>> Variable "s" going out of scope leaks the storage it points to.
286 }
287
288 if (code_env == CODE_ENVIRONMENT_DAEMON && !(flags & CINIT_FLAG_NO_DAEMON_ACTIONS))
289 output_ceph_version();
290 }
291
** CID 1355581: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_sync.h: 433 in RGWShardCollectCR::RGWShardCollectCR(CephContext *, int)()
________________________________________________________________________________________________________
*** CID 1355581: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_sync.h: 433 in RGWShardCollectCR::RGWShardCollectCR(CephContext *, int)()
427 int status;
428
429 public:
430 RGWShardCollectCR(CephContext *_cct, int _max_concurrent) : RGWCoroutine(_cct),
431 current_running(0),
432 max_concurrent(_max_concurrent),
>>> CID 1355581: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "cur_shard" is not initialized in this constructor nor in any functions that it calls.
433 status(0) {}
434
435 virtual bool spawn_next() = 0;
436 int operate();
437 };
438
439
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2016-03-05 17:55 scan-admin
@ 2016-03-07 20:59 ` Gregory Farnum
0 siblings, 0 replies; 124+ messages in thread
From: Gregory Farnum @ 2016-03-07 20:59 UTC (permalink / raw)
To: John Spray; +Cc: ceph-devel
There's a lot of stuff here in cephfs.c. I gather this is
auto-generated code from cython, but maybe look over the errors and
see if there's something going on in the Cython input we're providing
that would lead to these outcomes? :/
-Greg
On Sat, Mar 5, 2016 at 9:55 AM, <scan-admin@coverity.com> wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 72 new defect(s) introduced to ceph found with Coverity Scan.
> 29 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 20 of 72 defect(s)
>
>
> ** CID 1355178: (BAD_SHIFT)
> /common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
> /common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
> /common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355178: (BAD_SHIFT)
> /common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
> 167 return 0;
> 168 }
> 169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
> 170 *err = "strict_sistrtoll: value seems to be too small";
> 171 return 0;
> 172 }
>>>> CID 1355178: (BAD_SHIFT)
>>>> In expression "0x7fffffff >> m", right shifting by more than 31 bits has undefined behavior. The shift amount, "m", is 40.
> 173 if (ll > std::numeric_limits<T>::max() >> m) {
> 174 *err = "strict_sistrtoll: value seems to be too large";
> 175 return 0;
> 176
> 177 }
> 178 return (ll << m);
> /common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
> 167 return 0;
> 168 }
> 169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
> 170 *err = "strict_sistrtoll: value seems to be too small";
> 171 return 0;
> 172 }
>>>> CID 1355178: (BAD_SHIFT)
>>>> In expression "0x7fffffff >> m", right shifting by more than 31 bits has undefined behavior. The shift amount, "m", is 50.
> 173 if (ll > std::numeric_limits<T>::max() >> m) {
> 174 *err = "strict_sistrtoll: value seems to be too large";
> 175 return 0;
> 176
> 177 }
> 178 return (ll << m);
> /common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
> 167 return 0;
> 168 }
> 169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
> 170 *err = "strict_sistrtoll: value seems to be too small";
> 171 return 0;
> 172 }
>>>> CID 1355178: (BAD_SHIFT)
>>>> In expression "0x7fffffff >> m", right shifting by more than 31 bits has undefined behavior. The shift amount, "m", is 60.
> 173 if (ll > std::numeric_limits<T>::max() >> m) {
> 174 *err = "strict_sistrtoll: value seems to be too large";
> 175 return 0;
> 176
> 177 }
> 178 return (ll << m);
>
> ** CID 1355179: Control flow issues (DEADCODE)
> /common/strtol.cc: 170 in strict_si_cast<unsigned long>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355179: Control flow issues (DEADCODE)
> /common/strtol.cc: 170 in strict_si_cast<unsigned long>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
> 164 long long ll = strict_strtoll(s.c_str(), 10, err);
> 165 if (ll < 0 && !std::numeric_limits<T>::is_signed) {
> 166 *err = "strict_sistrtoll: value should not be negative";
> 167 return 0;
> 168 }
> 169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
>>>> CID 1355179: Control flow issues (DEADCODE)
>>>> Execution cannot reach this statement: "(*err) = ("strict_sistrtoll...".
> 170 *err = "strict_sistrtoll: value seems to be too small";
> 171 return 0;
> 172 }
> 173 if (ll > std::numeric_limits<T>::max() >> m) {
> 174 *err = "strict_sistrtoll: value seems to be too large";
> 175 return 0;
>
> ** CID 1355180: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 1833 in __pyx_pw_6cephfs_1cstr()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355180: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 1833 in __pyx_pw_6cephfs_1cstr()
> 1827 }
> 1828 kw_args = PyDict_Size(__pyx_kwds);
> 1829 switch (pos_args) {
> 1830 case 0:
> 1831 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_val)) != 0)) kw_args--;
> 1832 else goto __pyx_L5_argtuple_error;
>>>> CID 1355180: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 1833 case 1:
> 1834 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
> 1835 else {
> 1836 __Pyx_RaiseArgtupleInvalid("cstr", 0, 2, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 238; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 1837 }
> 1838 case 2:
>
> ** CID 1355181: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 1838 in __pyx_pw_6cephfs_1cstr()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355181: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 1838 in __pyx_pw_6cephfs_1cstr()
> 1832 else goto __pyx_L5_argtuple_error;
> 1833 case 1:
> 1834 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
> 1835 else {
> 1836 __Pyx_RaiseArgtupleInvalid("cstr", 0, 2, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 238; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 1837 }
>>>> CID 1355181: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 1838 case 2:
> 1839 if (kw_args > 0) {
> 1840 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
> 1841 if (value) { values[2] = value; kw_args--; }
> 1842 }
> 1843 case 3:
>
> ** CID 1355182: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 1843 in __pyx_pw_6cephfs_1cstr()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355182: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 1843 in __pyx_pw_6cephfs_1cstr()
> 1837 }
> 1838 case 2:
> 1839 if (kw_args > 0) {
> 1840 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
> 1841 if (value) { values[2] = value; kw_args--; }
> 1842 }
>>>> CID 1355182: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 1843 case 3:
> 1844 if (kw_args > 0) {
> 1845 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_opt);
> 1846 if (value) { values[3] = value; kw_args--; }
> 1847 }
> 1848 }
>
> ** CID 1355183: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2089 in __pyx_pw_6cephfs_3cstr_list()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355183: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2089 in __pyx_pw_6cephfs_3cstr_list()
> 2083 }
> 2084 kw_args = PyDict_Size(__pyx_kwds);
> 2085 switch (pos_args) {
> 2086 case 0:
> 2087 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_list_str)) != 0)) kw_args--;
> 2088 else goto __pyx_L5_argtuple_error;
>>>> CID 1355183: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 2089 case 1:
> 2090 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
> 2091 else {
> 2092 __Pyx_RaiseArgtupleInvalid("cstr_list", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 259; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 2093 }
> 2094 case 2:
>
> ** CID 1355184: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2094 in __pyx_pw_6cephfs_3cstr_list()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355184: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2094 in __pyx_pw_6cephfs_3cstr_list()
> 2088 else goto __pyx_L5_argtuple_error;
> 2089 case 1:
> 2090 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
> 2091 else {
> 2092 __Pyx_RaiseArgtupleInvalid("cstr_list", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 259; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 2093 }
>>>> CID 1355184: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 2094 case 2:
> 2095 if (kw_args > 0) {
> 2096 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
> 2097 if (value) { values[2] = value; kw_args--; }
> 2098 }
> 2099 }
>
> ** CID 1355185: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2299 in __pyx_pw_6cephfs_5decode_cstr()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355185: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2299 in __pyx_pw_6cephfs_5decode_cstr()
> 2293 }
> 2294 kw_args = PyDict_Size(__pyx_kwds);
> 2295 switch (pos_args) {
> 2296 case 0:
> 2297 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_val)) != 0)) kw_args--;
> 2298 else goto __pyx_L5_argtuple_error;
>>>> CID 1355185: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 2299 case 1:
> 2300 if (kw_args > 0) {
> 2301 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
> 2302 if (value) { values[1] = value; kw_args--; }
> 2303 }
> 2304 }
>
> ** CID 1355186: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 4558 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355186: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 4558 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
> 4552 }
> 4553 kw_args = PyDict_Size(__pyx_kwds);
> 4554 switch (pos_args) {
> 4555 case 0:
> 4556 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_type)) != 0)) kw_args--;
> 4557 else goto __pyx_L5_argtuple_error;
>>>> CID 1355186: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 4558 case 1:
> 4559 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_value)) != 0)) kw_args--;
> 4560 else {
> 4561 __Pyx_RaiseArgtupleInvalid("__exit__", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 392; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 4562 }
> 4563 case 2:
>
> ** CID 1355187: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 4563 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355187: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 4563 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
> 4557 else goto __pyx_L5_argtuple_error;
> 4558 case 1:
> 4559 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_value)) != 0)) kw_args--;
> 4560 else {
> 4561 __Pyx_RaiseArgtupleInvalid("__exit__", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 392; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 4562 }
>>>> CID 1355187: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 4563 case 2:
> 4564 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_traceback)) != 0)) kw_args--;
> 4565 else {
> 4566 __Pyx_RaiseArgtupleInvalid("__exit__", 1, 3, 3, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 392; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 4567 }
> 4568 }
>
> ** CID 1355188: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 5345 in __pyx_pw_6cephfs_9LibCephFS_25conf_set()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355188: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 5345 in __pyx_pw_6cephfs_9LibCephFS_25conf_set()
> 5339 }
> 5340 kw_args = PyDict_Size(__pyx_kwds);
> 5341 switch (pos_args) {
> 5342 case 0:
> 5343 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_option)) != 0)) kw_args--;
> 5344 else goto __pyx_L5_argtuple_error;
>>>> CID 1355188: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 5345 case 1:
> 5346 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_val)) != 0)) kw_args--;
> 5347 else {
> 5348 __Pyx_RaiseArgtupleInvalid("conf_set", 1, 2, 2, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 439; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 5349 }
> 5350 }
>
> ** CID 1355189: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2874 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355189: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2874 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
> 2868 switch (pos_args) {
> 2869 case 0:
> 2870 if (kw_args > 0) {
> 2871 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_conf);
> 2872 if (value) { values[0] = value; kw_args--; }
> 2873 }
>>>> CID 1355189: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 2874 case 1:
> 2875 if (kw_args > 0) {
> 2876 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_conffile);
> 2877 if (value) { values[1] = value; kw_args--; }
> 2878 }
> 2879 case 2:
>
> ** CID 1355190: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2879 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355190: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2879 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
> 2873 }
> 2874 case 1:
> 2875 if (kw_args > 0) {
> 2876 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_conffile);
> 2877 if (value) { values[1] = value; kw_args--; }
> 2878 }
>>>> CID 1355190: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 2879 case 2:
> 2880 if (kw_args > 0) {
> 2881 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_auth_id);
> 2882 if (value) { values[2] = value; kw_args--; }
> 2883 }
> 2884 case 3:
>
> ** CID 1355191: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2884 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355191: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 2884 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
> 2878 }
> 2879 case 2:
> 2880 if (kw_args > 0) {
> 2881 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_auth_id);
> 2882 if (value) { values[2] = value; kw_args--; }
> 2883 }
>>>> CID 1355191: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 2884 case 3:
> 2885 if (kw_args > 0) {
> 2886 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_rados_inst);
> 2887 if (value) { values[3] = value; kw_args--; }
> 2888 }
> 2889 }
>
> ** CID 1355192: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 7401 in __pyx_pw_6cephfs_9LibCephFS_45mkdir()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355192: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 7401 in __pyx_pw_6cephfs_9LibCephFS_45mkdir()
> 7395 }
> 7396 kw_args = PyDict_Size(__pyx_kwds);
> 7397 switch (pos_args) {
> 7398 case 0:
> 7399 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_path)) != 0)) kw_args--;
> 7400 else goto __pyx_L5_argtuple_error;
>>>> CID 1355192: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 7401 case 1:
> 7402 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mode)) != 0)) kw_args--;
> 7403 else {
> 7404 __Pyx_RaiseArgtupleInvalid("mkdir", 1, 2, 2, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 557; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 7405 }
> 7406 }
>
> ** CID 1355193: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 7686 in __pyx_pw_6cephfs_9LibCephFS_47mkdirs()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355193: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 7686 in __pyx_pw_6cephfs_9LibCephFS_47mkdirs()
> 7680 }
> 7681 kw_args = PyDict_Size(__pyx_kwds);
> 7682 switch (pos_args) {
> 7683 case 0:
> 7684 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_path)) != 0)) kw_args--;
> 7685 else goto __pyx_L5_argtuple_error;
>>>> CID 1355193: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 7686 case 1:
> 7687 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mode)) != 0)) kw_args--;
> 7688 else {
> 7689 __Pyx_RaiseArgtupleInvalid("mkdirs", 1, 2, 2, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 570; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 7690 }
> 7691 }
>
> ** CID 1355194: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8140 in __pyx_pw_6cephfs_9LibCephFS_51open()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355194: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8140 in __pyx_pw_6cephfs_9LibCephFS_51open()
> 8134 }
> 8135 kw_args = PyDict_Size(__pyx_kwds);
> 8136 switch (pos_args) {
> 8137 case 0:
> 8138 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_path)) != 0)) kw_args--;
> 8139 else goto __pyx_L5_argtuple_error;
>>>> CID 1355194: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 8140 case 1:
> 8141 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_flags)) != 0)) kw_args--;
> 8142 else {
> 8143 __Pyx_RaiseArgtupleInvalid("open", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 592; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 8144 }
> 8145 case 2:
>
> ** CID 1355195: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8145 in __pyx_pw_6cephfs_9LibCephFS_51open()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355195: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8145 in __pyx_pw_6cephfs_9LibCephFS_51open()
> 8139 else goto __pyx_L5_argtuple_error;
> 8140 case 1:
> 8141 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_flags)) != 0)) kw_args--;
> 8142 else {
> 8143 __Pyx_RaiseArgtupleInvalid("open", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 592; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 8144 }
>>>> CID 1355195: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 8145 case 2:
> 8146 if (kw_args > 0) {
> 8147 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mode);
> 8148 if (value) { values[2] = value; kw_args--; }
> 8149 }
> 8150 }
>
> ** CID 1355196: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8942 in __pyx_pw_6cephfs_9LibCephFS_55read()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355196: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8942 in __pyx_pw_6cephfs_9LibCephFS_55read()
> 8936 }
> 8937 kw_args = PyDict_Size(__pyx_kwds);
> 8938 switch (pos_args) {
> 8939 case 0:
> 8940 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fd)) != 0)) kw_args--;
> 8941 else goto __pyx_L5_argtuple_error;
>>>> CID 1355196: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 8942 case 1:
> 8943 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
> 8944 else {
> 8945 __Pyx_RaiseArgtupleInvalid("read", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 635; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 8946 }
> 8947 case 2:
>
> ** CID 1355197: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8947 in __pyx_pw_6cephfs_9LibCephFS_55read()
>
>
> ________________________________________________________________________________________________________
> *** CID 1355197: Control flow issues (MISSING_BREAK)
> /build/cephfs.c: 8947 in __pyx_pw_6cephfs_9LibCephFS_55read()
> 8941 else goto __pyx_L5_argtuple_error;
> 8942 case 1:
> 8943 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
> 8944 else {
> 8945 __Pyx_RaiseArgtupleInvalid("read", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 635; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 8946 }
>>>> CID 1355197: Control flow issues (MISSING_BREAK)
>>>> The above case falls through to this one.
> 8947 case 2:
> 8948 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_l)) != 0)) kw_args--;
> 8949 else {
> 8950 __Pyx_RaiseArgtupleInvalid("read", 1, 3, 3, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 635; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
> 8951 }
> 8952 }
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
>
> To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-03-05 17:55 scan-admin
2016-03-07 20:59 ` Gregory Farnum
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2016-03-05 17:55 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
72 new defect(s) introduced to ceph found with Coverity Scan.
29 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 72 defect(s)
** CID 1355178: (BAD_SHIFT)
/common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
/common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
/common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
________________________________________________________________________________________________________
*** CID 1355178: (BAD_SHIFT)
/common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
167 return 0;
168 }
169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
170 *err = "strict_sistrtoll: value seems to be too small";
171 return 0;
172 }
>>> CID 1355178: (BAD_SHIFT)
>>> In expression "0x7fffffff >> m", right shifting by more than 31 bits has undefined behavior. The shift amount, "m", is 40.
173 if (ll > std::numeric_limits<T>::max() >> m) {
174 *err = "strict_sistrtoll: value seems to be too large";
175 return 0;
176
177 }
178 return (ll << m);
/common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
167 return 0;
168 }
169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
170 *err = "strict_sistrtoll: value seems to be too small";
171 return 0;
172 }
>>> CID 1355178: (BAD_SHIFT)
>>> In expression "0x7fffffff >> m", right shifting by more than 31 bits has undefined behavior. The shift amount, "m", is 50.
173 if (ll > std::numeric_limits<T>::max() >> m) {
174 *err = "strict_sistrtoll: value seems to be too large";
175 return 0;
176
177 }
178 return (ll << m);
/common/strtol.cc: 173 in strict_si_cast<int>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
167 return 0;
168 }
169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
170 *err = "strict_sistrtoll: value seems to be too small";
171 return 0;
172 }
>>> CID 1355178: (BAD_SHIFT)
>>> In expression "0x7fffffff >> m", right shifting by more than 31 bits has undefined behavior. The shift amount, "m", is 60.
173 if (ll > std::numeric_limits<T>::max() >> m) {
174 *err = "strict_sistrtoll: value seems to be too large";
175 return 0;
176
177 }
178 return (ll << m);
** CID 1355179: Control flow issues (DEADCODE)
/common/strtol.cc: 170 in strict_si_cast<unsigned long>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
________________________________________________________________________________________________________
*** CID 1355179: Control flow issues (DEADCODE)
/common/strtol.cc: 170 in strict_si_cast<unsigned long>(const char *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
164 long long ll = strict_strtoll(s.c_str(), 10, err);
165 if (ll < 0 && !std::numeric_limits<T>::is_signed) {
166 *err = "strict_sistrtoll: value should not be negative";
167 return 0;
168 }
169 if (ll < (long long)std::numeric_limits<T>::min() >> m) {
>>> CID 1355179: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "(*err) = ("strict_sistrtoll...".
170 *err = "strict_sistrtoll: value seems to be too small";
171 return 0;
172 }
173 if (ll > std::numeric_limits<T>::max() >> m) {
174 *err = "strict_sistrtoll: value seems to be too large";
175 return 0;
** CID 1355180: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 1833 in __pyx_pw_6cephfs_1cstr()
________________________________________________________________________________________________________
*** CID 1355180: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 1833 in __pyx_pw_6cephfs_1cstr()
1827 }
1828 kw_args = PyDict_Size(__pyx_kwds);
1829 switch (pos_args) {
1830 case 0:
1831 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_val)) != 0)) kw_args--;
1832 else goto __pyx_L5_argtuple_error;
>>> CID 1355180: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
1833 case 1:
1834 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
1835 else {
1836 __Pyx_RaiseArgtupleInvalid("cstr", 0, 2, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 238; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
1837 }
1838 case 2:
** CID 1355181: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 1838 in __pyx_pw_6cephfs_1cstr()
________________________________________________________________________________________________________
*** CID 1355181: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 1838 in __pyx_pw_6cephfs_1cstr()
1832 else goto __pyx_L5_argtuple_error;
1833 case 1:
1834 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
1835 else {
1836 __Pyx_RaiseArgtupleInvalid("cstr", 0, 2, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 238; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
1837 }
>>> CID 1355181: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
1838 case 2:
1839 if (kw_args > 0) {
1840 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
1841 if (value) { values[2] = value; kw_args--; }
1842 }
1843 case 3:
** CID 1355182: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 1843 in __pyx_pw_6cephfs_1cstr()
________________________________________________________________________________________________________
*** CID 1355182: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 1843 in __pyx_pw_6cephfs_1cstr()
1837 }
1838 case 2:
1839 if (kw_args > 0) {
1840 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
1841 if (value) { values[2] = value; kw_args--; }
1842 }
>>> CID 1355182: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
1843 case 3:
1844 if (kw_args > 0) {
1845 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_opt);
1846 if (value) { values[3] = value; kw_args--; }
1847 }
1848 }
** CID 1355183: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2089 in __pyx_pw_6cephfs_3cstr_list()
________________________________________________________________________________________________________
*** CID 1355183: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2089 in __pyx_pw_6cephfs_3cstr_list()
2083 }
2084 kw_args = PyDict_Size(__pyx_kwds);
2085 switch (pos_args) {
2086 case 0:
2087 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_list_str)) != 0)) kw_args--;
2088 else goto __pyx_L5_argtuple_error;
>>> CID 1355183: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2089 case 1:
2090 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
2091 else {
2092 __Pyx_RaiseArgtupleInvalid("cstr_list", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 259; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
2093 }
2094 case 2:
** CID 1355184: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2094 in __pyx_pw_6cephfs_3cstr_list()
________________________________________________________________________________________________________
*** CID 1355184: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2094 in __pyx_pw_6cephfs_3cstr_list()
2088 else goto __pyx_L5_argtuple_error;
2089 case 1:
2090 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_name)) != 0)) kw_args--;
2091 else {
2092 __Pyx_RaiseArgtupleInvalid("cstr_list", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 259; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
2093 }
>>> CID 1355184: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2094 case 2:
2095 if (kw_args > 0) {
2096 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
2097 if (value) { values[2] = value; kw_args--; }
2098 }
2099 }
** CID 1355185: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2299 in __pyx_pw_6cephfs_5decode_cstr()
________________________________________________________________________________________________________
*** CID 1355185: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2299 in __pyx_pw_6cephfs_5decode_cstr()
2293 }
2294 kw_args = PyDict_Size(__pyx_kwds);
2295 switch (pos_args) {
2296 case 0:
2297 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_val)) != 0)) kw_args--;
2298 else goto __pyx_L5_argtuple_error;
>>> CID 1355185: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2299 case 1:
2300 if (kw_args > 0) {
2301 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_encoding);
2302 if (value) { values[1] = value; kw_args--; }
2303 }
2304 }
** CID 1355186: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 4558 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
________________________________________________________________________________________________________
*** CID 1355186: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 4558 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
4552 }
4553 kw_args = PyDict_Size(__pyx_kwds);
4554 switch (pos_args) {
4555 case 0:
4556 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_type)) != 0)) kw_args--;
4557 else goto __pyx_L5_argtuple_error;
>>> CID 1355186: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
4558 case 1:
4559 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_value)) != 0)) kw_args--;
4560 else {
4561 __Pyx_RaiseArgtupleInvalid("__exit__", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 392; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
4562 }
4563 case 2:
** CID 1355187: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 4563 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
________________________________________________________________________________________________________
*** CID 1355187: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 4563 in __pyx_pw_6cephfs_9LibCephFS_17__exit__()
4557 else goto __pyx_L5_argtuple_error;
4558 case 1:
4559 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_value)) != 0)) kw_args--;
4560 else {
4561 __Pyx_RaiseArgtupleInvalid("__exit__", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 392; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
4562 }
>>> CID 1355187: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
4563 case 2:
4564 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_traceback)) != 0)) kw_args--;
4565 else {
4566 __Pyx_RaiseArgtupleInvalid("__exit__", 1, 3, 3, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 392; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
4567 }
4568 }
** CID 1355188: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 5345 in __pyx_pw_6cephfs_9LibCephFS_25conf_set()
________________________________________________________________________________________________________
*** CID 1355188: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 5345 in __pyx_pw_6cephfs_9LibCephFS_25conf_set()
5339 }
5340 kw_args = PyDict_Size(__pyx_kwds);
5341 switch (pos_args) {
5342 case 0:
5343 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_option)) != 0)) kw_args--;
5344 else goto __pyx_L5_argtuple_error;
>>> CID 1355188: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
5345 case 1:
5346 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_val)) != 0)) kw_args--;
5347 else {
5348 __Pyx_RaiseArgtupleInvalid("conf_set", 1, 2, 2, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 439; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
5349 }
5350 }
** CID 1355189: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2874 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
________________________________________________________________________________________________________
*** CID 1355189: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2874 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
2868 switch (pos_args) {
2869 case 0:
2870 if (kw_args > 0) {
2871 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_conf);
2872 if (value) { values[0] = value; kw_args--; }
2873 }
>>> CID 1355189: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2874 case 1:
2875 if (kw_args > 0) {
2876 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_conffile);
2877 if (value) { values[1] = value; kw_args--; }
2878 }
2879 case 2:
** CID 1355190: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2879 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
________________________________________________________________________________________________________
*** CID 1355190: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2879 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
2873 }
2874 case 1:
2875 if (kw_args > 0) {
2876 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_conffile);
2877 if (value) { values[1] = value; kw_args--; }
2878 }
>>> CID 1355190: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2879 case 2:
2880 if (kw_args > 0) {
2881 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_auth_id);
2882 if (value) { values[2] = value; kw_args--; }
2883 }
2884 case 3:
** CID 1355191: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2884 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
________________________________________________________________________________________________________
*** CID 1355191: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 2884 in __pyx_pw_6cephfs_9LibCephFS_3__cinit__()
2878 }
2879 case 2:
2880 if (kw_args > 0) {
2881 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_auth_id);
2882 if (value) { values[2] = value; kw_args--; }
2883 }
>>> CID 1355191: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
2884 case 3:
2885 if (kw_args > 0) {
2886 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_rados_inst);
2887 if (value) { values[3] = value; kw_args--; }
2888 }
2889 }
** CID 1355192: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 7401 in __pyx_pw_6cephfs_9LibCephFS_45mkdir()
________________________________________________________________________________________________________
*** CID 1355192: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 7401 in __pyx_pw_6cephfs_9LibCephFS_45mkdir()
7395 }
7396 kw_args = PyDict_Size(__pyx_kwds);
7397 switch (pos_args) {
7398 case 0:
7399 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_path)) != 0)) kw_args--;
7400 else goto __pyx_L5_argtuple_error;
>>> CID 1355192: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
7401 case 1:
7402 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mode)) != 0)) kw_args--;
7403 else {
7404 __Pyx_RaiseArgtupleInvalid("mkdir", 1, 2, 2, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 557; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
7405 }
7406 }
** CID 1355193: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 7686 in __pyx_pw_6cephfs_9LibCephFS_47mkdirs()
________________________________________________________________________________________________________
*** CID 1355193: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 7686 in __pyx_pw_6cephfs_9LibCephFS_47mkdirs()
7680 }
7681 kw_args = PyDict_Size(__pyx_kwds);
7682 switch (pos_args) {
7683 case 0:
7684 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_path)) != 0)) kw_args--;
7685 else goto __pyx_L5_argtuple_error;
>>> CID 1355193: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
7686 case 1:
7687 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mode)) != 0)) kw_args--;
7688 else {
7689 __Pyx_RaiseArgtupleInvalid("mkdirs", 1, 2, 2, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 570; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
7690 }
7691 }
** CID 1355194: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8140 in __pyx_pw_6cephfs_9LibCephFS_51open()
________________________________________________________________________________________________________
*** CID 1355194: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8140 in __pyx_pw_6cephfs_9LibCephFS_51open()
8134 }
8135 kw_args = PyDict_Size(__pyx_kwds);
8136 switch (pos_args) {
8137 case 0:
8138 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_path)) != 0)) kw_args--;
8139 else goto __pyx_L5_argtuple_error;
>>> CID 1355194: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8140 case 1:
8141 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_flags)) != 0)) kw_args--;
8142 else {
8143 __Pyx_RaiseArgtupleInvalid("open", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 592; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
8144 }
8145 case 2:
** CID 1355195: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8145 in __pyx_pw_6cephfs_9LibCephFS_51open()
________________________________________________________________________________________________________
*** CID 1355195: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8145 in __pyx_pw_6cephfs_9LibCephFS_51open()
8139 else goto __pyx_L5_argtuple_error;
8140 case 1:
8141 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_flags)) != 0)) kw_args--;
8142 else {
8143 __Pyx_RaiseArgtupleInvalid("open", 0, 2, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 592; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
8144 }
>>> CID 1355195: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8145 case 2:
8146 if (kw_args > 0) {
8147 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_mode);
8148 if (value) { values[2] = value; kw_args--; }
8149 }
8150 }
** CID 1355196: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8942 in __pyx_pw_6cephfs_9LibCephFS_55read()
________________________________________________________________________________________________________
*** CID 1355196: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8942 in __pyx_pw_6cephfs_9LibCephFS_55read()
8936 }
8937 kw_args = PyDict_Size(__pyx_kwds);
8938 switch (pos_args) {
8939 case 0:
8940 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_fd)) != 0)) kw_args--;
8941 else goto __pyx_L5_argtuple_error;
>>> CID 1355196: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8942 case 1:
8943 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
8944 else {
8945 __Pyx_RaiseArgtupleInvalid("read", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 635; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
8946 }
8947 case 2:
** CID 1355197: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8947 in __pyx_pw_6cephfs_9LibCephFS_55read()
________________________________________________________________________________________________________
*** CID 1355197: Control flow issues (MISSING_BREAK)
/build/cephfs.c: 8947 in __pyx_pw_6cephfs_9LibCephFS_55read()
8941 else goto __pyx_L5_argtuple_error;
8942 case 1:
8943 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_offset)) != 0)) kw_args--;
8944 else {
8945 __Pyx_RaiseArgtupleInvalid("read", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 635; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
8946 }
>>> CID 1355197: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
8947 case 2:
8948 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_l)) != 0)) kw_args--;
8949 else {
8950 __Pyx_RaiseArgtupleInvalid("read", 1, 3, 3, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 635; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
8951 }
8952 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-02-27 18:07 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-02-27 18:07 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
52 new defect(s) introduced to ceph found with Coverity Scan.
39 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 52 defect(s)
** CID 716871: Error handling issues (CHECKED_RETURN)
/test/multi_stress_watch.cc: 157 in main()
________________________________________________________________________________________________________
*** CID 716871: Error handling issues (CHECKED_RETURN)
/test/multi_stress_watch.cc: 157 in main()
151 }
152 ret = cluster.conf_parse_env(NULL);
153 if (ret) {
154 std::cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
155 return ret;
156 }
>>> CID 716871: Error handling issues (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 20 out of 25 times).
157 cluster.connect();
158
159 if (type == "rep")
160 test_replicated(cluster, pool_name, obj_name);
161 else if (type == "ec")
162 test_erasure(cluster, pool_name, obj_name);
163
164 sem_destroy(&sem);
165 return 0;
** CID 1219460: Error handling issues (CHECKED_RETURN)
/tools/cephfs/JournalTool.cc: 112 in JournalTool::main(std::vector<const char *, std::allocator<const char *>> &)()
________________________________________________________________________________________________________
*** CID 1219460: Error handling issues (CHECKED_RETURN)
/tools/cephfs/JournalTool.cc: 112 in JournalTool::main(std::vector<const char *, std::allocator<const char *>> &)()
106 if (r < 0) {
107 derr << "RADOS unavailable, cannot scan filesystem journal" << dendl;
108 return r;
109 }
110
111 dout(4) << "JournalTool: connecting to RADOS..." << dendl;
>>> CID 1219460: Error handling issues (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 20 out of 25 times).
112 rados.connect();
113
114 int const pool_id = mdsmap->get_metadata_pool();
115 dout(4) << "JournalTool: resolving pool " << pool_id << dendl;
116 std::string pool_name;
117 r = rados.pool_reverse_lookup(pool_id, &pool_name);
** CID 1354430: Error handling issues (CHECKED_RETURN)
/tools/cephfs/TableTool.cc: 318 in TableTool::main(std::vector<const char *, std::allocator<const char *>> &)()
________________________________________________________________________________________________________
*** CID 1354430: Error handling issues (CHECKED_RETURN)
/tools/cephfs/TableTool.cc: 318 in TableTool::main(std::vector<const char *, std::allocator<const char *>> &)()
312 if (r < 0) {
313 derr << "RADOS unavailable, cannot scan filesystem journal" << dendl;
314 return r;
315 }
316
317 dout(4) << "connecting to RADOS..." << dendl;
>>> CID 1354430: Error handling issues (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 20 out of 25 times).
318 rados.connect();
319
320 int const pool_id = mdsmap->get_metadata_pool();
321 dout(4) << "resolving pool " << pool_id << dendl;
322 std::string pool_name;
323 r = rados.pool_reverse_lookup(pool_id, &pool_name);
** CID 1354431: Error handling issues (CHECKED_RETURN)
/test/rbd_mirror/test_PoolWatcher.cc: 157 in TestPoolWatcher::clone_image(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
________________________________________________________________________________________________________
*** CID 1354431: Error handling issues (CHECKED_RETURN)
/test/rbd_mirror/test_PoolWatcher.cc: 157 in TestPoolWatcher::clone_image(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
151 ASSERT_EQ(0, m_cluster->ioctx_create(clone_pool_name.c_str(), cioctx));
152
153 string snap_name = "snap" + stringify(++m_snap_number);
154 {
155 librbd::ImageCtx *ictx = new librbd::ImageCtx(parent_image_name.c_str(),
156 "", "", pioctx, false);
>>> CID 1354431: Error handling issues (CHECKED_RETURN)
>>> Calling "open" without checking return value (as is done elsewhere 8 out of 9 times).
157 ictx->state->open();
158 EXPECT_EQ(0, ictx->operations->snap_create(snap_name.c_str()));
159 EXPECT_EQ(0, ictx->operations->snap_protect(snap_name.c_str()));
160 ictx->state->close();
161 }
162
** CID 1354432: Error handling issues (CHECKED_RETURN)
/tools/rados/RadosImport.cc: 45 in RadosImport::import(std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool)()
________________________________________________________________________________________________________
*** CID 1354432: Error handling issues (CHECKED_RETURN)
/tools/rados/RadosImport.cc: 45 in RadosImport::import(std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool)()
39 }
40 ret = cluster.conf_parse_env(NULL);
41 if (ret) {
42 cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
43 return ret;
44 }
>>> CID 1354432: Error handling issues (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 20 out of 25 times).
45 cluster.connect();
46
47 ret = cluster.ioctx_create(pool.c_str(), ioctx);
48 if (ret < 0) {
49 cerr << "ioctx_create " << pool << " failed with " << ret << std::endl;
50 return ret;
** CID 1354433: Security best practices violations (DC.WEAK_CRYPTO)
/osd/PGBackend.cc: 671 in PGBackend::be_compare_scrubmaps(const std::map<pg_shard_t, ScrubMap *, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, ScrubMap *>>> &, bool, bool, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, hobject_t::BitwiseComparator, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, hobject_t::BitwiseComparator, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::list<pg_shard_t, std::allocator<pg_shard_t>>, hobject_t::BitwiseComparator, std::allocator<std::pai
r<const hobject_t, std::list<pg_shard_t, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::pair<unsigned int, unsigned int>, hobject_t::BitwiseComparator, std::allocator<std::pair<const hobj
ect_t, std::pair<unsigned int, unsigned int>>>>&, int &, int &, Scrub::Store *, const spg_t &, const std::vector<int, std::allocator<int>> &, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1354433: Security best practices violations (DC.WEAK_CRYPTO)
/osd/PGBackend.cc: 671 in PGBackend::be_compare_scrubmaps(const std::map<pg_shard_t, ScrubMap *, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, ScrubMap *>>> &, bool, bool, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, hobject_t::BitwiseComparator, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>, hobject_t::BitwiseComparator, std::allocator<std::pair<const hobject_t, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::list<pg_shard_t, std::allocator<pg_shard_t>>, hobject_t::BitwiseComparator, std::allocator<std::pai
r<const hobject_t, std::list<pg_shard_t, std::allocator<pg_shard_t>>>>>&, std::map<hobject_t, std::pair<unsigned int, unsigned int>, hobject_t::BitwiseComparator, std::allocator<std::pair<const hobj
ect_t, std::pair<unsigned int, unsigned int>>>>&, int &, int &, Scrub::Store *, const spg_t &, const std::vector<int, std::allocator<int>> &, std::basic_ostream<char, std::char_traits<char>>&)()
665 (!auth_oi.is_data_digest() || !auth_oi.is_omap_digest())) {
666 dout(20) << __func__ << " missing digest on " << *k << dendl;
667 update = MAYBE;
668 }
669 if (auth_object.digest_present && auth_object.omap_digest_present &&
670 g_conf->osd_debug_scrub_chance_rewrite_digest &&
>>> CID 1354433: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
671 (((unsigned)rand() % 100) >
672 g_conf->osd_debug_scrub_chance_rewrite_digest)) {
673 dout(20) << __func__ << " randomly updating digest on " << *k << dendl;
674 update = MAYBE;
675 }
676
** CID 1354434: Security best practices violations (DC.WEAK_CRYPTO)
/msg/async/AsyncConnection.cc: 354 in AsyncConnection::_try_send(bool, bool)()
________________________________________________________________________________________________________
*** CID 1354434: Security best practices violations (DC.WEAK_CRYPTO)
/msg/async/AsyncConnection.cc: 354 in AsyncConnection::_try_send(bool, bool)()
348 ssize_t AsyncConnection::_try_send(bool send, bool more)
349 {
350 if (!send)
351 return 0;
352
353 if (async_msgr->cct->_conf->ms_inject_socket_failures && sd >= 0) {
>>> CID 1354434: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
354 if (rand() % async_msgr->cct->_conf->ms_inject_socket_failures == 0) {
355 ldout(async_msgr->cct, 0) << __func__ << " injecting socket failure" << dendl;
356 ::shutdown(sd, SHUT_RDWR);
357 }
358 }
359
** CID 1354435: (DC.WEAK_CRYPTO)
/common/WeightedPriorityQueue.h: 175 in WeightedPriorityQueue<std::pair<boost::intrusive_ptr<PG>, PGQueueable>, entity_inst_t>::Queue::pop(bool)()
/common/WeightedPriorityQueue.h: 190 in WeightedPriorityQueue<std::pair<boost::intrusive_ptr<PG>, PGQueueable>, entity_inst_t>::Queue::pop(bool)()
________________________________________________________________________________________________________
*** CID 1354435: (DC.WEAK_CRYPTO)
/common/WeightedPriorityQueue.h: 175 in WeightedPriorityQueue<std::pair<boost::intrusive_ptr<PG>, PGQueueable>, entity_inst_t>::Queue::pop(bool)()
169 }
170 return ret;
171 }
172 if (queues.size() > 1) {
173 while (true) {
174 // Pick a new priority out of the total priority.
>>> CID 1354435: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
175 unsigned prio = rand() % total_prio + 1;
176 unsigned tp = total_prio - i->key;
177 // Find the priority coresponding to the picked number.
178 // Subtract high priorities to low priorities until the picked number
179 // is more than the total and try to dequeue that priority.
180 // Reverse the direction from previous implementation because there is a higher
/common/WeightedPriorityQueue.h: 190 in WeightedPriorityQueue<std::pair<boost::intrusive_ptr<PG>, PGQueueable>, entity_inst_t>::Queue::pop(bool)()
184 tp -= i->key;
185 }
186 // Flip a coin to see if this priority gets to run based on cost.
187 // The next op's cost is multiplied by .9 and subtracted from the
188 // max cost seen. Ops with lower costs will have a larger value
189 // and allow them to be selected easier than ops with high costs.
>>> CID 1354435: (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
190 if (max_cost == 0 || rand() % max_cost <=
191 (max_cost - ((i->get_cost() * 9) / 10))) {
192 break;
193 }
194 i = --queues.end();
195 }
** CID 1354436: Compiler dependency (DELETE_ARRAY)
/log/Log.cc: 318 in ceph::log::Log::_flush(ceph::log::EntryQueue *, ceph::log::EntryQueue *, bool)()
________________________________________________________________________________________________________
*** CID 1354436: Compiler dependency (DELETE_ARRAY)
/log/Log.cc: 318 in ceph::log::Log::_flush(ceph::log::EntryQueue *, ceph::log::EntryQueue *, bool)()
312 buf[buflen] = '\n';
313 int r = safe_write(m_fd, buf, buflen+1);
314 if (r < 0)
315 cerr << "problem writing to " << m_log_file << ": " << cpp_strerror(r) << std::endl;
316 }
317 if(need_dynamic)
>>> CID 1354436: Compiler dependency (DELETE_ARRAY)
>>> Deleting array variable "buf" with non-array delete in "delete buf".
318 delete buf;
319 }
320 if (do_graylog2 && m_graylog) {
321 m_graylog->log_entry(e);
322 }
323
** CID 1354437: Control flow issues (MISSING_BREAK)
/build/rados.c: 13185 in __pyx_pw_5rados_5Rados_51mon_command()
________________________________________________________________________________________________________
*** CID 1354437: Control flow issues (MISSING_BREAK)
/build/rados.c: 13185 in __pyx_pw_5rados_5Rados_51mon_command()
13179 }
13180 kw_args = PyDict_Size(__pyx_kwds);
13181 switch (pos_args) {
13182 case 0:
13183 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cmd)) != 0)) kw_args--;
13184 else goto __pyx_L5_argtuple_error;
>>> CID 1354437: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13185 case 1:
13186 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_inbuf)) != 0)) kw_args--;
13187 else {
13188 __Pyx_RaiseArgtupleInvalid("mon_command", 0, 2, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1110; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
13189 }
13190 case 2:
** CID 1354438: Control flow issues (MISSING_BREAK)
/build/rados.c: 13190 in __pyx_pw_5rados_5Rados_51mon_command()
________________________________________________________________________________________________________
*** CID 1354438: Control flow issues (MISSING_BREAK)
/build/rados.c: 13190 in __pyx_pw_5rados_5Rados_51mon_command()
13184 else goto __pyx_L5_argtuple_error;
13185 case 1:
13186 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_inbuf)) != 0)) kw_args--;
13187 else {
13188 __Pyx_RaiseArgtupleInvalid("mon_command", 0, 2, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1110; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
13189 }
>>> CID 1354438: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13190 case 2:
13191 if (kw_args > 0) {
13192 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_timeout);
13193 if (value) { values[2] = value; kw_args--; }
13194 }
13195 case 3:
** CID 1354439: Control flow issues (MISSING_BREAK)
/build/rados.c: 13195 in __pyx_pw_5rados_5Rados_51mon_command()
________________________________________________________________________________________________________
*** CID 1354439: Control flow issues (MISSING_BREAK)
/build/rados.c: 13195 in __pyx_pw_5rados_5Rados_51mon_command()
13189 }
13190 case 2:
13191 if (kw_args > 0) {
13192 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_timeout);
13193 if (value) { values[2] = value; kw_args--; }
13194 }
>>> CID 1354439: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13195 case 3:
13196 if (kw_args > 0) {
13197 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_target);
13198 if (value) { values[3] = value; kw_args--; }
13199 }
13200 }
** CID 1354440: Control flow issues (MISSING_BREAK)
/build/rados.c: 13828 in __pyx_pw_5rados_5Rados_53osd_command()
________________________________________________________________________________________________________
*** CID 1354440: Control flow issues (MISSING_BREAK)
/build/rados.c: 13828 in __pyx_pw_5rados_5Rados_53osd_command()
13822 }
13823 kw_args = PyDict_Size(__pyx_kwds);
13824 switch (pos_args) {
13825 case 0:
13826 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_osdid)) != 0)) kw_args--;
13827 else goto __pyx_L5_argtuple_error;
>>> CID 1354440: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13828 case 1:
13829 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cmd)) != 0)) kw_args--;
13830 else {
13831 __Pyx_RaiseArgtupleInvalid("osd_command", 0, 3, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1167; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
13832 }
13833 case 2:
** CID 1354441: Control flow issues (MISSING_BREAK)
/build/rados.c: 13833 in __pyx_pw_5rados_5Rados_53osd_command()
________________________________________________________________________________________________________
*** CID 1354441: Control flow issues (MISSING_BREAK)
/build/rados.c: 13833 in __pyx_pw_5rados_5Rados_53osd_command()
13827 else goto __pyx_L5_argtuple_error;
13828 case 1:
13829 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cmd)) != 0)) kw_args--;
13830 else {
13831 __Pyx_RaiseArgtupleInvalid("osd_command", 0, 3, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1167; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
13832 }
>>> CID 1354441: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13833 case 2:
13834 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_inbuf)) != 0)) kw_args--;
13835 else {
13836 __Pyx_RaiseArgtupleInvalid("osd_command", 0, 3, 4, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1167; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
13837 }
13838 case 3:
** CID 1354442: Control flow issues (MISSING_BREAK)
/build/rados.c: 13838 in __pyx_pw_5rados_5Rados_53osd_command()
________________________________________________________________________________________________________
*** CID 1354442: Control flow issues (MISSING_BREAK)
/build/rados.c: 13838 in __pyx_pw_5rados_5Rados_53osd_command()
13832 }
13833 case 2:
13834 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_inbuf)) != 0)) kw_args--;
13835 else {
13836 __Pyx_RaiseArgtupleInvalid("osd_command", 0, 3, 4, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1167; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
13837 }
>>> CID 1354442: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
13838 case 3:
13839 if (kw_args > 0) {
13840 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_timeout);
13841 if (value) { values[3] = value; kw_args--; }
13842 }
13843 }
** CID 1354443: Control flow issues (MISSING_BREAK)
/build/rados.c: 14351 in __pyx_pw_5rados_5Rados_55pg_command()
________________________________________________________________________________________________________
*** CID 1354443: Control flow issues (MISSING_BREAK)
/build/rados.c: 14351 in __pyx_pw_5rados_5Rados_55pg_command()
14345 }
14346 kw_args = PyDict_Size(__pyx_kwds);
14347 switch (pos_args) {
14348 case 0:
14349 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_pgid)) != 0)) kw_args--;
14350 else goto __pyx_L5_argtuple_error;
>>> CID 1354443: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
14351 case 1:
14352 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cmd)) != 0)) kw_args--;
14353 else {
14354 __Pyx_RaiseArgtupleInvalid("pg_command", 0, 3, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1210; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
14355 }
14356 case 2:
** CID 1354444: Control flow issues (MISSING_BREAK)
/build/rados.c: 14356 in __pyx_pw_5rados_5Rados_55pg_command()
________________________________________________________________________________________________________
*** CID 1354444: Control flow issues (MISSING_BREAK)
/build/rados.c: 14356 in __pyx_pw_5rados_5Rados_55pg_command()
14350 else goto __pyx_L5_argtuple_error;
14351 case 1:
14352 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_cmd)) != 0)) kw_args--;
14353 else {
14354 __Pyx_RaiseArgtupleInvalid("pg_command", 0, 3, 4, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1210; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
14355 }
>>> CID 1354444: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
14356 case 2:
14357 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_inbuf)) != 0)) kw_args--;
14358 else {
14359 __Pyx_RaiseArgtupleInvalid("pg_command", 0, 3, 4, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1210; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
14360 }
14361 case 3:
** CID 1354445: Control flow issues (MISSING_BREAK)
/build/rados.c: 14361 in __pyx_pw_5rados_5Rados_55pg_command()
________________________________________________________________________________________________________
*** CID 1354445: Control flow issues (MISSING_BREAK)
/build/rados.c: 14361 in __pyx_pw_5rados_5Rados_55pg_command()
14355 }
14356 case 2:
14357 if (likely((values[2] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_inbuf)) != 0)) kw_args--;
14358 else {
14359 __Pyx_RaiseArgtupleInvalid("pg_command", 0, 3, 4, 2); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1210; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
14360 }
>>> CID 1354445: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
14361 case 3:
14362 if (kw_args > 0) {
14363 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_timeout);
14364 if (value) { values[3] = value; kw_args--; }
14365 }
14366 }
** CID 1354446: Control flow issues (MISSING_BREAK)
/build/rados.c: 15034 in __pyx_pw_5rados_5Rados_59blacklist_add()
________________________________________________________________________________________________________
*** CID 1354446: Control flow issues (MISSING_BREAK)
/build/rados.c: 15034 in __pyx_pw_5rados_5Rados_59blacklist_add()
15028 }
15029 kw_args = PyDict_Size(__pyx_kwds);
15030 switch (pos_args) {
15031 case 0:
15032 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_client_address)) != 0)) kw_args--;
15033 else goto __pyx_L5_argtuple_error;
>>> CID 1354446: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
15034 case 1:
15035 if (kw_args > 0) {
15036 PyObject* value = PyDict_GetItem(__pyx_kwds, __pyx_n_s_expire_seconds);
15037 if (value) { values[1] = value; kw_args--; }
15038 }
15039 }
** CID 1354447: Control flow issues (MISSING_BREAK)
/build/rados.c: 15298 in __pyx_pw_5rados_5Rados_61monitor_log()
________________________________________________________________________________________________________
*** CID 1354447: Control flow issues (MISSING_BREAK)
/build/rados.c: 15298 in __pyx_pw_5rados_5Rados_61monitor_log()
15292 }
15293 kw_args = PyDict_Size(__pyx_kwds);
15294 switch (pos_args) {
15295 case 0:
15296 if (likely((values[0] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_level)) != 0)) kw_args--;
15297 else goto __pyx_L5_argtuple_error;
>>> CID 1354447: Control flow issues (MISSING_BREAK)
>>> The above case falls through to this one.
15298 case 1:
15299 if (likely((values[1] = PyDict_GetItem(__pyx_kwds, __pyx_n_s_callback)) != 0)) kw_args--;
15300 else {
15301 __Pyx_RaiseArgtupleInvalid("monitor_log", 1, 3, 3, 1); {__pyx_filename = __pyx_f[0]; __pyx_lineno = 1282; __pyx_clineno = __LINE__; goto __pyx_L3_error;}
15302 }
15303 case 2:
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-02-20 18:26 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-02-20 18:26 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
51 new defect(s) introduced to ceph found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 51 defect(s)
** CID 1353391: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1353391: Memory - corruptions (OVERRUN)
/rgw/rgw_data_sync.h: 81 in rgw_data_sync_marker::encode(ceph::buffer::list &) const()
75 uint64_t pos;
76 utime_t timestamp;
77
78 rgw_data_sync_marker() : state(FullSync), total_entries(0), pos(0) {}
79
80 void encode(bufferlist& bl) const {
>>> CID 1353391: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
81 ENCODE_START(1, 1, bl);
82 ::encode(state, bl);
83 ::encode(marker, bl);
84 ::encode(next_step_marker, bl);
85 ::encode(total_entries, bl);
86 ::encode(pos, bl);
** CID 1353390: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1353390: Memory - corruptions (OVERRUN)
/rgw/rgw_data_sync.h: 29 in rgw_data_sync_info::encode(ceph::buffer::list &) const()
23 };
24
25 uint16_t state;
26 uint32_t num_shards;
27
28 void encode(bufferlist& bl) const {
>>> CID 1353390: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
29 ENCODE_START(1, 1, bl);
30 ::encode(state, bl);
31 ::encode(num_shards, bl);
32 ENCODE_FINISH(bl);
33 }
34
** CID 1353389: Control flow issues (MISMATCHED_ITERATOR)
/rgw/rgw_common.cc: 783 in RGWHTTPArgs::sys_get(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool *)()
________________________________________________________________________________________________________
*** CID 1353389: Control flow issues (MISMATCHED_ITERATOR)
/rgw/rgw_common.cc: 783 in RGWHTTPArgs::sys_get(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool *)()
777 }
778 }
779
780 string RGWHTTPArgs::sys_get(const string& name, bool * const exists)
781 {
782 const auto iter = sys_val_map.find(name);
>>> CID 1353389: Control flow issues (MISMATCHED_ITERATOR)
>>> Comparing "iter" from "this->sys_val_map" to "this->val_map.end()" from "this->val_map".
783 const bool e = (iter != val_map.end());
784
785 if (exists) {
786 *exists = e;
787 }
788
** CID 1353388: Null pointer dereferences (FORWARD_NULL)
/rgw/rgw_rest_conn.cc: 190 in RGWRESTConn::get_resource(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::list<std::pair<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> *, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char
>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> *, ceph::buffer::list &, RGWHTTPManager *)()
________________________________________________________________________________________________________
*** CID 1353388: Null pointer dereferences (FORWARD_NULL)
/rgw/rgw_rest_conn.cc: 190 in RGWRESTConn::get_resource(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::list<std::pair<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> *, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char
>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> *, ceph::buffer::list &, RGWHTTPManager *)()
184 int ret = get_url(url);
185 if (ret < 0)
186 return ret;
187
188 param_list_t params;
189
>>> CID 1353388: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "extra_params" to null implies that "extra_params" might be null.
190 if (extra_params) {
191 params.insert(params.end(), extra_params->begin(), extra_params->end());
192 }
193
194 params.push_back(param_pair_t(RGW_SYS_PARAM_PREFIX "zonegroup", self_zone_group));
195
** CID 1353387: Null pointer dereferences (FORWARD_NULL)
/rgw/rgw_sync.cc: 1337 in RGWMetaSyncShardCR::incremental_sync()()
________________________________________________________________________________________________________
*** CID 1353387: Null pointer dereferences (FORWARD_NULL)
/rgw/rgw_sync.cc: 1337 in RGWMetaSyncShardCR::incremental_sync()()
1331
1332 int incremental_sync() {
1333 reenter(&incremental_cr) {
1334 set_status("incremental_sync");
1335 can_adjust_marker = true;
1336 /* grab lock */
>>> CID 1353387: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "this->lease_cr" to null implies that "this->lease_cr" might be null.
1337 if (!lease_cr) { /* could have had a lease_cr lock from previous state */
1338 yield {
1339 uint32_t lock_duration = cct->_conf->rgw_sync_lease_period;
1340 string lock_name = "sync_lock";
1341 RGWRados *store = sync_env->store;
1342 lease_cr = new RGWContinuousLeaseCR(sync_env->async_rados, store, pool,
** CID 1353386: Null pointer dereferences (FORWARD_NULL)
/rgw/rgw_http_client.cc: 94 in RGWHTTPClient::process(const char *, const char *)()
________________________________________________________________________________________________________
*** CID 1353386: Null pointer dereferences (FORWARD_NULL)
/rgw/rgw_http_client.cc: 94 in RGWHTTPClient::process(const char *, const char *)()
88
89 last_method = (method ? method : "");
90 last_url = (url ? url : "");
91
92 curl_handle = curl_easy_init();
93
>>> CID 1353386: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "url" to "operator <<", which dereferences it. [Note: The source code implementation of the function has been overridden by a builtin model.]
94 dout(20) << "sending request to " << url << dendl;
95
96 curl_slist *h = headers_to_slist(headers);
97
98 curl_easy_setopt(curl_handle, CURLOPT_CUSTOMREQUEST, method);
99 curl_easy_setopt(curl_handle, CURLOPT_URL, url);
** CID 1353385: Security best practices violations (DC.WEAK_CRYPTO)
/rgw/rgw_rados.cc: 1432 in fix_zone_pool_name(std::set<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 1353385: Security best practices violations (DC.WEAK_CRYPTO)
/rgw/rgw_rados.cc: 1432 in fix_zone_pool_name(std::set<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
1426 string name = prefix + suffix;
1427
1428 if (pool_names.find(name) == pool_names.end()) {
1429 return name;
1430 } else {
1431 while(true) {
>>> CID 1353385: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
1432 name = prefix + "_" + std::to_string(std::rand()) + suffix;
1433 if (pool_names.find(name) == pool_names.end()) {
1434 return name;
1435 }
1436 }
1437 }
** CID 1353384: Error handling issues (CHECKED_RETURN)
/rgw/rgw_op.cc: 2642 in RGWPutMetadataAccount::execute()()
________________________________________________________________________________________________________
*** CID 1353384: Error handling issues (CHECKED_RETURN)
/rgw/rgw_op.cc: 2642 in RGWPutMetadataAccount::execute()()
2636 if (op_ret < 0) {
2637 return;
2638 }
2639
2640 rgw_get_request_metadata(s->cct, s->info, attrs, false);
2641 RGWUserInfo orig_uinfo;
>>> CID 1353384: Error handling issues (CHECKED_RETURN)
>>> Calling "rgw_get_user_info_by_uid" without checking return value (as is done elsewhere 23 out of 24 times).
2642 rgw_get_user_info_by_uid(store, s->user->user_id, orig_uinfo, &acct_op_tracker);
2643 populate_with_generic_attrs(s, attrs);
2644
2645 /* Handle the TempURL-related stuff. */
2646 map<int, string> temp_url_keys;
2647 filter_out_temp_url(attrs, rmattr_names, temp_url_keys);
** CID 1353383: (ATOMICITY)
/rgw/rgw_coroutine.cc: 485 in RGWCoroutinesManager::run(std::list<RGWCoroutinesStack *, std::allocator<RGWCoroutinesStack *>> &)()
/rgw/rgw_coroutine.cc: 485 in RGWCoroutinesManager::run(std::list<RGWCoroutinesStack *, std::allocator<RGWCoroutinesStack *>> &)()
________________________________________________________________________________________________________
*** CID 1353383: (ATOMICITY)
/rgw/rgw_coroutine.cc: 485 in RGWCoroutinesManager::run(std::list<RGWCoroutinesStack *, std::allocator<RGWCoroutinesStack *>> &)()
479 }
480 }
481 if (stack->parent && stack->parent->waiting_for_child()) {
482 stack->parent->set_wait_for_child(false);
483 stack->parent->schedule();
484 }
>>> CID 1353383: (ATOMICITY)
>>> Using an unreliable value of "context_stacks" inside the second locked section. If the data that "context_stacks" depends on was changed by another thread, this use might be incorrect.
485 context_stacks.erase(stack);
486 stack->put();
487 stack = NULL;
488 } else {
489 op_not_blocked = true;
490 stack->run_count++;
/rgw/rgw_coroutine.cc: 485 in RGWCoroutinesManager::run(std::list<RGWCoroutinesStack *, std::allocator<RGWCoroutinesStack *>> &)()
479 }
480 }
481 if (stack->parent && stack->parent->waiting_for_child()) {
482 stack->parent->set_wait_for_child(false);
483 stack->parent->schedule();
484 }
>>> CID 1353383: (ATOMICITY)
>>> Using an unreliable value of "context_stacks" inside the second locked section. If the data that "context_stacks" depends on was changed by another thread, this use might be incorrect.
485 context_stacks.erase(stack);
486 stack->put();
487 stack = NULL;
488 } else {
489 op_not_blocked = true;
490 stack->run_count++;
** CID 1353433: Memory - illegal accesses (WRAPPER_ESCAPE)
/rgw/rgw_data_sync.cc: 2310 in RGWBucketSyncStatusManager::init()()
________________________________________________________________________________________________________
*** CID 1353433: Memory - illegal accesses (WRAPPER_ESCAPE)
/rgw/rgw_data_sync.cc: 2310 in RGWBucketSyncStatusManager::init()()
2304 return ret;
2305 }
2306
2307
2308 string key = bucket_name + ":" + bucket_id;
2309
>>> CID 1353433: Memory - illegal accesses (WRAPPER_ESCAPE)
>>> The internal representation of local "key" escapes into "pairs[pairs@dim0].val", but is destroyed when it exits scope.
2310 rgw_http_param_pair pairs[] = { { "key", key.c_str() },
2311 { NULL, NULL } };
2312
2313 string path = string("/admin/metadata/bucket.instance");
2314
2315 bucket_instance_meta_info result;
** CID 1353432: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_op.cc: 359 in rgw_build_bucket_policies(RGWRados *, req_state *)()
________________________________________________________________________________________________________
*** CID 1353432: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_op.cc: 359 in rgw_build_bucket_policies(RGWRados *, req_state *)()
353
354 if (s->bucket_exists) {
355 rgw_obj_key no_obj;
356 ret = read_policy(store, s, s->bucket_info, s->bucket_attrs, s->bucket_acl, s->bucket, no_obj);
357 } else {
358 s->bucket_acl->create_default(s->user->user_id, s->user->display_name);
>>> CID 1353432: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value "-2002" to "ret" here, but that stored value is overwritten before it can be used.
359 ret = -ERR_NO_SUCH_BUCKET;
360 }
361
362 s->bucket_owner = s->bucket_acl->get_owner();
363
364 RGWZoneGroup zonegroup;
** CID 1353431: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_op.cc: 356 in rgw_build_bucket_policies(RGWRados *, req_state *)()
________________________________________________________________________________________________________
*** CID 1353431: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_op.cc: 356 in rgw_build_bucket_policies(RGWRados *, req_state *)()
350 s->bucket_exists = false;
351 }
352 s->bucket = s->bucket_info.bucket;
353
354 if (s->bucket_exists) {
355 rgw_obj_key no_obj;
>>> CID 1353431: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "read_policy(store, s, s->bucket_info, s->bucket_attrs, s->bucket_acl, s->bucket, no_obj)" to "ret" here, but that stored value is overwritten before it can be used.
356 ret = read_policy(store, s, s->bucket_info, s->bucket_attrs, s->bucket_acl, s->bucket, no_obj);
357 } else {
358 s->bucket_acl->create_default(s->user->user_id, s->user->display_name);
359 ret = -ERR_NO_SUCH_BUCKET;
360 }
361
** CID 1353430: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_coroutine.cc: 529 in RGWCoroutinesManager::run(std::list<RGWCoroutinesStack *, std::allocator<RGWCoroutinesStack *>> &)()
________________________________________________________________________________________________________
*** CID 1353430: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_coroutine.cc: 529 in RGWCoroutinesManager::run(std::list<RGWCoroutinesStack *, std::allocator<RGWCoroutinesStack *>> &)()
523 ret = completion_mgr.get_next((void **)&blocked_stack);
524 if (ret < 0) {
525 ldout(cct, 0) << "ERROR: failed to clone shard, completion_mgr.get_next() returned ret=" << ret << dendl;
526 }
527 if (going_down.read() > 0) {
528 ldout(cct, 5) << __func__ << "(): was stopped, exiting" << dendl;
>>> CID 1353430: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value "-125" to "ret" here, but that stored value is overwritten before it can be used.
529 ret = -ECANCELED;
530 break;
531 }
532 handle_unblocked_stack(context_stacks, scheduled_stacks, blocked_stack, &blocked_count);
533 iter = scheduled_stacks.begin();
534 }
** CID 1353429: Control flow issues (UNREACHABLE)
/build/rados.c: 18788 in __pyx_pf_5rados_12SnapIterator_4__next__()
________________________________________________________________________________________________________
*** CID 1353429: Control flow issues (UNREACHABLE)
/build/rados.c: 18788 in __pyx_pf_5rados_12SnapIterator_4__next__()
18782 * return snap
18783 * finally:
18784 * free(name) # <<<<<<<<<<<<<<
18785 *
18786 *
18787 */
>>> CID 1353429: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L5_error:
...".
18788 /*finally:*/ {
18789 /*exception exit:*/{
18790 __pyx_L5_error:;
18791 __pyx_t_11 = 0; __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0;
18792 __Pyx_XDECREF(__pyx_t_6); __pyx_t_6 = 0;
18793 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
** CID 1353428: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 2078 in RGWRados::SystemObject::Read::ReadParams::ReadParams()()
________________________________________________________________________________________________________
*** CID 1353428: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 2078 in RGWRados::SystemObject::Read::ReadParams::ReadParams()()
2072 } stat_params;
2073
2074 struct ReadParams {
2075 rgw_cache_entry_info *cache_info;
2076 map<string, bufferlist> *attrs;
2077
>>> CID 1353428: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "cache_info" is not initialized in this constructor nor in any functions that it calls.
2078 ReadParams() : attrs(NULL) {}
2079 } read_params;
2080
2081 explicit Read(RGWRados::SystemObject *_source) : source(_source) {}
2082
2083 int stat(RGWObjVersionTracker *objv_tracker);
** CID 1353427: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 751 in RGWSystemMetaObj::RGWSystemMetaObj()()
________________________________________________________________________________________________________
*** CID 1353427: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 751 in RGWSystemMetaObj::RGWSystemMetaObj()()
745 int read_default(RGWDefaultSystemMetaObjInfo& default_info,
746 const string& oid);
747 /* read and use default id */
748 int use_default(bool old_format = false);
749
750 public:
>>> CID 1353427: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "store" is not initialized in this constructor nor in any functions that it calls.
751 RGWSystemMetaObj() {}
752 RGWSystemMetaObj(const string& _name): name(_name) {}
753 RGWSystemMetaObj(const string& _id, const string& _name) : id(_id), name(_name) {}
754 RGWSystemMetaObj(CephContext *_cct, RGWRados *_store): cct(_cct), store(_store){}
755 RGWSystemMetaObj(const string& _name, CephContext *_cct, RGWRados *_store): name(_name), cct(_cct), store(_store){}
756 const string& get_name() const { return name; }
** CID 1353426: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 1394 in RGWPeriod::RGWPeriod()()
________________________________________________________________________________________________________
*** CID 1353426: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 1394 in RGWPeriod::RGWPeriod()()
1388 const string get_period_oid_prefix();
1389
1390 // gather the metadata sync status for each shard; only for use on master zone
1391 int update_sync_status();
1392
1393 public:
>>> CID 1353426: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "store" is not initialized in this constructor nor in any functions that it calls.
1394 RGWPeriod() : epoch(0) {}
1395
1396 RGWPeriod(const string& period_id, epoch_t _epoch = 0)
1397 : id(period_id), epoch(_epoch) {}
1398
1399 const string& get_id() const { return id; }
** CID 1353425: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 1088 in RGWZoneGroup::RGWZoneGroup(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 1353425: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 1088 in RGWZoneGroup::RGWZoneGroup(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
1082 map<string, list<string> > api_endpoints_map;
1083
1084 string realm_id;
1085
1086 RGWZoneGroup(): is_master(false){}
1087 RGWZoneGroup(const std::string &id, const std::string &name):RGWSystemMetaObj(id, name) {}
>>> CID 1353425: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "is_master" is not initialized in this constructor nor in any functions that it calls.
1088 RGWZoneGroup(const std::string &_name):RGWSystemMetaObj(_name) {}
1089 RGWZoneGroup(const std::string &_name, bool _is_master, CephContext *cct, RGWRados* store,
1090 const string& _realm_id, const list<string>& _endpoints)
1091 : RGWSystemMetaObj(_name, cct , store), endpoints(_endpoints), is_master(_is_master),
1092 realm_id(_realm_id) {}
1093
** CID 1353424: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_realm_watcher.cc: 21 in RGWRealmWatcher::RGWRealmWatcher(CephContext *, RGWRealm &)()
________________________________________________________________________________________________________
*** CID 1353424: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_realm_watcher.cc: 21 in RGWRealmWatcher::RGWRealmWatcher(CephContext *, RGWRealm &)()
15 RGWRealmWatcher::RGWRealmWatcher(CephContext* cct, RGWRealm& realm)
16 : cct(cct)
17 {
18 // no default realm, nothing to watch
19 if (realm.get_id().empty()) {
20 ldout(cct, 4) << "No realm, disabling dynamic reconfiguration." << dendl;
>>> CID 1353424: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "watch_handle" is not initialized in this constructor nor in any functions that it calls.
21 return;
22 }
23
24 // establish the watch on RGWRealm
25 int r = watch_start(realm);
26 if (r < 0) {
** CID 1353423: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 1087 in RGWZoneGroup::RGWZoneGroup(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 1353423: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_rados.h: 1087 in RGWZoneGroup::RGWZoneGroup(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
1081 map<string, list<string> > api_hostname_map;
1082 map<string, list<string> > api_endpoints_map;
1083
1084 string realm_id;
1085
1086 RGWZoneGroup(): is_master(false){}
>>> CID 1353423: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "is_master" is not initialized in this constructor nor in any functions that it calls.
1087 RGWZoneGroup(const std::string &id, const std::string &name):RGWSystemMetaObj(id, name) {}
1088 RGWZoneGroup(const std::string &_name):RGWSystemMetaObj(_name) {}
1089 RGWZoneGroup(const std::string &_name, bool _is_master, CephContext *cct, RGWRados* store,
1090 const string& _realm_id, const list<string>& _endpoints)
1091 : RGWSystemMetaObj(_name, cct , store), endpoints(_endpoints), is_master(_is_master),
1092 realm_id(_realm_id) {}
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-02-18 20:32 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-02-18 20:32 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
141 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 141 defect(s)
** CID 1353344: Control flow issues (UNREACHABLE)
/build/rados.c: 14393 in __pyx_pf_5rados_5Rados_52pg_command()
________________________________________________________________________________________________________
*** CID 1353344: Control flow issues (UNREACHABLE)
/build/rados.c: 14393 in __pyx_pf_5rados_5Rados_52pg_command()
14387 * return (ret, my_outbuf, my_outs)
14388 * finally:
14389 * free(_cmd) # <<<<<<<<<<<<<<
14390 *
14391 * def wait_for_latest_osdmap(self):
14392 */
>>> CID 1353344: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
14393 /*finally:*/ {
14394 /*exception exit:*/{
14395 __pyx_L4_error:;
14396 __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0;
14397 __Pyx_XDECREF(__pyx_t_3); __pyx_t_3 = 0;
14398 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
** CID 1353343: Control flow issues (UNREACHABLE)
/build/rados.c: 13830 in __pyx_pf_5rados_5Rados_50osd_command()
________________________________________________________________________________________________________
*** CID 1353343: Control flow issues (UNREACHABLE)
/build/rados.c: 13830 in __pyx_pf_5rados_5Rados_50osd_command()
13824 * return (ret, my_outbuf, my_outs)
13825 * finally:
13826 * free(_cmd) # <<<<<<<<<<<<<<
13827 *
13828 * def pg_command(self, pgid, cmd, inbuf, timeout=0):
13829 */
>>> CID 1353343: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
13830 /*finally:*/ {
13831 /*exception exit:*/{
13832 __pyx_L4_error:;
13833 __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0;
13834 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
13835 __Pyx_XDECREF(__pyx_t_3); __pyx_t_3 = 0;
** CID 1353342: Control flow issues (UNREACHABLE)
/build/rados.c: 13306 in __pyx_pf_5rados_5Rados_48mon_command()
________________________________________________________________________________________________________
*** CID 1353342: Control flow issues (UNREACHABLE)
/build/rados.c: 13306 in __pyx_pf_5rados_5Rados_48mon_command()
13300 * return (ret, my_outbuf, my_outs)
13301 * finally:
13302 * free(_cmd) # <<<<<<<<<<<<<<
13303 *
13304 * def osd_command(self, osdid, cmd, inbuf, timeout=0):
13305 */
>>> CID 1353342: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L5_error:
...".
13306 /*finally:*/ {
13307 /*exception exit:*/{
13308 __pyx_L5_error:;
13309 __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0;
13310 __Pyx_XDECREF(__pyx_t_2); __pyx_t_2 = 0;
13311 __Pyx_XDECREF(__pyx_t_1); __pyx_t_1 = 0;
** CID 1353341: Control flow issues (UNREACHABLE)
/build/rados.c: 12433 in __pyx_pf_5rados_5Rados_44get_fsid()
________________________________________________________________________________________________________
*** CID 1353341: Control flow issues (UNREACHABLE)
/build/rados.c: 12433 in __pyx_pf_5rados_5Rados_44get_fsid()
12427 * # including if _PyString_Resize fails (that will free the string
12428 * # itself and set ret_s to NULL, hence XDECREF).
12429 * ref.Py_XDECREF(ret_s) # <<<<<<<<<<<<<<
12430 *
12431 * @requires(('ioctx_name', str_type))
12432 */
>>> CID 1353341: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
12433 /*finally:*/ {
12434 /*exception exit:*/{
12435 __pyx_L4_error:;
12436 __pyx_t_9 = 0; __pyx_t_10 = 0; __pyx_t_11 = 0; __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0;
12437 __Pyx_XDECREF(__pyx_t_2); __pyx_t_2 = 0;
12438 __Pyx_XDECREF(__pyx_t_1); __pyx_t_1 = 0;
** CID 1353340: Control flow issues (UNREACHABLE)
/build/rados.c: 12142 in __pyx_pf_5rados_5Rados_42list_pools()
________________________________________________________________________________________________________
*** CID 1353340: Control flow issues (UNREACHABLE)
/build/rados.c: 12142 in __pyx_pf_5rados_5Rados_42list_pools()
12136 * if name]
12137 * finally:
12138 * free(c_names) # <<<<<<<<<<<<<<
12139 *
12140 * def get_fsid(self):
12141 */
>>> CID 1353340: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
12142 /*finally:*/ {
12143 /*exception exit:*/{
12144 __pyx_L4_error:;
12145 __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0;
12146 __Pyx_XDECREF(__pyx_t_7); __pyx_t_7 = 0;
12147 __Pyx_XDECREF(__pyx_t_6); __pyx_t_6 = 0;
** CID 1353339: Control flow issues (UNREACHABLE)
/build/rados.c: 10883 in __pyx_pf_5rados_5Rados_34pool_reverse_lookup()
________________________________________________________________________________________________________
*** CID 1353339: Control flow issues (UNREACHABLE)
/build/rados.c: 10883 in __pyx_pf_5rados_5Rados_34pool_reverse_lookup()
10877 *
10878 * finally:
10879 * free(name) # <<<<<<<<<<<<<<
10880 *
10881 * @requires(('pool_name', str_type), ('auid', opt(int)), ('crush_rule', opt(int)))
10882 */
>>> CID 1353339: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
10883 /*finally:*/ {
10884 /*exception exit:*/{
10885 __pyx_L4_error:;
10886 __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0;
10887 __Pyx_XDECREF(__pyx_t_8); __pyx_t_8 = 0;
10888 __Pyx_XDECREF(__pyx_t_2); __pyx_t_2 = 0;
** CID 1353338: Control flow issues (UNREACHABLE)
/build/rados.c: 19157 in __pyx_pf_5rados_12SnapIterator_6__next__()
________________________________________________________________________________________________________
*** CID 1353338: Control flow issues (UNREACHABLE)
/build/rados.c: 19157 in __pyx_pf_5rados_12SnapIterator_6__next__()
19151 * return snap
19152 * finally:
19153 * free(name) # <<<<<<<<<<<<<<
19154 *
19155 *
19156 */
>>> CID 1353338: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L5_error:
...".
19157 /*finally:*/ {
19158 /*exception exit:*/{
19159 __pyx_L5_error:;
19160 __pyx_t_11 = 0; __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0;
19161 __Pyx_XDECREF(__pyx_t_6); __pyx_t_6 = 0;
19162 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
** CID 1353337: Control flow issues (UNREACHABLE)
/build/rados.c: 31297 in __pyx_pf_5rados_5Ioctx_58get_xattr()
________________________________________________________________________________________________________
*** CID 1353337: Control flow issues (UNREACHABLE)
/build/rados.c: 31297 in __pyx_pf_5rados_5Ioctx_58get_xattr()
31291 * return ret_buf[:ret]
31292 * finally:
31293 * free(ret_buf) # <<<<<<<<<<<<<<
31294 *
31295 * @requires(('oid', str_type))
31296 */
>>> CID 1353337: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
31297 /*finally:*/ {
31298 /*exception exit:*/{
31299 __pyx_L4_error:;
31300 __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0;
31301 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
31302 __Pyx_XDECREF(__pyx_t_2); __pyx_t_2 = 0;
** CID 1353336: Control flow issues (UNREACHABLE)
/build/rados.c: 29709 in __pyx_pf_5rados_5Ioctx_48execute()
________________________________________________________________________________________________________
*** CID 1353336: Control flow issues (UNREACHABLE)
/build/rados.c: 29709 in __pyx_pf_5rados_5Ioctx_48execute()
29703 * # including if _PyString_Resize fails (that will free the string
29704 * # itself and set ret_s to NULL, hence XDECREF).
29705 * ref.Py_XDECREF(ret_s) # <<<<<<<<<<<<<<
29706 *
29707 * def get_stats(self):
29708 */
>>> CID 1353336: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
29709 /*finally:*/ {
29710 /*exception exit:*/{
29711 __pyx_L4_error:;
29712 __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0;
29713 __Pyx_XDECREF(__pyx_t_3); __pyx_t_3 = 0;
29714 __Pyx_XDECREF(__pyx_t_1); __pyx_t_1 = 0;
** CID 1353335: Control flow issues (UNREACHABLE)
/build/rados.c: 29119 in __pyx_pf_5rados_5Ioctx_46read()
________________________________________________________________________________________________________
*** CID 1353335: Control flow issues (UNREACHABLE)
/build/rados.c: 29119 in __pyx_pf_5rados_5Ioctx_46read()
29113 * # including if _PyString_Resize fails (that will free the string
29114 * # itself and set ret_s to NULL, hence XDECREF).
29115 * ref.Py_XDECREF(ret_s) # <<<<<<<<<<<<<<
29116 *
29117 * @requires(('key', str_type), ('cls', str_type), ('method', str_type), ('data', bytes))
29118 */
>>> CID 1353335: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
29119 /*finally:*/ {
29120 /*exception exit:*/{
29121 __pyx_L4_error:;
29122 __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0;
29123 __Pyx_XDECREF(__pyx_t_3); __pyx_t_3 = 0;
29124 __Pyx_XDECREF(__pyx_t_1); __pyx_t_1 = 0;
** CID 1353334: Control flow issues (UNREACHABLE)
/build/rados.c: 9057 in __pyx_pf_5rados_5Rados_20conf_get()
________________________________________________________________________________________________________
*** CID 1353334: Control flow issues (UNREACHABLE)
/build/rados.c: 9057 in __pyx_pf_5rados_5Rados_20conf_get()
9051 */
9052 /*finally:*/ {
9053 /*normal exit:*/{
9054 free(__pyx_v_ret_buf);
9055 goto __pyx_L5;
9056 }
>>> CID 1353334: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
__pyx_L4_error:
;
_...".
9057 /*exception exit:*/{
9058 __pyx_L4_error:;
9059 __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0;
9060 __Pyx_XDECREF(__pyx_t_3); __pyx_t_3 = 0;
9061 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
9062 __Pyx_XDECREF(__pyx_t_9); __pyx_t_9 = 0;
** CID 1353333: Control flow issues (UNREACHABLE)
/build/rados.c: 8360 in __pyx_pf_5rados_5Rados_16conf_parse_argv()
________________________________________________________________________________________________________
*** CID 1353333: Control flow issues (UNREACHABLE)
/build/rados.c: 8360 in __pyx_pf_5rados_5Rados_16conf_parse_argv()
8354 * return retargs
8355 * finally:
8356 * free(_argv) # <<<<<<<<<<<<<<
8357 * free(_remargv)
8358 *
8359 */
>>> CID 1353333: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L5_error:
...".
8360 /*finally:*/ {
8361 /*exception exit:*/{
8362 __pyx_L5_error:;
8363 __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0; __pyx_t_20 = 0; __pyx_t_21 = 0;
8364 __Pyx_XDECREF(__pyx_t_11); __pyx_t_11 = 0;
8365 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
** CID 1353332: Control flow issues (UNREACHABLE)
/build/rados.c: 35757 in __pyx_pf_5rados_5Ioctx_98get_omap_vals_by_keys()
________________________________________________________________________________________________________
*** CID 1353332: Control flow issues (UNREACHABLE)
/build/rados.c: 35757 in __pyx_pf_5rados_5Ioctx_98get_omap_vals_by_keys()
35751 * return it, int(prval)
35752 * finally:
35753 * free(_keys) # <<<<<<<<<<<<<<
35754 *
35755 * @requires(('write_op', WriteOp), ('keys', tuple))
35756 */
>>> CID 1353332: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
35757 /*finally:*/ {
35758 /*exception exit:*/{
35759 __pyx_L4_error:;
35760 __pyx_t_9 = 0; __pyx_t_10 = 0; __pyx_t_11 = 0; __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0;
35761 __Pyx_XDECREF(__pyx_t_3); __pyx_t_3 = 0;
35762 __Pyx_XDECREF(__pyx_t_5); __pyx_t_5 = 0;
** CID 1353331: Control flow issues (UNREACHABLE)
/build/rados.c: 25549 in __pyx_pf_5rados_5Ioctx_8aio_read_oncomplete_()
________________________________________________________________________________________________________
*** CID 1353331: Control flow issues (UNREACHABLE)
/build/rados.c: 25549 in __pyx_pf_5rados_5Ioctx_8aio_read_oncomplete_()
25543 * # including if _PyString_Resize fails (that will free the string
25544 * # itself and set ret_s to NULL, hence XDECREF).
25545 * ref.Py_XDECREF(ret_s) # <<<<<<<<<<<<<<
25546 *
25547 * completion = self.__get_completion(oncomplete_, None)
25548 */
>>> CID 1353331: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
{
__pyx_L4_error:
...".
25549 /*finally:*/ {
25550 /*exception exit:*/{
25551 __pyx_L4_error:;
25552 __pyx_t_11 = 0; __pyx_t_12 = 0; __pyx_t_13 = 0; __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0;
25553 __Pyx_XDECREF(__pyx_t_7); __pyx_t_7 = 0;
25554 __Pyx_XDECREF(__pyx_t_2); __pyx_t_2 = 0;
** CID 1353330: Uninitialized variables (UNINIT)
/build/rados.c: 31283 in __pyx_pf_5rados_5Ioctx_58get_xattr()
________________________________________________________________________________________________________
*** CID 1353330: Uninitialized variables (UNINIT)
/build/rados.c: 31283 in __pyx_pf_5rados_5Ioctx_58get_xattr()
31277 * break
31278 * return ret_buf[:ret] # <<<<<<<<<<<<<<
31279 * finally:
31280 * free(ret_buf)
31281 */
31282 __Pyx_XDECREF(__pyx_r);
>>> CID 1353330: Uninitialized variables (UNINIT)
>>> Using uninitialized value "__pyx_v_ret".
31283 __pyx_t_3 = __Pyx_PyBytes_FromStringAndSize(__pyx_v_ret_buf + 0, __pyx_v_ret - 0); if (unlikely(!__pyx_t_3)) {__pyx_filename = __pyx_f[0]; __pyx_lineno = 2499; __pyx_clineno = __LINE__; goto __pyx_L4_error;}
31284 __Pyx_GOTREF(__pyx_t_3);
31285 __pyx_r = __pyx_t_3;
31286 __pyx_t_3 = 0;
31287 goto __pyx_L3_return;
31288 }
** CID 1353329: Null pointer dereferences (REVERSE_INULL)
/build/rados.c: 41695 in __pyx_pf_7cpython_5array_5array___getbuffer__()
________________________________________________________________________________________________________
*** CID 1353329: Null pointer dereferences (REVERSE_INULL)
/build/rados.c: 41695 in __pyx_pf_7cpython_5array_5array___getbuffer__()
41689 if (__pyx_v_info != NULL && __pyx_v_info->obj != NULL) {
41690 __Pyx_GOTREF(__pyx_v_info->obj);
41691 __Pyx_DECREF(__pyx_v_info->obj); __pyx_v_info->obj = NULL;
41692 }
41693 goto __pyx_L2;
41694 __pyx_L0:;
>>> CID 1353329: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "__pyx_v_info" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
41695 if (__pyx_v_info != NULL && __pyx_v_info->obj == Py_None) {
41696 __Pyx_GOTREF(Py_None);
41697 __Pyx_DECREF(Py_None); __pyx_v_info->obj = NULL;
41698 }
41699 __pyx_L2:;
41700 __Pyx_XDECREF(__pyx_v_item_count);
** CID 1353328: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 5461 in __pyx_f_5rados_to_csize_t_array()
________________________________________________________________________________________________________
*** CID 1353328: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 5461 in __pyx_f_5rados_to_csize_t_array()
5455 __pyx_L1_error:;
5456 __Pyx_XDECREF(__pyx_t_3);
5457 __Pyx_WriteUnraisable("rados.to_csize_t_array", __pyx_clineno, __pyx_lineno, __pyx_filename, 0);
5458 __pyx_r = 0;
5459 __pyx_L0:;
5460 __Pyx_RefNannyFinishContext();
>>> CID 1353328: Resource leaks (RESOURCE_LEAK)
>>> Variable "__pyx_v_ret" going out of scope leaks the storage it points to.
5461 return __pyx_r;
5462 }
5463
5464 /* "rados.pyx":491
5465 *
5466 *
** CID 1353327: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 5571 in __pyx_f_5rados_to_bytes_array()
________________________________________________________________________________________________________
*** CID 1353327: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 5571 in __pyx_f_5rados_to_bytes_array()
5565 __pyx_L1_error:;
5566 __Pyx_XDECREF(__pyx_t_3);
5567 __Pyx_WriteUnraisable("rados.to_bytes_array", __pyx_clineno, __pyx_lineno, __pyx_filename, 0);
5568 __pyx_r = 0;
5569 __pyx_L0:;
5570 __Pyx_RefNannyFinishContext();
>>> CID 1353327: Resource leaks (RESOURCE_LEAK)
>>> Variable "__pyx_v_ret" going out of scope leaks the storage it points to.
5571 return __pyx_r;
5572 }
5573
5574 /* "rados.pyx":501
5575 *
5576 *
** CID 1353326: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 14463 in __pyx_pf_5rados_5Rados_52pg_command()
________________________________________________________________________________________________________
*** CID 1353326: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 14463 in __pyx_pf_5rados_5Rados_52pg_command()
14457 __Pyx_XDECREF(__pyx_v_my_outbuf);
14458 __Pyx_XDECREF(__pyx_v_pgid);
14459 __Pyx_XDECREF(__pyx_v_cmd);
14460 __Pyx_XDECREF(__pyx_v_inbuf);
14461 __Pyx_XGIVEREF(__pyx_r);
14462 __Pyx_RefNannyFinishContext();
>>> CID 1353326: Resource leaks (RESOURCE_LEAK)
>>> Variable "__pyx_v__outs" going out of scope leaks the storage it points to.
14463 return __pyx_r;
14464 }
14465
14466 /* "rados.pyx":1222
14467 * free(_cmd)
14468 *
** CID 1353325: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 14463 in __pyx_pf_5rados_5Rados_52pg_command()
________________________________________________________________________________________________________
*** CID 1353325: Resource leaks (RESOURCE_LEAK)
/build/rados.c: 14463 in __pyx_pf_5rados_5Rados_52pg_command()
14457 __Pyx_XDECREF(__pyx_v_my_outbuf);
14458 __Pyx_XDECREF(__pyx_v_pgid);
14459 __Pyx_XDECREF(__pyx_v_cmd);
14460 __Pyx_XDECREF(__pyx_v_inbuf);
14461 __Pyx_XGIVEREF(__pyx_r);
14462 __Pyx_RefNannyFinishContext();
>>> CID 1353325: Resource leaks (RESOURCE_LEAK)
>>> Variable "__pyx_v__cmd" going out of scope leaks the storage it points to.
14463 return __pyx_r;
14464 }
14465
14466 /* "rados.pyx":1222
14467 * free(_cmd)
14468 *
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-02-13 17:47 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-02-13 17:47 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
17 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 17 of 17 defect(s)
** CID 1352185: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_file.cc: 419 in rgw::RGWFileHandle::write(unsigned long, unsigned long, unsigned long *, void *)()
________________________________________________________________________________________________________
*** CID 1352185: Code maintainability issues (UNUSED_VALUE)
/rgw/rgw_file.cc: 419 in rgw::RGWFileHandle::write(unsigned long, unsigned long, unsigned long *, void *)()
413 if (! f->write_req) {
414 /* start */
415 std::string object_name = relative_object_name();
416 f->write_req =
417 new RGWWriteRequest(fs->get_context(), fs->get_user(), this,
418 bucket_name(), object_name);
>>> CID 1352185: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "rgw::rgwlib.get_fe()->start_req(f->write_req)" to "rc" here, but that stored value is overwritten before it can be used.
419 rc = rgwlib.get_fe()->start_req(f->write_req);
420 }
421
422 buffer::list bl;
423 /* XXXX */
424 #if 0
** CID 1352184: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_lib.h: 33 in rgw::RGWLib::RGWLib()()
________________________________________________________________________________________________________
*** CID 1352184: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_lib.h: 33 in rgw::RGWLib::RGWLib()()
27 RGWREST rest; // XXX needed for RGWProcessEnv
28 RGWProcessEnv env;
29 RGWRados* store;
30
31 public:
32 RGWLib() : fec(nullptr), fe(nullptr), olog(nullptr), store(nullptr)
>>> CID 1352184: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "env.port" is not initialized in this constructor nor in any functions that it calls.
33 {}
34 ~RGWLib() {}
35
36 RGWRados* get_store() { return store; }
37
38 RGWLibFrontend* get_fe() { return fe; }
** CID 1352183: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_common.cc: 178 in req_state::req_state(CephContext *, RGWEnv *, RGWUserInfo *)()
________________________________________________________________________________________________________
*** CID 1352183: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_common.cc: 178 in req_state::req_state(CephContext *, RGWEnv *, RGWUserInfo *)()
172 has_bad_meta = false;
173 length = NULL;
174 http_auth = NULL;
175 local_source = false;
176
177 obj_ctx = NULL;
>>> CID 1352183: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "req" is not initialized in this constructor nor in any functions that it calls.
178 }
179
180 req_state::~req_state() {
181 delete formatter;
182 delete bucket_acl;
183 delete object_acl;
** CID 1352182: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_file.h: 226 in rgw::RGWFileHandle::RGWFileHandle(rgw::RGWLibFS *, unsigned int)()
________________________________________________________________________________________________________
*** CID 1352182: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_file.h: 226 in rgw::RGWFileHandle::RGWFileHandle(rgw::RGWLibFS *, unsigned int)()
220 fh.fh_type = RGW_FS_TYPE_DIRECTORY;
221 variant_type = directory();
222 /* stat */
223 state.dev = fs_inst;
224 /* pointer to self */
225 fh.fh_private = this;
>>> CID 1352182: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "fh.fh_hk" is not initialized in this constructor nor in any functions that it calls.
226 }
227
228 void init_rootfs(std::string& fsid, const std::string& object_name) {
229 /* fh_key */
230 fh.fh_hk.bucket = XXH64(fsid.c_str(), fsid.length(), fh_key::seed);
231 fh.fh_hk.object = XXH64(object_name.c_str(), object_name.length(),
** CID 1352181: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_file.h: 79 in rgw::fh_key::fh_key()()
________________________________________________________________________________________________________
*** CID 1352181: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_file.h: 79 in rgw::fh_key::fh_key()()
73 struct fh_key
74 {
75 rgw_fh_hk fh_hk;
76
77 static constexpr uint64_t seed = 8675309;
78
>>> CID 1352181: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "fh_hk.object" is not initialized in this constructor nor in any functions that it calls.
79 fh_key() {}
80
81 fh_key(const rgw_fh_hk& _hk)
82 : fh_hk(_hk) {
83 // nothing
84 }
** CID 1352180: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_file.h: 641 in rgw::RGWLibFS::RGWLibFS(CephContext *, const char *, const char *, const char *)()
________________________________________________________________________________________________________
*** CID 1352180: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_file.h: 641 in rgw::RGWLibFS::RGWLibFS(CephContext *, const char *, const char *, const char *)()
635
636 /* pointer to self */
637 fs.fs_private = this;
638
639 /* expose public root fh */
640 fs.root_fh = root_fh.get_fh();
>>> CID 1352180: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member field "fs.rgw" is not initialized in this constructor nor in any functions that it calls.
641 }
642
643 friend void intrusive_ptr_add_ref(const RGWLibFS* fs) {
644 fs->refcnt.fetch_add(1, std::memory_order_relaxed);
645 }
646
** CID 1352177: Incorrect expression (SIZEOF_MISMATCH)
/test/librgw_file_gp.cc: 311 in LibRGW_WRITEV_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352177: Incorrect expression (SIZEOF_MISMATCH)
/test/librgw_file_gp.cc: 311 in LibRGW_WRITEV_Test::TestBody()()
305
306 TEST(LibRGW, WRITEV)
307 {
308 if (do_writev) {
309 rgw_uio* uio;
310 struct iovec *iovs = zp_set1.get_iovs();
>>> CID 1352177: Incorrect expression (SIZEOF_MISMATCH)
>>> Adding "56UL /* sizeof (rgw_uio) */" to pointer "uio" of type "rgw_uio *" is suspicious because adding an integral value to this pointer automatically scales that value by the size, 56 bytes, of the pointed-to type, "rgw_uio". Most likely, "sizeof (rgw_uio)" is extraneous and should be replaced with 1.
311 alloca_uio();
312 ASSERT_NE(uio, nullptr);
313
314 for (int ix = 0; ix < iovcnt; ++ix) {
315 struct iovec *iov = &iovs[ix];
316 rgw_vio *vio = &(uio->uio_vio[ix]);
** CID 1352176: (RESOURCE_LEAK)
/test/librgw_file_nfsns.cc: 652 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
/test/librgw_file_nfsns.cc: 653 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
/test/librgw_file_nfsns.cc: 655 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352176: (RESOURCE_LEAK)
/test/librgw_file_nfsns.cc: 652 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
646 << std::endl;
647 }
648 char* leakbuf = (char*) malloc(bufsz);
649 memcpy(leakbuf, buffer, length);
650 rc = rgw_write(fs, fobj.fh, offset, length, &nwritten, leakbuf,
651 RGW_WRITE_FLAG_NONE);
>>> CID 1352176: (RESOURCE_LEAK)
>>> Variable "leakbuf" going out of scope leaks the storage it points to.
652 ASSERT_EQ(rc, 0);
653 ASSERT_EQ(nwritten, length);
654 offset += length;
655 }
656
657 /* commit write transaction */
/test/librgw_file_nfsns.cc: 653 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
647 }
648 char* leakbuf = (char*) malloc(bufsz);
649 memcpy(leakbuf, buffer, length);
650 rc = rgw_write(fs, fobj.fh, offset, length, &nwritten, leakbuf,
651 RGW_WRITE_FLAG_NONE);
652 ASSERT_EQ(rc, 0);
>>> CID 1352176: (RESOURCE_LEAK)
>>> Variable "leakbuf" going out of scope leaks the storage it points to.
653 ASSERT_EQ(nwritten, length);
654 offset += length;
655 }
656
657 /* commit write transaction */
658 rc = rgw_close(fs, fobj.fh, RGW_CLOSE_FLAG_NONE);
/test/librgw_file_nfsns.cc: 655 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
649 memcpy(leakbuf, buffer, length);
650 rc = rgw_write(fs, fobj.fh, offset, length, &nwritten, leakbuf,
651 RGW_WRITE_FLAG_NONE);
652 ASSERT_EQ(rc, 0);
653 ASSERT_EQ(nwritten, length);
654 offset += length;
>>> CID 1352176: (RESOURCE_LEAK)
>>> Variable "leakbuf" going out of scope leaks the storage it points to.
655 }
656
657 /* commit write transaction */
658 rc = rgw_close(fs, fobj.fh, RGW_CLOSE_FLAG_NONE);
659 ASSERT_EQ(rc, 0);
660
** CID 1352175: (RESOURCE_LEAK)
/test/librgw_file_nfsns.cc: 653 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
/test/librgw_file_nfsns.cc: 659 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
/test/librgw_file_nfsns.cc: 652 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
/test/librgw_file_nfsns.cc: 653 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
/test/librgw_file_nfsns.cc: 636 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352175: (RESOURCE_LEAK)
/test/librgw_file_nfsns.cc: 653 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
647 }
648 char* leakbuf = (char*) malloc(bufsz);
649 memcpy(leakbuf, buffer, length);
650 rc = rgw_write(fs, fobj.fh, offset, length, &nwritten, leakbuf,
651 RGW_WRITE_FLAG_NONE);
652 ASSERT_EQ(rc, 0);
>>> CID 1352175: (RESOURCE_LEAK)
>>> Variable "buffer" going out of scope leaks the storage it points to.
653 ASSERT_EQ(nwritten, length);
654 offset += length;
655 }
656
657 /* commit write transaction */
658 rc = rgw_close(fs, fobj.fh, RGW_CLOSE_FLAG_NONE);
/test/librgw_file_nfsns.cc: 659 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
653 ASSERT_EQ(nwritten, length);
654 offset += length;
655 }
656
657 /* commit write transaction */
658 rc = rgw_close(fs, fobj.fh, RGW_CLOSE_FLAG_NONE);
>>> CID 1352175: (RESOURCE_LEAK)
>>> Variable "buffer" going out of scope leaks the storage it points to.
659 ASSERT_EQ(rc, 0);
660
661 ifs.close();
662 free(buffer);
663 rgw_fh_rele(fs, fobj.fh, 0 /* flags */);
664 }
/test/librgw_file_nfsns.cc: 652 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
646 << std::endl;
647 }
648 char* leakbuf = (char*) malloc(bufsz);
649 memcpy(leakbuf, buffer, length);
650 rc = rgw_write(fs, fobj.fh, offset, length, &nwritten, leakbuf,
651 RGW_WRITE_FLAG_NONE);
>>> CID 1352175: (RESOURCE_LEAK)
>>> Variable "buffer" going out of scope leaks the storage it points to.
652 ASSERT_EQ(rc, 0);
653 ASSERT_EQ(nwritten, length);
654 offset += length;
655 }
656
657 /* commit write transaction */
/test/librgw_file_nfsns.cc: 653 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
647 }
648 char* leakbuf = (char*) malloc(bufsz);
649 memcpy(leakbuf, buffer, length);
650 rc = rgw_write(fs, fobj.fh, offset, length, &nwritten, leakbuf,
651 RGW_WRITE_FLAG_NONE);
652 ASSERT_EQ(rc, 0);
>>> CID 1352175: (RESOURCE_LEAK)
>>> Variable "buffer" going out of scope leaks the storage it points to.
653 ASSERT_EQ(nwritten, length);
654 offset += length;
655 }
656
657 /* commit write transaction */
658 rc = rgw_close(fs, fobj.fh, RGW_CLOSE_FLAG_NONE);
/test/librgw_file_nfsns.cc: 636 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
630 int bufsz = 1024 * 1024 * sizeof(char);
631 char *buffer = (char*) malloc(bufsz);
632
633 uint64_t offset = 0;
634 uint64_t length = bufsz;
635 for (int ix = 0; ix < 6; ++ix) {
>>> CID 1352175: (RESOURCE_LEAK)
>>> Variable "buffer" going out of scope leaks the storage it points to.
636 ASSERT_TRUE(ifs.good());
637 ifs.read(buffer, bufsz);
638 uint64_t nwritten = 0;
639 string str;
640 str.assign(buffer, 4);
641 if (verbose) {
** CID 1352174: (RESOURCE_LEAK)
/test/librados/tier.cc: 3818 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3816 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3831 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3827 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3852 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3846 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3875 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3871 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3886 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
/test/librados/tier.cc: 3883 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352174: (RESOURCE_LEAK)
/test/librados/tier.cc: 3818 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3812 std::map<std::string, bufferlist> omap;
3813 omap["somekey"] = bufferlist();
3814 op.omap_set(omap);
3815 librados::AioCompletion *completion = cluster.aio_create_completion();
3816 ASSERT_EQ(0, cache_ioctx.aio_operate("foo", completion, &op));
3817 completion->wait_for_safe();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3818 ASSERT_EQ(0, completion->get_return_value());
3819 completion->release();
3820 }
3821
3822 // flush
3823 {
/test/librados/tier.cc: 3816 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3810 {
3811 ObjectWriteOperation op;
3812 std::map<std::string, bufferlist> omap;
3813 omap["somekey"] = bufferlist();
3814 op.omap_set(omap);
3815 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3816 ASSERT_EQ(0, cache_ioctx.aio_operate("foo", completion, &op));
3817 completion->wait_for_safe();
3818 ASSERT_EQ(0, completion->get_return_value());
3819 completion->release();
3820 }
3821
/test/librados/tier.cc: 3831 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3825 op.cache_flush();
3826 librados::AioCompletion *completion = cluster.aio_create_completion();
3827 ASSERT_EQ(0, cache_ioctx.aio_operate(
3828 "foo", completion, &op,
3829 librados::OPERATION_IGNORE_OVERLAY, NULL));
3830 completion->wait_for_safe();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3831 ASSERT_NE(0, completion->get_return_value());
3832 completion->release();
3833 }
3834
3835 // get omap
3836 {
/test/librados/tier.cc: 3827 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3821
3822 // flush
3823 {
3824 ObjectReadOperation op;
3825 op.cache_flush();
3826 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3827 ASSERT_EQ(0, cache_ioctx.aio_operate(
3828 "foo", completion, &op,
3829 librados::OPERATION_IGNORE_OVERLAY, NULL));
3830 completion->wait_for_safe();
3831 ASSERT_NE(0, completion->get_return_value());
3832 completion->release();
/test/librados/tier.cc: 3852 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3846 ASSERT_EQ(0, cache_ioctx.aio_operate("foo", completion, &op, &bl));
3847 sleep(5);
3848 bool completed = completion->is_complete();
3849 if( !completed ) {
3850 cache_ioctx.aio_cancel(completion);
3851 std::cerr << "Most probably test case will hang here, please reset manually" << std::endl;
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3852 ASSERT_TRUE(completed); //in fact we are locked forever at test case shutdown unless fix for http://tracker.ceph.com/issues/14511 is applied. Seems there is no workaround for that
3853 }
3854 completion->release();
3855 }
3856 // verify still not in base tier
3857 {
/test/librados/tier.cc: 3846 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3840 std::set<std::string> keys;
3841 keys.insert("somekey");
3842 std::map<std::string, bufferlist> map;
3843
3844 op.omap_get_vals_by_keys(keys, &map, &prval);
3845 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3846 ASSERT_EQ(0, cache_ioctx.aio_operate("foo", completion, &op, &bl));
3847 sleep(5);
3848 bool completed = completion->is_complete();
3849 if( !completed ) {
3850 cache_ioctx.aio_cancel(completion);
3851 std::cerr << "Most probably test case will hang here, please reset manually" << std::endl;
/test/librados/tier.cc: 3875 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3869 op.cache_flush();
3870 librados::AioCompletion *completion = cluster.aio_create_completion();
3871 ASSERT_EQ(0, cache_ioctx.aio_operate(
3872 "foo", completion, &op,
3873 librados::OPERATION_IGNORE_OVERLAY, NULL));
3874 completion->wait_for_safe();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3875 ASSERT_EQ(0, completion->get_return_value());
3876 completion->release();
3877 }
3878 // evict
3879 {
3880 ObjectReadOperation op;
/test/librados/tier.cc: 3871 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3865 }
3866 // flush whiteout
3867 {
3868 ObjectReadOperation op;
3869 op.cache_flush();
3870 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3871 ASSERT_EQ(0, cache_ioctx.aio_operate(
3872 "foo", completion, &op,
3873 librados::OPERATION_IGNORE_OVERLAY, NULL));
3874 completion->wait_for_safe();
3875 ASSERT_EQ(0, completion->get_return_value());
3876 completion->release();
/test/librados/tier.cc: 3886 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3880 ObjectReadOperation op;
3881 op.cache_evict();
3882 librados::AioCompletion *completion = cluster.aio_create_completion();
3883 ASSERT_EQ(0, cache_ioctx.aio_operate(
3884 "foo", completion, &op, librados::OPERATION_IGNORE_CACHE, NULL));
3885 completion->wait_for_safe();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3886 ASSERT_EQ(0, completion->get_return_value());
3887 completion->release();
3888 }
3889
3890 // verify no longer in cache tier
3891 {
/test/librados/tier.cc: 3883 in LibRadosTwoPoolsECPP_FailedFlush_Test::TestBody()()
3877 }
3878 // evict
3879 {
3880 ObjectReadOperation op;
3881 op.cache_evict();
3882 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1352174: (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
3883 ASSERT_EQ(0, cache_ioctx.aio_operate(
3884 "foo", completion, &op, librados::OPERATION_IGNORE_CACHE, NULL));
3885 completion->wait_for_safe();
3886 ASSERT_EQ(0, completion->get_return_value());
3887 completion->release();
3888 }
** CID 1352173: Null pointer dereferences (FORWARD_NULL)
/rgw/librgw.cc: 580 in librgw_create()
________________________________________________________________________________________________________
*** CID 1352173: Null pointer dereferences (FORWARD_NULL)
/rgw/librgw.cc: 580 in librgw_create()
574 using namespace rgw;
575
576 int rc = -EINVAL;
577
578 if (! g_ceph_context) {
579 std::lock_guard<std::mutex> lg(librgw_mtx);
>>> CID 1352173: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "g_ceph_context" to null implies that "g_ceph_context" might be null.
580 if (! g_ceph_context) {
581 vector<const char*> args;
582 argv_to_vec(argc, const_cast<const char**>(argv), args);
583 rc = rgwlib.init(args);
584 }
585 }
** CID 1352172: Null pointer dereferences (FORWARD_NULL)
/test/librgw_file_nfsns.cc: 614 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352172: Null pointer dereferences (FORWARD_NULL)
/test/librgw_file_nfsns.cc: 614 in LibRGW_WRITEF_DIRS1_Test::TestBody()()
608 ASSERT_TRUE(ifs.is_open());
609
610 obj_rec fobj{writef_name, nullptr, dirs1_b.fh, nullptr};
611
612 (void) rgw_lookup(fs, fobj.parent_fh, fobj.name.c_str(), &fobj.fh,
613 RGW_LOOKUP_FLAG_NONE);
>>> CID 1352172: Null pointer dereferences (FORWARD_NULL)
>>> Comparing "fobj.fh" to null implies that "fobj.fh" might be null.
614 if (! fobj.fh) {
615 if (do_create) {
616 /* make a new file object (the hard way) */
617 rc = rgw_lookup(fs, fobj.parent_fh, fobj.name.c_str(), &fobj.fh,
618 RGW_LOOKUP_FLAG_CREATE);
619 ASSERT_EQ(rc, 0);
** CID 1352171: Null pointer dereferences (FORWARD_NULL)
/test/librgw_file_nfsns.cc: 285 in LibRGW_SETUP_DIRS1_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352171: Null pointer dereferences (FORWARD_NULL)
/test/librgw_file_nfsns.cc: 285 in LibRGW_SETUP_DIRS1_Test::TestBody()()
279
280 int f_ix;
281 for (f_ix = 0; f_ix < n_dirs1_objs; ++f_ix) {
282 /* child dir */
283 std::string sdname{"sdir_"};
284 sdname += to_string(f_ix);
>>> CID 1352171: Null pointer dereferences (FORWARD_NULL)
>>> Although "obj_rec" does overwrite "sdir.parent_fh" on some paths, it also contains at least one feasible path which does not overwrite it.
285 obj_rec sdir{sdname, nullptr, dir.fh, nullptr};
286
287 (void) rgw_lookup(fs, sdir.parent_fh, sdir.name.c_str(), &sdir.fh,
288 RGW_LOOKUP_FLAG_NONE);
289
290 if (! sdir.fh) {
** CID 1352170: Null pointer dereferences (FORWARD_NULL)
/test/librgw_file_nfsns.cc: 262 in LibRGW_SETUP_DIRS1_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352170: Null pointer dereferences (FORWARD_NULL)
/test/librgw_file_nfsns.cc: 262 in LibRGW_SETUP_DIRS1_Test::TestBody()()
256 /* make top-level dirs */
257 int d_ix;
258 obj_vec ovec;
259 for (d_ix = 0; d_ix < n_dirs1_dirs; ++d_ix) {
260 std::string dname{"dir_"};
261 dname += to_string(d_ix);
>>> CID 1352170: Null pointer dereferences (FORWARD_NULL)
>>> Although "obj_rec" does overwrite "dir.parent_fh" on some paths, it also contains at least one feasible path which does not overwrite it.
262 obj_rec dir{dname, nullptr, dirs1_b.fh, nullptr};
263 ovec.clear();
264
265 (void) rgw_lookup(fs, dir.parent_fh, dir.name.c_str(), &dir.fh,
266 RGW_LOOKUP_FLAG_NONE);
267 if (! dir.fh) {
** CID 1352169: Control flow issues (DEADCODE)
/rgw/librgw.cc: 280 in rgw::RGWLibProcess::process_request(rgw::RGWLibRequest *, rgw::RGWLibIO *)()
________________________________________________________________________________________________________
*** CID 1352169: Control flow issues (DEADCODE)
/rgw/librgw.cc: 280 in rgw::RGWLibProcess::process_request(rgw::RGWLibRequest *, rgw::RGWLibIO *)()
274 done:
275 int r = io->complete_request();
276 if (r < 0) {
277 dout(0) << "ERROR: io->complete_request() returned " << r << dendl;
278 }
279 if (should_log) {
>>> CID 1352169: Control flow issues (DEADCODE)
>>> Execution cannot reach this statement: "<temporary>.basic_string("u...".
280 rgw_log_op(store, s, (op ? op->name() : "unknown"), olog);
281 }
282
283 int http_ret = s->err.http_ret;
284
285 req->log_format(s, "http status=%d", http_ret);
** CID 1313420: (UNCAUGHT_EXCEPT)
/test/librbd/fsx.cc: 2441 in main()
/test/librbd/fsx.cc: 2441 in main()
/test/librbd/fsx.cc: 2441 in main()
/test/librbd/fsx.cc: 2441 in main()
/test/librbd/fsx.cc: 2441 in main()
________________________________________________________________________________________________________
*** CID 1313420: (UNCAUGHT_EXCEPT)
/test/librbd/fsx.cc: 2441 in main()
2435 prterrcode(errmsg, ret);
2436 report_failure(106);
2437 }
2438 }
2439
2440 int
>>> CID 1313420: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2441 main(int argc, char **argv)
2442 {
2443 int i, style, ch, ret;
2444 char *endp;
2445 char goodfile[1024];
2446 char logfile[1024];
/test/librbd/fsx.cc: 2441 in main()
2435 prterrcode(errmsg, ret);
2436 report_failure(106);
2437 }
2438 }
2439
2440 int
>>> CID 1313420: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2441 main(int argc, char **argv)
2442 {
2443 int i, style, ch, ret;
2444 char *endp;
2445 char goodfile[1024];
2446 char logfile[1024];
/test/librbd/fsx.cc: 2441 in main()
2435 prterrcode(errmsg, ret);
2436 report_failure(106);
2437 }
2438 }
2439
2440 int
>>> CID 1313420: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2441 main(int argc, char **argv)
2442 {
2443 int i, style, ch, ret;
2444 char *endp;
2445 char goodfile[1024];
2446 char logfile[1024];
/test/librbd/fsx.cc: 2441 in main()
2435 prterrcode(errmsg, ret);
2436 report_failure(106);
2437 }
2438 }
2439
2440 int
>>> CID 1313420: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2441 main(int argc, char **argv)
2442 {
2443 int i, style, ch, ret;
2444 char *endp;
2445 char goodfile[1024];
2446 char logfile[1024];
/test/librbd/fsx.cc: 2441 in main()
2435 prterrcode(errmsg, ret);
2436 report_failure(106);
2437 }
2438 }
2439
2440 int
>>> CID 1313420: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2441 main(int argc, char **argv)
2442 {
2443 int i, style, ch, ret;
2444 char *endp;
2445 char goodfile[1024];
2446 char logfile[1024];
** CID 717368: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_op.h: 330 in RGWListBuckets::RGWListBuckets()()
________________________________________________________________________________________________________
*** CID 717368: Uninitialized members (UNINIT_CTOR)
/rgw/rgw_op.h: 330 in RGWListBuckets::RGWListBuckets()()
324 RGWListBuckets() : sent_data(false) {
325 limit = limit_max = RGW_LIST_BUCKETS_LIMIT_MAX;
326 buckets_count = 0;
327 buckets_objcount = 0;
328 buckets_size = 0;
329 buckets_size_rounded = 0;
>>> CID 717368: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "is_truncated" is not initialized in this constructor nor in any functions that it calls.
330 }
331
332 int verify_permission();
333 void execute();
334
335 virtual int get_params() = 0;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2016-02-11 22:01 ` Gregory Farnum
@ 2016-02-12 16:36 ` Adam C. Emerson
0 siblings, 0 replies; 124+ messages in thread
From: Adam C. Emerson @ 2016-02-12 16:36 UTC (permalink / raw)
To: Gregory Farnum; +Cc: Sage Weil, ceph-devel
[-- Attachment #1: Type: text/plain, Size: 2267 bytes --]
On 11/02/2016, Gregory Farnum wrote:
> So if I'm reading the samples changes here correctly, we seem to have
> a bunch of new warnings around the lock changes? Is this something we
> should be resolving in the lock users, or whitelisting, or fixing
> lower down in the stack?
In this case:
> > 320 return tu;
> > 321 } else if (m == nullptr) {
> > 322 return unique_lock_type();
> > 323 }
> > 324 throw std::system_error((int)std::errc::operation_not_permitted,
> > 325 std::generic_category());
> >>>> CID 1352097: Control flow issues (UNREACHABLE)
> >>>> This code cannot be reached: "return ceph::shunique_lock<...".
> > 326 return unique_lock_type();
> > 327 }
This is harmless. It's true that it won't ever be reached, but the function has
a return type and so has to return something. I could rewrite it so we check for
the error case explicitly and fail then and return something in the non-marked
case, but as a matter of good design I think it's better in cases like this to
explicitly handle the /good/ cases and fail on everything else.
> >>>> CID 1352096: (UNCAUGHT_EXCEPT)
> >>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
This is just something in the Boost library. The standard library's
shared_lock will throw an exception under similar circumstances. It's not
really an issue since they only get thrown on things like calling lock
on a unique_ or shared_lock that already owns a lock. Things that you
can rule out fairly easily by how you write a function but the compiler
can't check them for you (unless we rewrite Ceph in Rust.)
I think this one ought to be whitelisted since it's an issue in the library that
will only end up with terminate being called if there's a seriosu bug in the
program. (The kind of thing that really /ought/ to make it crash.)
--
Senior Software Engineer Red Hat Storage, Ann Arbor, MI, US
IRC: Aemerson@{RedHat, OFTC, Freenode}
0x80F7544B90EDBFB9 E707 86BA 0C1B 62CC 152C 7C12 80F7 544B 90ED BFB9
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 603 bytes --]
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2016-02-11 17:57 scan-admin
@ 2016-02-11 22:01 ` Gregory Farnum
2016-02-12 16:36 ` Adam C. Emerson
0 siblings, 1 reply; 124+ messages in thread
From: Gregory Farnum @ 2016-02-11 22:01 UTC (permalink / raw)
To: Sage Weil, Adam Emerson; +Cc: ceph-devel
So if I'm reading the samples changes here correctly, we seem to have
a bunch of new warnings around the lock changes? Is this something we
should be resolving in the lock users, or whitelisting, or fixing
lower down in the stack?
-Greg
On Thu, Feb 11, 2016 at 9:57 AM, <scan-admin@coverity.com> wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 28 new defect(s) introduced to ceph found with Coverity Scan.
> 106 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 20 of 28 defect(s)
>
>
> ** CID 1352097: Control flow issues (UNREACHABLE)
> /common/shunique_lock.h: 326 in ceph::shunique_lock<boost::shared_mutex>::release_to_unique()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352097: Control flow issues (UNREACHABLE)
> /common/shunique_lock.h: 326 in ceph::shunique_lock<boost::shared_mutex>::release_to_unique()()
> 320 return tu;
> 321 } else if (m == nullptr) {
> 322 return unique_lock_type();
> 323 }
> 324 throw std::system_error((int)std::errc::operation_not_permitted,
> 325 std::generic_category());
>>>> CID 1352097: Control flow issues (UNREACHABLE)
>>>> This code cannot be reached: "return ceph::shunique_lock<...".
> 326 return unique_lock_type();
> 327 }
> 328
> 329 shared_lock_type release_to_shared() {
> 330 if (o == ownership::shared) {
> 331 o = ownership::none;
>
> ** CID 1352096: (UNCAUGHT_EXCEPT)
> /test/rbd_mirror/test_main.cc: 14 in main()
> /test/rbd_mirror/test_main.cc: 14 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352096: (UNCAUGHT_EXCEPT)
> /test/rbd_mirror/test_main.cc: 14 in main()
> 8 #include <iostream>
> 9 #include <string>
> 10
> 11 extern void register_test_cluster_watcher();
> 12 extern void register_test_pool_watcher();
> 13
>>>> CID 1352096: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 14 int main(int argc, char **argv)
> 15 {
> 16 register_test_cluster_watcher();
> 17 register_test_pool_watcher();
> 18
> 19 ::testing::InitGoogleTest(&argc, argv);
> /test/rbd_mirror/test_main.cc: 14 in main()
> 8 #include <iostream>
> 9 #include <string>
> 10
> 11 extern void register_test_cluster_watcher();
> 12 extern void register_test_pool_watcher();
> 13
>>>> CID 1352096: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 14 int main(int argc, char **argv)
> 15 {
> 16 register_test_cluster_watcher();
> 17 register_test_pool_watcher();
> 18
> 19 ::testing::InitGoogleTest(&argc, argv);
>
> ** CID 1352095: (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352095: (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
>>>> CID 1352095: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
>>>> CID 1352095: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
>
> ** CID 1352094: (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-journal-tool.cc: 24 in main()
> /tools/cephfs/cephfs-journal-tool.cc: 24 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352094: (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-journal-tool.cc: 24 in main()
> 18 #include "common/errno.h"
> 19 #include "global/global_init.h"
> 20
> 21 #include "JournalTool.h"
> 22
> 23
>>>> CID 1352094: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
> 24 int main(int argc, const char **argv)
> 25 {
> 26 vector<const char*> args;
> 27 argv_to_vec(argc, argv, args);
> 28 env_to_vec(args);
> 29
> /tools/cephfs/cephfs-journal-tool.cc: 24 in main()
> 18 #include "common/errno.h"
> 19 #include "global/global_init.h"
> 20
> 21 #include "JournalTool.h"
> 22
> 23
>>>> CID 1352094: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
> 24 int main(int argc, const char **argv)
> 25 {
> 26 vector<const char*> args;
> 27 argv_to_vec(argc, argv, args);
> 28 env_to_vec(args);
> 29
>
> ** CID 1352093: (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-data-scan.cc: 11 in main()
> /tools/cephfs/cephfs-data-scan.cc: 11 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352093: (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-data-scan.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "DataScan.h"
> 9
> 10
>>>> CID 1352093: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
> /tools/cephfs/cephfs-data-scan.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "DataScan.h"
> 9
> 10
>>>> CID 1352093: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
>
> ** CID 1352092: Error handling issues (UNCAUGHT_EXCEPT)
> /tools/rbd_mirror/main.cc: 32 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352092: Error handling issues (UNCAUGHT_EXCEPT)
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352092: Error handling issues (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
>
> ** CID 1352091: (UNCAUGHT_EXCEPT)
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
> /tools/rbd_mirror/main.cc: 32 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352091: (UNCAUGHT_EXCEPT)
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
> /tools/rbd_mirror/main.cc: 32 in main()
> 26 static void handle_signal(int signum)
> 27 {
> 28 if (mirror)
> 29 mirror->handle_signal(signum);
> 30 }
> 31
>>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
> 32 int main(int argc, const char **argv)
> 33 {
> 34 std::vector<const char*> args;
> 35 argv_to_vec(argc, argv, args);
> 36 env_to_vec(args);
> 37
>
> ** CID 1352090: Error handling issues (UNCAUGHT_EXCEPT)
> /tools/rados/rados.cc: 2969 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352090: Error handling issues (UNCAUGHT_EXCEPT)
> /tools/rados/rados.cc: 2969 in main()
> 2963
> 2964 out:
> 2965 delete formatter;
> 2966 return (ret < 0) ? 1 : 0;
> 2967 }
> 2968
>>>> CID 1352090: Error handling issues (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
> 2969 int main(int argc, const char **argv)
> 2970 {
> 2971 vector<const char*> args;
> 2972 argv_to_vec(argc, argv, args);
> 2973 env_to_vec(args);
> 2974
>
> ** CID 1352089: Resource leaks (RESOURCE_LEAK)
> /global/global_init.cc: 249 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352089: Resource leaks (RESOURCE_LEAK)
> /global/global_init.cc: 249 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *)()
> 243 // test leak checking
> 244 if (g_conf->debug_deliberately_leak_memory) {
> 245 derr << "deliberately leaking some memory" << dendl;
> 246 char *s = new char[1234567];
> 247 (void)s;
> 248 // cppcheck-suppress memleak
>>>> CID 1352089: Resource leaks (RESOURCE_LEAK)
>>>> Variable "s" going out of scope leaks the storage it points to.
> 249 }
> 250
> 251 if (code_env == CODE_ENVIRONMENT_DAEMON && !(flags & CINIT_FLAG_NO_DAEMON_ACTIONS))
> 252 output_ceph_version();
> 253 }
> 254
>
> ** CID 1352088: (RESOURCE_LEAK)
> /test/librados/cmd.cc: 84 in LibRadosCmd_OSDCmd_Test::TestBody()()
> /test/librados/cmd.cc: 87 in LibRadosCmd_OSDCmd_Test::TestBody()()
> /test/librados/cmd.cc: 90 in LibRadosCmd_OSDCmd_Test::TestBody()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352088: (RESOURCE_LEAK)
> /test/librados/cmd.cc: 84 in LibRadosCmd_OSDCmd_Test::TestBody()()
> 78 char *cmd[2];
> 79 cmd[1] = NULL;
> 80
> 81 // note: tolerate NXIO here in case the cluster is thrashing out underneath us.
> 82 cmd[0] = (char *)"asdfasdf";
> 83 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
>>>> CID 1352088: (RESOURCE_LEAK)
>>>> Variable "st" going out of scope leaks the storage it points to.
> 84 ASSERT_TRUE(r == -22 || r == -ENXIO);
> 85 cmd[0] = (char *)"version";
> 86 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
> 87 ASSERT_TRUE(r == -22 || r == -ENXIO);
> 88 cmd[0] = (char *)"{\"prefix\":\"version\"}";
> 89 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
> /test/librados/cmd.cc: 87 in LibRadosCmd_OSDCmd_Test::TestBody()()
> 81 // note: tolerate NXIO here in case the cluster is thrashing out underneath us.
> 82 cmd[0] = (char *)"asdfasdf";
> 83 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
> 84 ASSERT_TRUE(r == -22 || r == -ENXIO);
> 85 cmd[0] = (char *)"version";
> 86 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
>>>> CID 1352088: (RESOURCE_LEAK)
>>>> Variable "st" going out of scope leaks the storage it points to.
> 87 ASSERT_TRUE(r == -22 || r == -ENXIO);
> 88 cmd[0] = (char *)"{\"prefix\":\"version\"}";
> 89 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
> 90 ASSERT_TRUE((r == 0 && buflen > 0) || (r == -ENXIO && buflen == 0));
> 91 rados_buffer_free(buf);
> 92 rados_buffer_free(st);
> /test/librados/cmd.cc: 90 in LibRadosCmd_OSDCmd_Test::TestBody()()
> 84 ASSERT_TRUE(r == -22 || r == -ENXIO);
> 85 cmd[0] = (char *)"version";
> 86 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
> 87 ASSERT_TRUE(r == -22 || r == -ENXIO);
> 88 cmd[0] = (char *)"{\"prefix\":\"version\"}";
> 89 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
>>>> CID 1352088: (RESOURCE_LEAK)
>>>> Variable "st" going out of scope leaks the storage it points to.
> 90 ASSERT_TRUE((r == 0 && buflen > 0) || (r == -ENXIO && buflen == 0));
> 91 rados_buffer_free(buf);
> 92 rados_buffer_free(st);
> 93 rados_shutdown(cluster);
> 94 }
> 95
>
> ** CID 1352087: Parse warnings (PARSE_ERROR)
> /mds/StrayManager.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352087: Parse warnings (PARSE_ERROR)
> /mds/StrayManager.cc: 1 in ()
>>>> CID 1352087: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2015 Red Hat
>
> ** CID 1352086: Parse warnings (PARSE_ERROR)
> /mds/SnapServer.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352086: Parse warnings (PARSE_ERROR)
> /mds/SnapServer.cc: 1 in ()
>>>> CID 1352086: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
>
> ** CID 1352085: Parse warnings (PARSE_ERROR)
> /mds/Server.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352085: Parse warnings (PARSE_ERROR)
> /mds/Server.cc: 1 in ()
>>>> CID 1352085: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
>
> ** CID 1352084: Parse warnings (PARSE_ERROR)
> /mds/MDSRank.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352084: Parse warnings (PARSE_ERROR)
> /mds/MDSRank.cc: 1 in ()
>>>> CID 1352084: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2015 Red Hat
>
> ** CID 1352083: Parse warnings (PARSE_ERROR)
> /mds/MDSDaemon.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352083: Parse warnings (PARSE_ERROR)
> /mds/MDSDaemon.cc: 1 in ()
>>>> CID 1352083: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
>
> ** CID 1352082: Parse warnings (PARSE_ERROR)
> /librados/RadosClient.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352082: Parse warnings (PARSE_ERROR)
> /librados/RadosClient.cc: 1 in ()
>>>> CID 1352082: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2004-2012 Sage Weil <sage@newdream.net>
>
> ** CID 1352081: Parse warnings (PARSE_ERROR)
> /client/SyntheticClient.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352081: Parse warnings (PARSE_ERROR)
> /client/SyntheticClient.cc: 1 in ()
>>>> CID 1352081: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
>
> ** CID 1352080: Parse warnings (PARSE_ERROR)
> /client/Client.cc: 1 in ()
>
>
> ________________________________________________________________________________________________________
> *** CID 1352080: Parse warnings (PARSE_ERROR)
> /client/Client.cc: 1 in ()
>>>> CID 1352080: Parse warnings (PARSE_ERROR)
>>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
> 1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
> 2 // vim: ts=8 sw=2 smarttab
> 3 /*
> 4 * Ceph - scalable distributed file system
> 5 *
> 6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
>
> ** CID 1352079: Memory - corruptions (OVERRUN)
>
>
> ________________________________________________________________________________________________________
> *** CID 1352079: Memory - corruptions (OVERRUN)
> /librbd/journal/Types.cc: 378 in librbd::journal::ClientData::encode(ceph::buffer::list &) const()
> 372
> 373 ClientMetaType ClientData::get_client_meta_type() const {
> 374 return boost::apply_visitor(GetTypeVisitor<ClientMetaType>(), client_meta);
> 375 }
> 376
> 377 void ClientData::encode(bufferlist& bl) const {
>>>> CID 1352079: Memory - corruptions (OVERRUN)
>>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
> 378 ENCODE_START(1, 1, bl);
> 379 boost::apply_visitor(EncodeVisitor(bl), client_meta);
> 380 ENCODE_FINISH(bl);
> 381 }
> 382
> 383 void ClientData::decode(bufferlist::iterator& it) {
>
> ** CID 1352078: Memory - corruptions (OVERRUN)
>
>
> ________________________________________________________________________________________________________
> *** CID 1352078: Memory - corruptions (OVERRUN)
> /cls/journal/cls_journal_types.cc: 104 in cls::journal::Tag::encode(ceph::buffer::list &) const()
> 98 o.push_back(new Client());
> 99 o.push_back(new Client("id", data));
> 100 o.push_back(new Client("id", data, {1, {{1, 120}, {2, 121}}}));
> 101 }
> 102
> 103 void Tag::encode(bufferlist& bl) const {
>>>> CID 1352078: Memory - corruptions (OVERRUN)
>>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
> 104 ENCODE_START(1, 1, bl);
> 105 ::encode(tid, bl);
> 106 ::encode(tag_class, bl);
> 107 ::encode(data, bl);
> 108 ENCODE_FINISH(bl);
> 109 }
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
>
> To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-02-11 17:57 scan-admin
2016-02-11 22:01 ` Gregory Farnum
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2016-02-11 17:57 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
28 new defect(s) introduced to ceph found with Coverity Scan.
106 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 28 defect(s)
** CID 1352097: Control flow issues (UNREACHABLE)
/common/shunique_lock.h: 326 in ceph::shunique_lock<boost::shared_mutex>::release_to_unique()()
________________________________________________________________________________________________________
*** CID 1352097: Control flow issues (UNREACHABLE)
/common/shunique_lock.h: 326 in ceph::shunique_lock<boost::shared_mutex>::release_to_unique()()
320 return tu;
321 } else if (m == nullptr) {
322 return unique_lock_type();
323 }
324 throw std::system_error((int)std::errc::operation_not_permitted,
325 std::generic_category());
>>> CID 1352097: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "return ceph::shunique_lock<...".
326 return unique_lock_type();
327 }
328
329 shared_lock_type release_to_shared() {
330 if (o == ownership::shared) {
331 o = ownership::none;
** CID 1352096: (UNCAUGHT_EXCEPT)
/test/rbd_mirror/test_main.cc: 14 in main()
/test/rbd_mirror/test_main.cc: 14 in main()
________________________________________________________________________________________________________
*** CID 1352096: (UNCAUGHT_EXCEPT)
/test/rbd_mirror/test_main.cc: 14 in main()
8 #include <iostream>
9 #include <string>
10
11 extern void register_test_cluster_watcher();
12 extern void register_test_pool_watcher();
13
>>> CID 1352096: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
14 int main(int argc, char **argv)
15 {
16 register_test_cluster_watcher();
17 register_test_pool_watcher();
18
19 ::testing::InitGoogleTest(&argc, argv);
/test/rbd_mirror/test_main.cc: 14 in main()
8 #include <iostream>
9 #include <string>
10
11 extern void register_test_cluster_watcher();
12 extern void register_test_pool_watcher();
13
>>> CID 1352096: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
14 int main(int argc, char **argv)
15 {
16 register_test_cluster_watcher();
17 register_test_pool_watcher();
18
19 ::testing::InitGoogleTest(&argc, argv);
** CID 1352095: (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
________________________________________________________________________________________________________
*** CID 1352095: (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "TableTool.h"
9
10
>>> CID 1352095: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "TableTool.h"
9
10
>>> CID 1352095: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
** CID 1352094: (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
________________________________________________________________________________________________________
*** CID 1352094: (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1352094: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1352094: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
** CID 1352093: (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-data-scan.cc: 11 in main()
/tools/cephfs/cephfs-data-scan.cc: 11 in main()
________________________________________________________________________________________________________
*** CID 1352093: (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-data-scan.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "DataScan.h"
9
10
>>> CID 1352093: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
/tools/cephfs/cephfs-data-scan.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "DataScan.h"
9
10
>>> CID 1352093: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
** CID 1352092: Error handling issues (UNCAUGHT_EXCEPT)
/tools/rbd_mirror/main.cc: 32 in main()
________________________________________________________________________________________________________
*** CID 1352092: Error handling issues (UNCAUGHT_EXCEPT)
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352092: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
** CID 1352091: (UNCAUGHT_EXCEPT)
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
/tools/rbd_mirror/main.cc: 32 in main()
________________________________________________________________________________________________________
*** CID 1352091: (UNCAUGHT_EXCEPT)
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
/tools/rbd_mirror/main.cc: 32 in main()
26 static void handle_signal(int signum)
27 {
28 if (mirror)
29 mirror->handle_signal(signum);
30 }
31
>>> CID 1352091: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
32 int main(int argc, const char **argv)
33 {
34 std::vector<const char*> args;
35 argv_to_vec(argc, argv, args);
36 env_to_vec(args);
37
** CID 1352090: Error handling issues (UNCAUGHT_EXCEPT)
/tools/rados/rados.cc: 2969 in main()
________________________________________________________________________________________________________
*** CID 1352090: Error handling issues (UNCAUGHT_EXCEPT)
/tools/rados/rados.cc: 2969 in main()
2963
2964 out:
2965 delete formatter;
2966 return (ret < 0) ? 1 : 0;
2967 }
2968
>>> CID 1352090: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
2969 int main(int argc, const char **argv)
2970 {
2971 vector<const char*> args;
2972 argv_to_vec(argc, argv, args);
2973 env_to_vec(args);
2974
** CID 1352089: Resource leaks (RESOURCE_LEAK)
/global/global_init.cc: 249 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *)()
________________________________________________________________________________________________________
*** CID 1352089: Resource leaks (RESOURCE_LEAK)
/global/global_init.cc: 249 in global_init(std::vector<const char *, std::allocator<const char *>> *, std::vector<const char *, std::allocator<const char *>> &, unsigned int, code_environment_t, int, const char *)()
243 // test leak checking
244 if (g_conf->debug_deliberately_leak_memory) {
245 derr << "deliberately leaking some memory" << dendl;
246 char *s = new char[1234567];
247 (void)s;
248 // cppcheck-suppress memleak
>>> CID 1352089: Resource leaks (RESOURCE_LEAK)
>>> Variable "s" going out of scope leaks the storage it points to.
249 }
250
251 if (code_env == CODE_ENVIRONMENT_DAEMON && !(flags & CINIT_FLAG_NO_DAEMON_ACTIONS))
252 output_ceph_version();
253 }
254
** CID 1352088: (RESOURCE_LEAK)
/test/librados/cmd.cc: 84 in LibRadosCmd_OSDCmd_Test::TestBody()()
/test/librados/cmd.cc: 87 in LibRadosCmd_OSDCmd_Test::TestBody()()
/test/librados/cmd.cc: 90 in LibRadosCmd_OSDCmd_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1352088: (RESOURCE_LEAK)
/test/librados/cmd.cc: 84 in LibRadosCmd_OSDCmd_Test::TestBody()()
78 char *cmd[2];
79 cmd[1] = NULL;
80
81 // note: tolerate NXIO here in case the cluster is thrashing out underneath us.
82 cmd[0] = (char *)"asdfasdf";
83 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
>>> CID 1352088: (RESOURCE_LEAK)
>>> Variable "st" going out of scope leaks the storage it points to.
84 ASSERT_TRUE(r == -22 || r == -ENXIO);
85 cmd[0] = (char *)"version";
86 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
87 ASSERT_TRUE(r == -22 || r == -ENXIO);
88 cmd[0] = (char *)"{\"prefix\":\"version\"}";
89 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
/test/librados/cmd.cc: 87 in LibRadosCmd_OSDCmd_Test::TestBody()()
81 // note: tolerate NXIO here in case the cluster is thrashing out underneath us.
82 cmd[0] = (char *)"asdfasdf";
83 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
84 ASSERT_TRUE(r == -22 || r == -ENXIO);
85 cmd[0] = (char *)"version";
86 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
>>> CID 1352088: (RESOURCE_LEAK)
>>> Variable "st" going out of scope leaks the storage it points to.
87 ASSERT_TRUE(r == -22 || r == -ENXIO);
88 cmd[0] = (char *)"{\"prefix\":\"version\"}";
89 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
90 ASSERT_TRUE((r == 0 && buflen > 0) || (r == -ENXIO && buflen == 0));
91 rados_buffer_free(buf);
92 rados_buffer_free(st);
/test/librados/cmd.cc: 90 in LibRadosCmd_OSDCmd_Test::TestBody()()
84 ASSERT_TRUE(r == -22 || r == -ENXIO);
85 cmd[0] = (char *)"version";
86 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
87 ASSERT_TRUE(r == -22 || r == -ENXIO);
88 cmd[0] = (char *)"{\"prefix\":\"version\"}";
89 r = rados_osd_command(cluster, 0, (const char **)cmd, 1, "", 0, &buf, &buflen, &st, &stlen);
>>> CID 1352088: (RESOURCE_LEAK)
>>> Variable "st" going out of scope leaks the storage it points to.
90 ASSERT_TRUE((r == 0 && buflen > 0) || (r == -ENXIO && buflen == 0));
91 rados_buffer_free(buf);
92 rados_buffer_free(st);
93 rados_shutdown(cluster);
94 }
95
** CID 1352087: Parse warnings (PARSE_ERROR)
/mds/StrayManager.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352087: Parse warnings (PARSE_ERROR)
/mds/StrayManager.cc: 1 in ()
>>> CID 1352087: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2015 Red Hat
** CID 1352086: Parse warnings (PARSE_ERROR)
/mds/SnapServer.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352086: Parse warnings (PARSE_ERROR)
/mds/SnapServer.cc: 1 in ()
>>> CID 1352086: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
** CID 1352085: Parse warnings (PARSE_ERROR)
/mds/Server.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352085: Parse warnings (PARSE_ERROR)
/mds/Server.cc: 1 in ()
>>> CID 1352085: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
** CID 1352084: Parse warnings (PARSE_ERROR)
/mds/MDSRank.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352084: Parse warnings (PARSE_ERROR)
/mds/MDSRank.cc: 1 in ()
>>> CID 1352084: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2015 Red Hat
** CID 1352083: Parse warnings (PARSE_ERROR)
/mds/MDSDaemon.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352083: Parse warnings (PARSE_ERROR)
/mds/MDSDaemon.cc: 1 in ()
>>> CID 1352083: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
** CID 1352082: Parse warnings (PARSE_ERROR)
/librados/RadosClient.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352082: Parse warnings (PARSE_ERROR)
/librados/RadosClient.cc: 1 in ()
>>> CID 1352082: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2004-2012 Sage Weil <sage@newdream.net>
** CID 1352081: Parse warnings (PARSE_ERROR)
/client/SyntheticClient.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352081: Parse warnings (PARSE_ERROR)
/client/SyntheticClient.cc: 1 in ()
>>> CID 1352081: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
** CID 1352080: Parse warnings (PARSE_ERROR)
/client/Client.cc: 1 in ()
________________________________________________________________________________________________________
*** CID 1352080: Parse warnings (PARSE_ERROR)
/client/Client.cc: 1 in ()
>>> CID 1352080: Parse warnings (PARSE_ERROR)
>>> The Coverity compiler fails to compile this file. Please see the build output log for more information.
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3 /*
4 * Ceph - scalable distributed file system
5 *
6 * Copyright (C) 2004-2006 Sage Weil <sage@newdream.net>
** CID 1352079: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1352079: Memory - corruptions (OVERRUN)
/librbd/journal/Types.cc: 378 in librbd::journal::ClientData::encode(ceph::buffer::list &) const()
372
373 ClientMetaType ClientData::get_client_meta_type() const {
374 return boost::apply_visitor(GetTypeVisitor<ClientMetaType>(), client_meta);
375 }
376
377 void ClientData::encode(bufferlist& bl) const {
>>> CID 1352079: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
378 ENCODE_START(1, 1, bl);
379 boost::apply_visitor(EncodeVisitor(bl), client_meta);
380 ENCODE_FINISH(bl);
381 }
382
383 void ClientData::decode(bufferlist::iterator& it) {
** CID 1352078: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________
*** CID 1352078: Memory - corruptions (OVERRUN)
/cls/journal/cls_journal_types.cc: 104 in cls::journal::Tag::encode(ceph::buffer::list &) const()
98 o.push_back(new Client());
99 o.push_back(new Client("id", data));
100 o.push_back(new Client("id", data, {1, {{1, 120}, {2, 121}}}));
101 }
102
103 void Tag::encode(bufferlist& bl) const {
>>> CID 1352078: Memory - corruptions (OVERRUN)
>>> Overrunning struct type ceph_le32 of 4 bytes by passing it to a function which accesses it at byte offset 7.
104 ENCODE_START(1, 1, bl);
105 ::encode(tid, bl);
106 ::encode(tag_class, bl);
107 ::encode(data, bl);
108 ENCODE_FINISH(bl);
109 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-02-04 20:39 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-02-04 20:39 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
103 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 103 defect(s)
** CID 1351813: (UNCAUGHT_EXCEPT)
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
/test/bench/small_io_bench_fs.cc: 44 in main()
________________________________________________________________________________________________________
*** CID 1351813: (UNCAUGHT_EXCEPT)
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench_fs.cc: 44 in main()
38 delete f;
39 bl.append('\0');
40 *out << bl.c_str() << std::endl;
41 }
42 };
43
>>> CID 1351813: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
44 int main(int argc, char **argv)
45 {
46 po::options_description desc("Allowed options");
47 desc.add_options()
48 ("help", "produce help message")
49 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1351812: (UNCAUGHT_EXCEPT)
/test/msgr/test_async_driver.cc: 352 in main()
/test/msgr/test_async_driver.cc: 352 in main()
________________________________________________________________________________________________________
*** CID 1351812: (UNCAUGHT_EXCEPT)
/test/msgr/test_async_driver.cc: 352 in main()
346 // must be defined). This dummy test keeps gtest_main linked in.
347 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
348
349 #endif
350
351
>>> CID 1351812: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
352 int main(int argc, char **argv) {
353 vector<const char*> args;
354 argv_to_vec(argc, (const char **)argv, args);
355
356 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
357 common_init_finish(g_ceph_context);
/test/msgr/test_async_driver.cc: 352 in main()
346 // must be defined). This dummy test keeps gtest_main linked in.
347 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
348
349 #endif
350
351
>>> CID 1351812: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
352 int main(int argc, char **argv) {
353 vector<const char*> args;
354 argv_to_vec(argc, (const char **)argv, args);
355
356 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
357 common_init_finish(g_ceph_context);
** CID 1351811: (UNCAUGHT_EXCEPT)
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
________________________________________________________________________________________________________
*** CID 1351811: (UNCAUGHT_EXCEPT)
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1351811: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1351811: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1351811: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1351811: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
** CID 1351810: (UNCAUGHT_EXCEPT)
/test/system/rados_delete_pools_parallel.cc: 57 in main()
/test/system/rados_delete_pools_parallel.cc: 57 in main()
________________________________________________________________________________________________________
*** CID 1351810: (UNCAUGHT_EXCEPT)
/test/system/rados_delete_pools_parallel.cc: 57 in main()
51
52 const char *get_id_str()
53 {
54 return "main";
55 }
56
>>> CID 1351810: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
57 int main(int argc, const char **argv)
58 {
59 const char *num_objects = getenv("NUM_OBJECTS");
60 std::string pool = "foo";
61 if (num_objects) {
62 g_num_objects = atoi(num_objects);
/test/system/rados_delete_pools_parallel.cc: 57 in main()
51
52 const char *get_id_str()
53 {
54 return "main";
55 }
56
>>> CID 1351810: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
57 int main(int argc, const char **argv)
58 {
59 const char *num_objects = getenv("NUM_OBJECTS");
60 std::string pool = "foo";
61 if (num_objects) {
62 g_num_objects = atoi(num_objects);
** CID 1351809: (UNCAUGHT_EXCEPT)
/test/test_rgw_admin_opstate.cc: 804 in main()
/test/test_rgw_admin_opstate.cc: 804 in main()
/test/test_rgw_admin_opstate.cc: 804 in main()
/test/test_rgw_admin_opstate.cc: 804 in main()
________________________________________________________________________________________________________
*** CID 1351809: (UNCAUGHT_EXCEPT)
/test/test_rgw_admin_opstate.cc: 804 in main()
798 EXPECT_EQ(200U, g_test->get_resp_code());
799
800 ASSERT_EQ(caps_rm(cname, perm), 0);
801 ASSERT_EQ(user_rm(uid, display_name), 0);
802 }
803
>>> CID 1351809: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
804 int main(int argc, char *argv[]){
805 vector<const char*> args;
806 argv_to_vec(argc, (const char **)argv, args);
807
808 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
809 common_init_finish(g_ceph_context);
/test/test_rgw_admin_opstate.cc: 804 in main()
798 EXPECT_EQ(200U, g_test->get_resp_code());
799
800 ASSERT_EQ(caps_rm(cname, perm), 0);
801 ASSERT_EQ(user_rm(uid, display_name), 0);
802 }
803
>>> CID 1351809: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
804 int main(int argc, char *argv[]){
805 vector<const char*> args;
806 argv_to_vec(argc, (const char **)argv, args);
807
808 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
809 common_init_finish(g_ceph_context);
/test/test_rgw_admin_opstate.cc: 804 in main()
798 EXPECT_EQ(200U, g_test->get_resp_code());
799
800 ASSERT_EQ(caps_rm(cname, perm), 0);
801 ASSERT_EQ(user_rm(uid, display_name), 0);
802 }
803
>>> CID 1351809: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
804 int main(int argc, char *argv[]){
805 vector<const char*> args;
806 argv_to_vec(argc, (const char **)argv, args);
807
808 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
809 common_init_finish(g_ceph_context);
/test/test_rgw_admin_opstate.cc: 804 in main()
798 EXPECT_EQ(200U, g_test->get_resp_code());
799
800 ASSERT_EQ(caps_rm(cname, perm), 0);
801 ASSERT_EQ(user_rm(uid, display_name), 0);
802 }
803
>>> CID 1351809: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
804 int main(int argc, char *argv[]){
805 vector<const char*> args;
806 argv_to_vec(argc, (const char **)argv, args);
807
808 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
809 common_init_finish(g_ceph_context);
** CID 1351808: Error handling issues (UNCAUGHT_EXCEPT)
/test/test_rewrite_latency.cc: 12 in main()
________________________________________________________________________________________________________
*** CID 1351808: Error handling issues (UNCAUGHT_EXCEPT)
/test/test_rewrite_latency.cc: 12 in main()
6 #include "include/utime.h"
7 #include "common/Clock.h"
8 #include "common/errno.h"
9
10 using namespace std;
11
>>> CID 1351808: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
12 int main(int argc, const char **argv)
13 {
14 const char *fn = argv[1];
15 multimap<utime_t, utime_t> latency;
16 unsigned max = 10;
17
** CID 1351807: (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
________________________________________________________________________________________________________
*** CID 1351807: (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1351807: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1351807: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1351807: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1351807: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 244 in main()
238
239 void usage(const string &name) {
240 cerr << "Usage: " << name << " [times] "
241 << std::endl;
242 }
243
>>> CID 1351807: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
244 int main(int argc, char **argv)
245 {
246 vector<const char*> args;
247 argv_to_vec(argc, (const char **)argv, args);
248
249 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
** CID 1351806: (UNCAUGHT_EXCEPT)
/test/bench_log.cc: 31 in main()
/test/bench_log.cc: 31 in main()
/test/bench_log.cc: 31 in main()
/test/bench_log.cc: 31 in main()
________________________________________________________________________________________________________
*** CID 1351806: (UNCAUGHT_EXCEPT)
/test/bench_log.cc: 31 in main()
25 generic_dout(0) << "this is a typical log line. set "
26 << myset << " and map " << mymap << dendl;
27 return 0;
28 }
29 };
30
>>> CID 1351806: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
31 int main(int argc, const char **argv)
32 {
33 int threads = atoi(argv[1]);
34 int num = atoi(argv[2]);
35
36 cout << threads << " threads, " << num << " lines per thread" << std::endl;
/test/bench_log.cc: 31 in main()
25 generic_dout(0) << "this is a typical log line. set "
26 << myset << " and map " << mymap << dendl;
27 return 0;
28 }
29 };
30
>>> CID 1351806: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
31 int main(int argc, const char **argv)
32 {
33 int threads = atoi(argv[1]);
34 int num = atoi(argv[2]);
35
36 cout << threads << " threads, " << num << " lines per thread" << std::endl;
/test/bench_log.cc: 31 in main()
25 generic_dout(0) << "this is a typical log line. set "
26 << myset << " and map " << mymap << dendl;
27 return 0;
28 }
29 };
30
>>> CID 1351806: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
31 int main(int argc, const char **argv)
32 {
33 int threads = atoi(argv[1]);
34 int num = atoi(argv[2]);
35
36 cout << threads << " threads, " << num << " lines per thread" << std::endl;
/test/bench_log.cc: 31 in main()
25 generic_dout(0) << "this is a typical log line. set "
26 << myset << " and map " << mymap << dendl;
27 return 0;
28 }
29 };
30
>>> CID 1351806: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
31 int main(int argc, const char **argv)
32 {
33 int threads = atoi(argv[1]);
34 int num = atoi(argv[2]);
35
36 cout << threads << " threads, " << num << " lines per thread" << std::endl;
** CID 1351805: Error handling issues (UNCAUGHT_EXCEPT)
/tools/rbd_nbd/rbd-nbd.cc: 853 in main()
________________________________________________________________________________________________________
*** CID 1351805: Error handling issues (UNCAUGHT_EXCEPT)
/tools/rbd_nbd/rbd-nbd.cc: 853 in main()
847 return EXIT_FAILURE;
848 }
849
850 return 0;
851 }
852
>>> CID 1351805: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
853 int main(int argc, const char *argv[])
854 {
855 return rbd_nbd(argc, argv);
** CID 1351804: (UNCAUGHT_EXCEPT)
/tools/rados/rados.cc: 2969 in main()
/tools/rados/rados.cc: 2969 in main()
/tools/rados/rados.cc: 2969 in main()
________________________________________________________________________________________________________
*** CID 1351804: (UNCAUGHT_EXCEPT)
/tools/rados/rados.cc: 2969 in main()
2963
2964 out:
2965 delete formatter;
2966 return (ret < 0) ? 1 : 0;
2967 }
2968
>>> CID 1351804: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
2969 int main(int argc, const char **argv)
2970 {
2971 vector<const char*> args;
2972 argv_to_vec(argc, argv, args);
2973 env_to_vec(args);
2974
/tools/rados/rados.cc: 2969 in main()
2963
2964 out:
2965 delete formatter;
2966 return (ret < 0) ? 1 : 0;
2967 }
2968
>>> CID 1351804: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
2969 int main(int argc, const char **argv)
2970 {
2971 vector<const char*> args;
2972 argv_to_vec(argc, argv, args);
2973 env_to_vec(args);
2974
/tools/rados/rados.cc: 2969 in main()
2963
2964 out:
2965 delete formatter;
2966 return (ret < 0) ? 1 : 0;
2967 }
2968
>>> CID 1351804: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
2969 int main(int argc, const char **argv)
2970 {
2971 vector<const char*> args;
2972 argv_to_vec(argc, argv, args);
2973 env_to_vec(args);
2974
** CID 1351803: Error handling issues (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_benchmark.cc: 329 in main()
________________________________________________________________________________________________________
*** CID 1351803: Error handling issues (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_benchmark.cc: 329 in main()
323 }
324 utime_t end_time = ceph_clock_now(g_ceph_context);
325 cout << (end_time - begin_time) << "\t" << (max_iterations * (in_size / 1024)) << endl;
326 return 0;
327 }
328
>>> CID 1351803: Error handling issues (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
329 int main(int argc, char** argv) {
330 ErasureCodeBench ecbench;
331 try {
332 int err = ecbench.setup(argc, argv);
333 if (err)
334 return err;
** CID 1351802: (UNCAUGHT_EXCEPT)
/test/bench/small_io_bench.cc: 26 in main()
/test/bench/small_io_bench.cc: 26 in main()
/test/bench/small_io_bench.cc: 26 in main()
/test/bench/small_io_bench.cc: 26 in main()
/test/bench/small_io_bench.cc: 26 in main()
/test/bench/small_io_bench.cc: 26 in main()
/test/bench/small_io_bench.cc: 26 in main()
/test/bench/small_io_bench.cc: 26 in main()
________________________________________________________________________________________________________
*** CID 1351802: (UNCAUGHT_EXCEPT)
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
/test/bench/small_io_bench.cc: 26 in main()
20 #include "detailed_stat_collector.h"
21 #include "distribution.h"
22
23 namespace po = boost::program_options;
24 using namespace std;
25
>>> CID 1351802: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
26 int main(int argc, char **argv)
27 {
28 po::options_description desc("Allowed options");
29 desc.add_options()
30 ("help", "produce help message")
31 ("num-concurrent-ops", po::value<unsigned>()->default_value(10),
** CID 1351801: (UNCAUGHT_EXCEPT)
/test/osd/TestRados.cc: 245 in main()
/test/osd/TestRados.cc: 245 in main()
/test/osd/TestRados.cc: 245 in main()
/test/osd/TestRados.cc: 245 in main()
________________________________________________________________________________________________________
*** CID 1351801: (UNCAUGHT_EXCEPT)
/test/osd/TestRados.cc: 245 in main()
239 map<TestOpType, unsigned int> m_weight_sums;
240 unsigned int m_total_weight;
241 bool m_ec_pool;
242 bool m_balance_reads;
243 };
244
>>> CID 1351801: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
245 int main(int argc, char **argv)
246 {
247 int ops = 1000;
248 int objects = 50;
249 int max_in_flight = 16;
250 int64_t size = 4000000; // 4 MB
/test/osd/TestRados.cc: 245 in main()
239 map<TestOpType, unsigned int> m_weight_sums;
240 unsigned int m_total_weight;
241 bool m_ec_pool;
242 bool m_balance_reads;
243 };
244
>>> CID 1351801: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
245 int main(int argc, char **argv)
246 {
247 int ops = 1000;
248 int objects = 50;
249 int max_in_flight = 16;
250 int64_t size = 4000000; // 4 MB
/test/osd/TestRados.cc: 245 in main()
239 map<TestOpType, unsigned int> m_weight_sums;
240 unsigned int m_total_weight;
241 bool m_ec_pool;
242 bool m_balance_reads;
243 };
244
>>> CID 1351801: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
245 int main(int argc, char **argv)
246 {
247 int ops = 1000;
248 int objects = 50;
249 int max_in_flight = 16;
250 int64_t size = 4000000; // 4 MB
/test/osd/TestRados.cc: 245 in main()
239 map<TestOpType, unsigned int> m_weight_sums;
240 unsigned int m_total_weight;
241 bool m_ec_pool;
242 bool m_balance_reads;
243 };
244
>>> CID 1351801: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
245 int main(int argc, char **argv)
246 {
247 int ops = 1000;
248 int objects = 50;
249 int max_in_flight = 16;
250 int64_t size = 4000000; // 4 MB
** CID 1351800: (UNCAUGHT_EXCEPT)
/test/objectstore/workload_generator.cc: 556 in main()
/test/objectstore/workload_generator.cc: 556 in main()
/test/objectstore/workload_generator.cc: 556 in main()
/test/objectstore/workload_generator.cc: 556 in main()
/test/objectstore/workload_generator.cc: 556 in main()
________________________________________________________________________________________________________
*** CID 1351800: (UNCAUGHT_EXCEPT)
/test/objectstore/workload_generator.cc: 556 in main()
550 l writes on pglog\n\
551 d data writes on objects\n\
552 \n\
553 " << std::endl;
554 }
555
>>> CID 1351800: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
556 int main(int argc, const char *argv[])
557 {
558 vector<const char*> def_args;
559 vector<const char*> args;
560
561 our_name = argv[0];
/test/objectstore/workload_generator.cc: 556 in main()
550 l writes on pglog\n\
551 d data writes on objects\n\
552 \n\
553 " << std::endl;
554 }
555
>>> CID 1351800: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
556 int main(int argc, const char *argv[])
557 {
558 vector<const char*> def_args;
559 vector<const char*> args;
560
561 our_name = argv[0];
/test/objectstore/workload_generator.cc: 556 in main()
550 l writes on pglog\n\
551 d data writes on objects\n\
552 \n\
553 " << std::endl;
554 }
555
>>> CID 1351800: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
556 int main(int argc, const char *argv[])
557 {
558 vector<const char*> def_args;
559 vector<const char*> args;
560
561 our_name = argv[0];
/test/objectstore/workload_generator.cc: 556 in main()
550 l writes on pglog\n\
551 d data writes on objects\n\
552 \n\
553 " << std::endl;
554 }
555
>>> CID 1351800: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
556 int main(int argc, const char *argv[])
557 {
558 vector<const char*> def_args;
559 vector<const char*> args;
560
561 our_name = argv[0];
/test/objectstore/workload_generator.cc: 556 in main()
550 l writes on pglog\n\
551 d data writes on objects\n\
552 \n\
553 " << std::endl;
554 }
555
>>> CID 1351800: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
556 int main(int argc, const char *argv[])
557 {
558 vector<const char*> def_args;
559 vector<const char*> args;
560
561 our_name = argv[0];
** CID 1351799: (UNCAUGHT_EXCEPT)
/test/test_filejournal.cc: 69 in main()
/test/test_filejournal.cc: 69 in main()
/test/test_filejournal.cc: 69 in main()
/test/test_filejournal.cc: 69 in main()
/test/test_filejournal.cc: 69 in main()
/test/test_filejournal.cc: 69 in main()
________________________________________________________________________________________________________
*** CID 1351799: (UNCAUGHT_EXCEPT)
/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1351799: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
74 common_init_finish(g_ceph_context);
/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1351799: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
74 common_init_finish(g_ceph_context);
/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1351799: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
74 common_init_finish(g_ceph_context);
/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1351799: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
74 common_init_finish(g_ceph_context);
/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1351799: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
74 common_init_finish(g_ceph_context);
/test/test_filejournal.cc: 69 in main()
63 };
64
65 unsigned size_mb = 200;
66 //Gtest argument prefix
67 const char GTEST_PRFIX[] = "--gtest_";
68
>>> CID 1351799: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
69 int main(int argc, char **argv) {
70 vector<const char*> args;
71 argv_to_vec(argc, (const char **)argv, args);
72
73 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
74 common_init_finish(g_ceph_context);
** CID 1351798: (UNCAUGHT_EXCEPT)
/test/test_rgw_admin_log.cc: 1577 in main()
/test/test_rgw_admin_log.cc: 1577 in main()
/test/test_rgw_admin_log.cc: 1577 in main()
/test/test_rgw_admin_log.cc: 1577 in main()
________________________________________________________________________________________________________
*** CID 1351798: (UNCAUGHT_EXCEPT)
/test/test_rgw_admin_log.cc: 1577 in main()
1571
1572 ASSERT_EQ(0, delete_obj(TEST_BUCKET_OBJECT));
1573 ASSERT_EQ(0, delete_bucket());
1574 ASSERT_EQ(0, user_rm(uid, display_name));
1575 }
1576
>>> CID 1351798: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
1577 int main(int argc, char *argv[]){
1578 vector<const char*> args;
1579 argv_to_vec(argc, (const char **)argv, args);
1580
1581 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
1582 common_init_finish(g_ceph_context);
/test/test_rgw_admin_log.cc: 1577 in main()
1571
1572 ASSERT_EQ(0, delete_obj(TEST_BUCKET_OBJECT));
1573 ASSERT_EQ(0, delete_bucket());
1574 ASSERT_EQ(0, user_rm(uid, display_name));
1575 }
1576
>>> CID 1351798: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
1577 int main(int argc, char *argv[]){
1578 vector<const char*> args;
1579 argv_to_vec(argc, (const char **)argv, args);
1580
1581 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
1582 common_init_finish(g_ceph_context);
/test/test_rgw_admin_log.cc: 1577 in main()
1571
1572 ASSERT_EQ(0, delete_obj(TEST_BUCKET_OBJECT));
1573 ASSERT_EQ(0, delete_bucket());
1574 ASSERT_EQ(0, user_rm(uid, display_name));
1575 }
1576
>>> CID 1351798: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
1577 int main(int argc, char *argv[]){
1578 vector<const char*> args;
1579 argv_to_vec(argc, (const char **)argv, args);
1580
1581 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
1582 common_init_finish(g_ceph_context);
/test/test_rgw_admin_log.cc: 1577 in main()
1571
1572 ASSERT_EQ(0, delete_obj(TEST_BUCKET_OBJECT));
1573 ASSERT_EQ(0, delete_bucket());
1574 ASSERT_EQ(0, user_rm(uid, display_name));
1575 }
1576
>>> CID 1351798: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
1577 int main(int argc, char *argv[]){
1578 vector<const char*> args;
1579 argv_to_vec(argc, (const char **)argv, args);
1580
1581 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
1582 common_init_finish(g_ceph_context);
** CID 1351797: (UNCAUGHT_EXCEPT)
/test/msgr/perf_msgr_client.cc: 170 in main()
/test/msgr/perf_msgr_client.cc: 170 in main()
/test/msgr/perf_msgr_client.cc: 170 in main()
/test/msgr/perf_msgr_client.cc: 170 in main()
/test/msgr/perf_msgr_client.cc: 170 in main()
________________________________________________________________________________________________________
*** CID 1351797: (UNCAUGHT_EXCEPT)
/test/msgr/perf_msgr_client.cc: 170 in main()
164 cerr << " [concurrency]: the max inflight messages(like iodepth in fio)" << std::endl;
165 cerr << " [ios]: how much messages sent for each client" << std::endl;
166 cerr << " [thinktime]: sleep time when do fast dispatching(match client logic)" << std::endl;
167 cerr << " [msg length]: message data bytes" << std::endl;
168 }
169
>>> CID 1351797: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
170 int main(int argc, char **argv)
171 {
172 vector<const char*> args;
173 argv_to_vec(argc, (const char **)argv, args);
174
175 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/msgr/perf_msgr_client.cc: 170 in main()
164 cerr << " [concurrency]: the max inflight messages(like iodepth in fio)" << std::endl;
165 cerr << " [ios]: how much messages sent for each client" << std::endl;
166 cerr << " [thinktime]: sleep time when do fast dispatching(match client logic)" << std::endl;
167 cerr << " [msg length]: message data bytes" << std::endl;
168 }
169
>>> CID 1351797: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
170 int main(int argc, char **argv)
171 {
172 vector<const char*> args;
173 argv_to_vec(argc, (const char **)argv, args);
174
175 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/msgr/perf_msgr_client.cc: 170 in main()
164 cerr << " [concurrency]: the max inflight messages(like iodepth in fio)" << std::endl;
165 cerr << " [ios]: how much messages sent for each client" << std::endl;
166 cerr << " [thinktime]: sleep time when do fast dispatching(match client logic)" << std::endl;
167 cerr << " [msg length]: message data bytes" << std::endl;
168 }
169
>>> CID 1351797: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
170 int main(int argc, char **argv)
171 {
172 vector<const char*> args;
173 argv_to_vec(argc, (const char **)argv, args);
174
175 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/msgr/perf_msgr_client.cc: 170 in main()
164 cerr << " [concurrency]: the max inflight messages(like iodepth in fio)" << std::endl;
165 cerr << " [ios]: how much messages sent for each client" << std::endl;
166 cerr << " [thinktime]: sleep time when do fast dispatching(match client logic)" << std::endl;
167 cerr << " [msg length]: message data bytes" << std::endl;
168 }
169
>>> CID 1351797: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
170 int main(int argc, char **argv)
171 {
172 vector<const char*> args;
173 argv_to_vec(argc, (const char **)argv, args);
174
175 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/msgr/perf_msgr_client.cc: 170 in main()
164 cerr << " [concurrency]: the max inflight messages(like iodepth in fio)" << std::endl;
165 cerr << " [ios]: how much messages sent for each client" << std::endl;
166 cerr << " [thinktime]: sleep time when do fast dispatching(match client logic)" << std::endl;
167 cerr << " [msg length]: message data bytes" << std::endl;
168 }
169
>>> CID 1351797: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
170 int main(int argc, char **argv)
171 {
172 vector<const char*> args;
173 argv_to_vec(argc, (const char **)argv, args);
174
175 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
** CID 1351796: (UNCAUGHT_EXCEPT)
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
________________________________________________________________________________________________________
*** CID 1351796: (UNCAUGHT_EXCEPT)
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1351796: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
** CID 1351795: (UNCAUGHT_EXCEPT)
/test/ObjectMap/test_keyvaluedb_iterators.cc: 1784 in main()
/test/ObjectMap/test_keyvaluedb_iterators.cc: 1784 in main()
________________________________________________________________________________________________________
*** CID 1351795: (UNCAUGHT_EXCEPT)
/test/ObjectMap/test_keyvaluedb_iterators.cc: 1784 in main()
1778 SCOPED_TRACE("MockDB: Empty Store, Upper Bound");
1779 UpperBound(mock->get_iterator());
1780 ASSERT_FALSE(HasFatalFailure());
1781 }
1782
1783
>>> CID 1351795: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
1784 int main(int argc, char *argv[])
1785 {
1786 vector<const char*> args;
1787 argv_to_vec(argc, (const char **) argv, args);
1788
1789 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/ObjectMap/test_keyvaluedb_iterators.cc: 1784 in main()
1778 SCOPED_TRACE("MockDB: Empty Store, Upper Bound");
1779 UpperBound(mock->get_iterator());
1780 ASSERT_FALSE(HasFatalFailure());
1781 }
1782
1783
>>> CID 1351795: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
1784 int main(int argc, char *argv[])
1785 {
1786 vector<const char*> args;
1787 argv_to_vec(argc, (const char **) argv, args);
1788
1789 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
** CID 1351794: (UNCAUGHT_EXCEPT)
/tools/psim.cc: 7 in main()
/tools/psim.cc: 7 in main()
/tools/psim.cc: 7 in main()
/tools/psim.cc: 7 in main()
________________________________________________________________________________________________________
*** CID 1351794: (UNCAUGHT_EXCEPT)
/tools/psim.cc: 7 in main()
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3
4 #include "osd/OSDMap.h"
5 #include "include/buffer.h"
6
>>> CID 1351794: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
7 int main(int argc, char **argv)
8 {
9 /*
10 * you need to create a suitable osdmap first. e.g., for 40 osds,
11 * $ ./osdmaptool --createsimple 40 --clobber .ceph_osdmap
12 */
/tools/psim.cc: 7 in main()
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3
4 #include "osd/OSDMap.h"
5 #include "include/buffer.h"
6
>>> CID 1351794: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
7 int main(int argc, char **argv)
8 {
9 /*
10 * you need to create a suitable osdmap first. e.g., for 40 osds,
11 * $ ./osdmaptool --createsimple 40 --clobber .ceph_osdmap
12 */
/tools/psim.cc: 7 in main()
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3
4 #include "osd/OSDMap.h"
5 #include "include/buffer.h"
6
>>> CID 1351794: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
7 int main(int argc, char **argv)
8 {
9 /*
10 * you need to create a suitable osdmap first. e.g., for 40 osds,
11 * $ ./osdmaptool --createsimple 40 --clobber .ceph_osdmap
12 */
/tools/psim.cc: 7 in main()
1 // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
2 // vim: ts=8 sw=2 smarttab
3
4 #include "osd/OSDMap.h"
5 #include "include/buffer.h"
6
>>> CID 1351794: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::ios_base::failure> >" is thrown and never caught.
7 int main(int argc, char **argv)
8 {
9 /*
10 * you need to create a suitable osdmap first. e.g., for 40 osds,
11 * $ ./osdmaptool --createsimple 40 --clobber .ceph_osdmap
12 */
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2016-02-03 20:40 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2016-02-03 20:40 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
258 new defect(s) introduced to ceph found with Coverity Scan.
238 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 258 defect(s)
** CID 1351432: Resource leaks (CTOR_DTOR_LEAK)
/rocksdb/db/memtable_list.h: 147 in rocksdb::MemTableList::MemTableList(int, int)()
________________________________________________________________________________________________________
*** CID 1351432: Resource leaks (CTOR_DTOR_LEAK)
/rocksdb/db/memtable_list.h: 147 in rocksdb::MemTableList::MemTableList(int, int)()
141 public:
142 // A list of memtables.
143 explicit MemTableList(int min_write_buffer_number_to_merge,
144 int max_write_buffer_number_to_maintain)
145 : imm_flush_needed(false),
146 min_write_buffer_number_to_merge_(min_write_buffer_number_to_merge),
>>> CID 1351432: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "current_" of "rocksdb::MemTableList" but the destructor and whatever functions it calls do not free it.
147 current_(new MemTableListVersion(¤t_memory_usage_,
148 max_write_buffer_number_to_maintain)),
149 num_flush_not_started_(0),
150 commit_in_progress_(false),
151 flush_requested_(false) {
152 current_->Ref();
** CID 1351431: Resource leaks (CTOR_DTOR_LEAK)
/rocksdb/db/compaction_job.cc: 220 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::DBOptions &, const rocksdb::EnvOptions &, rocksdb::VersionSet *, std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, rocksdb::CompactionJobStats *)()
________________________________________________________________________________________________________
*** CID 1351431: Resource leaks (CTOR_DTOR_LEAK)
/rocksdb/db/compaction_job.cc: 220 in rocksdb::CompactionJob::CompactionJob(int, rocksdb::Compaction *, const rocksdb::DBOptions &, const rocksdb::EnvOptions &, rocksdb::VersionSet *, std::atomic<bool> *, rocksdb::LogBuffer *, rocksdb::Directory *, rocksdb::Directory *, rocksdb::Statistics *, std::vector<unsigned long, std::allocator<unsigned long>>, unsigned long, std::shared_ptr<rocksdb::Cache>, rocksdb::EventLogger *, bool, bool, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, rocksdb::CompactionJobStats *)()
214 std::vector<SequenceNumber> existing_snapshots,
215 SequenceNumber earliest_write_conflict_snapshot,
216 std::shared_ptr<Cache> table_cache, EventLogger* event_logger,
217 bool paranoid_file_checks, bool measure_io_stats, const std::string& dbname,
218 CompactionJobStats* compaction_job_stats)
219 : job_id_(job_id),
>>> CID 1351431: Resource leaks (CTOR_DTOR_LEAK)
>>> The constructor allocates field "compact_" of "rocksdb::CompactionJob" but the destructor and whatever functions it calls do not free it.
220 compact_(new CompactionState(compaction)),
221 compaction_job_stats_(compaction_job_stats),
222 compaction_stats_(1),
223 dbname_(dbname),
224 db_options_(db_options),
225 env_options_(env_options),
** CID 1351430: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2767 in DiffIterateTest_DiffIterateParentDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2742 in DiffIterateTest_DiffIterateParentDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
________________________________________________________________________________________________________
*** CID 1351430: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2767 in DiffIterateTest_DiffIterateParentDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2761
2762 interval_set<uint64_t> two;
2763 scribble(image, 10, 102400, &exists, &two);
2764 two = round_diff_interval(two, object_size);
2765
2766 interval_set<uint64_t> diff;
>>> CID 1351430: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2767 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2768 iterate_cb, (void *)&diff));
2769 ASSERT_TRUE(two.subset_of(diff));
2770 }
2771
2772 TEST_F(TestLibRBD, ZeroLengthWrite)
/test/librbd/test_librbd.cc: 2742 in DiffIterateTest_DiffIterateParentDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2736 int order = 0;
2737
2738 ASSERT_EQ(0, create_image_pp(rbd, ioctx, name.c_str(), size, &order));
2739 ASSERT_EQ(0, rbd.open(ioctx, image, name.c_str(), NULL));
2740
2741 uint64_t object_size = 0;
>>> CID 1351430: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
2742 if (this->whole_object) {
2743 object_size = 1 << order;
2744 }
2745
2746 interval_set<uint64_t> exists;
2747 interval_set<uint64_t> one;
** CID 1351429: Error handling issues (CHECKED_RETURN)
________________________________________________________________________________________________________
*** CID 1351429: Error handling issues (CHECKED_RETURN)
/rocksdb/util/io_posix.cc: 178 in rocksdb::PosixRandomAccessFile::Read(unsigned long, unsigned long, rocksdb::Slice *, char *) const()
172 // An error: return a non-ok status
173 s = IOError(filename_, errno);
174 }
175 if (!use_os_buffer_) {
176 // we need to fadvise away the entire range of pages because
177 // we do not want readahead pages to be cached.
>>> CID 1351429: Error handling issues (CHECKED_RETURN)
>>> Calling "rocksdb::Fadvise(this->fd_, 0L, 0UL, 4)" without checking return value. It wraps a library function that may fail and return an error code.
178 Fadvise(fd_, 0, 0, POSIX_FADV_DONTNEED); // free OS pages
179 }
180 return s;
181 }
182
183 #ifdef OS_LINUX
** CID 1351428: (CHECKED_RETURN)
________________________________________________________________________________________________________
*** CID 1351428: (CHECKED_RETURN)
/rocksdb/util/io_posix.cc: 192 in rocksdb::PosixRandomAccessFile::Hint(rocksdb::RandomAccessFile::AccessPattern)()
186 }
187 #endif
188
189 void PosixRandomAccessFile::Hint(AccessPattern pattern) {
190 switch (pattern) {
191 case NORMAL:
>>> CID 1351428: (CHECKED_RETURN)
>>> Calling "rocksdb::Fadvise(this->fd_, 0L, 0UL, 0)" without checking return value. It wraps a library function that may fail and return an error code.
192 Fadvise(fd_, 0, 0, POSIX_FADV_NORMAL);
193 break;
194 case RANDOM:
195 Fadvise(fd_, 0, 0, POSIX_FADV_RANDOM);
196 break;
197 case SEQUENTIAL:
/rocksdb/util/io_posix.cc: 195 in rocksdb::PosixRandomAccessFile::Hint(rocksdb::RandomAccessFile::AccessPattern)()
189 void PosixRandomAccessFile::Hint(AccessPattern pattern) {
190 switch (pattern) {
191 case NORMAL:
192 Fadvise(fd_, 0, 0, POSIX_FADV_NORMAL);
193 break;
194 case RANDOM:
>>> CID 1351428: (CHECKED_RETURN)
>>> Calling "rocksdb::Fadvise(this->fd_, 0L, 0UL, 1)" without checking return value. It wraps a library function that may fail and return an error code.
195 Fadvise(fd_, 0, 0, POSIX_FADV_RANDOM);
196 break;
197 case SEQUENTIAL:
198 Fadvise(fd_, 0, 0, POSIX_FADV_SEQUENTIAL);
199 break;
200 case WILLNEED:
/rocksdb/util/io_posix.cc: 198 in rocksdb::PosixRandomAccessFile::Hint(rocksdb::RandomAccessFile::AccessPattern)()
192 Fadvise(fd_, 0, 0, POSIX_FADV_NORMAL);
193 break;
194 case RANDOM:
195 Fadvise(fd_, 0, 0, POSIX_FADV_RANDOM);
196 break;
197 case SEQUENTIAL:
>>> CID 1351428: (CHECKED_RETURN)
>>> Calling "rocksdb::Fadvise(this->fd_, 0L, 0UL, 2)" without checking return value. It wraps a library function that may fail and return an error code.
198 Fadvise(fd_, 0, 0, POSIX_FADV_SEQUENTIAL);
199 break;
200 case WILLNEED:
201 Fadvise(fd_, 0, 0, POSIX_FADV_WILLNEED);
202 break;
203 case DONTNEED:
/rocksdb/util/io_posix.cc: 201 in rocksdb::PosixRandomAccessFile::Hint(rocksdb::RandomAccessFile::AccessPattern)()
195 Fadvise(fd_, 0, 0, POSIX_FADV_RANDOM);
196 break;
197 case SEQUENTIAL:
198 Fadvise(fd_, 0, 0, POSIX_FADV_SEQUENTIAL);
199 break;
200 case WILLNEED:
>>> CID 1351428: (CHECKED_RETURN)
>>> Calling "rocksdb::Fadvise(this->fd_, 0L, 0UL, 3)" without checking return value. It wraps a library function that may fail and return an error code.
201 Fadvise(fd_, 0, 0, POSIX_FADV_WILLNEED);
202 break;
203 case DONTNEED:
204 Fadvise(fd_, 0, 0, POSIX_FADV_DONTNEED);
205 break;
206 default:
/rocksdb/util/io_posix.cc: 204 in rocksdb::PosixRandomAccessFile::Hint(rocksdb::RandomAccessFile::AccessPattern)()
198 Fadvise(fd_, 0, 0, POSIX_FADV_SEQUENTIAL);
199 break;
200 case WILLNEED:
201 Fadvise(fd_, 0, 0, POSIX_FADV_WILLNEED);
202 break;
203 case DONTNEED:
>>> CID 1351428: (CHECKED_RETURN)
>>> Calling "rocksdb::Fadvise(this->fd_, 0L, 0UL, 4)" without checking return value. It wraps a library function that may fail and return an error code.
204 Fadvise(fd_, 0, 0, POSIX_FADV_DONTNEED);
205 break;
206 default:
207 assert(false);
208 break;
209 }
** CID 1351427: Error handling issues (CHECKED_RETURN)
________________________________________________________________________________________________________
*** CID 1351427: Error handling issues (CHECKED_RETURN)
/rocksdb/util/io_posix.cc: 82 in rocksdb::PosixSequentialFile::Read(unsigned long, rocksdb::Slice *, char *)()
76 s = IOError(filename_, errno);
77 }
78 }
79 if (!use_os_buffer_) {
80 // we need to fadvise away the entire range of pages because
81 // we do not want readahead pages to be cached.
>>> CID 1351427: Error handling issues (CHECKED_RETURN)
>>> Calling "rocksdb::Fadvise(this->fd_, 0L, 0UL, 4)" without checking return value. It wraps a library function that may fail and return an error code.
82 Fadvise(fd_, 0, 0, POSIX_FADV_DONTNEED); // free OS pages
83 }
84 return s;
85 }
86
87 Status PosixSequentialFile::Skip(uint64_t n) {
** CID 1351426: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Watch.cc: 88 in rbd::action::watch::do_watch(librados::IoCtx &, librbd::Image &, const char *)()
________________________________________________________________________________________________________
*** CID 1351426: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Watch.cc: 88 in rbd::action::watch::do_watch(librados::IoCtx &, librbd::Image &, const char *)()
82 if (r < 0) {
83 std::cerr << "rbd: watch failed" << std::endl;
84 return r;
85 }
86
87 std::cout << "press enter to exit..." << std::endl;
>>> CID 1351426: Error handling issues (CHECKED_RETURN)
>>> Calling "getchar()" without checking return value. This library function may fail and return an error code. [Note: The source code implementation of the function has been overridden by a builtin model.]
88 getchar();
89
90 r = pp.unwatch2(cookie);
91 if (r < 0) {
92 std::cerr << "rbd: unwatch failed" << std::endl;
93 return r;
** CID 1351425: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Export.cc: 112 in rbd::action::export_full::do_export(librbd::Image &, const char *, bool)()
________________________________________________________________________________________________________
*** CID 1351425: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Export.cc: 112 in rbd::action::export_full::do_export(librbd::Image &, const char *, bool)()
106 } else {
107 max_concurrent_ops = max(g_conf->rbd_concurrent_management_ops, 1);
108 fd = open(path, O_WRONLY | O_CREAT | O_EXCL, 0644);
109 if (fd < 0) {
110 return -errno;
111 }
>>> CID 1351425: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
112 posix_fadvise(fd, 0, 0, POSIX_FADV_SEQUENTIAL);
113 }
114
115 utils::ProgressContext pc("Exporting image", no_progress);
116
117 SimpleThrottle throttle(max_concurrent_ops, false);
** CID 1351424: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Import.cc: 130 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool)()
________________________________________________________________________________________________________
*** CID 1351424: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Import.cc: 130 in rbd::action::import::do_import(librbd::RBD &, librados::IoCtx &, const char *, const char *, librbd::ImageOptions &, bool)()
124 goto done;
125 }
126 assert(bdev_size >= 0);
127 size = (uint64_t) bdev_size;
128 }
129
>>> CID 1351424: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
130 posix_fadvise(fd, 0, 0, POSIX_FADV_SEQUENTIAL);
131 }
132
133 uint64_t format;
134 r = opts.get(RBD_IMAGE_OPTION_FORMAT, &format);
135 assert(r == 0);
** CID 1351423: Error handling issues (CHECKED_RETURN)
/tools/rbd_nbd/rbd-nbd.cc: 725 in do_list_mapped_devices()()
________________________________________________________________________________________________________
*** CID 1351423: Error handling issues (CHECKED_RETURN)
/tools/rbd_nbd/rbd-nbd.cc: 725 in do_list_mapped_devices()()
719 int nbd = open_device(path);
720 if (nbd < 0)
721 break;
722 if (ioctl(nbd, NBD_SET_SOCK, fd[0]) != 0)
723 cout << path << std::endl;
724 else
>>> CID 1351423: Error handling issues (CHECKED_RETURN)
>>> Calling "ioctl" without checking return value (as is done elsewhere 47 out of 55 times).
725 ioctl(nbd, NBD_CLEAR_SOCK);
726 close(nbd);
727 m++;
728 }
729
730 close(fd[0]);
** CID 1351422: Error handling issues (CHECKED_RETURN)
/tools/rbd_nbd/rbd-nbd.cc: 677 in do_unmap()()
________________________________________________________________________________________________________
*** CID 1351422: Error handling issues (CHECKED_RETURN)
/tools/rbd_nbd/rbd-nbd.cc: 677 in do_unmap()()
671 cerr << "rbd-nbd: failed to open device: " << devpath << std::endl;
672 return nbd;
673 }
674
675 if (ioctl(nbd, NBD_DISCONNECT) < 0)
676 cerr << "rbd-nbd: the device is not used" << std::endl;
>>> CID 1351422: Error handling issues (CHECKED_RETURN)
>>> Calling "ioctl" without checking return value (as is done elsewhere 47 out of 55 times).
677 ioctl(nbd, NBD_CLEAR_SOCK);
678 close(nbd);
679
680 return 0;
681 }
682
** CID 1351421: (CHECKED_RETURN)
/tools/rbd_nbd/rbd-nbd.cc: 594 in do_map()()
/tools/rbd_nbd/rbd-nbd.cc: 639 in do_map()()
/tools/rbd_nbd/rbd-nbd.cc: 648 in do_map()()
________________________________________________________________________________________________________
*** CID 1351421: (CHECKED_RETURN)
/tools/rbd_nbd/rbd-nbd.cc: 594 in do_map()()
588 r = ioctl(nbd, NBD_SET_SIZE, size);
589 if (r < 0) {
590 r = -errno;
591 goto close_nbd;
592 }
593
>>> CID 1351421: (CHECKED_RETURN)
>>> Calling "ioctl" without checking return value (as is done elsewhere 47 out of 55 times).
594 ioctl(nbd, NBD_SET_FLAGS, flags);
595
596 read_only = snapname.empty() ? 0 : 1;
597 r = ioctl(nbd, BLKROSET, (unsigned long) &read_only);
598 if (r < 0) {
599 r = -errno;
/tools/rbd_nbd/rbd-nbd.cc: 639 in do_map()()
633 }
634
635 {
636 NBDServer server(fd[1], image);
637
638 server.start();
>>> CID 1351421: (CHECKED_RETURN)
>>> Calling "ioctl" without checking return value (as is done elsewhere 47 out of 55 times).
639 ioctl(nbd, NBD_DO_IT);
640 server.stop();
641 }
642
643 io_ctx.unwatch2(watcher);
644 }
/tools/rbd_nbd/rbd-nbd.cc: 648 in do_map()()
642
643 io_ctx.unwatch2(watcher);
644 }
645
646 close_nbd:
647 if (r < 0) {
>>> CID 1351421: (CHECKED_RETURN)
>>> Calling "ioctl" without checking return value (as is done elsewhere 47 out of 55 times).
648 ioctl(nbd, NBD_CLEAR_SOCK);
649 cerr << "rbd-nbd: failed to map, status: " << cpp_strerror(-r) << std::endl;
650 }
651 close(nbd);
652 close_fd:
653 close(fd[0]);
** CID 1351420: Error handling issues (CHECKED_RETURN)
/rgw/rgw_rest_s3.cc: 557 in RGWSetBucketWebsite_ObjStore_S3::get_params()()
________________________________________________________________________________________________________
*** CID 1351420: Error handling issues (CHECKED_RETURN)
/rgw/rgw_rest_s3.cc: 557 in RGWSetBucketWebsite_ObjStore_S3::get_params()()
551 }
552
553 bufferlist bl;
554 bl.append(data, len);
555
556 RGWXMLDecoder::XMLParser parser;
>>> CID 1351420: Error handling issues (CHECKED_RETURN)
>>> Calling "init" without checking return value (as is done elsewhere 10 out of 11 times).
557 parser.init();
558
559 if (!parser.parse(data, len, 1)) {
560 string str(data, len);
561 ldout(s->cct, 5) << "failed to parse xml: " << str << dendl;
562 return -EINVAL;
** CID 1351419: Error handling issues (CHECKED_RETURN)
/rocksdb/util/env_posix.cc: 138 in rocksdb::<unnamed>::PosixEnv::SetFD_CLOEXEC(int, const rocksdb::EnvOptions *)()
________________________________________________________________________________________________________
*** CID 1351419: Error handling issues (CHECKED_RETURN)
/rocksdb/util/env_posix.cc: 138 in rocksdb::<unnamed>::PosixEnv::SetFD_CLOEXEC(int, const rocksdb::EnvOptions *)()
132 // thread_status_updater_.
133 delete thread_status_updater_;
134 }
135
136 void SetFD_CLOEXEC(int fd, const EnvOptions* options) {
137 if ((options == nullptr || options->set_fd_cloexec) && fd > 0) {
>>> CID 1351419: Error handling issues (CHECKED_RETURN)
>>> Calling "fcntl(fd, 2, fcntl(fd, 1) | 1)" without checking return value. This library function may fail and return an error code.
138 fcntl(fd, F_SETFD, fcntl(fd, F_GETFD) | FD_CLOEXEC);
139 }
140 }
141
142 virtual Status NewSequentialFile(const std::string& fname,
143 unique_ptr<SequentialFile>* result,
** CID 1351418: Error handling issues (CHECKED_RETURN)
/tools/ceph_monstore_tool.cc: 689 in main::boost_se_guard_t_686::boost_se_body(int &, int &, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 1351418: Error handling issues (CHECKED_RETURN)
/tools/ceph_monstore_tool.cc: 689 in main::boost_se_guard_t_686::boost_se_body(int &, int &, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
** CID 1351417: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Journal.cc: 712 in rbd::action::journal::do_import_journal(librados::IoCtx &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, bool)()
________________________________________________________________________________________________________
*** CID 1351417: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Journal.cc: 712 in rbd::action::journal::do_import_journal(librados::IoCtx &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, bool)()
706 } else {
707 if ((fd = open(path.c_str(), O_RDONLY)) < 0) {
708 r = -errno;
709 std::cerr << "rbd: error opening " << path << std::endl;
710 return r;
711 }
>>> CID 1351417: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
712 posix_fadvise(fd, 0, 0, POSIX_FADV_SEQUENTIAL);
713 }
714
715 r = JournalImporter(io_ctx, journal_id, fd, no_error, verbose).exec();
716
717 if (!from_stdin) {
** CID 1351416: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/ExportDiff.cc: 134 in rbd::action::export_diff::do_export_diff(librbd::Image &, const char *, const char *, bool, const char *, bool)::boost_se_guard_t_131::boost_se_body(int &, int &, const char *&)()
________________________________________________________________________________________________________
*** CID 1351416: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/ExportDiff.cc: 134 in rbd::action::export_diff::do_export_diff(librbd::Image &, const char *, const char *, bool, const char *, bool)::boost_se_guard_t_131::boost_se_body(int &, int &, const char *&)()
128 if (fd < 0)
129 return -errno;
130
131 BOOST_SCOPE_EXIT((&r) (&fd) (&path)) {
132 close(fd);
133 if (r < 0 && fd != 1) {
>>> CID 1351416: Error handling issues (CHECKED_RETURN)
>>> Calling "remove(path)" without checking return value. This library function may fail and return an error code.
134 remove(path);
135 }
136 } BOOST_SCOPE_EXIT_END
137
138 {
139 // header
** CID 1351415: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Journal.cc: 510 in rbd::action::journal::do_export_journal(librados::IoCtx &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, bool)()
________________________________________________________________________________________________________
*** CID 1351415: Error handling issues (CHECKED_RETURN)
/tools/rbd/action/Journal.cc: 510 in rbd::action::journal::do_export_journal(librados::IoCtx &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, bool)()
504 fd = open(path.c_str(), O_WRONLY | O_CREAT | O_EXCL, 0644);
505 if (fd < 0) {
506 r = -errno;
507 std::cerr << "rbd: error creating " << path << std::endl;
508 return r;
509 }
>>> CID 1351415: Error handling issues (CHECKED_RETURN)
>>> Calling "posix_fadvise(fd, 0L, 0L, 2)" without checking return value. This library function may fail and return an error code.
510 posix_fadvise(fd, 0, 0, POSIX_FADV_SEQUENTIAL);
511 }
512
513 r = JournalExporter(io_ctx, journal_id, fd, no_error, verbose).exec();
514
515 if (!to_stdout) {
** CID 1351414: Incorrect expression (BAD_SIZEOF)
/os/bluestore/BlueStore.cc: 1576 in BlueStore::_setup_block_symlink_or_file(std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, unsigned long)()
________________________________________________________________________________________________________
*** CID 1351414: Incorrect expression (BAD_SIZEOF)
/os/bluestore/BlueStore.cc: 1576 in BlueStore::_setup_block_symlink_or_file(std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, unsigned long)()
1570 uint64_t size)
1571 {
1572 dout(20) << __func__ << " name " << name << " path " << epath
1573 << " size " << size << dendl;
1574 int r = 0;
1575 if (epath.length()) {
>>> CID 1351414: Incorrect expression (BAD_SIZEOF)
>>> Taking the size of pointer arithmetic expression ""spdk:" - 1" is suspicious.
1576 if (!epath.compare(0, sizeof(SPDK_PREFIX-1), SPDK_PREFIX)) {
1577 string symbol_spdk_file = path + "/" + epath;
1578 r = ::symlinkat(symbol_spdk_file.c_str(), path_fd, name.c_str());
1579 if (r < 0) {
1580 r = -errno;
1581 derr << __func__ << " failed to create " << name << " symlink to "
** CID 1248998: (UNCAUGHT_EXCEPT)
/ceph_mds.cc: 90 in main()
/ceph_mds.cc: 90 in main()
________________________________________________________________________________________________________
*** CID 1248998: (UNCAUGHT_EXCEPT)
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1248998: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
/ceph_mds.cc: 90 in main()
84 static void handle_mds_signal(int signum)
85 {
86 if (mds)
87 mds->handle_signal(signum);
88 }
89
>>> CID 1248998: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::bad_alloc" is thrown and never caught.
90 int main(int argc, const char **argv)
91 {
92 vector<const char*> args;
93 argv_to_vec(argc, argv, args);
94 env_to_vec(args);
95
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/ceph?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2015-05-02 14:37 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2015-05-02 14:37 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
14 new defect(s) introduced to ceph found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 14 of 14 defect(s)
** CID 1296388: Uninitialized members (UNINIT_CTOR)
/librbd/RebuildObjectMapRequest.cc: 35 in librbd::<unnamed>::C_VerifyObject::C_VerifyObject(librbd::AsyncObjectThrottle &, librbd::ImageCtx *, unsigned long, unsigned long)()
________________________________________________________________________________________________________
*** CID 1296388: Uninitialized members (UNINIT_CTOR)
/librbd/RebuildObjectMapRequest.cc: 35 in librbd::<unnamed>::C_VerifyObject::C_VerifyObject(librbd::AsyncObjectThrottle &, librbd::ImageCtx *, unsigned long, unsigned long)()
29 : C_AsyncObjectThrottle(throttle), m_image_ctx(*image_ctx),
30 m_snap_id(snap_id), m_object_no(object_no),
31 m_oid(m_image_ctx.get_object_name(m_object_no))
32 {
33 m_io_ctx.dup(m_image_ctx.md_ctx);
34 m_io_ctx.snap_set_read(CEPH_SNAPDIR);
>>> CID 1296388: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "m_snap_list_ret" is not initialized in this constructor nor in any functions that it calls.
35 }
36
37 virtual void complete(int r) {
38 if (should_complete(r)) {
39 ldout(m_image_ctx.cct, 20) << m_oid << " C_VerifyObject completed "
40 << dendl;
** CID 1296387: (UNCAUGHT_EXCEPT)
/test/system/rados_watch_notify.cc: 59 in main()
/test/system/rados_watch_notify.cc: 59 in main()
/test/system/rados_watch_notify.cc: 59 in main()
/test/system/rados_watch_notify.cc: 59 in main()
________________________________________________________________________________________________________
*** CID 1296387: (UNCAUGHT_EXCEPT)
/test/system/rados_watch_notify.cc: 59 in main()
53
54 const char *get_id_str()
55 {
56 return "main";
57 }
58
>>> CID 1296387: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61 std::string pool = "foo." + stringify(getpid());
62 CrossProcessSem *setup_sem = NULL;
63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64 CrossProcessSem *watch_sem = NULL;
/test/system/rados_watch_notify.cc: 59 in main()
53
54 const char *get_id_str()
55 {
56 return "main";
57 }
58
>>> CID 1296387: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61 std::string pool = "foo." + stringify(getpid());
62 CrossProcessSem *setup_sem = NULL;
63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64 CrossProcessSem *watch_sem = NULL;
/test/system/rados_watch_notify.cc: 59 in main()
53
54 const char *get_id_str()
55 {
56 return "main";
57 }
58
>>> CID 1296387: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61 std::string pool = "foo." + stringify(getpid());
62 CrossProcessSem *setup_sem = NULL;
63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64 CrossProcessSem *watch_sem = NULL;
/test/system/rados_watch_notify.cc: 59 in main()
53
54 const char *get_id_str()
55 {
56 return "main";
57 }
58
>>> CID 1296387: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
59 int main(int argc, const char **argv)
60 {
61 std::string pool = "foo." + stringify(getpid());
62 CrossProcessSem *setup_sem = NULL;
63 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &setup_sem));
64 CrossProcessSem *watch_sem = NULL;
** CID 1296386: (UNCAUGHT_EXCEPT)
/test/system/rados_open_pools_parallel.cc: 98 in main()
/test/system/rados_open_pools_parallel.cc: 98 in main()
________________________________________________________________________________________________________
*** CID 1296386: (UNCAUGHT_EXCEPT)
/test/system/rados_open_pools_parallel.cc: 98 in main()
92
93 const char *get_id_str()
94 {
95 return "main";
96 }
97
>>> CID 1296386: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
98 int main(int argc, const char **argv)
99 {
100 // first test: create a pool, shut down the client, access that
101 // pool in a different process.
102 CrossProcessSem *pool_setup_sem = NULL;
103 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &pool_setup_sem));
/test/system/rados_open_pools_parallel.cc: 98 in main()
92
93 const char *get_id_str()
94 {
95 return "main";
96 }
97
>>> CID 1296386: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
98 int main(int argc, const char **argv)
99 {
100 // first test: create a pool, shut down the client, access that
101 // pool in a different process.
102 CrossProcessSem *pool_setup_sem = NULL;
103 RETURN1_IF_NONZERO(CrossProcessSem::create(0, &pool_setup_sem));
** CID 1296385: (UNCAUGHT_EXCEPT)
/test/system/rados_delete_pools_parallel.cc: 57 in main()
/test/system/rados_delete_pools_parallel.cc: 57 in main()
________________________________________________________________________________________________________
*** CID 1296385: (UNCAUGHT_EXCEPT)
/test/system/rados_delete_pools_parallel.cc: 57 in main()
51
52 const char *get_id_str()
53 {
54 return "main";
55 }
56
>>> CID 1296385: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
57 int main(int argc, const char **argv)
58 {
59 const char *num_objects = getenv("NUM_OBJECTS");
60 std::string pool = "foo";
61 if (num_objects) {
62 g_num_objects = atoi(num_objects);
/test/system/rados_delete_pools_parallel.cc: 57 in main()
51
52 const char *get_id_str()
53 {
54 return "main";
55 }
56
>>> CID 1296385: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
57 int main(int argc, const char **argv)
58 {
59 const char *num_objects = getenv("NUM_OBJECTS");
60 std::string pool = "foo";
61 if (num_objects) {
62 g_num_objects = atoi(num_objects);
** CID 1296384: (UNCAUGHT_EXCEPT)
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
/test/librbd/fsx.cc: 1981 in main()
________________________________________________________________________________________________________
*** CID 1296384: (UNCAUGHT_EXCEPT)
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
/test/librbd/fsx.cc: 1981 in main()
1975 fallocate_calls = 0;
1976 #endif
1977
1978 }
1979
1980 int
>>> CID 1296384: (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
1981 main(int argc, char **argv)
1982 {
1983 int i, style, ch, ret;
1984 char *endp;
1985 char goodfile[1024];
1986 char logfile[1024];
** CID 1296383: (RESOURCE_LEAK)
/test/libcephfs/test.cc: 902 in LibCephFS_BadArgument_Test::TestBody()()
/test/libcephfs/test.cc: 900 in LibCephFS_BadArgument_Test::TestBody()()
/test/libcephfs/test.cc: 899 in LibCephFS_BadArgument_Test::TestBody()()
/test/libcephfs/test.cc: 897 in LibCephFS_BadArgument_Test::TestBody()()
/test/libcephfs/test.cc: 894 in LibCephFS_BadArgument_Test::TestBody()()
/test/libcephfs/test.cc: 893 in LibCephFS_BadArgument_Test::TestBody()()
/test/libcephfs/test.cc: 892 in LibCephFS_BadArgument_Test::TestBody()()
/test/libcephfs/test.cc: 891 in LibCephFS_BadArgument_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1296383: (RESOURCE_LEAK)
/test/libcephfs/test.cc: 902 in LibCephFS_BadArgument_Test::TestBody()()
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
897 ASSERT_GT(fd, 0);
898 char buf[100];
899 ASSERT_EQ(ceph_write(cmount, fd, buf, sizeof(buf), 0), (int)sizeof(buf));
900 ASSERT_EQ(ceph_read(cmount, fd, buf, 5, 0), 0);
901 ceph_close(cmount, fd);
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
902 ASSERT_EQ(ceph_unlink(cmount, "test_file"), 0);
903
904 ceph_shutdown(cmount);
905 }
906
907 TEST(LibCephFS, BadFileDesc) {
/test/libcephfs/test.cc: 900 in LibCephFS_BadArgument_Test::TestBody()()
894 ASSERT_EQ(ceph_mount(cmount, NULL), 0);
895
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
897 ASSERT_GT(fd, 0);
898 char buf[100];
899 ASSERT_EQ(ceph_write(cmount, fd, buf, sizeof(buf), 0), (int)sizeof(buf));
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
900 ASSERT_EQ(ceph_read(cmount, fd, buf, 5, 0), 0);
901 ceph_close(cmount, fd);
902 ASSERT_EQ(ceph_unlink(cmount, "test_file"), 0);
903
904 ceph_shutdown(cmount);
905 }
/test/libcephfs/test.cc: 899 in LibCephFS_BadArgument_Test::TestBody()()
893 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
894 ASSERT_EQ(ceph_mount(cmount, NULL), 0);
895
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
897 ASSERT_GT(fd, 0);
898 char buf[100];
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
899 ASSERT_EQ(ceph_write(cmount, fd, buf, sizeof(buf), 0), (int)sizeof(buf));
900 ASSERT_EQ(ceph_read(cmount, fd, buf, 5, 0), 0);
901 ceph_close(cmount, fd);
902 ASSERT_EQ(ceph_unlink(cmount, "test_file"), 0);
903
904 ceph_shutdown(cmount);
/test/libcephfs/test.cc: 897 in LibCephFS_BadArgument_Test::TestBody()()
891 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
892 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
893 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
894 ASSERT_EQ(ceph_mount(cmount, NULL), 0);
895
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
897 ASSERT_GT(fd, 0);
898 char buf[100];
899 ASSERT_EQ(ceph_write(cmount, fd, buf, sizeof(buf), 0), (int)sizeof(buf));
900 ASSERT_EQ(ceph_read(cmount, fd, buf, 5, 0), 0);
901 ceph_close(cmount, fd);
902 ASSERT_EQ(ceph_unlink(cmount, "test_file"), 0);
/test/libcephfs/test.cc: 894 in LibCephFS_BadArgument_Test::TestBody()()
888
889 TEST(LibCephFS, BadArgument) {
890 struct ceph_mount_info *cmount;
891 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
892 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
893 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
894 ASSERT_EQ(ceph_mount(cmount, NULL), 0);
895
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
897 ASSERT_GT(fd, 0);
898 char buf[100];
899 ASSERT_EQ(ceph_write(cmount, fd, buf, sizeof(buf), 0), (int)sizeof(buf));
/test/libcephfs/test.cc: 893 in LibCephFS_BadArgument_Test::TestBody()()
887 }
888
889 TEST(LibCephFS, BadArgument) {
890 struct ceph_mount_info *cmount;
891 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
892 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
893 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
894 ASSERT_EQ(ceph_mount(cmount, NULL), 0);
895
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
897 ASSERT_GT(fd, 0);
898 char buf[100];
/test/libcephfs/test.cc: 892 in LibCephFS_BadArgument_Test::TestBody()()
886 ceph_shutdown(cmount);
887 }
888
889 TEST(LibCephFS, BadArgument) {
890 struct ceph_mount_info *cmount;
891 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
892 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
893 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
894 ASSERT_EQ(ceph_mount(cmount, NULL), 0);
895
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
897 ASSERT_GT(fd, 0);
/test/libcephfs/test.cc: 891 in LibCephFS_BadArgument_Test::TestBody()()
885
886 ceph_shutdown(cmount);
887 }
888
889 TEST(LibCephFS, BadArgument) {
890 struct ceph_mount_info *cmount;
>>> CID 1296383: (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
891 ASSERT_EQ(ceph_create(&cmount, NULL), 0);
892 ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL));
893 ASSERT_EQ(ceph_conf_read_file(cmount, NULL), 0);
894 ASSERT_EQ(ceph_mount(cmount, NULL), 0);
895
896 int fd = ceph_open(cmount, "test_file", O_CREAT|O_RDWR, 0666);
** CID 1296382: Resource leaks (RESOURCE_LEAK)
/auth/Crypto.cc: 358 in CryptoAES::get_key_handler(const ceph::buffer::ptr &, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
________________________________________________________________________________________________________
*** CID 1296382: Resource leaks (RESOURCE_LEAK)
/auth/Crypto.cc: 358 in CryptoAES::get_key_handler(const ceph::buffer::ptr &, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
352 string& error)
353 {
354 CryptoAESKeyHandler *ckh = new CryptoAESKeyHandler;
355 ostringstream oss;
356 if (ckh->init(secret, oss) < 0) {
357 error = oss.str();
>>> CID 1296382: Resource leaks (RESOURCE_LEAK)
>>> Variable "ckh" going out of scope leaks the storage it points to.
358 return NULL;
359 }
360 return ckh;
361 }
362
363
** CID 1296381: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2181 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2189 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2198 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2204 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2214 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2225 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2175 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
________________________________________________________________________________________________________
*** CID 1296381: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2181 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2175 if (this->whole_object) {
2176 object_size = 1 << order;
2177 }
2178 vector<diff_extent> extents;
2179 ceph::bufferlist bl;
2180
>>> CID 1296381: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2181 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2182 vector_iterate_cb, (void *) &extents));
2183 ASSERT_EQ(0u, extents.size());
2184
2185 char data[256];
2186 memset(data, 1, sizeof(data));
/test/librbd/test_librbd.cc: 2189 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2183 ASSERT_EQ(0u, extents.size());
2184
2185 char data[256];
2186 memset(data, 1, sizeof(data));
2187 bl.append(data, 256);
2188 ASSERT_EQ(256, image.write(0, 256, bl));
>>> CID 1296381: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2189 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2190 vector_iterate_cb, (void *) &extents));
2191 ASSERT_EQ(1u, extents.size());
2192 ASSERT_EQ(diff_extent(0, 256, true, object_size), extents[0]);
2193
2194 int obj_ofs = 256;
/test/librbd/test_librbd.cc: 2198 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2192 ASSERT_EQ(diff_extent(0, 256, true, object_size), extents[0]);
2193
2194 int obj_ofs = 256;
2195 ASSERT_EQ(1 << order, image.discard(0, 1 << order));
2196
2197 extents.clear();
>>> CID 1296381: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2198 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2199 vector_iterate_cb, (void *) &extents));
2200 ASSERT_EQ(0u, extents.size());
2201
2202 ASSERT_EQ(0, image.snap_create("snap1"));
2203 ASSERT_EQ(256, image.write(0, 256, bl));
/test/librbd/test_librbd.cc: 2204 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2198 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2199 vector_iterate_cb, (void *) &extents));
2200 ASSERT_EQ(0u, extents.size());
2201
2202 ASSERT_EQ(0, image.snap_create("snap1"));
2203 ASSERT_EQ(256, image.write(0, 256, bl));
>>> CID 1296381: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2204 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2205 vector_iterate_cb, (void *) &extents));
2206 ASSERT_EQ(1u, extents.size());
2207 ASSERT_EQ(diff_extent(0, 256, true, object_size), extents[0]);
2208 ASSERT_EQ(0, image.snap_create("snap2"));
2209
/test/librbd/test_librbd.cc: 2214 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2208 ASSERT_EQ(0, image.snap_create("snap2"));
2209
2210 ASSERT_EQ(obj_ofs, image.discard(0, obj_ofs));
2211
2212 extents.clear();
2213 ASSERT_EQ(0, image.snap_set("snap2"));
>>> CID 1296381: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2214 ASSERT_EQ(0, image.diff_iterate2("snap1", 0, size, true, this->whole_object,
2215 vector_iterate_cb, (void *) &extents));
2216 ASSERT_EQ(1u, extents.size());
2217 ASSERT_EQ(diff_extent(0, 256, true, object_size), extents[0]);
2218
2219 ASSERT_EQ(0, image.snap_set(NULL));
/test/librbd/test_librbd.cc: 2225 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2219 ASSERT_EQ(0, image.snap_set(NULL));
2220 ASSERT_EQ(1 << order, image.discard(0, 1 << order));
2221 ASSERT_EQ(0, image.snap_create("snap3"));
2222 ASSERT_EQ(0, image.snap_set("snap3"));
2223
2224 extents.clear();
>>> CID 1296381: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2225 ASSERT_EQ(0, image.diff_iterate2("snap1", 0, size, true, this->whole_object,
2226 vector_iterate_cb, (void *) &extents));
2227 ASSERT_EQ(1u, extents.size());
2228 ASSERT_EQ(diff_extent(0, 256, false, object_size), extents[0]);
2229 ASSERT_PASSED(this->validate_object_map, image);
2230 }
/test/librbd/test_librbd.cc: 2175 in DiffIterateTest_DiffIterateDiscard_Test<DiffIterateParams<(bool)0>>::TestBody()()
2169 uint64_t size = 20 << 20;
2170
2171 ASSERT_EQ(0, create_image_pp(rbd, ioctx, name.c_str(), size, &order));
2172 ASSERT_EQ(0, rbd.open(ioctx, image, name.c_str(), NULL));
2173
2174 uint64_t object_size = 0;
>>> CID 1296381: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
2175 if (this->whole_object) {
2176 object_size = 1 << order;
2177 }
2178 vector<diff_extent> extents;
2179 ceph::bufferlist bl;
2180
** CID 1296380: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2115 in DiffIterateTest_DiffIterate_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2100 in DiffIterateTest_DiffIterate_Test<DiffIterateParams<(bool)0>>::TestBody()()
________________________________________________________________________________________________________
*** CID 1296380: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2115 in DiffIterateTest_DiffIterate_Test<DiffIterateParams<(bool)0>>::TestBody()()
2109 scribble(image, 10, 102400, &exists, &two);
2110
2111 two = round_diff_interval(two, object_size);
2112 cout << " wrote " << two << std::endl;
2113
2114 interval_set<uint64_t> diff;
>>> CID 1296380: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2115 ASSERT_EQ(0, image.diff_iterate2("one", 0, size, true, this->whole_object,
2116 iterate_cb, (void *)&diff));
2117 cout << " diff was " << diff << std::endl;
2118 if (!two.subset_of(diff)) {
2119 interval_set<uint64_t> i;
2120 i.intersection_of(two, diff);
/test/librbd/test_librbd.cc: 2100 in DiffIterateTest_DiffIterate_Test<DiffIterateParams<(bool)0>>::TestBody()()
2094 uint64_t size = 20 << 20;
2095
2096 ASSERT_EQ(0, create_image_pp(rbd, ioctx, name.c_str(), size, &order));
2097 ASSERT_EQ(0, rbd.open(ioctx, image, name.c_str(), NULL));
2098
2099 uint64_t object_size = 0;
>>> CID 1296380: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
2100 if (this->whole_object) {
2101 object_size = 1 << order;
2102 }
2103
2104 interval_set<uint64_t> exists;
2105 interval_set<uint64_t> one, two;
** CID 1296379: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2284 in DiffIterateTest_DiffIterateStress_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2247 in DiffIterateTest_DiffIterateStress_Test<DiffIterateParams<(bool)0>>::TestBody()()
________________________________________________________________________________________________________
*** CID 1296379: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2284 in DiffIterateTest_DiffIterateStress_Test<DiffIterateParams<(bool)0>>::TestBody()()
2278 uex.union_of(exists[i], exists[j]);
2279 diff.intersection_of(uex);
2280 diff = round_diff_interval(diff, object_size);
2281 cout << " limited diff " << diff << std::endl;
2282
2283 ASSERT_EQ(0, image.snap_set(h==0 ? snap[j].c_str() : NULL));
>>> CID 1296379: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2284 ASSERT_EQ(0, image.diff_iterate2(snap[i].c_str(), 0, size, true,
2285 this->whole_object, iterate_cb,
2286 (void *)&actual));
2287 cout << " actual was " << actual << std::endl;
2288 if (!diff.subset_of(actual)) {
2289 interval_set<uint64_t> i;
/test/librbd/test_librbd.cc: 2247 in DiffIterateTest_DiffIterateStress_Test<DiffIterateParams<(bool)0>>::TestBody()()
2241 uint64_t size = 400 << 20;
2242
2243 ASSERT_EQ(0, create_image_pp(rbd, ioctx, name.c_str(), size, &order));
2244 ASSERT_EQ(0, rbd.open(ioctx, image, name.c_str(), NULL));
2245
2246 uint64_t object_size = 0;
>>> CID 1296379: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
2247 if (this->whole_object) {
2248 object_size = 1 << order;
2249 }
2250
2251 interval_set<uint64_t> curexists;
2252 vector<interval_set<uint64_t> > wrote;
** CID 1296378: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2394 in DiffIterateTest_DiffIterateIgnoreParent_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2391 in DiffIterateTest_DiffIterateIgnoreParent_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2366 in DiffIterateTest_DiffIterateIgnoreParent_Test<DiffIterateParams<(bool)0>>::TestBody()()
________________________________________________________________________________________________________
*** CID 1296378: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2394 in DiffIterateTest_DiffIterateIgnoreParent_Test<DiffIterateParams<(bool)0>>::TestBody()()
2388 cout << " wrote " << two << " to clone" << std::endl;
2389
2390 interval_set<uint64_t> diff;
2391 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, false, this->whole_object,
2392 iterate_cb, (void *)&diff));
2393 cout << " diff was " << diff << std::endl;
>>> CID 1296378: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always 0/false regardless of the value of its operand. This occurs as the logical operand of '!'.
2394 if (!this->whole_object) {
2395 ASSERT_FALSE(one.subset_of(diff));
2396 }
2397 ASSERT_TRUE(two.subset_of(diff));
2398 }
2399
/test/librbd/test_librbd.cc: 2391 in DiffIterateTest_DiffIterateIgnoreParent_Test<DiffIterateParams<(bool)0>>::TestBody()()
2385 interval_set<uint64_t> two;
2386 scribble(image, 10, 102400, &exists, &two);
2387 two = round_diff_interval(two, object_size);
2388 cout << " wrote " << two << " to clone" << std::endl;
2389
2390 interval_set<uint64_t> diff;
>>> CID 1296378: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2391 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, false, this->whole_object,
2392 iterate_cb, (void *)&diff));
2393 cout << " diff was " << diff << std::endl;
2394 if (!this->whole_object) {
2395 ASSERT_FALSE(one.subset_of(diff));
2396 }
/test/librbd/test_librbd.cc: 2366 in DiffIterateTest_DiffIterateIgnoreParent_Test<DiffIterateParams<(bool)0>>::TestBody()()
2360 int order = 0;
2361
2362 ASSERT_EQ(0, create_image_pp(rbd, ioctx, name.c_str(), size, &order));
2363 ASSERT_EQ(0, rbd.open(ioctx, image, name.c_str(), NULL));
2364
2365 uint64_t object_size = 0;
>>> CID 1296378: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
2366 if (this->whole_object) {
2367 object_size = 1 << order;
2368 }
2369
2370 bufferlist bl;
2371 bl.append(buffer::create(size));
** CID 1296377: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2326 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2337 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2344 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
/test/librbd/test_librbd.cc: 2320 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
________________________________________________________________________________________________________
*** CID 1296377: (CONSTANT_EXPRESSION_RESULT)
/test/librbd/test_librbd.cc: 2326 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
2320 if (this->whole_object) {
2321 object_size = 1 << order;
2322 }
2323 vector<diff_extent> extents;
2324 ceph::bufferlist bl;
2325
>>> CID 1296377: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2326 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2327 vector_iterate_cb, (void *) &extents));
2328 ASSERT_EQ(0u, extents.size());
2329
2330 ASSERT_EQ(0, image.snap_create("snap1"));
2331 char data[256];
/test/librbd/test_librbd.cc: 2337 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
2331 char data[256];
2332 memset(data, 1, sizeof(data));
2333 bl.append(data, 256);
2334 ASSERT_EQ(256, image.write(0, 256, bl));
2335
2336 extents.clear();
>>> CID 1296377: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2337 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2338 vector_iterate_cb, (void *) &extents));
2339 ASSERT_EQ(1u, extents.size());
2340 ASSERT_EQ(diff_extent(0, 256, true, object_size), extents[0]);
2341
2342 ASSERT_EQ(0, image.snap_set("snap1"));
/test/librbd/test_librbd.cc: 2344 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
2338 vector_iterate_cb, (void *) &extents));
2339 ASSERT_EQ(1u, extents.size());
2340 ASSERT_EQ(diff_extent(0, 256, true, object_size), extents[0]);
2341
2342 ASSERT_EQ(0, image.snap_set("snap1"));
2343 extents.clear();
>>> CID 1296377: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as an argument to a function call.
2344 ASSERT_EQ(0, image.diff_iterate2(NULL, 0, size, true, this->whole_object,
2345 vector_iterate_cb, (void *) &extents));
2346 ASSERT_EQ(static_cast<size_t>(0), extents.size());
2347 }
2348
2349 TYPED_TEST(DiffIterateTest, DiffIterateIgnoreParent)
/test/librbd/test_librbd.cc: 2320 in DiffIterateTest_DiffIterateRegression6926_Test<DiffIterateParams<(bool)0>>::TestBody()()
2314 uint64_t size = 20 << 20;
2315
2316 ASSERT_EQ(0, create_image_pp(rbd, ioctx, name.c_str(), size, &order));
2317 ASSERT_EQ(0, rbd.open(ioctx, image, name.c_str(), NULL));
2318
2319 uint64_t object_size = 0;
>>> CID 1296377: (CONSTANT_EXPRESSION_RESULT)
>>> "this , 0 /* DiffIterateTest<DiffIterateParams<false> >::whole_object */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
2320 if (this->whole_object) {
2321 object_size = 1 << order;
2322 }
2323 vector<diff_extent> extents;
2324 ceph::bufferlist bl;
2325
** CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/test/librbd/fsx.cc: 930 in save_buffer(char *, long, int)()
________________________________________________________________________________________________________
*** CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/test/librbd/fsx.cc: 930 in save_buffer(char *, long, int)()
924 off_t ret;
925 ssize_t byteswritten;
926
927 if (fd <= 0 || bufferlength == 0)
928 return;
929
>>> CID 1296376: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>>> "bufferlength > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of if.
930 if (bufferlength > SSIZE_MAX) {
931 prt("fsx flaw: overflow in save_buffer\n");
932 exit(67);
933 }
934
935 ret = lseek(fd, (off_t)0, SEEK_SET);
** CID 1296375: Memory - illegal accesses (BUFFER_SIZE_WARNING)
/test/librbd/fsx.cc: 2133 in main()
________________________________________________________________________________________________________
*** CID 1296375: Memory - illegal accesses (BUFFER_SIZE_WARNING)
/test/librbd/fsx.cc: 2133 in main()
2127 if (strlen(goodfile) < sizeof(goodfile)-2) {
2128 strcat(goodfile, "/");
2129 } else {
2130 prt("file name to long\n");
2131 exit(1);
2132 }
>>> CID 1296375: Memory - illegal accesses (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 1024 bytes on destination array "logfile" of size 1024 bytes might leave the destination string unterminated.
2133 strncpy(logfile, dirpath, sizeof(logfile));
2134 if (strlen(logfile) < sizeof(logfile)-2) {
2135 strcat(logfile, "/");
2136 } else {
2137 prt("file path to long\n");
2138 exit(1);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click https://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2015-01-21 1:41 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2015-01-21 1:41 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
3 new defect(s) introduced to ceph found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1265561: Resource leak (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
** CID 1265562: Resource leak (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
** CID 1265563: Resource leak (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
________________________________________________________________________________________________________
*** CID 1265561: Resource leak (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
2056 pc.fail();
2057 if (pd > 2)
2058 unlink(path);
2059 } else
2060 pc.finish();
2061
>>> CID 1265561: Resource leak (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
2062 return r;
2063 }
2064
2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp,
2066 const char *destname)
2067 {
________________________________________________________________________________________________________
*** CID 1265562: Resource leak (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
2056 pc.fail();
2057 if (pd > 2)
2058 unlink(path);
2059 } else
2060 pc.finish();
2061
>>> CID 1265562: Resource leak (RESOURCE_LEAK)
>>> Handle variable "sd" going out of scope leaks the handle.
2062 return r;
2063 }
2064
2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp,
2066 const char *destname)
2067 {
________________________________________________________________________________________________________
*** CID 1265563: Resource leak (RESOURCE_LEAK)
/rbd.cc: 2062 in do_merge_diff(const char *, const char *, const char *)()
2056 pc.fail();
2057 if (pd > 2)
2058 unlink(path);
2059 } else
2060 pc.finish();
2061
>>> CID 1265563: Resource leak (RESOURCE_LEAK)
>>> Handle variable "pd" going out of scope leaks the handle.
2062 return r;
2063 }
2064
2065 static int do_copy(librbd::Image &src, librados::IoCtx& dest_pp,
2066 const char *destname)
2067 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2015-01-16 15:17 ` Gregory Farnum
2015-01-16 16:00 ` John Spray
@ 2015-01-16 16:08 ` Sage Weil
1 sibling, 0 replies; 124+ messages in thread
From: Sage Weil @ 2015-01-16 16:08 UTC (permalink / raw)
To: Gregory Farnum; +Cc: John Spray, ceph-devel
Yeah, there's a pile of these warnings for most/all of the binaries we
build. Not sure if they are worth fixing or whether there is a coverity
annotation we can add to suppress them..
s
On Fri, 16 Jan 2015, Gregory Farnum wrote:
> Sage, are these uncaught assertion errors something we normally
> ignore? I'm not familiar with any code that tries to catch errors in
> our standard init patterns, which is what looks to be the problem on
> these new coverity issues in cephfs-table-tool.
> -Greg
>
> On Fri, Jan 16, 2015 at 6:39 AM, <scan-admin@coverity.com> wrote:
> >
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
> >
> > 4 new defect(s) introduced to ceph found with Coverity Scan.
> > 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
> >
> > New defect(s) Reported-by: Coverity Scan
> > Showing 4 of 4 defect(s)
> >
> >
> > ** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> >
> > ** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
> > /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
> >
> > ** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
> > /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
> >
> > ** CID 1264460: Structurally dead code (UNREACHABLE)
> > /common/sync_filesystem.h: 51 in sync_filesystem(int)()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
> >>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> >>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13 vector<const char*> args;
> > 14 argv_to_vec(argc, argv, args);
> > 15 env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
> >>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> >>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13 vector<const char*> args;
> > 14 argv_to_vec(argc, argv, args);
> > 15 env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
> >>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> >>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13 vector<const char*> args;
> > 14 argv_to_vec(argc, argv, args);
> > 15 env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
> >>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> >>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13 vector<const char*> args;
> > 14 argv_to_vec(argc, argv, args);
> > 15 env_to_vec(args);
> > 16
> > /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> > 5 #include "common/errno.h"
> > 6 #include "global/global_init.h"
> > 7
> > 8 #include "TableTool.h"
> > 9
> > 10
> >>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> >>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> > 11 int main(int argc, const char **argv)
> > 12 {
> > 13 vector<const char*> args;
> > 14 argv_to_vec(argc, argv, args);
> > 15 env_to_vec(args);
> > 16
> >
> > ________________________________________________________________________________________________________
> > *** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
> > /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
> > 41 NOTIFY_OP_REQUEST_LOCK = 2,
> > 42 NOTIFY_OP_HEADER_UPDATE = 3
> > 43 };
> > 44
> > 45 class WatchCtx : public librados::WatchCtx2 {
> > 46 public:
> >>>> CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
> >>>> Non-static class member "m_handle" is not initialized in this constructor nor in any functions that it calls.
> > 47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {}
> > 48
> > 49 int watch(const librbd::ImageCtx &ictx) {
> > 50 m_header_oid = ictx.header_oid;
> > 51 return m_parent.m_ioctx.watch2(m_header_oid, &m_handle, this);
> > 52 }
> >
> > ________________________________________________________________________________________________________
> > *** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
> > /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
> > 38
> > 39 std::string TestFixture::_pool_name;
> > 40 librados::Rados TestFixture::_rados;
> > 41 uint64_t TestFixture::_image_number = 0;
> > 42
> > 43 TestFixture::TestFixture() {
> >>>> CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
> >>>> Non-static class member "m_image_size" is not initialized in this constructor nor in any functions that it calls.
> > 44 }
> > 45
> > 46 void TestFixture::SetUpTestCase() {
> > 47 _pool_name = get_temp_pool_name();
> > 48 ASSERT_EQ("", create_one_pool_pp(_pool_name, _rados));
> > 49 }
> >
> > ________________________________________________________________________________________________________
> > *** CID 1264460: Structurally dead code (UNREACHABLE)
> > /common/sync_filesystem.h: 51 in sync_filesystem(int)()
> > 45 if (syscall(__NR_syncfs, fd) == 0)
> > 46 return 0;
> > 47 else
> > 48 return -errno;
> > 49 #endif
> > 50
> >>>> CID 1264460: Structurally dead code (UNREACHABLE)
> >>>> This code cannot be reached: "sync();".
> > 51 sync();
> > 52 return 0;
> > 53 }
> > 54
> >
> >
> > ________________________________________________________________________________________________________
> > To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
> >
> > To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
> >
> > --
> > To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2015-01-16 15:17 ` Gregory Farnum
@ 2015-01-16 16:00 ` John Spray
2015-01-16 16:08 ` Sage Weil
1 sibling, 0 replies; 124+ messages in thread
From: John Spray @ 2015-01-16 16:00 UTC (permalink / raw)
To: Gregory Farnum; +Cc: Sage Weil, ceph-devel
Hmm, maybe it's just because they're in a main() function? I notice
that an exception handler was added to ceph_authtool.cc to handle the
same coverity complaint there a few months ago.
John
On Fri, Jan 16, 2015 at 3:17 PM, Gregory Farnum <greg@gregs42.com> wrote:
> Sage, are these uncaught assertion errors something we normally
> ignore? I'm not familiar with any code that tries to catch errors in
> our standard init patterns, which is what looks to be the problem on
> these new coverity issues in cephfs-table-tool.
> -Greg
>
> On Fri, Jan 16, 2015 at 6:39 AM, <scan-admin@coverity.com> wrote:
>>
>> Hi,
>>
>> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>>
>> 4 new defect(s) introduced to ceph found with Coverity Scan.
>> 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>>
>> New defect(s) Reported-by: Coverity Scan
>> Showing 4 of 4 defect(s)
>>
>>
>> ** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>>
>> ** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
>> /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
>>
>> ** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
>> /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
>>
>> ** CID 1264460: Structurally dead code (UNREACHABLE)
>> /common/sync_filesystem.h: 51 in sync_filesystem(int)()
>>
>>
>> ________________________________________________________________________________________________________
>> *** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
>>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13 vector<const char*> args;
>> 14 argv_to_vec(argc, argv, args);
>> 15 env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
>>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13 vector<const char*> args;
>> 14 argv_to_vec(argc, argv, args);
>> 15 env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
>>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13 vector<const char*> args;
>> 14 argv_to_vec(argc, argv, args);
>> 15 env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
>>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13 vector<const char*> args;
>> 14 argv_to_vec(argc, argv, args);
>> 15 env_to_vec(args);
>> 16
>> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>> 5 #include "common/errno.h"
>> 6 #include "global/global_init.h"
>> 7
>> 8 #include "TableTool.h"
>> 9
>> 10
>>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
>> 11 int main(int argc, const char **argv)
>> 12 {
>> 13 vector<const char*> args;
>> 14 argv_to_vec(argc, argv, args);
>> 15 env_to_vec(args);
>> 16
>>
>> ________________________________________________________________________________________________________
>> *** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
>> /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
>> 41 NOTIFY_OP_REQUEST_LOCK = 2,
>> 42 NOTIFY_OP_HEADER_UPDATE = 3
>> 43 };
>> 44
>> 45 class WatchCtx : public librados::WatchCtx2 {
>> 46 public:
>>>>> CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
>>>>> Non-static class member "m_handle" is not initialized in this constructor nor in any functions that it calls.
>> 47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {}
>> 48
>> 49 int watch(const librbd::ImageCtx &ictx) {
>> 50 m_header_oid = ictx.header_oid;
>> 51 return m_parent.m_ioctx.watch2(m_header_oid, &m_handle, this);
>> 52 }
>>
>> ________________________________________________________________________________________________________
>> *** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
>> /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
>> 38
>> 39 std::string TestFixture::_pool_name;
>> 40 librados::Rados TestFixture::_rados;
>> 41 uint64_t TestFixture::_image_number = 0;
>> 42
>> 43 TestFixture::TestFixture() {
>>>>> CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
>>>>> Non-static class member "m_image_size" is not initialized in this constructor nor in any functions that it calls.
>> 44 }
>> 45
>> 46 void TestFixture::SetUpTestCase() {
>> 47 _pool_name = get_temp_pool_name();
>> 48 ASSERT_EQ("", create_one_pool_pp(_pool_name, _rados));
>> 49 }
>>
>> ________________________________________________________________________________________________________
>> *** CID 1264460: Structurally dead code (UNREACHABLE)
>> /common/sync_filesystem.h: 51 in sync_filesystem(int)()
>> 45 if (syscall(__NR_syncfs, fd) == 0)
>> 46 return 0;
>> 47 else
>> 48 return -errno;
>> 49 #endif
>> 50
>>>>> CID 1264460: Structurally dead code (UNREACHABLE)
>>>>> This code cannot be reached: "sync();".
>> 51 sync();
>> 52 return 0;
>> 53 }
>> 54
>>
>>
>> ________________________________________________________________________________________________________
>> To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
>>
>> To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2015-01-16 14:39 scan-admin
@ 2015-01-16 15:17 ` Gregory Farnum
2015-01-16 16:00 ` John Spray
2015-01-16 16:08 ` Sage Weil
0 siblings, 2 replies; 124+ messages in thread
From: Gregory Farnum @ 2015-01-16 15:17 UTC (permalink / raw)
To: Sage Weil, John Spray; +Cc: ceph-devel
Sage, are these uncaught assertion errors something we normally
ignore? I'm not familiar with any code that tries to catch errors in
our standard init patterns, which is what looks to be the problem on
these new coverity issues in cephfs-table-tool.
-Greg
On Fri, Jan 16, 2015 at 6:39 AM, <scan-admin@coverity.com> wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 4 new defect(s) introduced to ceph found with Coverity Scan.
> 19 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 4 of 4 defect(s)
>
>
> ** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
>
> ** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
> /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
>
> ** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
> /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
>
> ** CID 1264460: Structurally dead code (UNREACHABLE)
> /common/sync_filesystem.h: 51 in sync_filesystem(int)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
> /tools/cephfs/cephfs-table-tool.cc: 11 in main()
> 5 #include "common/errno.h"
> 6 #include "global/global_init.h"
> 7
> 8 #include "TableTool.h"
> 9
> 10
>>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 11 int main(int argc, const char **argv)
> 12 {
> 13 vector<const char*> args;
> 14 argv_to_vec(argc, argv, args);
> 15 env_to_vec(args);
> 16
>
> ________________________________________________________________________________________________________
> *** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
> /test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
> 41 NOTIFY_OP_REQUEST_LOCK = 2,
> 42 NOTIFY_OP_HEADER_UPDATE = 3
> 43 };
> 44
> 45 class WatchCtx : public librados::WatchCtx2 {
> 46 public:
>>>> CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
>>>> Non-static class member "m_handle" is not initialized in this constructor nor in any functions that it calls.
> 47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {}
> 48
> 49 int watch(const librbd::ImageCtx &ictx) {
> 50 m_header_oid = ictx.header_oid;
> 51 return m_parent.m_ioctx.watch2(m_header_oid, &m_handle, this);
> 52 }
>
> ________________________________________________________________________________________________________
> *** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
> /test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
> 38
> 39 std::string TestFixture::_pool_name;
> 40 librados::Rados TestFixture::_rados;
> 41 uint64_t TestFixture::_image_number = 0;
> 42
> 43 TestFixture::TestFixture() {
>>>> CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
>>>> Non-static class member "m_image_size" is not initialized in this constructor nor in any functions that it calls.
> 44 }
> 45
> 46 void TestFixture::SetUpTestCase() {
> 47 _pool_name = get_temp_pool_name();
> 48 ASSERT_EQ("", create_one_pool_pp(_pool_name, _rados));
> 49 }
>
> ________________________________________________________________________________________________________
> *** CID 1264460: Structurally dead code (UNREACHABLE)
> /common/sync_filesystem.h: 51 in sync_filesystem(int)()
> 45 if (syscall(__NR_syncfs, fd) == 0)
> 46 return 0;
> 47 else
> 48 return -errno;
> 49 #endif
> 50
>>>> CID 1264460: Structurally dead code (UNREACHABLE)
>>>> This code cannot be reached: "sync();".
> 51 sync();
> 52 return 0;
> 53 }
> 54
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
>
> To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2015-01-16 14:39 scan-admin
2015-01-16 15:17 ` Gregory Farnum
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2015-01-16 14:39 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
19 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
/test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
/test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
** CID 1264460: Structurally dead code (UNREACHABLE)
/common/sync_filesystem.h: 51 in sync_filesystem(int)()
________________________________________________________________________________________________________
*** CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "TableTool.h"
9
10
>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "TableTool.h"
9
10
>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "TableTool.h"
9
10
>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "TableTool.h"
9
10
>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
/tools/cephfs/cephfs-table-tool.cc: 11 in main()
5 #include "common/errno.h"
6 #include "global/global_init.h"
7
8 #include "TableTool.h"
9
10
>>> CID 1264457: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
11 int main(int argc, const char **argv)
12 {
13 vector<const char*> args;
14 argv_to_vec(argc, argv, args);
15 env_to_vec(args);
16
________________________________________________________________________________________________________
*** CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
/test/librbd/test_ImageWatcher.cc: 47 in TestImageWatcher::WatchCtx::WatchCtx(TestImageWatcher&)()
41 NOTIFY_OP_REQUEST_LOCK = 2,
42 NOTIFY_OP_HEADER_UPDATE = 3
43 };
44
45 class WatchCtx : public librados::WatchCtx2 {
46 public:
>>> CID 1264458: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "m_handle" is not initialized in this constructor nor in any functions that it calls.
47 WatchCtx(TestImageWatcher &parent) : m_parent(parent) {}
48
49 int watch(const librbd::ImageCtx &ictx) {
50 m_header_oid = ictx.header_oid;
51 return m_parent.m_ioctx.watch2(m_header_oid, &m_handle, this);
52 }
________________________________________________________________________________________________________
*** CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
/test/librbd/test_fixture.cc: 44 in TestFixture::TestFixture()()
38
39 std::string TestFixture::_pool_name;
40 librados::Rados TestFixture::_rados;
41 uint64_t TestFixture::_image_number = 0;
42
43 TestFixture::TestFixture() {
>>> CID 1264459: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "m_image_size" is not initialized in this constructor nor in any functions that it calls.
44 }
45
46 void TestFixture::SetUpTestCase() {
47 _pool_name = get_temp_pool_name();
48 ASSERT_EQ("", create_one_pool_pp(_pool_name, _rados));
49 }
________________________________________________________________________________________________________
*** CID 1264460: Structurally dead code (UNREACHABLE)
/common/sync_filesystem.h: 51 in sync_filesystem(int)()
45 if (syscall(__NR_syncfs, fd) == 0)
46 return 0;
47 else
48 return -errno;
49 #endif
50
>>> CID 1264460: Structurally dead code (UNREACHABLE)
>>> This code cannot be reached: "sync();".
51 sync();
52 return 0;
53 }
54
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
[not found] <54b528bef1f63_1b74f3532c63410@scan.coverity.com.mail>
@ 2015-01-13 14:34 ` Sage Weil
0 siblings, 0 replies; 124+ messages in thread
From: Sage Weil @ 2015-01-13 14:34 UTC (permalink / raw)
To: zhiqiang.wang; +Cc: ceph-devel
Hi Zhiqiang,
On Tue, 13 Jan 2015, scan-admin@coverity.com wrote:
> ________________________________________________________________________________________________________
> *** CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR)
> /osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)()
> 2065 while (p != proxyread_ops.end()) {
> 2066 cancel_proxy_read((p++)->second);
> 2067 }
> 2068
> 2069 if (requeue) {
> 2070 for (map<hobject_t, list<OpRequestRef> >::iterator p = in_progress_proxy_reads.begin();
> >>> CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR)
> >>> Using invalid iterator "p".
> 2071 p != in_progress_proxy_reads.end(); p++) {
> 2072 list<OpRequestRef>& ls = p->second;
> 2073 dout(10) << __func__ << " " << p->first << " requeuing " << ls.size() << " requests" << dendl;
> 2074 requeue_ops(ls);
> 2075 in_progress_proxy_reads.erase(p);
> 2076 }
>
> ________________________________________________________________________________________________________
> *** CID 1262558: Uninitialized scalar field (UNINIT_CTOR)
> /osd/ReplicatedPG.h: 629 in ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr<OpRequest>, osd_reqid_t, std::vector<OSDOp, std::allocator<OSDOp>> &, ReplicatedPG*)()
> 623 num_write(0),
> 624 copy_cb(NULL),
> 625 async_read_result(0),
> 626 inflightreads(0),
> 627 lock_to_release(NONE),
> 628 on_finish(NULL),
> >>> CID 1262558: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "ignore_cache" is not initialized in this constructor nor in any functions that it calls.
> 629 release_snapset_obc(false) { }
> 630 void reset_obs(ObjectContextRef obc) {
> 631 new_obs = ObjectState(obc->obs.oi, obc->obs.exists);
> 632 if (obc->ssc) {
> 633 new_snapset = obc->ssc->snapset;
> 634 snapset = &obc->ssc->snapset;
>
Can you review my fix for these?
https://github.com/ceph/ceph/pull/3363
Thanks!
sage
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2015-01-13 14:16 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2015-01-13 14:16 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR)
/osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)()
** CID 1262558: Uninitialized scalar field (UNINIT_CTOR)
/osd/ReplicatedPG.h: 629 in ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr<OpRequest>, osd_reqid_t, std::vector<OSDOp, std::allocator<OSDOp>> &, ReplicatedPG*)()
________________________________________________________________________________________________________
*** CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR)
/osd/ReplicatedPG.cc: 2071 in ReplicatedPG::cancel_proxy_read_ops(bool)()
2065 while (p != proxyread_ops.end()) {
2066 cancel_proxy_read((p++)->second);
2067 }
2068
2069 if (requeue) {
2070 for (map<hobject_t, list<OpRequestRef> >::iterator p = in_progress_proxy_reads.begin();
>>> CID 1262557: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Using invalid iterator "p".
2071 p != in_progress_proxy_reads.end(); p++) {
2072 list<OpRequestRef>& ls = p->second;
2073 dout(10) << __func__ << " " << p->first << " requeuing " << ls.size() << " requests" << dendl;
2074 requeue_ops(ls);
2075 in_progress_proxy_reads.erase(p);
2076 }
________________________________________________________________________________________________________
*** CID 1262558: Uninitialized scalar field (UNINIT_CTOR)
/osd/ReplicatedPG.h: 629 in ReplicatedPG::OpContext::OpContext(std::tr1::shared_ptr<OpRequest>, osd_reqid_t, std::vector<OSDOp, std::allocator<OSDOp>> &, ReplicatedPG*)()
623 num_write(0),
624 copy_cb(NULL),
625 async_read_result(0),
626 inflightreads(0),
627 lock_to_release(NONE),
628 on_finish(NULL),
>>> CID 1262558: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "ignore_cache" is not initialized in this constructor nor in any functions that it calls.
629 release_snapset_obc(false) { }
630 void reset_obs(ObjectContextRef obc) {
631 new_obs = ObjectState(obc->obs.oi, obc->obs.exists);
632 if (obc->ssc) {
633 new_snapset = obc->ssc->snapset;
634 snapset = &obc->ssc->snapset;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2015-01-10 14:36 scan-admin
@ 2015-01-10 15:48 ` Haomai Wang
0 siblings, 0 replies; 124+ messages in thread
From: Haomai Wang @ 2015-01-10 15:48 UTC (permalink / raw)
To: ceph-devel
The first exception should be shadowed?
And the second exception seemed strange, because other tests are follow this way
On Sat, Jan 10, 2015 at 10:36 PM, <scan-admin@coverity.com> wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 2 new defect(s) introduced to ceph found with Coverity Scan.
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 2 of 2 defect(s)
>
>
> ** CID 1260210: Resource leak (RESOURCE_LEAK)
> /test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()()
>
> ** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
> /test/msgr/test_msgr.cc: 579 in main()
>
>
> ________________________________________________________________________________________________________
> *** CID 1260210: Resource leak (RESOURCE_LEAK)
> /test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()()
> 531 usleep(300*1000);
> 532 // client should be standby, so we use original connection
> 533 {
> 534 m = new MPing();
> 535 conn->send_keepalive();
> 536 CHECK_AND_WAIT_TRUE(conn->is_connected());
>>>> CID 1260210: Resource leak (RESOURCE_LEAK)
>>>> Variable "m" going out of scope leaks the storage it points to.
> 537 ASSERT_TRUE(conn->is_connected());
> 538 ASSERT_EQ(conn->send_message(m), 0);
> 539 Mutex::Locker l(cli_dispatcher.lock);
> 540 while (!cli_dispatcher.got_new)
> 541 cli_dispatcher.cond.Wait(cli_dispatcher.lock);
> 542 cli_dispatcher.got_new = false;
>
> ________________________________________________________________________________________________________
> *** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
> 575
> 576 #endif
> 577
> 578
>>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580 vector<const char*> args;
> 581 argv_to_vec(argc, (const char **)argv, args);
> 582
> 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
> 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
> 575
> 576 #endif
> 577
> 578
>>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580 vector<const char*> args;
> 581 argv_to_vec(argc, (const char **)argv, args);
> 582
> 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
> 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
> 575
> 576 #endif
> 577
> 578
>>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580 vector<const char*> args;
> 581 argv_to_vec(argc, (const char **)argv, args);
> 582
> 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
> 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
> 575
> 576 #endif
> 577
> 578
>>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580 vector<const char*> args;
> 581 argv_to_vec(argc, (const char **)argv, args);
> 582
> 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
> 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
> 575
> 576 #endif
> 577
> 578
>>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580 vector<const char*> args;
> 581 argv_to_vec(argc, (const char **)argv, args);
> 582
> 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
> 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
> /test/msgr/test_msgr.cc: 579 in main()
> 573 // must be defined). This dummy test keeps gtest_main linked in.
> 574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
> 575
> 576 #endif
> 577
> 578
>>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
> 579 int main(int argc, char **argv) {
> 580 vector<const char*> args;
> 581 argv_to_vec(argc, (const char **)argv, args);
> 582
> 583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
> 584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
>
> To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Best Regards,
Wheat
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2015-01-10 14:36 scan-admin
2015-01-10 15:48 ` Haomai Wang
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2015-01-10 14:36 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1260210: Resource leak (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()()
** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
________________________________________________________________________________________________________
*** CID 1260210: Resource leak (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()()
531 usleep(300*1000);
532 // client should be standby, so we use original connection
533 {
534 m = new MPing();
535 conn->send_keepalive();
536 CHECK_AND_WAIT_TRUE(conn->is_connected());
>>> CID 1260210: Resource leak (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
537 ASSERT_TRUE(conn->is_connected());
538 ASSERT_EQ(conn->send_message(m), 0);
539 Mutex::Locker l(cli_dispatcher.lock);
540 while (!cli_dispatcher.got_new)
541 cli_dispatcher.cond.Wait(cli_dispatcher.lock);
542 cli_dispatcher.got_new = false;
________________________________________________________________________________________________________
*** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 g_ceph_context->_conf->set_val("auth_cluster_required", "none");
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2015-01-09 15:26 ` Sage Weil
@ 2015-01-09 15:32 ` Danny Al-Gaaf
0 siblings, 0 replies; 124+ messages in thread
From: Danny Al-Gaaf @ 2015-01-09 15:32 UTC (permalink / raw)
To: Sage Weil, ceph-devel
Am 09.01.2015 um 16:26 schrieb Sage Weil:
> On Fri, 9 Jan 2015, scan-admin@coverity.com wrote:
>> ** CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
>> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
>>
>> ** CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
>> /messages/MOSDRepOpReply.h: 97 in
>> MOSDRepOpReply::MOSDRepOpReply()()
>>
>>
>> ________________________________________________________________________________________________________
>>
>>
*** CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
>> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()() 101
>> ::encode(from, payload); 102
>> ::encode(updated_hit_set_history, payload); 103
>> ::encode(pg_trim_rollback_to, payload); 104 } 105 106
>> MOSDRepOp()
>>>>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
>>>>> Non-static class member "acks_wanted" is not initialized in
>>>>> this constructor nor in any functions that it calls.
>> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION,
>> COMPAT_VERSION) { } 108 MOSDRepOp(osd_reqid_t r, pg_shard_t
>> from, 109 spg_t p, const hobject_t& po, int aw, 110
>> epoch_t mape, ceph_tid_t rtid, eversion_t v) 111 :
>> Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION), 112
>> map_epoch(mape),
>>
>> ________________________________________________________________________________________________________
>>
>>
*** CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
>> /messages/MOSDRepOpReply.h: 97 in
>> MOSDRepOpReply::MOSDRepOpReply()() 91 from(from), 92
>> pgid(req->pgid.pgid, req->from.shard), 93 ack_type(at),
>> 94 result(result_) { 95 set_tid(req->get_tid());
>> 96 }
>>>>> CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
>>>>> Non-static class member "result" is not initialized in this
>>>>> constructor nor in any functions that it calls.
>> 97 MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {} 98
>> private: 99 ~MOSDRepOpReply() {} 100 101 public: 102
>> const char *get_type_name() const { return "osd_repop_reply"; }
>
> These are both warnings about the trivial constructors,
>
>> 106 MOSDRepOp()
>>>>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
>>>>> Non-static class member "acks_wanted" is not initialized in
>>>>> this constructor nor in any functions that it calls.
>> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION,
>> COMPAT_VERSION) { }
>
> which are always followed by a ::decode. We don't initialize
> fields in any of these so we probably have these coverity warnings
> for every message. Perhaps we should add some annotations to
> indicate that? Danny, are you familiar with those?
>
> (I don't think we want to initialize... unless we rely on the
> optimizer to do magic it's inefficient to initialize the value and
> then overwrite it during decode shortly after.)
>
> sage
I will take a look into it.
Danny
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2015-01-09 14:30 scan-admin
@ 2015-01-09 15:26 ` Sage Weil
2015-01-09 15:32 ` Danny Al-Gaaf
0 siblings, 1 reply; 124+ messages in thread
From: Sage Weil @ 2015-01-09 15:26 UTC (permalink / raw)
To: ceph-devel, danny.al-gaaf
On Fri, 9 Jan 2015, scan-admin@coverity.com wrote:
> ** CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
>
> ** CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
> 101 ::encode(from, payload);
> 102 ::encode(updated_hit_set_history, payload);
> 103 ::encode(pg_trim_rollback_to, payload);
> 104 }
> 105
> 106 MOSDRepOp()
> >>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "acks_wanted" is not initialized in this constructor nor in any functions that it calls.
> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { }
> 108 MOSDRepOp(osd_reqid_t r, pg_shard_t from,
> 109 spg_t p, const hobject_t& po, int aw,
> 110 epoch_t mape, ceph_tid_t rtid, eversion_t v)
> 111 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION),
> 112 map_epoch(mape),
>
> ________________________________________________________________________________________________________
> *** CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()
> 91 from(from),
> 92 pgid(req->pgid.pgid, req->from.shard),
> 93 ack_type(at),
> 94 result(result_) {
> 95 set_tid(req->get_tid());
> 96 }
> >>> CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "result" is not initialized in this constructor nor in any functions that it calls.
> 97 MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {}
> 98 private:
> 99 ~MOSDRepOpReply() {}
> 100
> 101 public:
> 102 const char *get_type_name() const { return "osd_repop_reply"; }
These are both warnings about the trivial constructors,
> 106 MOSDRepOp()
> >>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "acks_wanted" is not initialized in this constructor nor in any functions that it calls.
> 107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { }
which are always followed by a ::decode. We don't initialize fields in
any of these so we probably have these coverity warnings for every
message. Perhaps we should add some annotations to indicate that? Danny,
are you familiar with those?
(I don't think we want to initialize... unless we rely on the optimizer to
do magic it's inefficient to initialize the value and then overwrite it
during decode shortly after.)
sage
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2015-01-09 14:30 scan-admin
2015-01-09 15:26 ` Sage Weil
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2015-01-09 14:30 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
/messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
** CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
/messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()
________________________________________________________________________________________________________
*** CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
/messages/MOSDRepOp.h: 107 in MOSDRepOp::MOSDRepOp()()
101 ::encode(from, payload);
102 ::encode(updated_hit_set_history, payload);
103 ::encode(pg_trim_rollback_to, payload);
104 }
105
106 MOSDRepOp()
>>> CID 1262114: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "acks_wanted" is not initialized in this constructor nor in any functions that it calls.
107 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION) { }
108 MOSDRepOp(osd_reqid_t r, pg_shard_t from,
109 spg_t p, const hobject_t& po, int aw,
110 epoch_t mape, ceph_tid_t rtid, eversion_t v)
111 : Message(MSG_OSD_REPOP, HEAD_VERSION, COMPAT_VERSION),
112 map_epoch(mape),
________________________________________________________________________________________________________
*** CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
/messages/MOSDRepOpReply.h: 97 in MOSDRepOpReply::MOSDRepOpReply()()
91 from(from),
92 pgid(req->pgid.pgid, req->from.shard),
93 ack_type(at),
94 result(result_) {
95 set_tid(req->get_tid());
96 }
>>> CID 1262115: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "result" is not initialized in this constructor nor in any functions that it calls.
97 MOSDRepOpReply() : Message(MSG_OSD_REPOPREPLY) {}
98 private:
99 ~MOSDRepOpReply() {}
100
101 public:
102 const char *get_type_name() const { return "osd_repop_reply"; }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2015-01-04 14:14 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2015-01-04 14:14 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1261633: Time of check time of use (TOCTOU)
/mount/mtab.c: 275 in update_mtab_entry()
________________________________________________________________________________________________________
*** CID 1261633: Time of check time of use (TOCTOU)
/mount/mtab.c: 275 in update_mtab_entry()
269 mnt.mnt_freq = freq;
270 mnt.mnt_passno = pass;
271
272 FILE *fp;
273
274 lock_mtab();
>>> CID 1261633: Time of check time of use (TOCTOU)
>>> Calling function "setmntent" that uses ""/etc/mtab"" after a check function. This can cause a time-of-check, time-of-use race condition.
275 fp = setmntent(_PATH_MOUNTED, "a+");
276 if (fp == NULL) {
277 int errsv = errno;
278 printf("mount: can't open %s: %s", _PATH_MOUNTED,
279 strerror (errsv));
280 } else {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2014-12-27 14:13 scan-admin
@ 2014-12-28 6:03 ` Sage Weil
0 siblings, 0 replies; 124+ messages in thread
From: Sage Weil @ 2014-12-28 6:03 UTC (permalink / raw)
To: haomaiwang; +Cc: ceph-devel
Haomai, may want to double-check the pointer arithmetic here (and/or add a
cast to make coverity less suspicious).
sage
On Sat, 27 Dec 2014, scan-admin@coverity.com wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 1 new defect(s) introduced to ceph found with Coverity Scan.
> 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
>
>
> ** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH)
> /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, std::tr1::shared_ptr<EventCallback>)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH)
> /msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, std::tr1::shared_ptr<EventCallback>)()
> 117 }
> 118 FileEvent *new_events = static_cast<FileEvent *>(realloc(file_events, sizeof(FileEvent)*new_size));
> 119 if (!new_events) {
> 120 lderr(cct) << __func__ << " failed to realloc file_events" << cpp_strerror(errno) << dendl;
> 121 return -errno;
> 122 }
> >>> CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH)
> >>> Adding "40UL /* sizeof (EventCenter::FileEvent) */ * this->nevent" to pointer "this->file_events" of type "EventCenter::FileEvent *" is suspicious because adding an integral value to this pointer automatically scales that value by the size, 40 bytes, of the pointed-to type, "EventCenter::FileEvent". Most likely, the multiplication by "sizeof (EventCenter::FileEvent)" in this expression is extraneous and should be eliminated.
> 123 memset(file_events+sizeof(FileEvent)*nevent, 0, sizeof(FileEvent)*(new_size-nevent));
> 124 file_events = new_events;
> 125 nevent = new_size;
> 126 }
> 127
> 128 EventCenter::FileEvent *event = _get_file_event(fd);
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
>
> To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-27 14:13 scan-admin
2014-12-28 6:03 ` Sage Weil
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2014-12-27 14:13 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH)
/msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, std::tr1::shared_ptr<EventCallback>)()
________________________________________________________________________________________________________
*** CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH)
/msg/async/Event.cc: 123 in EventCenter::create_file_event(int, int, std::tr1::shared_ptr<EventCallback>)()
117 }
118 FileEvent *new_events = static_cast<FileEvent *>(realloc(file_events, sizeof(FileEvent)*new_size));
119 if (!new_events) {
120 lderr(cct) << __func__ << " failed to realloc file_events" << cpp_strerror(errno) << dendl;
121 return -errno;
122 }
>>> CID 1260497: Extra sizeof expression (SIZEOF_MISMATCH)
>>> Adding "40UL /* sizeof (EventCenter::FileEvent) */ * this->nevent" to pointer "this->file_events" of type "EventCenter::FileEvent *" is suspicious because adding an integral value to this pointer automatically scales that value by the size, 40 bytes, of the pointed-to type, "EventCenter::FileEvent". Most likely, the multiplication by "sizeof (EventCenter::FileEvent)" in this expression is extraneous and should be eliminated.
123 memset(file_events+sizeof(FileEvent)*nevent, 0, sizeof(FileEvent)*(new_size-nevent));
124 file_events = new_events;
125 nevent = new_size;
126 }
127
128 EventCenter::FileEvent *event = _get_file_event(fd);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-26 14:19 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-26 14:19 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1260469: Unchecked return value from library (CHECKED_RETURN)
/os/FileJournal.cc: 1083 in FileJournal::do_write(ceph::buffer::list &)()
________________________________________________________________________________________________________
*** CID 1260469: Unchecked return value from library (CHECKED_RETURN)
/os/FileJournal.cc: 1083 in FileJournal::do_write(ceph::buffer::list &)()
1077 ::fsync(fd);
1078 #else
1079 ::fdatasync(fd);
1080 #endif
1081 #ifdef HAVE_POSIX_FADVISE
1082 if (g_conf->filestore_fadvise)
>>> CID 1260469: Unchecked return value from library (CHECKED_RETURN)
>>> Calling "posix_fadvise(this->fd, 0L, 0L, 4)" without checking return value. This library function may fail and return an error code.
1083 posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED);
1084 #endif
1085 }
1086
1087 utime_t lat = ceph_clock_now(g_ceph_context) - from;
1088 dout(20) << "do_write latency " << lat << dendl;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-23 14:37 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-23 14:37 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1260393: Logically dead code (DEADCODE)
/osd/osd_types.cc: 3427 in object_copy_data_t::decode(ceph::buffer::list::iterator &)()
** CID 1260394: Resource leak (RESOURCE_LEAK)
/test/cls_refcount/test_cls_refcount.cc: 138 in cls_rgw_test_put_snap_Test::TestBody()()
** CID 1260395: Resource leak (RESOURCE_LEAK)
/test/librados/snapshots.cc: 160 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()
/test/librados/snapshots.cc: 164 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()
** CID 1260396: Dereference before null check (REVERSE_INULL)
/librados/RadosClient.cc: 297 in librados::RadosClient::shutdown()()
________________________________________________________________________________________________________
*** CID 1260393: Logically dead code (DEADCODE)
/osd/osd_types.cc: 3427 in object_copy_data_t::decode(ceph::buffer::list::iterator &)()
3421 if (struct_v >= 2)
3422 ::decode(omap_header, bl);
3423 if (struct_v >= 3) {
3424 ::decode(snaps, bl);
3425 ::decode(snap_seq, bl);
3426 } else {
>>> CID 1260393: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "this->snaps.clear();".
3427 snaps.clear();
3428 snap_seq = 0;
3429 }
3430 if (struct_v >= 4) {
3431 ::decode(flags, bl);
3432 ::decode(data_digest, bl);
________________________________________________________________________________________________________
*** CID 1260394: Resource leak (RESOURCE_LEAK)
/test/cls_refcount/test_cls_refcount.cc: 138 in cls_rgw_test_put_snap_Test::TestBody()()
132
133 ASSERT_EQ(0, ioctx.snap_create("snapbar"));
134
135 librados::ObjectWriteOperation *op = new_op();
136 op->create(false);
137 cls_refcount_put(*op, "notag", true);
>>> CID 1260394: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
138 ASSERT_EQ(-ENOENT, ioctx.operate("foo", op));
139
140 EXPECT_EQ(0, ioctx.snap_remove("snapfoo"));
141 EXPECT_EQ(0, ioctx.snap_remove("snapbar"));
142
143 delete op;
________________________________________________________________________________________________________
*** CID 1260395: Resource leak (RESOURCE_LEAK)
/test/librados/snapshots.cc: 160 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()
154 ASSERT_EQ(0, ioctx.remove("foo"));
155 ASSERT_EQ(0, ioctx.snap_create("snapbar"));
156
157 librados::ObjectWriteOperation *op = new librados::ObjectWriteOperation();
158 op->create(false);
159 op->remove();
>>> CID 1260395: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
160 ASSERT_EQ(0, ioctx.operate("foo", op));
161
162 EXPECT_EQ(0, ioctx.snap_remove("snapfoo"));
163 EXPECT_EQ(0, ioctx.snap_remove("snapbar"));
164 }
165
/test/librados/snapshots.cc: 164 in LibRadosSnapshotsPP_SnapCreateRemovePP_Test::TestBody()()
158 op->create(false);
159 op->remove();
160 ASSERT_EQ(0, ioctx.operate("foo", op));
161
162 EXPECT_EQ(0, ioctx.snap_remove("snapfoo"));
163 EXPECT_EQ(0, ioctx.snap_remove("snapbar"));
>>> CID 1260395: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
164 }
165
166 TEST_F(LibRadosSnapshotsSelfManaged, Snap) {
167 std::vector<uint64_t> my_snaps;
168 my_snaps.push_back(-2);
169 ASSERT_EQ(0, rados_ioctx_selfmanaged_snap_create(ioctx, &my_snaps.back()));
________________________________________________________________________________________________________
*** CID 1260396: Dereference before null check (REVERSE_INULL)
/librados/RadosClient.cc: 297 in librados::RadosClient::shutdown()()
291 return;
292 }
293 if (state == CONNECTED) {
294 finisher.stop();
295 }
296 bool need_objecter = false;
>>> CID 1260396: Dereference before null check (REVERSE_INULL)
>>> Null-checking "this->objecter" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
297 if (objecter && objecter->initialized.read()) {
298 need_objecter = true;
299 }
300 state = DISCONNECTED;
301 instance_id = 0;
302 timer.shutdown(); // will drop+retake lock
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-21 14:13 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-21 14:13 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1260211: Resource leak (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 414 in MessengerTest_StatefulTest_Test::TestBody()()
** CID 1260210: Resource leak (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()()
** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
/test/msgr/test_msgr.cc: 579 in main()
** CID 1260213: Uninitialized scalar field (UNINIT_CTOR)
/osd/ReplicatedPG.cc: 1242 in ReplicatedPG::ReplicatedPG(OSDService *, std::tr1::shared_ptr<const OSDMap>, const PGPool &, spg_t)()
________________________________________________________________________________________________________
*** CID 1260211: Resource leak (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 414 in MessengerTest_StatefulTest_Test::TestBody()()
408 }
409 CHECK_AND_WAIT_TRUE(conn->is_connected());
410 ASSERT_TRUE(conn->is_connected());
411 {
412 m = new MPing();
413 Mutex::Locker l(cli_dispatcher.lock);
>>> CID 1260211: Resource leak (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
414 ASSERT_TRUE(conn->is_connected());
415 ASSERT_EQ(conn->send_message(m), 0);
416 while (!cli_dispatcher.got_new)
417 cli_dispatcher.cond.Wait(cli_dispatcher.lock);
418 cli_dispatcher.got_new = false;
419 }
________________________________________________________________________________________________________
*** CID 1260210: Resource leak (RESOURCE_LEAK)
/test/msgr/test_msgr.cc: 537 in MessengerTest_ClientStandbyTest_Test::TestBody()()
531 usleep(300*1000);
532 // client should be standby, so we use original connection
533 {
534 m = new MPing();
535 conn->send_keepalive();
536 CHECK_AND_WAIT_TRUE(conn->is_connected());
>>> CID 1260210: Resource leak (RESOURCE_LEAK)
>>> Variable "m" going out of scope leaks the storage it points to.
537 ASSERT_TRUE(conn->is_connected());
538 Mutex::Locker l(cli_dispatcher.lock);
539 ASSERT_EQ(conn->send_message(m), 0);
540 while (!cli_dispatcher.got_new)
541 cli_dispatcher.cond.Wait(cli_dispatcher.lock);
542 cli_dispatcher.got_new = false;
________________________________________________________________________________________________________
*** CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 common_init_finish(g_ceph_context);
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 common_init_finish(g_ceph_context);
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 common_init_finish(g_ceph_context);
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 common_init_finish(g_ceph_context);
/test/msgr/test_msgr.cc: 579 in main()
573 // must be defined). This dummy test keeps gtest_main linked in.
574 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
575
576 #endif
577
578
>>> CID 1260212: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
579 int main(int argc, char **argv) {
580 vector<const char*> args;
581 argv_to_vec(argc, (const char **)argv, args);
582
583 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
584 common_init_finish(g_ceph_context);
________________________________________________________________________________________________________
*** CID 1260213: Uninitialized scalar field (UNINIT_CTOR)
/osd/ReplicatedPG.cc: 1242 in ReplicatedPG::ReplicatedPG(OSDService *, std::tr1::shared_ptr<const OSDMap>, const PGPool &, spg_t)()
1236 snap_trimmer_machine(this)
1237 {
1238 missing_loc.set_backend_predicates(
1239 pgbackend->get_is_readable_predicate(),
1240 pgbackend->get_is_recoverable_predicate());
1241 snap_trimmer_machine.initiate();
>>> CID 1260213: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "new_backfill" is not initialized in this constructor nor in any functions that it calls.
1242 }
1243
1244 void ReplicatedPG::get_src_oloc(const object_t& oid, const object_locator_t& oloc, object_locator_t& src_oloc)
1245 {
1246 src_oloc = oloc;
1247 if (oloc.key.empty())
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-18 14:19 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-18 14:19 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
5 new defect(s) introduced to ceph found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1258786: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ECBackend.cc: 839 in ECBackend::handle_sub_write(pg_shard_t, std::tr1::shared_ptr<OpRequest>, ECSubWrite &, Context *)()
** CID 1258787: Resource leak (RESOURCE_LEAK)
/osd/OSD.cc: 6118 in OSD::handle_osd_map(MOSDMap *)()
** CID 1258789: Uninitialized scalar field (UNINIT_CTOR)
/messages/MClientCaps.h: 132 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, int, unsigned int)()
** CID 1258790: Uninitialized scalar field (UNINIT_CTOR)
/messages/MClientCaps.h: 118 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, long, int, int, int, int, unsigned int)()
** CID 1258788: Uninitialized scalar field (UNINIT_CTOR)
/librados/IoCtxImpl.cc: 44 in librados::IoCtxImpl::IoCtxImpl(librados::RadosClient *, Objecter *, int, const char *, snapid_t)()
________________________________________________________________________________________________________
*** CID 1258786: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ECBackend.cc: 839 in ECBackend::handle_sub_write(pg_shard_t, std::tr1::shared_ptr<OpRequest>, ECSubWrite &, Context *)()
833 op.updated_hit_set_history,
834 op.trim_to,
835 op.trim_rollback_to,
836 !(op.t.empty()),
837 localt);
838
>>> CID 1258786: Unchecked dynamic_cast (FORWARD_NULL)
>>> Dynamic cast to pointer "dynamic_cast <ReplicatedPG *>(this->get_parent())" can return "NULL".
839 if (!(dynamic_cast<ReplicatedPG *>(get_parent())->is_undersized()) &&
840 get_parent()->whoami_shard().shard >= ec_impl->get_data_chunk_count())
841 op.t.set_fadvise_flag(CEPH_OSD_OP_FLAG_FADVISE_DONTNEED);
842
843 localt->append(op.t);
844 if (on_local_applied_sync) {
________________________________________________________________________________________________________
*** CID 1258787: Resource leak (RESOURCE_LEAK)
/osd/OSD.cc: 6118 in OSD::handle_osd_map(MOSDMap *)()
6112 << dendl;
6113 clog->warn() << "failed to encode map e" << e << " with expected crc\n";
6114 MMonGetOSDMap *req = new MMonGetOSDMap;
6115 req->request_full(e, last);
6116 monc->send_mon_message(req);
6117 last = e - 1;
>>> CID 1258787: Resource leak (RESOURCE_LEAK)
>>> Variable "o" going out of scope leaks the storage it points to.
6118 break;
6119 }
6120
6121
6122 hobject_t fulloid = get_osdmap_pobject_name(e);
6123 t.write(META_COLL, fulloid, 0, fbl.length(), fbl);
________________________________________________________________________________________________________
*** CID 1258789: Uninitialized scalar field (UNINIT_CTOR)
/messages/MClientCaps.h: 132 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, int, unsigned int)()
126 head.ino = ino;
127 head.realm = realm;
128 head.cap_id = id;
129 head.migrate_seq = mseq;
130 peer.cap_id = 0;
131 inline_version = 0;
>>> CID 1258789: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member field "peer.flags" is not initialized in this constructor nor in any functions that it calls.
132 }
133 private:
134 ~MClientCaps() {}
135
136 public:
137 const char *get_type_name() const { return "Cfcap";}
________________________________________________________________________________________________________
*** CID 1258790: Uninitialized scalar field (UNINIT_CTOR)
/messages/MClientCaps.h: 118 in MClientCaps::MClientCaps(int, inodeno_t, inodeno_t, unsigned long, long, int, int, int, int, unsigned int)()
112 head.caps = caps;
113 head.wanted = wanted;
114 head.dirty = dirty;
115 head.migrate_seq = mseq;
116 peer.cap_id = 0;
117 inline_version = 0;
>>> CID 1258790: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member field "peer.flags" is not initialized in this constructor nor in any functions that it calls.
118 }
119 MClientCaps(int op,
120 inodeno_t ino, inodeno_t realm,
121 uint64_t id, int mseq, epoch_t oeb)
122 : Message(CEPH_MSG_CLIENT_CAPS, HEAD_VERSION, COMPAT_VERSION),
123 osd_epoch_barrier(oeb){
________________________________________________________________________________________________________
*** CID 1258788: Uninitialized scalar field (UNINIT_CTOR)
/librados/IoCtxImpl.cc: 44 in librados::IoCtxImpl::IoCtxImpl(librados::RadosClient *, Objecter *, int, const char *, snapid_t)()
38 : ref_cnt(0), client(c), poolid(poolid), pool_name(pool_name), snap_seq(s),
39 assert_ver(0), notify_timeout(c->cct->_conf->client_notify_timeout),
40 oloc(poolid),
41 aio_write_list_lock("librados::IoCtxImpl::aio_write_list_lock"),
42 aio_write_seq(0), objecter(objecter)
43 {
>>> CID 1258788: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "last_objver" is not initialized in this constructor nor in any functions that it calls.
44 }
45
46 void librados::IoCtxImpl::set_snap_read(snapid_t s)
47 {
48 if (!s)
49 s = CEPH_NOSNAP;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-14 14:17 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-14 14:17 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1258437: Wrong size argument (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 956 in TestLibRBD_TestIOPP_Test::TestBody()()
** CID 1258438: Wrong size argument (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 955 in TestLibRBD_TestIOPP_Test::TestBody()()
** CID 1258439: Copy into fixed size buffer (STRING_OVERFLOW)
/common/blkdev.cc: 60 in get_block_device_base(const char *, char *, unsigned long)()
** CID 1258440: Time of check time of use (TOCTOU)
/common/blkdev.cc: 75 in get_block_device_base(const char *, char *, unsigned long)()
________________________________________________________________________________________________________
*** CID 1258437: Wrong size argument (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 956 in TestLibRBD_TestIOPP_Test::TestBody()()
950
951 for (i = 5; i < 10; ++i)
952 ASSERT_PASSED(aio_read_test_data, image, test_data, strlen(test_data) * i, TEST_IO_SIZE);
953
954 // discard 2nd, 4th sections.
955 ASSERT_PASSED(discard_test_data, image, TEST_IO_SIZE, TEST_IO_SIZE);
>>> CID 1258437: Wrong size argument (SIZEOF_MISMATCH)
>>> Passing argument "&passed" of type "bool *" and argument "512UL" to function "aio_discard_test_data" is suspicious because "sizeof (bool)" /*1*/ is expected.
956 ASSERT_PASSED(aio_discard_test_data, image, TEST_IO_SIZE*3, TEST_IO_SIZE);
957
958 ASSERT_PASSED(read_test_data, image, test_data, 0, TEST_IO_SIZE);
959 ASSERT_PASSED(read_test_data, image, zero_data, TEST_IO_SIZE, TEST_IO_SIZE);
960 ASSERT_PASSED(read_test_data, image, test_data, TEST_IO_SIZE*2, TEST_IO_SIZE);
961 ASSERT_PASSED(read_test_data, image, zero_data, TEST_IO_SIZE*3, TEST_IO_SIZE);
________________________________________________________________________________________________________
*** CID 1258438: Wrong size argument (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 955 in TestLibRBD_TestIOPP_Test::TestBody()()
949 ASSERT_PASSED(read_test_data, image, test_data, strlen(test_data) * i, TEST_IO_SIZE);
950
951 for (i = 5; i < 10; ++i)
952 ASSERT_PASSED(aio_read_test_data, image, test_data, strlen(test_data) * i, TEST_IO_SIZE);
953
954 // discard 2nd, 4th sections.
>>> CID 1258438: Wrong size argument (SIZEOF_MISMATCH)
>>> Passing argument "&passed" of type "bool *" and argument "512UL" to function "discard_test_data" is suspicious because "sizeof (bool)" /*1*/ is expected.
955 ASSERT_PASSED(discard_test_data, image, TEST_IO_SIZE, TEST_IO_SIZE);
956 ASSERT_PASSED(aio_discard_test_data, image, TEST_IO_SIZE*3, TEST_IO_SIZE);
957
958 ASSERT_PASSED(read_test_data, image, test_data, 0, TEST_IO_SIZE);
959 ASSERT_PASSED(read_test_data, image, zero_data, TEST_IO_SIZE, TEST_IO_SIZE);
960 ASSERT_PASSED(read_test_data, image, test_data, TEST_IO_SIZE*2, TEST_IO_SIZE);
________________________________________________________________________________________________________
*** CID 1258439: Copy into fixed size buffer (STRING_OVERFLOW)
/common/blkdev.cc: 60 in get_block_device_base(const char *, char *, unsigned long)()
54 char devname[PATH_MAX], fn[PATH_MAX];
55 char *p;
56
57 if (strncmp(dev, "/dev/", 5) != 0)
58 return -EINVAL;
59
>>> CID 1258439: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 4096 byte fixed-size string "devname" by copying "dev + 5" without checking the length.
60 strcpy(devname, dev + 5);
61 for (p = devname; *p; ++p)
62 if (*p == '/')
63 *p = '!';
64
65 snprintf(fn, sizeof(fn), "%s/sys/block/%s", sandbox_dir, devname);
________________________________________________________________________________________________________
*** CID 1258440: Time of check time of use (TOCTOU)
/common/blkdev.cc: 75 in get_block_device_base(const char *, char *, unsigned long)()
69 }
70 strncpy(out, devname, out_len);
71 return 0;
72 }
73
74 snprintf(fn, sizeof(fn), "%s/sys/block", sandbox_dir);
>>> CID 1258440: Time of check time of use (TOCTOU)
>>> Calling function "opendir" that uses "fn" after a check function. This can cause a time-of-check, time-of-use race condition.
75 dir = opendir(fn);
76 if (!dir)
77 return -errno;
78
79 while (!::readdir_r(dir, reinterpret_cast<struct dirent*>(buf), &de)) {
80 if (!de) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-07 20:36 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-07 20:36 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
** CID 1257030: Uncaught exception (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
________________________________________________________________________________________________________
*** CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244
245 void usage(const string &name) {
246 cerr << "Usage: " << name << " [times] "
247 << std::endl;
248 }
249
>>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252 vector<const char*> args;
253 argv_to_vec(argc, (const char **)argv, args);
254
255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244
245 void usage(const string &name) {
246 cerr << "Usage: " << name << " [times] "
247 << std::endl;
248 }
249
>>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252 vector<const char*> args;
253 argv_to_vec(argc, (const char **)argv, args);
254
255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244
245 void usage(const string &name) {
246 cerr << "Usage: " << name << " [times] "
247 << std::endl;
248 }
249
>>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252 vector<const char*> args;
253 argv_to_vec(argc, (const char **)argv, args);
254
255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244
245 void usage(const string &name) {
246 cerr << "Usage: " << name << " [times] "
247 << std::endl;
248 }
249
>>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252 vector<const char*> args;
253 argv_to_vec(argc, (const char **)argv, args);
254
255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244
245 void usage(const string &name) {
246 cerr << "Usage: " << name << " [times] "
247 << std::endl;
248 }
249
>>> CID 1257029: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252 vector<const char*> args;
253 argv_to_vec(argc, (const char **)argv, args);
254
255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
________________________________________________________________________________________________________
*** CID 1257030: Uncaught exception (UNCAUGHT_EXCEPT)
/test/objectstore/ObjectStoreTransactionBenchmark.cc: 250 in main()
244
245 void usage(const string &name) {
246 cerr << "Usage: " << name << " [times] "
247 << std::endl;
248 }
249
>>> CID 1257030: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
250 int main(int argc, char **argv)
251 {
252 vector<const char*> args;
253 argv_to_vec(argc, (const char **)argv, args);
254
255 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-05 14:11 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-05 14:11 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
14 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1256941: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w32.c: 2309 in gf_w32_split_init()
** CID 1256942: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1147 in gf_w8_table_init()
________________________________________________________________________________________________________
*** CID 1256941: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w32.c: 2309 in gf_w32_split_init()
2303 if ((h->arg1 == 4 && h->arg2 == 32) || (h->arg1 == 32 && h->arg2 == 4) ||
2304 ((issse3 || isneon) && h->mult_type == GF_REGION_DEFAULT)) {
2305 ld4 = (struct gf_split_4_32_lazy_data *) h->private;
2306 ld4->last_value = 0;
2307 if ((h->region_type & GF_REGION_NOSIMD) || !(issse3 || isneon)) {
2308 gf->multiply_region.w32 = gf_w32_split_4_32_lazy_multiply_region;
>>> CID 1256941: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "if (isneon) {
} else if (h-...".
2309 } else if (isneon) {
2310 #ifdef ARM_NEON
2311 gf_w32_neon_split_init(gf);
2312 #endif
2313 } else if (h->region_type & GF_REGION_ALTMAP) {
2314 gf->multiply_region.w32 = gf_w32_split_4_32_lazy_sse_altmap_multiply_region;
________________________________________________________________________________________________________
*** CID 1256942: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1147 in gf_w8_table_init()
1141 use_simd = 1;
1142 #else
1143 use_simd = 0;
1144 #endif
1145
1146 if (h->mult_type == GF_MULT_DEFAULT && use_simd) {
>>> CID 1256942: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "dd = (struct gf_w8_default_...".
1147 dd = (struct gf_w8_default_data *)h->private;
1148 scase = 3;
1149 bzero(dd->high, sizeof(uint8_t) * GF_FIELD_SIZE * GF_HALF_SIZE);
1150 bzero(dd->low, sizeof(uint8_t) * GF_FIELD_SIZE * GF_HALF_SIZE);
1151 bzero(dd->divtable, sizeof(uint8_t) * GF_FIELD_SIZE * GF_FIELD_SIZE);
1152 bzero(dd->multtable, sizeof(uint8_t) * GF_FIELD_SIZE * GF_FIELD_SIZE);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To manage Coverity Scan email notifications for "ceph-devel@vger.kernel.org", click http://scan.coverity.com/subscriptions/edit?email=ceph-devel%40vger.kernel.org&token=018084d671e3cc89d00dd2ccb7eb849c .
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-12-02 14:09 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-12-02 14:09 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
9 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1256511: Missing unlock (LOCK)
/mds/MDLog.cc: 612 in MDLog::trim_all()()
/mds/MDLog.cc: 612 in MDLog::trim_all()()
________________________________________________________________________________________________________
*** CID 1256511: Missing unlock (LOCK)
/mds/MDLog.cc: 612 in MDLog::trim_all()()
606 p = segments.lower_bound(last_seq + 1);
607 }
608 }
609
610 _trim_expired_segments();
611
>>> CID 1256511: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
612 return 0;
613 }
614
615
616 void MDLog::try_expire(LogSegment *ls, int op_prio)
617 {
/mds/MDLog.cc: 612 in MDLog::trim_all()()
606 p = segments.lower_bound(last_seq + 1);
607 }
608 }
609
610 _trim_expired_segments();
611
>>> CID 1256511: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
612 return 0;
613 }
614
615
616 void MDLog::try_expire(LogSegment *ls, int op_prio)
617 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-11-25 14:09 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-11-25 14:09 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
5 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1256098: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 2792 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()
/test/librados/tier.cc: 2789 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()
** CID 1256096: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 336 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
/test/librados/TestCase.cc: 333 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
** CID 1256097: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 648 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()()
/test/librados/tier.cc: 645 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()()
** CID 1256100: Uninitialized pointer read (UNINIT)
/librados/librados.cc: 4516 in librados::ListObject::ListObject(const librados::ListObject&)()
** CID 1256099: Uninitialized pointer read (UNINIT)
/librados/librados.cc: 650 in librados::NObjectIterator::NObjectIterator(const librados::NObjectIterator&)()
________________________________________________________________________________________________________
*** CID 1256098: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 2792 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()
2786 ObjectWriteOperation op;
2787 op.remove();
2788 librados::AioCompletion *completion = cluster.aio_create_completion();
2789 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op,
2790 librados::OPERATION_IGNORE_CACHE));
2791 completion->wait_for_safe();
>>> CID 1256098: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
2792 ASSERT_EQ(0, completion->get_return_value());
2793 completion->release();
2794
2795 NObjectIterator it = cache_ioctx.nobjects_begin();
2796 ASSERT_TRUE(it != cache_ioctx.nobjects_end());
2797 ASSERT_TRUE(it->get_oid() == string("foo"));
/test/librados/tier.cc: 2789 in LibRadosTwoPoolsECPP_Whiteout_Test::TestBody()()
2783 // delete a whiteout and verify it goes away
2784 ASSERT_EQ(-ENOENT, ioctx.remove("foo"));
2785 {
2786 ObjectWriteOperation op;
2787 op.remove();
2788 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1256098: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
2789 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op,
2790 librados::OPERATION_IGNORE_CACHE));
2791 completion->wait_for_safe();
2792 ASSERT_EQ(0, completion->get_return_value());
2793 completion->release();
2794
________________________________________________________________________________________________________
*** CID 1256096: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 336 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
330 ObjectWriteOperation op;
331 op.remove();
332 librados::AioCompletion *completion = s_cluster.aio_create_completion();
333 ASSERT_EQ(0, ioctx.aio_operate(it->get_oid(), completion, &op,
334 librados::OPERATION_IGNORE_CACHE));
335 completion->wait_for_safe();
>>> CID 1256096: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
336 ASSERT_EQ(0, completion->get_return_value());
337 completion->release();
338 }
339 }
340
341 std::string RadosTestParamPP::pool_name;
/test/librados/TestCase.cc: 333 in RadosTestPP::cleanup_namespace(librados::IoCtx, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
327 for (NObjectIterator it = ioctx.nobjects_begin();
328 it != ioctx.nobjects_end(); ++it) {
329 ioctx.locator_set_key(it->get_locator());
330 ObjectWriteOperation op;
331 op.remove();
332 librados::AioCompletion *completion = s_cluster.aio_create_completion();
>>> CID 1256096: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
333 ASSERT_EQ(0, ioctx.aio_operate(it->get_oid(), completion, &op,
334 librados::OPERATION_IGNORE_CACHE));
335 completion->wait_for_safe();
336 ASSERT_EQ(0, completion->get_return_value());
337 completion->release();
338 }
________________________________________________________________________________________________________
*** CID 1256097: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 648 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()()
642 ObjectWriteOperation op;
643 op.remove();
644 librados::AioCompletion *completion = cluster.aio_create_completion();
645 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op,
646 librados::OPERATION_IGNORE_CACHE));
647 completion->wait_for_safe();
>>> CID 1256097: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
648 ASSERT_EQ(0, completion->get_return_value());
649 completion->release();
650
651 NObjectIterator it = cache_ioctx.nobjects_begin();
652 ASSERT_TRUE(it != cache_ioctx.nobjects_end());
653 ASSERT_TRUE(it->get_oid() == string("foo"));
/test/librados/tier.cc: 645 in LibRadosTwoPoolsPP_Whiteout_Test::TestBody()()
639 // delete a whiteout and verify it goes away
640 ASSERT_EQ(-ENOENT, ioctx.remove("foo"));
641 {
642 ObjectWriteOperation op;
643 op.remove();
644 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1256097: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
645 ASSERT_EQ(0, ioctx.aio_operate("bar", completion, &op,
646 librados::OPERATION_IGNORE_CACHE));
647 completion->wait_for_safe();
648 ASSERT_EQ(0, completion->get_return_value());
649 completion->release();
650
________________________________________________________________________________________________________
*** CID 1256100: Uninitialized pointer read (UNINIT)
/librados/librados.cc: 4516 in librados::ListObject::ListObject(const librados::ListObject&)()
4510 {
4511 }
4512
4513 librados::ListObject::ListObject(const ListObject& rhs)
4514 {
4515 if (rhs.impl == NULL) {
>>> CID 1256100: Uninitialized pointer read (UNINIT)
>>> Using uninitialized value "this->impl".
4516 delete impl;
4517 impl = NULL;
4518 return;
4519 }
4520 impl = new ListObjectImpl();
4521 *impl = *(rhs.impl);
________________________________________________________________________________________________________
*** CID 1256099: Uninitialized pointer read (UNINIT)
/librados/librados.cc: 650 in librados::NObjectIterator::NObjectIterator(const librados::NObjectIterator&)()
644 delete impl;
645 }
646
647 librados::NObjectIterator::NObjectIterator(const NObjectIterator &rhs)
648 {
649 if (rhs.impl == NULL) {
>>> CID 1256099: Uninitialized pointer read (UNINIT)
>>> Using uninitialized value "this->impl".
650 delete impl;
651 impl = NULL;
652 return;
653 }
654 impl = new NObjectIteratorImpl();
655 *impl = *(rhs.impl);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-11-23 14:08 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-11-23 14:08 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1255885: Ignoring number of bytes read (CHECKED_RETURN)
/msg/async/Event.cc: 42 in C_handle_notify::do_request(int)()
________________________________________________________________________________________________________
*** CID 1255885: Ignoring number of bytes read (CHECKED_RETURN)
/msg/async/Event.cc: 42 in C_handle_notify::do_request(int)()
36
37 class C_handle_notify : public EventCallback {
38 public:
39 C_handle_notify() {}
40 void do_request(int fd_or_id) {
41 char c[100];
>>> CID 1255885: Ignoring number of bytes read (CHECKED_RETURN)
>>> "read(int, void *, size_t)" returns the number of bytes read, but it is ignored.
42 assert(read(fd_or_id, c, 100));
43 }
44 };
45
46 int EventCenter::init(int n)
47 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-11-20 14:20 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-11-20 14:20 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1255369: Copy into fixed size buffer (STRING_OVERFLOW)
/common/blkdev.cc: 34 in block_device_support_discard(const char *)()
________________________________________________________________________________________________________
*** CID 1255369: Copy into fixed size buffer (STRING_OVERFLOW)
/common/blkdev.cc: 34 in block_device_support_discard(const char *)()
28 bool block_device_support_discard(const char *devname)
29 {
30 bool can_trim = false;
31 char *p = strstr((char *)devname, "sd");
32 char name[32] = {0};
33
>>> CID 1255369: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 32 byte fixed-size string "name" by copying "p" without checking the length.
34 strcpy(name, p);
35 for (unsigned int i = 0; i < strlen(name); i++) {
36 if(isdigit(name[i])) {
37 name[i] = 0;
38 break;
39 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-11-14 14:21 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-11-14 14:21 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
8 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 1254376: Resource leak (RESOURCE_LEAK)
/test/msgr/test_async_driver.cc: 212 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 219 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 220 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 230 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 231 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 227 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 233 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 210 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
** CID 1254374: Argument cannot be negative (NEGATIVE_RETURNS)
/test/msgr/test_async_driver.cc: 147 in echoclient(void *)()
** CID 1254375: Resource leak (RESOURCE_LEAK)
/test/msgr/test_async_driver.cc: 169 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 166 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 171 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 185 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 187 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 194 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 196 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 201 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 205 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 206 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 210 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 212 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 219 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 220 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 227 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 230 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 231 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
/test/msgr/test_async_driver.cc: 233 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
** CID 1254380: Uninitialized scalar variable (UNINIT)
/test/msgr/test_async_driver.cc: 147 in echoclient(void *)()
** CID 1254379: Uninitialized scalar variable (UNINIT)
/test/msgr/test_async_driver.cc: 116 in EventDriverTest_PipeTest_Test::TestBody()()
** CID 1254381: Uninitialized scalar field (UNINIT_CTOR)
/msg/async/EventSelect.h: 34 in SelectDriver::SelectDriver(CephContext *)()
** CID 1254377: String not null terminated (STRING_NULL)
/test/msgr/test_async_driver.cc: 232 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
** CID 1254378: Uncaught exception (UNCAUGHT_EXCEPT)
/test/msgr/test_async_driver.cc: 269 in main()
/test/msgr/test_async_driver.cc: 269 in main()
________________________________________________________________________________________________________
*** CID 1254376: Resource leak (RESOURCE_LEAK)
/test/msgr/test_async_driver.cc: 212 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
206 ASSERT_EQ(fired_events[0].fd, listen_sd);
207
208 fired_events.clear();
209 int client_sd = ::accept(listen_sd, NULL, NULL);
210 ASSERT_TRUE(client_sd > 0);
211 r = driver->add_event(client_sd, EVENT_NONE, EVENT_READABLE);
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
212 ASSERT_EQ(r, 0);
213
214 do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
/test/msgr/test_async_driver.cc: 219 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
213
214 do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
218 r = driver->event_wait(fired_events, &tv);
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
219 ASSERT_EQ(r, 1);
220 ASSERT_EQ(fired_events[0].mask, EVENT_READABLE);
221
222 fired_events.clear();
223 char data[100];
224 r = ::read(client_sd, data, sizeof(data));
/test/msgr/test_async_driver.cc: 220 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
214 do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
218 r = driver->event_wait(fired_events, &tv);
219 ASSERT_EQ(r, 1);
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
220 ASSERT_EQ(fired_events[0].mask, EVENT_READABLE);
221
222 fired_events.clear();
223 char data[100];
224 r = ::read(client_sd, data, sizeof(data));
225 if (r == 0)
/test/msgr/test_async_driver.cc: 230 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
224 r = ::read(client_sd, data, sizeof(data));
225 if (r == 0)
226 break;
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
230 ASSERT_EQ(r, 1);
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
233 ASSERT_EQ(r, strlen(data));
234 driver->del_event(client_sd, EVENT_READABLE|EVENT_WRITABLE,
235 EVENT_WRITABLE);
/test/msgr/test_async_driver.cc: 231 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
225 if (r == 0)
226 break;
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
230 ASSERT_EQ(r, 1);
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
233 ASSERT_EQ(r, strlen(data));
234 driver->del_event(client_sd, EVENT_READABLE|EVENT_WRITABLE,
235 EVENT_WRITABLE);
236 } while (1);
/test/msgr/test_async_driver.cc: 227 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
221
222 fired_events.clear();
223 char data[100];
224 r = ::read(client_sd, data, sizeof(data));
225 if (r == 0)
226 break;
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
230 ASSERT_EQ(r, 1);
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
/test/msgr/test_async_driver.cc: 233 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
230 ASSERT_EQ(r, 1);
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
233 ASSERT_EQ(r, strlen(data));
234 driver->del_event(client_sd, EVENT_READABLE|EVENT_WRITABLE,
235 EVENT_WRITABLE);
236 } while (1);
237
238 ::close(client_sd);
/test/msgr/test_async_driver.cc: 210 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
204 r = driver->event_wait(fired_events, &tv);
205 ASSERT_EQ(r, 1);
206 ASSERT_EQ(fired_events[0].fd, listen_sd);
207
208 fired_events.clear();
209 int client_sd = ::accept(listen_sd, NULL, NULL);
>>> CID 1254376: Resource leak (RESOURCE_LEAK)
>>> Handle variable "client_sd" going out of scope leaks the handle.
210 ASSERT_TRUE(client_sd > 0);
211 r = driver->add_event(client_sd, EVENT_NONE, EVENT_READABLE);
212 ASSERT_EQ(r, 0);
213
214 do {
215 fired_events.clear();
________________________________________________________________________________________________________
*** CID 1254374: Argument cannot be negative (NEGATIVE_RETURNS)
/test/msgr/test_async_driver.cc: 147 in echoclient(void *)()
141 int connect_sd = ::socket(AF_INET, SOCK_STREAM, 0);
142 struct sockaddr_in sa;
143 sa.sin_family = AF_INET;
144 sa.sin_port = htons(port);
145 char addr[] = "127.0.0.1";
146 int r = inet_aton(addr, &sa.sin_addr);
>>> CID 1254374: Argument cannot be negative (NEGATIVE_RETURNS)
>>> "connect_sd" is passed to a parameter that cannot be negative.
147 r = connect(connect_sd, (struct sockaddr*)&sa, sizeof(sa));
148 int t = 0;
149
150 do {
151 char c[] = "banner";
152 r = write(connect_sd, c, sizeof(c));
________________________________________________________________________________________________________
*** CID 1254375: Resource leak (RESOURCE_LEAK)
/test/msgr/test_async_driver.cc: 169 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
163
164 TEST_P(EventDriverTest, NetworkSocketTest) {
165 int listen_sd = ::socket(AF_INET, SOCK_STREAM, 0);
166 ASSERT_TRUE(listen_sd > 0);
167 int on = 1;
168 int r = ::setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
169 ASSERT_EQ(r, 0);
170 r = set_nonblock(listen_sd);
171 ASSERT_EQ(r, 0);
172 struct sockaddr_in sa;
173 int port = 0;
174 for (port = 38788; port < 40000; port++) {
/test/msgr/test_async_driver.cc: 166 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
160 ::close(connect_sd);
161 return 0;
162 }
163
164 TEST_P(EventDriverTest, NetworkSocketTest) {
165 int listen_sd = ::socket(AF_INET, SOCK_STREAM, 0);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
166 ASSERT_TRUE(listen_sd > 0);
167 int on = 1;
168 int r = ::setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
169 ASSERT_EQ(r, 0);
170 r = set_nonblock(listen_sd);
171 ASSERT_EQ(r, 0);
/test/msgr/test_async_driver.cc: 171 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
165 int listen_sd = ::socket(AF_INET, SOCK_STREAM, 0);
166 ASSERT_TRUE(listen_sd > 0);
167 int on = 1;
168 int r = ::setsockopt(listen_sd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
169 ASSERT_EQ(r, 0);
170 r = set_nonblock(listen_sd);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
171 ASSERT_EQ(r, 0);
172 struct sockaddr_in sa;
173 int port = 0;
174 for (port = 38788; port < 40000; port++) {
175 memset(&sa,0,sizeof(sa));
176 sa.sin_family = AF_INET;
/test/msgr/test_async_driver.cc: 185 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
179
180 r = ::bind(listen_sd, (struct sockaddr *)&sa, sizeof(sa));
181 if (r == 0) {
182 break;
183 }
184 }
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
185 ASSERT_EQ(r, 0);
186 r = listen(listen_sd, 511);
187 ASSERT_EQ(r, 0);
188
189 vector<FiredFileEvent> fired_events;
190 struct timeval tv;
/test/msgr/test_async_driver.cc: 187 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
181 if (r == 0) {
182 break;
183 }
184 }
185 ASSERT_EQ(r, 0);
186 r = listen(listen_sd, 511);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
187 ASSERT_EQ(r, 0);
188
189 vector<FiredFileEvent> fired_events;
190 struct timeval tv;
191 tv.tv_sec = 0;
192 tv.tv_usec = 1;
/test/msgr/test_async_driver.cc: 194 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
188
189 vector<FiredFileEvent> fired_events;
190 struct timeval tv;
191 tv.tv_sec = 0;
192 tv.tv_usec = 1;
193 r = driver->add_event(listen_sd, EVENT_NONE, EVENT_READABLE);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
194 ASSERT_EQ(r, 0);
195 r = driver->event_wait(fired_events, &tv);
196 ASSERT_EQ(r, 0);
197
198 fired_events.clear();
199 pthread_t thread1;
/test/msgr/test_async_driver.cc: 196 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
190 struct timeval tv;
191 tv.tv_sec = 0;
192 tv.tv_usec = 1;
193 r = driver->add_event(listen_sd, EVENT_NONE, EVENT_READABLE);
194 ASSERT_EQ(r, 0);
195 r = driver->event_wait(fired_events, &tv);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
196 ASSERT_EQ(r, 0);
197
198 fired_events.clear();
199 pthread_t thread1;
200 r = pthread_create(&thread1, NULL, echoclient, (void*)port);
201 ASSERT_EQ(r, 0);
/test/msgr/test_async_driver.cc: 201 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
195 r = driver->event_wait(fired_events, &tv);
196 ASSERT_EQ(r, 0);
197
198 fired_events.clear();
199 pthread_t thread1;
200 r = pthread_create(&thread1, NULL, echoclient, (void*)port);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
201 ASSERT_EQ(r, 0);
202 tv.tv_sec = 5;
203 tv.tv_usec = 0;
204 r = driver->event_wait(fired_events, &tv);
205 ASSERT_EQ(r, 1);
206 ASSERT_EQ(fired_events[0].fd, listen_sd);
/test/msgr/test_async_driver.cc: 205 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
199 pthread_t thread1;
200 r = pthread_create(&thread1, NULL, echoclient, (void*)port);
201 ASSERT_EQ(r, 0);
202 tv.tv_sec = 5;
203 tv.tv_usec = 0;
204 r = driver->event_wait(fired_events, &tv);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
205 ASSERT_EQ(r, 1);
206 ASSERT_EQ(fired_events[0].fd, listen_sd);
207
208 fired_events.clear();
209 int client_sd = ::accept(listen_sd, NULL, NULL);
210 ASSERT_TRUE(client_sd > 0);
/test/msgr/test_async_driver.cc: 206 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
200 r = pthread_create(&thread1, NULL, echoclient, (void*)port);
201 ASSERT_EQ(r, 0);
202 tv.tv_sec = 5;
203 tv.tv_usec = 0;
204 r = driver->event_wait(fired_events, &tv);
205 ASSERT_EQ(r, 1);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
206 ASSERT_EQ(fired_events[0].fd, listen_sd);
207
208 fired_events.clear();
209 int client_sd = ::accept(listen_sd, NULL, NULL);
210 ASSERT_TRUE(client_sd > 0);
211 r = driver->add_event(client_sd, EVENT_NONE, EVENT_READABLE);
/test/msgr/test_async_driver.cc: 210 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
204 r = driver->event_wait(fired_events, &tv);
205 ASSERT_EQ(r, 1);
206 ASSERT_EQ(fired_events[0].fd, listen_sd);
207
208 fired_events.clear();
209 int client_sd = ::accept(listen_sd, NULL, NULL);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
210 ASSERT_TRUE(client_sd > 0);
211 r = driver->add_event(client_sd, EVENT_NONE, EVENT_READABLE);
212 ASSERT_EQ(r, 0);
213
214 do {
215 fired_events.clear();
/test/msgr/test_async_driver.cc: 212 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
206 ASSERT_EQ(fired_events[0].fd, listen_sd);
207
208 fired_events.clear();
209 int client_sd = ::accept(listen_sd, NULL, NULL);
210 ASSERT_TRUE(client_sd > 0);
211 r = driver->add_event(client_sd, EVENT_NONE, EVENT_READABLE);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
212 ASSERT_EQ(r, 0);
213
214 do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
/test/msgr/test_async_driver.cc: 219 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
213
214 do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
218 r = driver->event_wait(fired_events, &tv);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
219 ASSERT_EQ(r, 1);
220 ASSERT_EQ(fired_events[0].mask, EVENT_READABLE);
221
222 fired_events.clear();
223 char data[100];
224 r = ::read(client_sd, data, sizeof(data));
/test/msgr/test_async_driver.cc: 220 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
214 do {
215 fired_events.clear();
216 tv.tv_sec = 5;
217 tv.tv_usec = 0;
218 r = driver->event_wait(fired_events, &tv);
219 ASSERT_EQ(r, 1);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
220 ASSERT_EQ(fired_events[0].mask, EVENT_READABLE);
221
222 fired_events.clear();
223 char data[100];
224 r = ::read(client_sd, data, sizeof(data));
225 if (r == 0)
/test/msgr/test_async_driver.cc: 227 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
221
222 fired_events.clear();
223 char data[100];
224 r = ::read(client_sd, data, sizeof(data));
225 if (r == 0)
226 break;
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
230 ASSERT_EQ(r, 1);
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
/test/msgr/test_async_driver.cc: 230 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
224 r = ::read(client_sd, data, sizeof(data));
225 if (r == 0)
226 break;
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
230 ASSERT_EQ(r, 1);
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
233 ASSERT_EQ(r, strlen(data));
234 driver->del_event(client_sd, EVENT_READABLE|EVENT_WRITABLE,
235 EVENT_WRITABLE);
/test/msgr/test_async_driver.cc: 231 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
225 if (r == 0)
226 break;
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
230 ASSERT_EQ(r, 1);
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
233 ASSERT_EQ(r, strlen(data));
234 driver->del_event(client_sd, EVENT_READABLE|EVENT_WRITABLE,
235 EVENT_WRITABLE);
236 } while (1);
/test/msgr/test_async_driver.cc: 233 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
230 ASSERT_EQ(r, 1);
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
232 r = write(client_sd, data, strlen(data));
>>> CID 1254375: Resource leak (RESOURCE_LEAK)
>>> Handle variable "listen_sd" going out of scope leaks the handle.
233 ASSERT_EQ(r, strlen(data));
234 driver->del_event(client_sd, EVENT_READABLE|EVENT_WRITABLE,
235 EVENT_WRITABLE);
236 } while (1);
237
238 ::close(client_sd);
________________________________________________________________________________________________________
*** CID 1254380: Uninitialized scalar variable (UNINIT)
/test/msgr/test_async_driver.cc: 147 in echoclient(void *)()
141 int connect_sd = ::socket(AF_INET, SOCK_STREAM, 0);
142 struct sockaddr_in sa;
143 sa.sin_family = AF_INET;
144 sa.sin_port = htons(port);
145 char addr[] = "127.0.0.1";
146 int r = inet_aton(addr, &sa.sin_addr);
>>> CID 1254380: Uninitialized scalar variable (UNINIT)
>>> Using uninitialized value "sa". Field "sa.sin_zero" is uninitialized when calling "connect".
147 r = connect(connect_sd, (struct sockaddr*)&sa, sizeof(sa));
148 int t = 0;
149
150 do {
151 char c[] = "banner";
152 r = write(connect_sd, c, sizeof(c));
________________________________________________________________________________________________________
*** CID 1254379: Uninitialized scalar variable (UNINIT)
/test/msgr/test_async_driver.cc: 116 in EventDriverTest_PipeTest_Test::TestBody()()
110 r = driver->add_event(fds[0], EVENT_NONE, EVENT_READABLE);
111 ASSERT_EQ(r, 0);
112 r = driver->event_wait(fired_events, &tv);
113 ASSERT_EQ(r, 0);
114
115 char c;
>>> CID 1254379: Uninitialized scalar variable (UNINIT)
>>> Using uninitialized value "c" when calling "write".
116 r = write(fds[1], &c, sizeof(c));
117 ASSERT_EQ(r, 1);
118 r = driver->event_wait(fired_events, &tv);
119 ASSERT_EQ(r, 1);
120 ASSERT_EQ(fired_events[0].fd, fds[0]);
121
________________________________________________________________________________________________________
*** CID 1254381: Uninitialized scalar field (UNINIT_CTOR)
/msg/async/EventSelect.h: 34 in SelectDriver::SelectDriver(CephContext *)()
28 * FD sets after select(). */
29 fd_set _rfds, _wfds;
30 int max_fd;
31 CephContext *cct;
32
33 public:
>>> CID 1254381: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "max_fd" is not initialized in this constructor nor in any functions that it calls.
34 SelectDriver(CephContext *c): cct(c) {}
35 virtual ~SelectDriver() {}
36
37 int init(int nevent);
38 int add_event(int fd, int cur_mask, int add_mask);
39 void del_event(int fd, int cur_mask, int del_mask);
________________________________________________________________________________________________________
*** CID 1254377: String not null terminated (STRING_NULL)
/test/msgr/test_async_driver.cc: 232 in EventDriverTest_NetworkSocketTest_Test::TestBody()()
226 break;
227 ASSERT_TRUE(r > 0);
228 r = driver->add_event(client_sd, EVENT_READABLE, EVENT_WRITABLE);
229 r = driver->event_wait(fired_events, &tv);
230 ASSERT_EQ(r, 1);
231 ASSERT_EQ(fired_events[0].mask, EVENT_WRITABLE);
>>> CID 1254377: String not null terminated (STRING_NULL)
>>> Passing unterminated string "data" to "strlen", which expects a null-terminated string.
232 r = write(client_sd, data, strlen(data));
233 ASSERT_EQ(r, strlen(data));
234 driver->del_event(client_sd, EVENT_READABLE|EVENT_WRITABLE,
235 EVENT_WRITABLE);
236 } while (1);
237
________________________________________________________________________________________________________
*** CID 1254378: Uncaught exception (UNCAUGHT_EXCEPT)
/test/msgr/test_async_driver.cc: 269 in main()
263 // must be defined). This dummy test keeps gtest_main linked in.
264 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
265
266 #endif
267
268
>>> CID 1254378: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
269 int main(int argc, char **argv) {
270 vector<const char*> args;
271 argv_to_vec(argc, (const char **)argv, args);
272
273 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
274 common_init_finish(g_ceph_context);
/test/msgr/test_async_driver.cc: 269 in main()
263 // must be defined). This dummy test keeps gtest_main linked in.
264 TEST(DummyTest, ValueParameterizedTestsAreNotSupportedOnThisPlatform) {}
265
266 #endif
267
268
>>> CID 1254378: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
269 int main(int argc, char **argv) {
270 vector<const char*> args;
271 argv_to_vec(argc, (const char **)argv, args);
272
273 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
274 common_init_finish(g_ceph_context);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-11-13 14:21 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-11-13 14:21 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
7 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1251575: Dereference after null check (FORWARD_NULL)
/test/librados/c_read_operations.cc: 106 in CReadOpsTest::compare_xattrs(const char *const *, const char *const *, const unsigned long *, unsigned long, void *)()
** CID 1251577: Resource leak (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 116 in Dumper::dump(const char *)()
** CID 1251576: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1994 in TestLibRBD_LargeCacheRead_Test::TestBody()()
** CID 717084: Resource leak (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 192 in Dumper::undump(const char *)()
/tools/cephfs/Dumper.cc: 198 in Dumper::undump(const char *)()
________________________________________________________________________________________________________
*** CID 1251575: Dereference after null check (FORWARD_NULL)
/test/librados/c_read_operations.cc: 106 in CReadOpsTest::compare_xattrs(const char *const *, const char *const *, const unsigned long *, unsigned long, void *)()
100 size_t val_len = 0;
101 while (i < len) {
102 ASSERT_EQ(0, rados_getxattrs_next(iter, (const char**) &key,
103 (const char**) &val, &val_len));
104 if (val_len == 0 && key == NULL && val == NULL)
105 break;
>>> CID 1251575: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "key" to "basic_string", which dereferences it.
106 EXPECT_EQ(std::string(keys[i]), std::string(key));
107 EXPECT_EQ(0, memcmp(vals[i], val, val_len));
108 EXPECT_EQ(lens[i], val_len);
109 ++i;
110 }
111 ASSERT_EQ(i, len);
________________________________________________________________________________________________________
*** CID 1251577: Resource leak (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 116 in Dumper::dump(const char *)()
110 (unsigned long long)journaler.last_committed.stream_format,
111 (unsigned long long)journaler.last_committed.trimmed_pos, (unsigned long long)journaler.last_committed.trimmed_pos,
112 4);
113 r = safe_write(fd, buf, sizeof(buf));
114 if (r) {
115 derr << "Error " << r << " (" << cpp_strerror(r) << ") writing journal file header" << dendl;
>>> CID 1251577: Resource leak (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
116 return r;
117 }
118
119 // write the data
120 off64_t seeked = ::lseek64(fd, start, SEEK_SET);
121 if (seeked == (off64_t)-1) {
________________________________________________________________________________________________________
*** CID 1251576: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1994 in TestLibRBD_LargeCacheRead_Test::TestBody()()
1988
1989 uint64_t orig_cache_size = g_conf->rbd_cache_size;
1990 g_conf->set_val("rbd_cache_size", "16777216");
1991 BOOST_SCOPE_EXIT( (orig_cache_size) ) {
1992 g_conf->set_val("rbd_cache_size", stringify(orig_cache_size).c_str());
1993 } BOOST_SCOPE_EXIT_END;
>>> CID 1251576: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
1994 ASSERT_EQ(16777216, g_conf->rbd_cache_size);
1995
1996 rbd_image_t image;
1997 int order = 0;
1998 const char *name = "testimg";
1999 uint64_t size = g_conf->rbd_cache_size + 1;
________________________________________________________________________________________________________
*** CID 717084: Resource leak (RESOURCE_LEAK)
/tools/cephfs/Dumper.cc: 192 in Dumper::undump(const char *)()
186 trimmed_pos = start - (start % g_default_file_layout.fl_object_size);
187 }
188
189 if (trimmed_pos > start) {
190 derr << std::hex << "Invalid header (trimmed 0x" << trimmed_pos
191 << " > expire 0x" << start << std::dec << dendl;
>>> CID 717084: Resource leak (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
192 return -EINVAL;
193 }
194
195 if (start > write_pos) {
196 derr << std::hex << "Invalid header (expire 0x" << start
197 << " > write 0x" << write_pos << std::dec << dendl;
/tools/cephfs/Dumper.cc: 198 in Dumper::undump(const char *)()
192 return -EINVAL;
193 }
194
195 if (start > write_pos) {
196 derr << std::hex << "Invalid header (expire 0x" << start
197 << " > write 0x" << write_pos << std::dec << dendl;
>>> CID 717084: Resource leak (RESOURCE_LEAK)
>>> Handle variable "fd" going out of scope leaks the handle.
198 return -EINVAL;
199 }
200
201 cout << "start " << start <<
202 " len " << len <<
203 " write_pos " << write_pos <<
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-11-11 20:40 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-11-11 20:40 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
19 new defect(s) introduced to ceph found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 19 of 19 defect(s)
** CID 1251445: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1511 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::
detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &)()
** CID 1251446: Unchecked return value (CHECKED_RETURN)
/osd/PGBackend.cc: 292 in PGBackend::build_pg_backend(const pg_pool_t &, std::tr1::shared_ptr<const OSDMap>, PGBackend::Listener *, coll_t, coll_t, ObjectStore *, CephContext *)()
** CID 1251447: Data race condition (MISSING_LOCK)
/os/FileJournal.cc: 614 in FileJournal::start_writer()()
** CID 1251448: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 282 in RadosTest::cleanup_namespace(void *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
/test/librados/TestCase.cc: 275 in RadosTest::cleanup_namespace(void *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
** CID 1251449: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 52 in RadosTestNS::cleanup_all_objects(void *)()
/test/librados/TestCase.cc: 43 in RadosTestNS::cleanup_all_objects(void *)()
** CID 1251450: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 177 in TestLibRBD_CreateAndStat_Test::TestBody()()
** CID 1251451: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1288 in TestLibRBD_ListChildren_Test::TestBody()()
** CID 1251452: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1388 in TestLibRBD_ListChildrenTiered_Test::TestBody()()
** CID 1251453: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_list_objects.cc: 72 in StRadosListObjects::run()()
/test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()()
** CID 1251454: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()()
** CID 1251455: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
** CID 1251456: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
** CID 1251457: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
** CID 1251458: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
** CID 1251459: Uninitialized pointer field (UNINIT_CTOR)
/test/librados/TestCase.h: 24 in RadosTestNS::RadosTestNS()()
** CID 1251460: Uninitialized pointer field (UNINIT_CTOR)
/test/librados/TestCase.h: 76 in RadosTestECNS::RadosTestECNS()()
** CID 1251461: Uninitialized scalar field (UNINIT_CTOR)
/test/librados/TestCase.h: 93 in RadosTestECPPNS::RadosTestECPPNS()()
** CID 1251462: Use after free (USE_AFTER_FREE)
/test/librbd/test_librbd.cc: 299 in test_ls(void *, unsigned long, ...)()
** CID 1251463: Missing varargs init or cleanup (VARARGS)
/test/librbd/test_librbd.cc: 303 in test_ls(void *, unsigned long, ...)()
________________________________________________________________________________________________________
*** CID 1251445: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1511 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::
detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &)()
1505 r = -EINVAL;
1506 poolid = -1;
1507 ss << "cannot remove default data pool";
1508 }
1509
1510 if (poolid >= 0) {
>>> CID 1251445: Unchecked return value (CHECKED_RETURN)
>>> Calling "cmd_getval" without checking return value (as is done elsewhere 19 out of 22 times).
1511 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1512 r = pending_mdsmap.remove_data_pool(poolid);
1513 if (r == -ENOENT)
1514 r = 0;
1515 if (r == 0)
1516 ss << "removed data pool " << poolid << " from mdsmap";
________________________________________________________________________________________________________
*** CID 1251446: Unchecked return value (CHECKED_RETURN)
/osd/PGBackend.cc: 292 in PGBackend::build_pg_backend(const pg_pool_t &, std::tr1::shared_ptr<const OSDMap>, PGBackend::Listener *, coll_t, coll_t, ObjectStore *, CephContext *)()
286 }
287 case pg_pool_t::TYPE_ERASURE: {
288 ErasureCodeInterfaceRef ec_impl;
289 const map<string,string> &profile = curmap->get_erasure_code_profile(pool.erasure_code_profile);
290 assert(profile.count("plugin"));
291 stringstream ss;
>>> CID 1251446: Unchecked return value (CHECKED_RETURN)
>>> Calling "factory" without checking return value (as is done elsewhere 8 out of 10 times).
292 ceph::ErasureCodePluginRegistry::instance().factory(
293 profile.find("plugin")->second,
294 profile,
295 &ec_impl,
296 ss);
297 assert(ec_impl);
________________________________________________________________________________________________________
*** CID 1251447: Data race condition (MISSING_LOCK)
/os/FileJournal.cc: 614 in FileJournal::start_writer()()
608 }
609
610
611 void FileJournal::start_writer()
612 {
613 write_stop = false;
>>> CID 1251447: Data race condition (MISSING_LOCK)
>>> Accessing "this->aio_stop" without holding lock "Mutex._m". Elsewhere, "FileJournal.aio_stop" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
614 aio_stop = false;
615 write_thread.create();
616 #ifdef HAVE_LIBAIO
617 if (aio)
618 write_finish_thread.create();
619 #endif
________________________________________________________________________________________________________
*** CID 1251448: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 282 in RadosTest::cleanup_namespace(void *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
276 int r;
277 const char *entry = NULL;
278 const char *key = NULL;
279 while ((r = rados_nobjects_list_next(list_ctx, &entry, &key, NULL)) != -ENOENT) {
280 ASSERT_EQ(0, r);
281 rados_ioctx_locator_set_key(ioctx, key);
>>> CID 1251448: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
282 ASSERT_EQ(0, rados_remove(ioctx, entry));
283 }
284 rados_nobjects_list_close(list_ctx);
285 }
286
287 std::string RadosTestPP::pool_name;
/test/librados/TestCase.cc: 275 in RadosTest::cleanup_namespace(void *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
269
270 void RadosTest::cleanup_namespace(rados_ioctx_t ioctx, std::string ns)
271 {
272 rados_ioctx_snap_set_read(ioctx, LIBRADOS_SNAP_HEAD);
273 rados_ioctx_set_namespace(ioctx, ns.c_str());
274 rados_list_ctx_t list_ctx;
>>> CID 1251448: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
275 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &list_ctx));
276 int r;
277 const char *entry = NULL;
278 const char *key = NULL;
279 while ((r = rados_nobjects_list_next(list_ctx, &entry, &key, NULL)) != -ENOENT) {
280 ASSERT_EQ(0, r);
________________________________________________________________________________________________________
*** CID 1251449: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 52 in RadosTestNS::cleanup_all_objects(void *)()
46 const char *key = NULL;
47 const char *nspace = NULL;
48 while ((r = rados_nobjects_list_next(list_ctx, &entry, &key, &nspace)) != -ENOENT) {
49 ASSERT_EQ(0, r);
50 rados_ioctx_locator_set_key(ioctx, key);
51 rados_ioctx_set_namespace(ioctx, nspace);
>>> CID 1251449: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
52 ASSERT_EQ(0, rados_remove(ioctx, entry));
53 }
54 rados_nobjects_list_close(list_ctx);
55 }
56
57 std::string RadosTestPPNS::pool_name;
/test/librados/TestCase.cc: 43 in RadosTestNS::cleanup_all_objects(void *)()
37 void RadosTestNS::cleanup_all_objects(rados_ioctx_t ioctx)
38 {
39 // remove all objects to avoid polluting other tests
40 rados_ioctx_snap_set_read(ioctx, LIBRADOS_SNAP_HEAD);
41 rados_ioctx_set_namespace(ioctx, LIBRADOS_ALL_NSPACES);
42 rados_list_ctx_t list_ctx;
>>> CID 1251449: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
43 ASSERT_EQ(0, rados_nobjects_list_open(ioctx, &list_ctx));
44 int r;
45 const char *entry = NULL;
46 const char *key = NULL;
47 const char *nspace = NULL;
48 while ((r = rados_nobjects_list_next(list_ctx, &entry, &key, &nspace)) != -ENOENT) {
________________________________________________________________________________________________________
*** CID 1251450: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 177 in TestLibRBD_CreateAndStat_Test::TestBody()()
171 librados::Rados TestLibRBD::_rados;
172 uint64_t TestLibRBD::_image_number = 0;
173
174 TEST_F(TestLibRBD, CreateAndStat)
175 {
176 rados_ioctx_t ioctx;
>>> CID 1251450: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
177 ASSERT_EQ(0, rados_ioctx_create(_cluster, m_pool_name.c_str(), &ioctx));
178
179 rbd_image_info_t info;
180 rbd_image_t image;
181 int order = 0;
182 std::string name = get_temp_image_name();
________________________________________________________________________________________________________
*** CID 1251451: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1288 in TestLibRBD_ListChildren_Test::TestBody()()
1282 std::string child_name1 = get_temp_image_name();
1283 std::string child_name2 = get_temp_image_name();
1284 std::string child_name3 = get_temp_image_name();
1285 std::string child_name4 = get_temp_image_name();
1286
1287 // make a parent to clone from
>>> CID 1251451: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx2" going out of scope leaks the storage it points to.
1288 ASSERT_EQ(0, create_image_full(ioctx1, parent_name.c_str(), 4<<20, &order,
1289 false, features));
1290 ASSERT_EQ(0, rbd_open(ioctx1, parent_name.c_str(), &parent, NULL));
1291 // create a snapshot, reopen as the parent we're interested in
1292 ASSERT_EQ(0, rbd_snap_create(parent, "parent_snap"));
1293 ASSERT_EQ(0, rbd_snap_set(parent, "parent_snap"));
________________________________________________________________________________________________________
*** CID 1251452: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1388 in TestLibRBD_ListChildrenTiered_Test::TestBody()()
1382
1383 int features = RBD_FEATURE_LAYERING;
1384 rbd_image_t parent;
1385 int order = 0;
1386
1387 // make a parent to clone from
>>> CID 1251452: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx2" going out of scope leaks the storage it points to.
1388 ASSERT_EQ(0, create_image_full(ioctx1, parent_name.c_str(), 4<<20, &order,
1389 false, features));
1390 ASSERT_EQ(0, rbd_open(ioctx1, parent_name.c_str(), &parent, NULL));
1391 // create a snapshot, reopen as the parent we're interested in
1392 ASSERT_EQ(0, rbd_snap_create(parent, "parent_snap"));
1393 ASSERT_EQ(0, rbd_snap_set(parent, "parent_snap"));
________________________________________________________________________________________________________
*** CID 1251453: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_list_objects.cc: 72 in StRadosListObjects::run()()
66 RETURN1_IF_NONZERO(rados_ioctx_create(cl, "foo", &io_ctx));
67
68 int saw = 0;
69 const char *obj_name;
70 rados_list_ctx_t h;
71 printf("%s: listing objects.\n", get_id_str());
>>> CID 1251453: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
72 RETURN1_IF_NONZERO(rados_nobjects_list_open(io_ctx, &h));
73 while (true) {
74 int ret = rados_nobjects_list_next(h, &obj_name, NULL, NULL);
75 if (ret == -ENOENT) {
76 break;
77 }
/test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()()
76 break;
77 }
78 else if (ret != 0) {
79 if (m_accept_list_errors && (!m_midway_sem_post || saw > m_midway_cnt))
80 break;
81 printf("%s: rados_objects_list_next error: %d\n", get_id_str(), ret);
>>> CID 1251453: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
82 return ret;
83 }
84 if ((saw % 25) == 0) {
85 printf("%s: listed object %d...\n", get_id_str(), saw);
86 }
87 ++saw;
________________________________________________________________________________________________________
*** CID 1251454: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_list_objects.cc: 82 in StRadosListObjects::run()()
76 break;
77 }
78 else if (ret != 0) {
79 if (m_accept_list_errors && (!m_midway_sem_post || saw > m_midway_cnt))
80 break;
81 printf("%s: rados_objects_list_next error: %d\n", get_id_str(), ret);
>>> CID 1251454: Resource leak (RESOURCE_LEAK)
>>> Variable "h" going out of scope leaks the storage it points to.
82 return ret;
83 }
84 if ((saw % 25) == 0) {
85 printf("%s: listed object %d...\n", get_id_str(), saw);
86 }
87 ++saw;
________________________________________________________________________________________________________
*** CID 1251455: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
294 {
295 stringstream path;
296 path << directory << "/" << chunk;
297 return path.str();
298 }
299
>>> CID 1251455: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
300 int main(int argc, char** argv) {
301 ErasureCodeNonRegression non_regression;
302 int err = non_regression.setup(argc, argv);
303 if (err)
304 return err;
305 return non_regression.run();
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
294 {
295 stringstream path;
296 path << directory << "/" << chunk;
297 return path.str();
298 }
299
>>> CID 1251455: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
300 int main(int argc, char** argv) {
301 ErasureCodeNonRegression non_regression;
302 int err = non_regression.setup(argc, argv);
303 if (err)
304 return err;
305 return non_regression.run();
________________________________________________________________________________________________________
*** CID 1251456: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
294 {
295 stringstream path;
296 path << directory << "/" << chunk;
297 return path.str();
298 }
299
>>> CID 1251456: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_lexical_cast> >" is thrown and never caught.
300 int main(int argc, char** argv) {
301 ErasureCodeNonRegression non_regression;
302 int err = non_regression.setup(argc, argv);
303 if (err)
304 return err;
305 return non_regression.run();
________________________________________________________________________________________________________
*** CID 1251457: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
294 {
295 stringstream path;
296 path << directory << "/" << chunk;
297 return path.str();
298 }
299
>>> CID 1251457: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_any_cast> >" is thrown and never caught.
300 int main(int argc, char** argv) {
301 ErasureCodeNonRegression non_regression;
302 int err = non_regression.setup(argc, argv);
303 if (err)
304 return err;
305 return non_regression.run();
________________________________________________________________________________________________________
*** CID 1251458: Uncaught exception (UNCAUGHT_EXCEPT)
/test/erasure-code/ceph_erasure_code_non_regression.cc: 300 in main()
294 {
295 stringstream path;
296 path << directory << "/" << chunk;
297 return path.str();
298 }
299
>>> CID 1251458: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::bad_function_call> >" is thrown and never caught.
300 int main(int argc, char** argv) {
301 ErasureCodeNonRegression non_regression;
302 int err = non_regression.setup(argc, argv);
303 if (err)
304 return err;
305 return non_regression.run();
________________________________________________________________________________________________________
*** CID 1251459: Uninitialized pointer field (UNINIT_CTOR)
/test/librados/TestCase.h: 24 in RadosTestNS::RadosTestNS()()
18 *
19 * Since pool creation and deletion is slow, this allows many tests to
20 * run faster.
21 */
22 class RadosTestNS : public ::testing::Test {
23 public:
>>> CID 1251459: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "ioctx" is not initialized in this constructor nor in any functions that it calls.
24 RadosTestNS() {}
25 virtual ~RadosTestNS() {}
26 protected:
27 static void SetUpTestCase();
28 static void TearDownTestCase();
29 static void cleanup_all_objects(rados_ioctx_t ioctx);
________________________________________________________________________________________________________
*** CID 1251460: Uninitialized pointer field (UNINIT_CTOR)
/test/librados/TestCase.h: 76 in RadosTestECNS::RadosTestECNS()()
70 librados::Rados &cluster;
71 librados::IoCtx ioctx;
72 };
73
74 class RadosTestECNS : public RadosTestNS {
75 public:
>>> CID 1251460: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "alignment" is not initialized in this constructor nor in any functions that it calls.
76 RadosTestECNS() {}
77 virtual ~RadosTestECNS() {}
78 protected:
79 static void SetUpTestCase();
80 static void TearDownTestCase();
81 static rados_t s_cluster;
________________________________________________________________________________________________________
*** CID 1251461: Uninitialized scalar field (UNINIT_CTOR)
/test/librados/TestCase.h: 93 in RadosTestECPPNS::RadosTestECPPNS()()
87 rados_ioctx_t ioctx;
88 uint64_t alignment;
89 };
90
91 class RadosTestECPPNS : public RadosTestPPNS {
92 public:
>>> CID 1251461: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "alignment" is not initialized in this constructor nor in any functions that it calls.
93 RadosTestECPPNS() : cluster(s_cluster) {}
94 virtual ~RadosTestECPPNS() {}
95 protected:
96 static void SetUpTestCase();
97 static void TearDownTestCase();
98 static librados::Rados s_cluster;
________________________________________________________________________________________________________
*** CID 1251462: Use after free (USE_AFTER_FREE)
/test/librbd/test_librbd.cc: 299 in test_ls(void *, unsigned long, ...)()
293 va_start(ap, num_expected);
294 for (i = num_expected; i > 0; i--) {
295 char *expected = va_arg(ap, char *);
296 printf("expected = %s\n", expected);
297 std::set<std::string>::iterator it = image_names.find(expected);
298 if (it != image_names.end()) {
>>> CID 1251462: Use after free (USE_AFTER_FREE)
>>> Passing freed pointer "cur_name" as an argument to "printf".
299 printf("found %s\n", cur_name);
300 image_names.erase(it);
301 } else {
302 ADD_FAILURE() << "Unable to find image " << expected;
303 return -ENOENT;
304 }
________________________________________________________________________________________________________
*** CID 1251463: Missing varargs init or cleanup (VARARGS)
/test/librbd/test_librbd.cc: 303 in test_ls(void *, unsigned long, ...)()
297 std::set<std::string>::iterator it = image_names.find(expected);
298 if (it != image_names.end()) {
299 printf("found %s\n", cur_name);
300 image_names.erase(it);
301 } else {
302 ADD_FAILURE() << "Unable to find image " << expected;
>>> CID 1251463: Missing varargs init or cleanup (VARARGS)
>>> va_end was not called for "ap".
303 return -ENOENT;
304 }
305 }
306 va_end(ap);
307
308 if (!image_names.empty()) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-11-09 14:12 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-11-09 14:12 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1251353: Big parameter passed by value (PASS_BY_VALUE)
/mds/CInode.cc: 3544 in CInode::validate_disk_state(CInode::validated_data *, std::tr1::shared_ptr<MDRequestImpl> &)::ValidationContinuation::_backtrace(int)()
** CID 1251354: Structurally dead code (UNREACHABLE)
/mds/mdstypes.cc: 440 in inode_t::compare(const inode_t&, bool *) const()
________________________________________________________________________________________________________
*** CID 1251353: Big parameter passed by value (PASS_BY_VALUE)
/mds/CInode.cc: 3544 in CInode::validate_disk_state(CInode::validated_data *, std::tr1::shared_ptr<MDRequestImpl> &)::ValidationContinuation::_backtrace(int)()
3538 }
3539
3540 // extract the backtrace, and compare it to a newly-constructed one
3541 try {
3542 bufferlist::iterator p = bl.begin();
3543 ::decode(results->backtrace.ondisk_value, p);
>>> CID 1251353: Big parameter passed by value (PASS_BY_VALUE)
>>> Catching an exception object of size 264 bytes by value.
3544 } catch (buffer::malformed_input) {
3545 results->backtrace.passed = false;
3546 results->backtrace.error_str << "failed to decode on-disk backtrace!";
3547 return true;
3548 }
3549 int64_t pool;
________________________________________________________________________________________________________
*** CID 1251354: Structurally dead code (UNREACHABLE)
/mds/mdstypes.cc: 440 in inode_t::compare(const inode_t&, bool *) const()
434 } else {
435 assert(version < other.version);
436 *divergent = !other.older_is_consistent(*this);
437 return -1;
438 }
439 assert(0 == "can't have reached this point");
>>> CID 1251354: Structurally dead code (UNREACHABLE)
>>> This code cannot be reached: "*divergent = true;".
440 *divergent = true;
441 return 0;
442 }
443
444 bool inode_t::older_is_consistent(const inode_t &other) const
445 {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2014-10-30 13:19 scan-admin
@ 2014-10-30 16:08 ` Sage Weil
0 siblings, 0 replies; 124+ messages in thread
From: Sage Weil @ 2014-10-30 16:08 UTC (permalink / raw)
To: scan-admin; +Cc: ceph-devel
On Thu, 30 Oct 2014, scan-admin@coverity.com wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 1 new defect(s) introduced to ceph found with Coverity Scan.
> 25 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
>
>
> ** CID 1250262: Dereference after null check (FORWARD_NULL)
> /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, bool)()
>
>
> ________________________________________________________________________________________________________
> *** CID 1250262: Dereference after null check (FORWARD_NULL)
> /osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, bool)()
> 2056 if (ret == -ENOENT) {
> 2057 t->osd = -1;
> 2058 return RECALC_OP_TARGET_POOL_DNE;
> 2059 }
> 2060 }
> 2061
> >>> CID 1250262: Dereference after null check (FORWARD_NULL)
> >>> Dereferencing null pointer "pi".
> 2062 int min_size = pi->min_size;
> 2063 unsigned pg_num = pi->get_pg_num();
> 2064 int up_primary, acting_primary;
> 2065 vector<int> up, acting;
> 2066 osdmap->pg_to_up_acting_osds(pgid, &up, &up_primary,
> 2067 &acting, &acting_primary);
opened #9944
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-10-30 13:19 scan-admin
2014-10-30 16:08 ` Sage Weil
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2014-10-30 13:19 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
1 new defect(s) introduced to ceph found with Coverity Scan.
25 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1250262: Dereference after null check (FORWARD_NULL)
/osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, bool)()
________________________________________________________________________________________________________
*** CID 1250262: Dereference after null check (FORWARD_NULL)
/osdc/Objecter.cc: 2062 in Objecter::_calc_target(Objecter::op_target_t *, bool)()
2056 if (ret == -ENOENT) {
2057 t->osd = -1;
2058 return RECALC_OP_TARGET_POOL_DNE;
2059 }
2060 }
2061
>>> CID 1250262: Dereference after null check (FORWARD_NULL)
>>> Dereferencing null pointer "pi".
2062 int min_size = pi->min_size;
2063 unsigned pg_num = pi->get_pg_num();
2064 int up_primary, acting_primary;
2065 vector<int> up, acting;
2066 osdmap->pg_to_up_acting_osds(pgid, &up, &up_primary,
2067 &acting, &acting_primary);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2014-10-28 13:16 scan-admin
@ 2014-10-28 18:26 ` Danny Al-Gaaf
0 siblings, 0 replies; 124+ messages in thread
From: Danny Al-Gaaf @ 2014-10-28 18:26 UTC (permalink / raw)
To: ceph-devel
Hi,
these can be ignored, they are caused by the ASSERT_* handling of the
gtest framework.
Danny
Am 28.10.2014 um 14:16 schrieb scan-admin@coverity.com:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph
> found with Coverity Scan.
>
> 2 new defect(s) introduced to ceph found with Coverity Scan. 5
> defect(s), reported by Coverity Scan earlier, were marked fixed in
> the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s)
>
>
> ** CID 1249779: Resource leak (RESOURCE_LEAK)
> /test/libradosstriper/striping.cc: 56 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 59 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 52 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 55 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 47 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 50 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 51 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 45 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 46 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)()
>
> ** CID 1249780: Resource leak (RESOURCE_LEAK)
> /test/libradosstriper/striping.cc: 95 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 97 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 100 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 103 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() /test/libradosstriper/striping.cc: 145 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)()
>
>
> ________________________________________________________________________________________________________
>
>
*** CID 1249779: Resource leak (RESOURCE_LEAK)
> /test/libradosstriper/striping.cc: 56 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 50 ASSERT_LT(0U, stripe_count); 51
> ASSERT_EQ(stripe_count, exp_stripe_count); 52 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
> 53 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 54 uint64_t
> object_size = strtoll(s_xattr.c_str(), NULL, 10); 55
> ASSERT_EQ(object_size, exp_object_size);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size",
> xattrbl)); 57 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 58 uint64_t
> xa_size = strtoll(s_xattr.c_str(), NULL, 10); 59
> ASSERT_EQ(xa_size, size); 60 // checking object content
> from rados point of view 61 // we will go stripe by stripe,
> read the content of each of them and
> /test/libradosstriper/striping.cc: 59 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 53 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 54 uint64_t
> object_size = strtoll(s_xattr.c_str(), NULL, 10); 55
> ASSERT_EQ(object_size, exp_object_size); 56 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.size", xattrbl)); 57
> s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0
> byte at the end 58 uint64_t xa_size =
> strtoll(s_xattr.c_str(), NULL, 10);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 59 ASSERT_EQ(xa_size, size); 60 // checking object
> content from rados point of view 61 // we will go stripe by
> stripe, read the content of each of them and 62 // check
> with expectations 63 uint64_t stripe_per_object =
> object_size / stripe_unit; 64 uint64_t stripe_per_objectset
> = stripe_per_object * stripe_count;
> /test/libradosstriper/striping.cc: 52 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 46 ASSERT_EQ(stripe_unit,
> exp_stripe_unit); 47 ASSERT_LT(0, ioctx.getxattr(firstOid,
> "striper.layout.stripe_count", xattrbl)); 48 s_xattr =
> std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at
> the end 49 uint64_t stripe_count = strtoll(s_xattr.c_str(),
> NULL, 10); 50 ASSERT_LT(0U, stripe_count); 51
> ASSERT_EQ(stripe_count, exp_stripe_count);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 52 ASSERT_LT(0, ioctx.getxattr(firstOid,
> "striper.layout.object_size", xattrbl)); 53 s_xattr =
> std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at
> the end 54 uint64_t object_size = strtoll(s_xattr.c_str(),
> NULL, 10); 55 ASSERT_EQ(object_size, exp_object_size); 56
> ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl)); 57
> s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0
> byte at the end /test/libradosstriper/striping.cc: 55 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 49 uint64_t stripe_count =
> strtoll(s_xattr.c_str(), NULL, 10); 50 ASSERT_LT(0U,
> stripe_count); 51 ASSERT_EQ(stripe_count,
> exp_stripe_count); 52 ASSERT_LT(0, ioctx.getxattr(firstOid,
> "striper.layout.object_size", xattrbl)); 53 s_xattr =
> std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at
> the end 54 uint64_t object_size = strtoll(s_xattr.c_str(),
> NULL, 10);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 55 ASSERT_EQ(object_size, exp_object_size); 56
> ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl)); 57
> s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0
> byte at the end 58 uint64_t xa_size =
> strtoll(s_xattr.c_str(), NULL, 10); 59 ASSERT_EQ(xa_size,
> size); 60 // checking object content from rados point of
> view /test/libradosstriper/striping.cc: 47 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 41 char* firstOid = getObjName(soid, 0);
> 42 ASSERT_LT(0, ioctx.getxattr(firstOid,
> "striper.layout.stripe_unit", xattrbl)); 43 std::string
> s_xattr(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the
> end 44 uint64_t stripe_unit = strtoll(s_xattr.c_str(),
> NULL, 10); 45 ASSERT_LT((unsigned)0, stripe_unit); 46
> ASSERT_EQ(stripe_unit, exp_stripe_unit);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 47 ASSERT_LT(0, ioctx.getxattr(firstOid,
> "striper.layout.stripe_count", xattrbl)); 48 s_xattr =
> std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at
> the end 49 uint64_t stripe_count = strtoll(s_xattr.c_str(),
> NULL, 10); 50 ASSERT_LT(0U, stripe_count); 51
> ASSERT_EQ(stripe_count, exp_stripe_count); 52 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
> /test/libradosstriper/striping.cc: 50 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 44 uint64_t stripe_unit =
> strtoll(s_xattr.c_str(), NULL, 10); 45
> ASSERT_LT((unsigned)0, stripe_unit); 46
> ASSERT_EQ(stripe_unit, exp_stripe_unit); 47 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
> 48 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 49 uint64_t
> stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 50 ASSERT_LT(0U, stripe_count); 51
> ASSERT_EQ(stripe_count, exp_stripe_count); 52 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
> 53 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 54 uint64_t
> object_size = strtoll(s_xattr.c_str(), NULL, 10); 55
> ASSERT_EQ(object_size, exp_object_size);
> /test/libradosstriper/striping.cc: 51 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 45 ASSERT_LT((unsigned)0, stripe_unit); 46
> ASSERT_EQ(stripe_unit, exp_stripe_unit); 47 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
> 48 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 49 uint64_t
> stripe_count = strtoll(s_xattr.c_str(), NULL, 10); 50
> ASSERT_LT(0U, stripe_count);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 51 ASSERT_EQ(stripe_count, exp_stripe_count); 52
> ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size",
> xattrbl)); 53 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 54 uint64_t
> object_size = strtoll(s_xattr.c_str(), NULL, 10); 55
> ASSERT_EQ(object_size, exp_object_size); 56 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.size", xattrbl));
> /test/libradosstriper/striping.cc: 45 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 39 // checking first object's rados
> xattrs 40 bufferlist xattrbl; 41 char* firstOid =
> getObjName(soid, 0); 42 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.stripe_unit", xattrbl));
> 43 std::string s_xattr(xattrbl.c_str(), xattrbl.length());
> // adds 0 byte at the end 44 uint64_t stripe_unit =
> strtoll(s_xattr.c_str(), NULL, 10);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 45 ASSERT_LT((unsigned)0, stripe_unit); 46
> ASSERT_EQ(stripe_unit, exp_stripe_unit); 47 ASSERT_LT(0,
> ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
> 48 s_xattr = std::string(xattrbl.c_str(),
> xattrbl.length()); // adds 0 byte at the end 49 uint64_t
> stripe_count = strtoll(s_xattr.c_str(), NULL, 10); 50
> ASSERT_LT(0U, stripe_count); /test/libradosstriper/striping.cc: 46
> in StriperTestRT::checkObjectFromRados(const
> std::basic_string<char, std::char_traits<char>,
> std::allocator<char>>&, ceph::buffer::list &, unsigned long,
> unsigned long, unsigned long, unsigned long, unsigned long)() 40
> bufferlist xattrbl; 41 char* firstOid = getObjName(soid,
> 0); 42 ASSERT_LT(0, ioctx.getxattr(firstOid,
> "striper.layout.stripe_unit", xattrbl)); 43 std::string
> s_xattr(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the
> end 44 uint64_t stripe_unit = strtoll(s_xattr.c_str(),
> NULL, 10); 45 ASSERT_LT((unsigned)0, stripe_unit);
>>>> CID 1249779: Resource leak (RESOURCE_LEAK) Variable
>>>> "firstOid" going out of scope leaks the storage it points
>>>> to.
> 46 ASSERT_EQ(stripe_unit, exp_stripe_unit); 47
> ASSERT_LT(0, ioctx.getxattr(firstOid,
> "striper.layout.stripe_count", xattrbl)); 48 s_xattr =
> std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at
> the end 49 uint64_t stripe_count = strtoll(s_xattr.c_str(),
> NULL, 10); 50 ASSERT_LT(0U, stripe_count); 51
> ASSERT_EQ(stripe_count, exp_stripe_count);
>
> ________________________________________________________________________________________________________
>
>
*** CID 1249780: Resource leak (RESOURCE_LEAK)
> /test/libradosstriper/striping.cc: 95 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 89 int rc = ioctx.read(oid, stripe_data,
> len, start); 90 if (actual_size_if_sparse < size and 91
> (actual_size_if_sparse+stripe_unit-1)/stripe_unit <= stripe_nb) {
> 92 // sparse object case : the stripe does not exist,
> but the rados object may 93 uint64_t object_start =
> (object_in_set + objectset*stripe_per_objectset) * stripe_unit; 94
> if (actual_size_if_sparse <= object_start) {
>>>> CID 1249780: Resource leak (RESOURCE_LEAK) Variable "oid"
>>>> going out of scope leaks the storage it points to.
> 95 ASSERT_EQ(rc, -ENOENT); 96 } else { 97
> ASSERT_EQ(rc, 0); 98 } 99 } else { 100
> ASSERT_EQ((uint64_t)rc, len); /test/libradosstriper/striping.cc: 97
> in StriperTestRT::checkObjectFromRados(const
> std::basic_string<char, std::char_traits<char>,
> std::allocator<char>>&, ceph::buffer::list &, unsigned long,
> unsigned long, unsigned long, unsigned long, unsigned long)() 91
> (actual_size_if_sparse+stripe_unit-1)/stripe_unit <= stripe_nb) {
> 92 // sparse object case : the stripe does not exist,
> but the rados object may 93 uint64_t object_start =
> (object_in_set + objectset*stripe_per_objectset) * stripe_unit; 94
> if (actual_size_if_sparse <= object_start) { 95
> ASSERT_EQ(rc, -ENOENT); 96 } else {
>>>> CID 1249780: Resource leak (RESOURCE_LEAK) Variable "oid"
>>>> going out of scope leaks the storage it points to.
> 97 ASSERT_EQ(rc, 0); 98 } 99 }
> else { 100 ASSERT_EQ((uint64_t)rc, len); 101
> bufferlist original_data; 102
> original_data.substr_of(bl, stripe_nb*stripe_unit, len);
> /test/libradosstriper/striping.cc: 100 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 94 if (actual_size_if_sparse <=
> object_start) { 95 ASSERT_EQ(rc, -ENOENT); 96
> } else { 97 ASSERT_EQ(rc, 0); 98 } 99
> } else {
>>>> CID 1249780: Resource leak (RESOURCE_LEAK) Variable "oid"
>>>> going out of scope leaks the storage it points to.
> 100 ASSERT_EQ((uint64_t)rc, len); 101
> bufferlist original_data; 102
> original_data.substr_of(bl, stripe_nb*stripe_unit, len); 103
> ASSERT_EQ(0, memcmp(original_data.c_str(), stripe_data.c_str(),
> len)); 104 } 105 free(oid);
> /test/libradosstriper/striping.cc: 103 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 97 ASSERT_EQ(rc, 0); 98
> } 99 } else { 100 ASSERT_EQ((uint64_t)rc,
> len); 101 bufferlist original_data; 102
> original_data.substr_of(bl, stripe_nb*stripe_unit, len);
>>>> CID 1249780: Resource leak (RESOURCE_LEAK) Variable "oid"
>>>> going out of scope leaks the storage it points to.
> 103 ASSERT_EQ(0, memcmp(original_data.c_str(),
> stripe_data.c_str(), len)); 104 } 105
> free(oid); 106 } 107 // checking rados object
> sizes; we go object by object 108 uint64_t
> nb_full_object_sets = nb_stripes_in_object / stripe_per_objectset;
> /test/libradosstriper/striping.cc: 145 in
> StriperTestRT::checkObjectFromRados(const std::basic_string<char,
> std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list
> &, unsigned long, unsigned long, unsigned long, unsigned long,
> unsigned long)() 139 free(oid); 140 } 141
> // check we do not have an extra object behind 142 uint64_t
> rados_size; 143 time_t mtime; 144 char* oid =
> getObjName(soid, nb_objects);
>>>> CID 1249780: Resource leak (RESOURCE_LEAK) Variable "oid"
>>>> going out of scope leaks the storage it points to.
> 145 ASSERT_EQ(-ENOENT, ioctx.stat(oid, &rados_size,
> &mtime)); 146 free(oid); 147 free(firstOid); 148
> } 149 }; 150
>
>
> ________________________________________________________________________________________________________
>
>
To view the defects in Coverity Scan visit,
http://scan.coverity.com/projects/25?tab=overview
>
> To unsubscribe from the email notification for new defects,
> http://scan5.coverity.com/cgi-bin/unsubscribe.py
>
>
>
> -- To unsubscribe from this list: send the line "unsubscribe
> ceph-devel" in the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-10-28 13:16 scan-admin
2014-10-28 18:26 ` Danny Al-Gaaf
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2014-10-28 13:16 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
2 new defect(s) introduced to ceph found with Coverity Scan.
5 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1249779: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 56 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 52 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 55 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 47 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 50 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 51 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 45 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 46 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1249780: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 95 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 97 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 100 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 103 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 145 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
________________________________________________________________________________________________________
*** CID 1249779: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 56 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
50 ASSERT_LT(0U, stripe_count);
51 ASSERT_EQ(stripe_count, exp_stripe_count);
52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(object_size, exp_object_size);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl));
57 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
58 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10);
59 ASSERT_EQ(xa_size, size);
60 // checking object content from rados point of view
61 // we will go stripe by stripe, read the content of each of them and
/test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(object_size, exp_object_size);
56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl));
57 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
58 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
59 ASSERT_EQ(xa_size, size);
60 // checking object content from rados point of view
61 // we will go stripe by stripe, read the content of each of them and
62 // check with expectations
63 uint64_t stripe_per_object = object_size / stripe_unit;
64 uint64_t stripe_per_objectset = stripe_per_object * stripe_count;
/test/libradosstriper/striping.cc: 52 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
46 ASSERT_EQ(stripe_unit, exp_stripe_unit);
47 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
48 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
49 uint64_t stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
50 ASSERT_LT(0U, stripe_count);
51 ASSERT_EQ(stripe_count, exp_stripe_count);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(object_size, exp_object_size);
56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl));
57 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
/test/libradosstriper/striping.cc: 55 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
49 uint64_t stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
50 ASSERT_LT(0U, stripe_count);
51 ASSERT_EQ(stripe_count, exp_stripe_count);
52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
55 ASSERT_EQ(object_size, exp_object_size);
56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl));
57 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
58 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10);
59 ASSERT_EQ(xa_size, size);
60 // checking object content from rados point of view
/test/libradosstriper/striping.cc: 47 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
41 char* firstOid = getObjName(soid, 0);
42 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_unit", xattrbl));
43 std::string s_xattr(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
44 uint64_t stripe_unit = strtoll(s_xattr.c_str(), NULL, 10);
45 ASSERT_LT((unsigned)0, stripe_unit);
46 ASSERT_EQ(stripe_unit, exp_stripe_unit);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
47 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
48 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
49 uint64_t stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
50 ASSERT_LT(0U, stripe_count);
51 ASSERT_EQ(stripe_count, exp_stripe_count);
52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
/test/libradosstriper/striping.cc: 50 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
44 uint64_t stripe_unit = strtoll(s_xattr.c_str(), NULL, 10);
45 ASSERT_LT((unsigned)0, stripe_unit);
46 ASSERT_EQ(stripe_unit, exp_stripe_unit);
47 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
48 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
49 uint64_t stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
50 ASSERT_LT(0U, stripe_count);
51 ASSERT_EQ(stripe_count, exp_stripe_count);
52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(object_size, exp_object_size);
/test/libradosstriper/striping.cc: 51 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
45 ASSERT_LT((unsigned)0, stripe_unit);
46 ASSERT_EQ(stripe_unit, exp_stripe_unit);
47 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
48 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
49 uint64_t stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
50 ASSERT_LT(0U, stripe_count);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
51 ASSERT_EQ(stripe_count, exp_stripe_count);
52 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.object_size", xattrbl));
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t object_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(object_size, exp_object_size);
56 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.size", xattrbl));
/test/libradosstriper/striping.cc: 45 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
39 // checking first object's rados xattrs
40 bufferlist xattrbl;
41 char* firstOid = getObjName(soid, 0);
42 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_unit", xattrbl));
43 std::string s_xattr(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
44 uint64_t stripe_unit = strtoll(s_xattr.c_str(), NULL, 10);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
45 ASSERT_LT((unsigned)0, stripe_unit);
46 ASSERT_EQ(stripe_unit, exp_stripe_unit);
47 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
48 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
49 uint64_t stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
50 ASSERT_LT(0U, stripe_count);
/test/libradosstriper/striping.cc: 46 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
40 bufferlist xattrbl;
41 char* firstOid = getObjName(soid, 0);
42 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_unit", xattrbl));
43 std::string s_xattr(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
44 uint64_t stripe_unit = strtoll(s_xattr.c_str(), NULL, 10);
45 ASSERT_LT((unsigned)0, stripe_unit);
>>> CID 1249779: Resource leak (RESOURCE_LEAK)
>>> Variable "firstOid" going out of scope leaks the storage it points to.
46 ASSERT_EQ(stripe_unit, exp_stripe_unit);
47 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_count", xattrbl));
48 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
49 uint64_t stripe_count = strtoll(s_xattr.c_str(), NULL, 10);
50 ASSERT_LT(0U, stripe_count);
51 ASSERT_EQ(stripe_count, exp_stripe_count);
________________________________________________________________________________________________________
*** CID 1249780: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 95 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
89 int rc = ioctx.read(oid, stripe_data, len, start);
90 if (actual_size_if_sparse < size and
91 (actual_size_if_sparse+stripe_unit-1)/stripe_unit <= stripe_nb) {
92 // sparse object case : the stripe does not exist, but the rados object may
93 uint64_t object_start = (object_in_set + objectset*stripe_per_objectset) * stripe_unit;
94 if (actual_size_if_sparse <= object_start) {
>>> CID 1249780: Resource leak (RESOURCE_LEAK)
>>> Variable "oid" going out of scope leaks the storage it points to.
95 ASSERT_EQ(rc, -ENOENT);
96 } else {
97 ASSERT_EQ(rc, 0);
98 }
99 } else {
100 ASSERT_EQ((uint64_t)rc, len);
/test/libradosstriper/striping.cc: 97 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
91 (actual_size_if_sparse+stripe_unit-1)/stripe_unit <= stripe_nb) {
92 // sparse object case : the stripe does not exist, but the rados object may
93 uint64_t object_start = (object_in_set + objectset*stripe_per_objectset) * stripe_unit;
94 if (actual_size_if_sparse <= object_start) {
95 ASSERT_EQ(rc, -ENOENT);
96 } else {
>>> CID 1249780: Resource leak (RESOURCE_LEAK)
>>> Variable "oid" going out of scope leaks the storage it points to.
97 ASSERT_EQ(rc, 0);
98 }
99 } else {
100 ASSERT_EQ((uint64_t)rc, len);
101 bufferlist original_data;
102 original_data.substr_of(bl, stripe_nb*stripe_unit, len);
/test/libradosstriper/striping.cc: 100 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
94 if (actual_size_if_sparse <= object_start) {
95 ASSERT_EQ(rc, -ENOENT);
96 } else {
97 ASSERT_EQ(rc, 0);
98 }
99 } else {
>>> CID 1249780: Resource leak (RESOURCE_LEAK)
>>> Variable "oid" going out of scope leaks the storage it points to.
100 ASSERT_EQ((uint64_t)rc, len);
101 bufferlist original_data;
102 original_data.substr_of(bl, stripe_nb*stripe_unit, len);
103 ASSERT_EQ(0, memcmp(original_data.c_str(), stripe_data.c_str(), len));
104 }
105 free(oid);
/test/libradosstriper/striping.cc: 103 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
97 ASSERT_EQ(rc, 0);
98 }
99 } else {
100 ASSERT_EQ((uint64_t)rc, len);
101 bufferlist original_data;
102 original_data.substr_of(bl, stripe_nb*stripe_unit, len);
>>> CID 1249780: Resource leak (RESOURCE_LEAK)
>>> Variable "oid" going out of scope leaks the storage it points to.
103 ASSERT_EQ(0, memcmp(original_data.c_str(), stripe_data.c_str(), len));
104 }
105 free(oid);
106 }
107 // checking rados object sizes; we go object by object
108 uint64_t nb_full_object_sets = nb_stripes_in_object / stripe_per_objectset;
/test/libradosstriper/striping.cc: 145 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
139 free(oid);
140 }
141 // check we do not have an extra object behind
142 uint64_t rados_size;
143 time_t mtime;
144 char* oid = getObjName(soid, nb_objects);
>>> CID 1249780: Resource leak (RESOURCE_LEAK)
>>> Variable "oid" going out of scope leaks the storage it points to.
145 ASSERT_EQ(-ENOENT, ioctx.stat(oid, &rados_size, &mtime));
146 free(oid);
147 free(firstOid);
148 }
149 };
150
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-10-26 13:17 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-10-26 13:17 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
77 new defect(s) introduced to ceph found with Coverity Scan.
74 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 77 defect(s)
** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 253 in Capability::Capability(CInode *, unsigned long, client_t)()
** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 564 in Monitor::preinit()()
** CID 1213581: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 5523 in OSD::ms_fast_preprocess(Message *)()
** CID 1214678: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 326 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr<const OSDMap>, std::tr1::shared_ptr<const OSDMap>, spg_t)()
** CID 1219460: Unchecked return value (CHECKED_RETURN)
/tools/cephfs/JournalTool.cc: 104 in JournalTool::main(std::vector<const char *, std::allocator<const char *>> &)()
** CID 1219463: Unchecked return value (CHECKED_RETURN)
/client/SyntheticClient.cc: 1142 in SyntheticClient::play_trace(Trace &, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool)()
** CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
** CID 1219621: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
** CID 1219622: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
** CID 1219637: Uncaught exception (UNCAUGHT_EXCEPT)
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
/test/filestore/TestFileStore.cc: 67 in main()
** CID 1219650: Uninitialized scalar field (UNINIT_CTOR)
/tools/cephfs/Resetter.h: 29 in Resetter::Resetter()()
** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
/osd/PG.cc: 1000 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 61 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 70 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1221525: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 227 in StriperTestRT_StripedRoundtrip_Test::TestBody()()
** CID 1221526: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 39 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 86 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
/test/libradosstriper/striping.cc: 140 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1221538: Uninitialized pointer field (UNINIT_CTOR)
/test/libradosstriper/TestCase.h: 25 in StriperTest::StriperTest()()
** CID 1225099: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1523 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::
detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, int &)()
** CID 1225100: Missing unlock (LOCK)
/mds/MDLog.cc: 562 in MDLog::trim(int)()
/mds/MDLog.cc: 562 in MDLog::trim(int)()
** CID 1225101: Missing unlock (LOCK)
/mds/MDLog.cc: 445 in MDLog::shutdown()()
________________________________________________________________________________________________________
*** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 253 in Capability::Capability(CInode *, unsigned long, client_t)()
247 client_follows(0), client_xattr_version(0),
248 client_inline_version(0),
249 item_session_caps(this), item_snaprealm_caps(this),
250 item_revoking_caps(this), item_client_revoking_caps(this) {
251 g_num_cap++;
252 g_num_capa++;
>>> CID 717233: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "num_revoke_warnings" is not initialized in this constructor nor in any functions that it calls.
253 }
254 ~Capability() {
255 g_num_cap--;
256 g_num_caps++;
257 }
258
________________________________________________________________________________________________________
*** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 564 in Monitor::preinit()()
558
559 dout(1) << "preinit fsid " << monmap->fsid << dendl;
560
561 int r = sanitize_options();
562 if (r < 0) {
563 derr << "option sanitization failed!" << dendl;
>>> CID 1201388: Missing unlock (LOCK)
>>> Returning without unlocking "this->lock._m".
564 return r;
565 }
566
567 assert(!logger);
568 {
569 PerfCountersBuilder pcb(g_ceph_context, "mon", l_mon_first, l_mon_last);
________________________________________________________________________________________________________
*** CID 1213581: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 5523 in OSD::ms_fast_preprocess(Message *)()
5517
5518 void OSD::ms_fast_preprocess(Message *m)
5519 {
5520 if (m->get_connection()->get_peer_type() == CEPH_ENTITY_TYPE_OSD) {
5521 if (m->get_type() == CEPH_MSG_OSD_MAP) {
5522 MOSDMap *mm = static_cast<MOSDMap*>(m);
>>> CID 1213581: Dereference null return value (NULL_RETURNS)
>>> Assigning: "s" = null return value from "get_priv".
5523 Session *s = static_cast<Session*>(m->get_connection()->get_priv());
5524 s->received_map_lock.Lock();
5525 s->received_map_epoch = mm->get_last();
5526 s->received_map_lock.Unlock();
5527 s->put();
5528 }
________________________________________________________________________________________________________
*** CID 1214678: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 326 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr<const OSDMap>, std::tr1::shared_ptr<const OSDMap>, spg_t)()
320 OSDMapRef new_map,
321 spg_t pgid)
322 {
323 assert(old_map->have_pg_pool(pgid.pool()));
324 if (pgid.ps() < static_cast<unsigned>(old_map->get_pg_num(pgid.pool()))) {
325 set<spg_t> children;
>>> CID 1214678: Unchecked return value (CHECKED_RETURN)
>>> Calling "is_split" without checking return value (as is done elsewhere 6 out of 7 times).
326 pgid.is_split(old_map->get_pg_num(pgid.pool()),
327 new_map->get_pg_num(pgid.pool()), &children);
328 _start_split(pgid, children);
329 } else {
330 assert(pgid.ps() < static_cast<unsigned>(new_map->get_pg_num(pgid.pool())));
331 }
________________________________________________________________________________________________________
*** CID 1219460: Unchecked return value (CHECKED_RETURN)
/tools/cephfs/JournalTool.cc: 104 in JournalTool::main(std::vector<const char *, std::allocator<const char *>> &)()
98 if (r < 0) {
99 derr << "RADOS unavailable, cannot scan filesystem journal" << dendl;
100 return r;
101 }
102
103 dout(4) << "JournalTool: connecting to RADOS..." << dendl;
>>> CID 1219460: Unchecked return value (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 14 out of 17 times).
104 rados.connect();
105
106 int const pool_id = mdsmap->get_metadata_pool();
107 dout(4) << "JournalTool: resolving pool " << pool_id << dendl;
108 std::string pool_name;
109 r = rados.pool_reverse_lookup(pool_id, &pool_name);
________________________________________________________________________________________________________
*** CID 1219463: Unchecked return value (CHECKED_RETURN)
/client/SyntheticClient.cc: 1142 in SyntheticClient::play_trace(Trace &, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool)()
1136 const char *a = t.get_string(buf, p);
1137 int64_t b = t.get_int();
1138 client->mknod(a, b, 0);
1139 } else if (strcmp(op, "getdir") == 0) {
1140 const char *a = t.get_string(buf, p);
1141 list<string> contents;
>>> CID 1219463: Unchecked return value (CHECKED_RETURN)
>>> Calling "getdir" without checking return value (as is done elsewhere 4 out of 5 times).
1142 client->getdir(a, contents);
1143 } else if (strcmp(op, "opendir") == 0) {
1144 const char *a = t.get_string(buf, p);
1145 int64_t b = t.get_int();
1146 dir_result_t *dirp;
1147 client->opendir(a, &dirp);
________________________________________________________________________________________________________
*** CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1219620: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
________________________________________________________________________________________________________
*** CID 1219621: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1219621: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
________________________________________________________________________________________________________
*** CID 1219622: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/cephfs/cephfs-journal-tool.cc: 24 in main()
18 #include "common/errno.h"
19 #include "global/global_init.h"
20
21 #include "JournalTool.h"
22
23
>>> CID 1219622: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::malformed_input" is thrown and never caught.
24 int main(int argc, const char **argv)
25 {
26 vector<const char*> args;
27 argv_to_vec(argc, argv, args);
28 env_to_vec(args);
29
________________________________________________________________________________________________________
*** CID 1219637: Uncaught exception (UNCAUGHT_EXCEPT)
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1219637: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1219637: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1219637: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
/test/filestore/TestFileStore.cc: 67 in main()
61 fs.collect_metadata(&pm);
62 ASSERT_EQ(pm["filestore_backend"], "zfs");
63 }
64 #endif
65 }
66
>>> CID 1219637: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
67 int main(int argc, char **argv) {
68 vector<const char*> args;
69 argv_to_vec(argc, (const char **)argv, args);
70
71 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
72 common_init_finish(g_ceph_context);
________________________________________________________________________________________________________
*** CID 1219650: Uninitialized scalar field (UNINIT_CTOR)
/tools/cephfs/Resetter.h: 29 in Resetter::Resetter()()
23 * To use, create a Resetter, call init(), and then call reset() with the name
24 * of the file to dump to.
25 */
26 class Resetter : public MDSUtility {
27 int rank;
28 public:
>>> CID 1219650: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "rank" is not initialized in this constructor nor in any functions that it calls.
29 Resetter() {}
30
31 void reset(int rank);
32 };
33
________________________________________________________________________________________________________
*** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
/osd/PG.cc: 1000 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
994 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >=
995 auth_log_shard->second.log_tail) {
996 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl;
997 want[i] = acting[i];
998 ++usable;
999 } else {
>>> CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to "all_info_by_shard[shard_id_t(i)]->end()" from "all_info_by_shard[shard_id_t(i)]".
1000 for (set<pg_shard_t>::iterator j = all_info_by_shard[shard_id_t(i)].begin();
1001 j != all_info_by_shard[shard_id_t(i)].end();
1002 ++j) {
1003 assert(j->shard == i);
1004 if (!all_info.find(*j)->second.is_incomplete() &&
1005 all_info.find(*j)->second.last_update >=
________________________________________________________________________________________________________
*** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 61 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
55 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
56 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10);
57 ASSERT_EQ(xa_size, size);
58 // checking object content from rados point of view
59 // we will go stripe by stripe, read the content of each of them and
60 // check with expectations
>>> CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "object_size / stripe_unit", division by expression "stripe_unit" which may be zero has undefined behavior.
61 uint64_t stripe_per_object = object_size / stripe_unit;
62 uint64_t stripe_per_objectset = stripe_per_object * stripe_count;
63 uint64_t nb_stripes_in_object = (size+stripe_unit-1)/stripe_unit;
64 for (uint64_t stripe_nb = 0;
65 stripe_nb < nb_stripes_in_object;
66 stripe_nb++) {
________________________________________________________________________________________________________
*** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 70 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
64 for (uint64_t stripe_nb = 0;
65 stripe_nb < nb_stripes_in_object;
66 stripe_nb++) {
67 // find out where this stripe is stored
68 uint64_t objectset = stripe_nb / stripe_per_objectset;
69 uint64_t stripe_in_object_set = stripe_nb % stripe_per_objectset;
>>> CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "stripe_in_object_set % stripe_count", modulo by expression "stripe_count" which may be zero has undefined behavior.
70 uint64_t object_in_set = stripe_in_object_set % stripe_count;
71 uint64_t stripe_in_object = stripe_in_object_set / stripe_count;
72 uint64_t object_nb = objectset * stripe_count + object_in_set;
73 uint64_t start = stripe_in_object * stripe_unit;
74 uint64_t len = stripe_unit;
75 if (stripe_nb == nb_stripes_in_object-1 and size % stripe_unit != 0) {
________________________________________________________________________________________________________
*** CID 1221525: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 227 in StriperTestRT_StripedRoundtrip_Test::TestBody()()
221 }
222 {
223 SCOPED_TRACE("Testing remove when no object size");
224 // recreate object
225 ASSERT_EQ(0, striper.write(soid, bl1, testData.size*2, 0));
226 // remove the object size attribute from the striped object
>>> CID 1221525: Resource leak (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "this->getObjName(soid, 0UL)" leaks it.
227 std::string firstOid = getObjName(soid, 0);
228 ASSERT_EQ(0, ioctx.rmxattr(firstOid, "striper.size"));
229 // check that stat fails
230 uint64_t size;
231 time_t mtime;
232 ASSERT_EQ(-ENODATA, striper.stat(soid, &size, &mtime));
________________________________________________________________________________________________________
*** CID 1221526: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/striping.cc: 39 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
33 uint64_t exp_stripe_unit, uint64_t exp_stripe_count,
34 uint64_t exp_object_size, size_t size,
35 size_t actual_size_if_sparse)
36 {
37 // checking first object's rados xattrs
38 bufferlist xattrbl;
>>> CID 1221526: Resource leak (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "this->getObjName(soid, 0UL)" leaks it.
39 std::string firstOid = getObjName(soid, 0);
40 ASSERT_LT(0, ioctx.getxattr(firstOid, "striper.layout.stripe_unit", xattrbl));
41 std::string s_xattr(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
42 uint64_t stripe_unit = strtoll(s_xattr.c_str(), NULL, 10);
43 ASSERT_LT((unsigned)0, stripe_unit);
44 ASSERT_EQ(stripe_unit, exp_stripe_unit);
/test/libradosstriper/striping.cc: 86 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
80 ((actual_size_if_sparse+stripe_unit-1)/stripe_unit)-1 == stripe_nb) {
81 len = actual_size_if_sparse % stripe_unit;
82 if (0 == len) len = stripe_unit;
83 }
84 bufferlist stripe_data;
85 // check object content
>>> CID 1221526: Resource leak (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "this->getObjName(soid, object_nb)" leaks it.
86 std::string oid = getObjName(soid, object_nb);
87 int rc = ioctx.read(oid, stripe_data, len, start);
88 if (actual_size_if_sparse < size and
89 (actual_size_if_sparse+stripe_unit-1)/stripe_unit <= stripe_nb) {
90 // sparse object case : the stripe does not exist, but the rados object may
91 uint64_t object_start = (object_in_set + objectset*stripe_per_objectset) * stripe_unit;
/test/libradosstriper/striping.cc: 140 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
134 ASSERT_EQ(len, rados_size);
135 }
136 }
137 // check we do not have an extra object behind
138 uint64_t rados_size;
139 time_t mtime;
>>> CID 1221526: Resource leak (RESOURCE_LEAK)
>>> Failing to save or free storage allocated by "this->getObjName(soid, nb_objects)" leaks it.
140 std::string oid = getObjName(soid, nb_objects);
141 ASSERT_EQ(-ENOENT, ioctx.stat(oid, &rados_size, &mtime));
142 }
143 };
144
145 TEST_P(StriperTestRT, StripedRoundtrip) {
________________________________________________________________________________________________________
*** CID 1221538: Uninitialized pointer field (UNINIT_CTOR)
/test/libradosstriper/TestCase.h: 25 in StriperTest::StriperTest()()
19 *
20 * Since pool creation and deletion is slow, this allows many tests to
21 * run faster.
22 */
23 class StriperTest : public ::testing::Test {
24 public:
>>> CID 1221538: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "striper" is not initialized in this constructor nor in any functions that it calls.
25 StriperTest() {}
26 virtual ~StriperTest() {}
27 protected:
28 static void SetUpTestCase();
29 static void TearDownTestCase();
30 static rados_t s_cluster;
________________________________________________________________________________________________________
*** CID 1225099: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1523 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::
detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, int &)()
1517 r = -EINVAL;
1518 poolid = -1;
1519 ss << "cannot remove default data pool";
1520 }
1521
1522 if (poolid >= 0) {
>>> CID 1225099: Unchecked return value (CHECKED_RETURN)
>>> Calling "cmd_getval" without checking return value (as is done elsewhere 19 out of 22 times).
1523 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1524 r = pending_mdsmap.remove_data_pool(poolid);
1525 if (r == -ENOENT)
1526 r = 0;
1527 if (r == 0)
1528 ss << "removed data pool " << poolid << " from mdsmap";
________________________________________________________________________________________________________
*** CID 1225100: Missing unlock (LOCK)
/mds/MDLog.cc: 562 in MDLog::trim(int)()
556 p = segments.lower_bound(last_seq + 1);
557 }
558 }
559
560 // discard expired segments and unlock submit_mutex
561 _trim_expired_segments();
>>> CID 1225100: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
562 }
563
564
565 void MDLog::try_expire(LogSegment *ls, int op_prio)
566 {
567 MDSGatherBuilder gather_bld(g_ceph_context);
/mds/MDLog.cc: 562 in MDLog::trim(int)()
556 p = segments.lower_bound(last_seq + 1);
557 }
558 }
559
560 // discard expired segments and unlock submit_mutex
561 _trim_expired_segments();
>>> CID 1225100: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
562 }
563
564
565 void MDLog::try_expire(LogSegment *ls, int op_prio)
566 {
567 MDSGatherBuilder gather_bld(g_ceph_context);
________________________________________________________________________________________________________
*** CID 1225101: Missing unlock (LOCK)
/mds/MDLog.cc: 445 in MDLog::shutdown()()
439 submit_mutex.Lock();
440 stopping = true;
441 submit_cond.Signal();
442 submit_mutex.Unlock();
443
444 mds->mds_lock.Lock();
>>> CID 1225101: Missing unlock (LOCK)
>>> Returning without unlocking "this->mds->mds_lock._m".
445 }
446
447
448 // -----------------------------
449 // segments
450
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph
2014-10-24 17:55 scan-admin
@ 2014-10-24 17:59 ` Sage Weil
0 siblings, 0 replies; 124+ messages in thread
From: Sage Weil @ 2014-10-24 17:59 UTC (permalink / raw)
To: scan-admin; +Cc: ceph-devel
Note: this is a run against firefly (vs the usual master).
s
On Fri, 24 Oct 2014, scan-admin@coverity.com wrote:
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> 26 new defect(s) introduced to ceph found with Coverity Scan.
> 114 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 20 of 26 defect(s)
>
>
> ** CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH)
> /test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)()
>
> ** CID 717147: Uncaught exception (UNCAUGHT_EXCEPT)
> /ceph_mds.cc: 141 in main()
>
> ** CID 717246: Uninitialized scalar field (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, bool)()
>
> ** CID 717248: Uninitialized scalar field (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)()
>
> ** CID 717264: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MClientReply.h: 129 in InodeStat::InodeStat()()
>
> ** CID 717270: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, std::set<int, std::less<int>, std::allocator<int>> &, filepath &, bool)()
>
> ** CID 717275: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MExportDirDiscover.h: 36 in MExportDirDiscover::MExportDirDiscover()()
>
> ** CID 717289: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()()
>
> ** CID 1026810: Uninitialized pointer field (UNINIT_CTOR)
> /mds/MDCache.h: 332 in MDCache::umaster::umaster()()
>
> ** CID 1026811: Uninitialized scalar field (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr>>> &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const ceph::buffer::list &, unsigned char, std::map<snapid_t, old_inode_t, std::less<snapid_t>, std::allocator<std::pair<const snapid_t, old_inode_t>>>*)()
>
> ** CID 1128407: Dereference before null check (REVERSE_INULL)
> /client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)()
>
> ** CID 1128412: Resource leak (RESOURCE_LEAK)
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
>
> ** CID 1160849: Uninitialized scalar field (UNINIT_CTOR)
> /mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
>
> ** CID 1188129: Logically dead code (DEADCODE)
> /client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
>
> ** CID 1188130: Logically dead code (DEADCODE)
> /client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
>
> ** CID 1192611: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
>
> ** CID 1192612: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_dump.cc: 1076 in main()
>
> ** CID 1192613: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
>
> ** CID 1192614: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_tool.cc: 48 in main()
>
> ** CID 1201374: Unchecked return value (CHECKED_RETURN)
> /mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
>
>
> ________________________________________________________________________________________________________
> *** CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH)
> /test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)()
> 222 {
> 223 int num_images, i, j;
> 224 char *names, *cur_name;
> 225 va_list ap;
> 226 size_t max_size = 1024;
> 227
> >>> CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH)
> >>> Passing argument "8192UL /* sizeof (char *) * 1024 */" to function "malloc" and then casting the return value to "char *" is suspicious.
> 228 names = (char *) malloc(sizeof(char *) * 1024);
> 229 int len = rbd_list(io_ctx, names, &max_size);
> 230
> 231 for (i = 0, num_images = 0, cur_name = names; cur_name < names + len; i++) {
> 232 printf("image: %s\n", cur_name);
> 233 cur_name += strlen(cur_name) + 1;
>
> ________________________________________________________________________________________________________
> *** CID 717147: Uncaught exception (UNCAUGHT_EXCEPT)
> /ceph_mds.cc: 141 in main()
> 135 static void handle_mds_signal(int signum)
> 136 {
> 137 if (mds)
> 138 mds->handle_signal(signum);
> 139 }
> 140
> >>> CID 717147: Uncaught exception (UNCAUGHT_EXCEPT)
> >>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
> 141 int main(int argc, const char **argv)
> 142 {
> 143 vector<const char*> args;
> 144 argv_to_vec(argc, argv, args);
> 145 env_to_vec(args);
> 146
>
> ________________________________________________________________________________________________________
> *** CID 717246: Uninitialized scalar field (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, bool)()
> 198 _enc(128) {
> 199 ::encode(d, _enc);
> 200 ::encode(df, _enc);
> 201 ::encode(dl, _enc);
> 202 ::encode(v, _enc);
> 203 ::encode(dr, _enc);
> >>> CID 717246: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "dirty" is not initialized in this constructor nor in any functions that it calls.
> 204 }
> 205 nullbit(bufferlist::iterator &p) { decode(p); }
> 206 nullbit(): dnfirst(0), dnlast(0), dnv(0), dirty(false) {}
> 207
> 208 void encode(bufferlist& bl) const;
> 209 void decode(bufferlist::iterator &bl);
>
> ________________________________________________________________________________________________________
> *** CID 717248: Uninitialized scalar field (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)()
> 162 ::encode(df, _enc);
> 163 ::encode(dl, _enc);
> 164 ::encode(v, _enc);
> 165 ::encode(i, _enc);
> 166 ::encode(dt, _enc);
> 167 ::encode(dr, _enc);
> >>> CID 717248: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "dirty" is not initialized in this constructor nor in any functions that it calls.
> 168 }
> 169 remotebit(bufferlist::iterator &p) { decode(p); }
> 170 remotebit(): dnfirst(0), dnlast(0), dnv(0), ino(0),
> 171 d_type('\0'), dirty(false) {}
> 172
> 173 void encode(bufferlist& bl) const;
>
> ________________________________________________________________________________________________________
> *** CID 717264: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MClientReply.h: 129 in InodeStat::InodeStat()()
> 123
> 124 ceph_dir_layout dir_layout;
> 125
> 126 //map<string, bufferptr> xattrs;
> 127
> 128 public:
> >>> CID 717264: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member field "dir_layout.dl_unused3" is not initialized in this constructor nor in any functions that it calls.
> 129 InodeStat() {}
> 130 InodeStat(bufferlist::iterator& p, uint64_t features) {
> 131 decode(p, features);
> 132 }
> 133
> 134 void decode(bufferlist::iterator &p, uint64_t features) {
>
> ________________________________________________________________________________________________________
> *** CID 717270: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, std::set<int, std::less<int>, std::allocator<int>> &, filepath &, bool)()
> 49 this->from_mds = f;
> 50 this->dirfrag = dirfrag;
> 51 this->dir_rep = dir_rep;
> 52 this->dir_rep_by = dir_rep_by;
> 53 if (discover) this->discover = 5;
> 54 this->path = path;
> >>> CID 717270: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "discover" is not initialized in this constructor nor in any functions that it calls.
> 55 }
> 56 private:
> 57 ~MDirUpdate() {}
> 58
> 59 public:
> 60 const char *get_type_name() const { return "dir_update"; }
>
> ________________________________________________________________________________________________________
> *** CID 717275: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MExportDirDiscover.h: 36 in MExportDirDiscover::MExportDirDiscover()()
> 30 filepath& get_path() { return path; }
> 31
> 32 bool started;
> 33
> 34 MExportDirDiscover() :
> 35 Message(MSG_MDS_EXPORTDIRDISCOVER),
> >>> CID 717275: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "from" is not initialized in this constructor nor in any functions that it calls.
> 36 started(false) { }
> 37 MExportDirDiscover(dirfrag_t df, filepath& p, int f, uint64_t tid) :
> 38 Message(MSG_MDS_EXPORTDIRDISCOVER),
> 39 from(f), dirfrag(df), path(p), started(false) {
> 40 set_tid(tid);
> 41 }
>
> ________________________________________________________________________________________________________
> *** CID 717289: Uninitialized scalar field (UNINIT_CTOR)
> /messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()()
> 24
> 25 class MMDSLoadTargets : public PaxosServiceMessage {
> 26 public:
> 27 uint64_t global_id;
> 28 set<int32_t> targets;
> 29
> >>> CID 717289: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "global_id" is not initialized in this constructor nor in any functions that it calls.
> 30 MMDSLoadTargets() : PaxosServiceMessage(MSG_MDS_OFFLOAD_TARGETS, 0) {}
> 31
> 32 MMDSLoadTargets(uint64_t g, set<int32_t>& mds_targets) :
> 33 PaxosServiceMessage(MSG_MDS_OFFLOAD_TARGETS, 0),
> 34 global_id(g), targets(mds_targets) {}
> 35 private:
>
> ________________________________________________________________________________________________________
> *** CID 1026810: Uninitialized pointer field (UNINIT_CTOR)
> /mds/MDCache.h: 332 in MDCache::umaster::umaster()()
> 326 set<int> slaves;
> 327 LogSegment *ls;
> 328 list<Context*> waiters;
> 329 bool safe;
> 330 bool committing;
> 331 bool recovering;
> >>> CID 1026810: Uninitialized pointer field (UNINIT_CTOR)
> >>> Non-static class member "safe" is not initialized in this constructor nor in any functions that it calls.
> 332 umaster() : committing(false), recovering(false) {}
> 333 };
> 334 map<metareqid_t, umaster> uncommitted_masters; // master: req -> slave set
> 335
> 336 set<metareqid_t> pending_masters;
> 337 map<int, set<metareqid_t> > ambiguous_slave_updates;
>
> ________________________________________________________________________________________________________
> *** CID 1026811: Uninitialized scalar field (UNINIT_CTOR)
> /mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr>>> &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const ceph::buffer::list &, unsigned char, std::map<snapid_t, old_inode_t, std::less<snapid_t>, std::allocator<std::pair<const snapid_t, old_inode_t>>>*)()
> 101 ::encode(sbl, _enc);
> 102 }
> 103 ::encode(st, _enc);
> 104 ::encode(oi ? true : false, _enc);
> 105 if (oi)
> 106 ::encode(*oi, _enc);
> >>> CID 1026811: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "state" is not initialized in this constructor nor in any functions that it calls.
> 107 }
> 108 fullbit(bufferlist::iterator &p) {
> 109 decode(p);
> 110 }
> 111 fullbit() {}
> 112 ~fullbit() {}
>
> ________________________________________________________________________________________________________
> *** CID 1128407: Dereference before null check (REVERSE_INULL)
> /client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)()
> 5174
> 5175 ldout(cct, 10) << "_readdir_get_frag " << dirp << " on " << dirp->inode->ino << " fg " << fg
> 5176 << " next_offset " << dirp->next_offset
> 5177 << dendl;
> 5178
> 5179 int op = CEPH_MDS_OP_READDIR;
> >>> CID 1128407: Dereference before null check (REVERSE_INULL)
> >>> Null-checking "dirp->inode" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
> 5180 if (dirp->inode && dirp->inode->snapid == CEPH_SNAPDIR)
> 5181 op = CEPH_MDS_OP_LSSNAP;
> 5182
> 5183 Inode *diri = dirp->inode;
> 5184
> 5185 MetaRequest *req = new MetaRequest(op);
>
> ________________________________________________________________________________________________________
> *** CID 1128412: Resource leak (RESOURCE_LEAK)
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> 164 goto done;
> 165 }
> 166 if (ret < 0)
> 167 goto done;
> 168
> 169 string last_pool;
> >>> CID 1128412: Resource leak (RESOURCE_LEAK)
> >>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
> 170 ctx = new IoCtx;
> 171 std::list<cls_rgw_gc_obj_info>::iterator iter;
> 172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
> 173 bool remove_tag;
> 174 cls_rgw_gc_obj_info& info = *iter;
> 175 std::list<cls_rgw_obj>::iterator liter;
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> 164 goto done;
> 165 }
> 166 if (ret < 0)
> 167 goto done;
> 168
> 169 string last_pool;
> >>> CID 1128412: Resource leak (RESOURCE_LEAK)
> >>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
> 170 ctx = new IoCtx;
> 171 std::list<cls_rgw_gc_obj_info>::iterator iter;
> 172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
> 173 bool remove_tag;
> 174 cls_rgw_gc_obj_info& info = *iter;
> 175 std::list<cls_rgw_obj>::iterator liter;
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> 164 goto done;
> 165 }
> 166 if (ret < 0)
> 167 goto done;
> 168
> 169 string last_pool;
> >>> CID 1128412: Resource leak (RESOURCE_LEAK)
> >>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
> 170 ctx = new IoCtx;
> 171 std::list<cls_rgw_gc_obj_info>::iterator iter;
> 172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
> 173 bool remove_tag;
> 174 cls_rgw_gc_obj_info& info = *iter;
> 175 std::list<cls_rgw_obj>::iterator liter;
> /rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
> 164 goto done;
> 165 }
> 166 if (ret < 0)
> 167 goto done;
> 168
> 169 string last_pool;
> >>> CID 1128412: Resource leak (RESOURCE_LEAK)
> >>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
> 170 ctx = new IoCtx;
> 171 std::list<cls_rgw_gc_obj_info>::iterator iter;
> 172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
> 173 bool remove_tag;
> 174 cls_rgw_gc_obj_info& info = *iter;
> 175 std::list<cls_rgw_obj>::iterator liter;
>
> ________________________________________________________________________________________________________
> *** CID 1160849: Uninitialized scalar field (UNINIT_CTOR)
> /mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
> 1441 string want_dn;
> 1442 public:
> 1443 bufferlist hdrbl;
> 1444 map<string, bufferlist> omap;
> 1445 int ret1, ret2;
> 1446
> >>> CID 1160849: Uninitialized scalar field (UNINIT_CTOR)
> >>> Non-static class member "ret2" is not initialized in this constructor nor in any functions that it calls.
> 1447 C_Dir_OMAP_Fetched(CDir *d, const string& w) : dir(d), want_dn(w) { }
> 1448 void finish(int r) {
> 1449 if (r >= 0) r = ret1;
> 1450 if (r >= 0) r = ret2;
> 1451 dir->_omap_fetched(hdrbl, omap, want_dn, r);
> 1452 }
>
> ________________________________________________________________________________________________________
> *** CID 1188129: Logically dead code (DEADCODE)
> /client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
> 8498 while (! done)
> 8499 cond.Wait(flock);
> 8500 flock.Unlock();
> 8501 }
> 8502
> 8503 if (r < 0) {
> >>> CID 1188129: Logically dead code (DEADCODE)
> >>> Execution cannot reach this statement "return r;".
> 8504 return r;
> 8505 } else {
> 8506 return length;
> 8507 }
> 8508 }
> 8509
>
> ________________________________________________________________________________________________________
> *** CID 1188130: Logically dead code (DEADCODE)
> /client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
> 8494
> 8495 client_lock.Unlock();
> 8496 if (!done /* also !sync */) {
> 8497 flock.Lock();
> 8498 while (! done)
> 8499 cond.Wait(flock);
> >>> CID 1188130: Logically dead code (DEADCODE)
> >>> Execution cannot reach this statement "flock.Unlock();".
> 8500 flock.Unlock();
> 8501 }
> 8502
> 8503 if (r < 0) {
> 8504 return r;
> 8505 } else {
>
> ________________________________________________________________________________________________________
> *** CID 1192611: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
> /tools/ceph_filestore_dump.cc: 1076 in main()
>
> ________________________________________________________________________________________________________
> *** CID 1192612: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_dump.cc: 1076 in main()
>
> ________________________________________________________________________________________________________
> *** CID 1192613: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
> /tools/ceph_filestore_tool.cc: 48 in main()
>
> ________________________________________________________________________________________________________
> *** CID 1192614: Uncaught exception (UNCAUGHT_EXCEPT)
> /tools/ceph_filestore_tool.cc: 48 in main()
>
> ________________________________________________________________________________________________________
> *** CID 1201374: Unchecked return value (CHECKED_RETURN)
> /mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
> 1091 r = -EINVAL;
> 1092 poolid = -1;
> 1093 ss << "cannot remove default data pool";
> 1094 }
> 1095
> 1096 if (poolid >= 0) {
> >>> CID 1201374: Unchecked return value (CHECKED_RETURN)
> >>> Calling "cmd_getval" without checking return value (as is done elsewhere 22 out of 25 times).
> 1097 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
> 1098 r = pending_mdsmap.remove_data_pool(poolid);
> 1099 if (r == -ENOENT)
> 1100 r = 0;
> 1101 if (r == 0)
> 1102 ss << "removed data pool " << poolid << " from mdsmap";
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
>
> To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
>
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-10-24 17:55 scan-admin
2014-10-24 17:59 ` Sage Weil
0 siblings, 1 reply; 124+ messages in thread
From: scan-admin @ 2014-10-24 17:55 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
26 new defect(s) introduced to ceph found with Coverity Scan.
114 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 26 defect(s)
** CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)()
** CID 717147: Uncaught exception (UNCAUGHT_EXCEPT)
/ceph_mds.cc: 141 in main()
** CID 717246: Uninitialized scalar field (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, bool)()
** CID 717248: Uninitialized scalar field (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)()
** CID 717264: Uninitialized scalar field (UNINIT_CTOR)
/messages/MClientReply.h: 129 in InodeStat::InodeStat()()
** CID 717270: Uninitialized scalar field (UNINIT_CTOR)
/messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, std::set<int, std::less<int>, std::allocator<int>> &, filepath &, bool)()
** CID 717275: Uninitialized scalar field (UNINIT_CTOR)
/messages/MExportDirDiscover.h: 36 in MExportDirDiscover::MExportDirDiscover()()
** CID 717289: Uninitialized scalar field (UNINIT_CTOR)
/messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()()
** CID 1026810: Uninitialized pointer field (UNINIT_CTOR)
/mds/MDCache.h: 332 in MDCache::umaster::umaster()()
** CID 1026811: Uninitialized scalar field (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr>>> &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const ceph::buffer::list &, unsigned char, std::map<snapid_t, old_inode_t, std::less<snapid_t>, std::allocator<std::pair<const snapid_t, old_inode_t>>>*)()
** CID 1128407: Dereference before null check (REVERSE_INULL)
/client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)()
** CID 1128412: Resource leak (RESOURCE_LEAK)
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
** CID 1160849: Uninitialized scalar field (UNINIT_CTOR)
/mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
** CID 1188129: Logically dead code (DEADCODE)
/client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
** CID 1188130: Logically dead code (DEADCODE)
/client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
** CID 1192611: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
** CID 1192612: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_dump.cc: 1076 in main()
** CID 1192613: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
** CID 1192614: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_tool.cc: 48 in main()
** CID 1201374: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
________________________________________________________________________________________________________
*** CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH)
/test/librbd/test_librbd.cc: 228 in test_ls(void *, unsigned long, ...)()
222 {
223 int num_images, i, j;
224 char *names, *cur_name;
225 va_list ap;
226 size_t max_size = 1024;
227
>>> CID 717128: Wrong sizeof argument (SIZEOF_MISMATCH)
>>> Passing argument "8192UL /* sizeof (char *) * 1024 */" to function "malloc" and then casting the return value to "char *" is suspicious.
228 names = (char *) malloc(sizeof(char *) * 1024);
229 int len = rbd_list(io_ctx, names, &max_size);
230
231 for (i = 0, num_images = 0, cur_name = names; cur_name < names + len; i++) {
232 printf("image: %s\n", cur_name);
233 cur_name += strlen(cur_name) + 1;
________________________________________________________________________________________________________
*** CID 717147: Uncaught exception (UNCAUGHT_EXCEPT)
/ceph_mds.cc: 141 in main()
135 static void handle_mds_signal(int signum)
136 {
137 if (mds)
138 mds->handle_signal(signum);
139 }
140
>>> CID 717147: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
141 int main(int argc, const char **argv)
142 {
143 vector<const char*> args;
144 argv_to_vec(argc, argv, args);
145 env_to_vec(args);
146
________________________________________________________________________________________________________
*** CID 717246: Uninitialized scalar field (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 204 in EMetaBlob::nullbit::nullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, bool)()
198 _enc(128) {
199 ::encode(d, _enc);
200 ::encode(df, _enc);
201 ::encode(dl, _enc);
202 ::encode(v, _enc);
203 ::encode(dr, _enc);
>>> CID 717246: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "dirty" is not initialized in this constructor nor in any functions that it calls.
204 }
205 nullbit(bufferlist::iterator &p) { decode(p); }
206 nullbit(): dnfirst(0), dnlast(0), dnv(0), dirty(false) {}
207
208 void encode(bufferlist& bl) const;
209 void decode(bufferlist::iterator &bl);
________________________________________________________________________________________________________
*** CID 717248: Uninitialized scalar field (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 168 in EMetaBlob::remotebit::remotebit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, inodeno_t, unsigned char, bool)()
162 ::encode(df, _enc);
163 ::encode(dl, _enc);
164 ::encode(v, _enc);
165 ::encode(i, _enc);
166 ::encode(dt, _enc);
167 ::encode(dr, _enc);
>>> CID 717248: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "dirty" is not initialized in this constructor nor in any functions that it calls.
168 }
169 remotebit(bufferlist::iterator &p) { decode(p); }
170 remotebit(): dnfirst(0), dnlast(0), dnv(0), ino(0),
171 d_type('\0'), dirty(false) {}
172
173 void encode(bufferlist& bl) const;
________________________________________________________________________________________________________
*** CID 717264: Uninitialized scalar field (UNINIT_CTOR)
/messages/MClientReply.h: 129 in InodeStat::InodeStat()()
123
124 ceph_dir_layout dir_layout;
125
126 //map<string, bufferptr> xattrs;
127
128 public:
>>> CID 717264: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member field "dir_layout.dl_unused3" is not initialized in this constructor nor in any functions that it calls.
129 InodeStat() {}
130 InodeStat(bufferlist::iterator& p, uint64_t features) {
131 decode(p, features);
132 }
133
134 void decode(bufferlist::iterator &p, uint64_t features) {
________________________________________________________________________________________________________
*** CID 717270: Uninitialized scalar field (UNINIT_CTOR)
/messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(int, dirfrag_t, int, std::set<int, std::less<int>, std::allocator<int>> &, filepath &, bool)()
49 this->from_mds = f;
50 this->dirfrag = dirfrag;
51 this->dir_rep = dir_rep;
52 this->dir_rep_by = dir_rep_by;
53 if (discover) this->discover = 5;
54 this->path = path;
>>> CID 717270: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "discover" is not initialized in this constructor nor in any functions that it calls.
55 }
56 private:
57 ~MDirUpdate() {}
58
59 public:
60 const char *get_type_name() const { return "dir_update"; }
________________________________________________________________________________________________________
*** CID 717275: Uninitialized scalar field (UNINIT_CTOR)
/messages/MExportDirDiscover.h: 36 in MExportDirDiscover::MExportDirDiscover()()
30 filepath& get_path() { return path; }
31
32 bool started;
33
34 MExportDirDiscover() :
35 Message(MSG_MDS_EXPORTDIRDISCOVER),
>>> CID 717275: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "from" is not initialized in this constructor nor in any functions that it calls.
36 started(false) { }
37 MExportDirDiscover(dirfrag_t df, filepath& p, int f, uint64_t tid) :
38 Message(MSG_MDS_EXPORTDIRDISCOVER),
39 from(f), dirfrag(df), path(p), started(false) {
40 set_tid(tid);
41 }
________________________________________________________________________________________________________
*** CID 717289: Uninitialized scalar field (UNINIT_CTOR)
/messages/MMDSLoadTargets.h: 30 in MMDSLoadTargets::MMDSLoadTargets()()
24
25 class MMDSLoadTargets : public PaxosServiceMessage {
26 public:
27 uint64_t global_id;
28 set<int32_t> targets;
29
>>> CID 717289: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "global_id" is not initialized in this constructor nor in any functions that it calls.
30 MMDSLoadTargets() : PaxosServiceMessage(MSG_MDS_OFFLOAD_TARGETS, 0) {}
31
32 MMDSLoadTargets(uint64_t g, set<int32_t>& mds_targets) :
33 PaxosServiceMessage(MSG_MDS_OFFLOAD_TARGETS, 0),
34 global_id(g), targets(mds_targets) {}
35 private:
________________________________________________________________________________________________________
*** CID 1026810: Uninitialized pointer field (UNINIT_CTOR)
/mds/MDCache.h: 332 in MDCache::umaster::umaster()()
326 set<int> slaves;
327 LogSegment *ls;
328 list<Context*> waiters;
329 bool safe;
330 bool committing;
331 bool recovering;
>>> CID 1026810: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "safe" is not initialized in this constructor nor in any functions that it calls.
332 umaster() : committing(false), recovering(false) {}
333 };
334 map<metareqid_t, umaster> uncommitted_masters; // master: req -> slave set
335
336 set<metareqid_t> pending_masters;
337 map<int, set<metareqid_t> > ambiguous_slave_updates;
________________________________________________________________________________________________________
*** CID 1026811: Uninitialized scalar field (UNINIT_CTOR)
/mds/events/EMetaBlob.h: 107 in EMetaBlob::fullbit::fullbit(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, snapid_t, snapid_t, unsigned long, const inode_t &, const fragtree_t &, const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::ptr>>> &, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, const ceph::buffer::list &, unsigned char, std::map<snapid_t, old_inode_t, std::less<snapid_t>, std::allocator<std::pair<const snapid_t, old_inode_t>>>*)()
101 ::encode(sbl, _enc);
102 }
103 ::encode(st, _enc);
104 ::encode(oi ? true : false, _enc);
105 if (oi)
106 ::encode(*oi, _enc);
>>> CID 1026811: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "state" is not initialized in this constructor nor in any functions that it calls.
107 }
108 fullbit(bufferlist::iterator &p) {
109 decode(p);
110 }
111 fullbit() {}
112 ~fullbit() {}
________________________________________________________________________________________________________
*** CID 1128407: Dereference before null check (REVERSE_INULL)
/client/Client.cc: 5180 in Client::_readdir_get_frag(dir_result_t *)()
5174
5175 ldout(cct, 10) << "_readdir_get_frag " << dirp << " on " << dirp->inode->ino << " fg " << fg
5176 << " next_offset " << dirp->next_offset
5177 << dendl;
5178
5179 int op = CEPH_MDS_OP_READDIR;
>>> CID 1128407: Dereference before null check (REVERSE_INULL)
>>> Null-checking "dirp->inode" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
5180 if (dirp->inode && dirp->inode->snapid == CEPH_SNAPDIR)
5181 op = CEPH_MDS_OP_LSSNAP;
5182
5183 Inode *diri = dirp->inode;
5184
5185 MetaRequest *req = new MetaRequest(op);
________________________________________________________________________________________________________
*** CID 1128412: Resource leak (RESOURCE_LEAK)
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
164 goto done;
165 }
166 if (ret < 0)
167 goto done;
168
169 string last_pool;
>>> CID 1128412: Resource leak (RESOURCE_LEAK)
>>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
170 ctx = new IoCtx;
171 std::list<cls_rgw_gc_obj_info>::iterator iter;
172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
173 bool remove_tag;
174 cls_rgw_gc_obj_info& info = *iter;
175 std::list<cls_rgw_obj>::iterator liter;
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
164 goto done;
165 }
166 if (ret < 0)
167 goto done;
168
169 string last_pool;
>>> CID 1128412: Resource leak (RESOURCE_LEAK)
>>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
170 ctx = new IoCtx;
171 std::list<cls_rgw_gc_obj_info>::iterator iter;
172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
173 bool remove_tag;
174 cls_rgw_gc_obj_info& info = *iter;
175 std::list<cls_rgw_obj>::iterator liter;
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
164 goto done;
165 }
166 if (ret < 0)
167 goto done;
168
169 string last_pool;
>>> CID 1128412: Resource leak (RESOURCE_LEAK)
>>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
170 ctx = new IoCtx;
171 std::list<cls_rgw_gc_obj_info>::iterator iter;
172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
173 bool remove_tag;
174 cls_rgw_gc_obj_info& info = *iter;
175 std::list<cls_rgw_obj>::iterator liter;
/rgw/rgw_gc.cc: 170 in RGWGC::process(int, int)()
164 goto done;
165 }
166 if (ret < 0)
167 goto done;
168
169 string last_pool;
>>> CID 1128412: Resource leak (RESOURCE_LEAK)
>>> Overwriting "ctx" in "ctx = new librados::IoCtx" leaks the storage that "ctx" points to.
170 ctx = new IoCtx;
171 std::list<cls_rgw_gc_obj_info>::iterator iter;
172 for (iter = entries.begin(); iter != entries.end(); ++iter) {
173 bool remove_tag;
174 cls_rgw_gc_obj_info& info = *iter;
175 std::list<cls_rgw_obj>::iterator liter;
________________________________________________________________________________________________________
*** CID 1160849: Uninitialized scalar field (UNINIT_CTOR)
/mds/CDir.cc: 1447 in C_Dir_OMAP_Fetched::C_Dir_OMAP_Fetched(CDir *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
1441 string want_dn;
1442 public:
1443 bufferlist hdrbl;
1444 map<string, bufferlist> omap;
1445 int ret1, ret2;
1446
>>> CID 1160849: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "ret2" is not initialized in this constructor nor in any functions that it calls.
1447 C_Dir_OMAP_Fetched(CDir *d, const string& w) : dir(d), want_dn(w) { }
1448 void finish(int r) {
1449 if (r >= 0) r = ret1;
1450 if (r >= 0) r = ret2;
1451 dir->_omap_fetched(hdrbl, omap, want_dn, r);
1452 }
________________________________________________________________________________________________________
*** CID 1188129: Logically dead code (DEADCODE)
/client/Client.cc: 8504 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
8498 while (! done)
8499 cond.Wait(flock);
8500 flock.Unlock();
8501 }
8502
8503 if (r < 0) {
>>> CID 1188129: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "return r;".
8504 return r;
8505 } else {
8506 return length;
8507 }
8508 }
8509
________________________________________________________________________________________________________
*** CID 1188130: Logically dead code (DEADCODE)
/client/Client.cc: 8500 in Client::ll_write_block(Inode *, unsigned long, char *, unsigned long, unsigned long, ceph_file_layout *, unsigned long, unsigned int)()
8494
8495 client_lock.Unlock();
8496 if (!done /* also !sync */) {
8497 flock.Lock();
8498 while (! done)
8499 cond.Wait(flock);
>>> CID 1188130: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "flock.Unlock();".
8500 flock.Unlock();
8501 }
8502
8503 if (r < 0) {
8504 return r;
8505 } else {
________________________________________________________________________________________________________
*** CID 1192611: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
/tools/ceph_filestore_dump.cc: 1076 in main()
________________________________________________________________________________________________________
*** CID 1192612: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_dump.cc: 1076 in main()
________________________________________________________________________________________________________
*** CID 1192613: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
/tools/ceph_filestore_tool.cc: 48 in main()
________________________________________________________________________________________________________
*** CID 1192614: Uncaught exception (UNCAUGHT_EXCEPT)
/tools/ceph_filestore_tool.cc: 48 in main()
________________________________________________________________________________________________________
*** CID 1201374: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
1091 r = -EINVAL;
1092 poolid = -1;
1093 ss << "cannot remove default data pool";
1094 }
1095
1096 if (poolid >= 0) {
>>> CID 1201374: Unchecked return value (CHECKED_RETURN)
>>> Calling "cmd_getval" without checking return value (as is done elsewhere 22 out of 25 times).
1097 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1098 r = pending_mdsmap.remove_data_pool(poolid);
1099 if (r == -ENOENT)
1100 r = 0;
1101 if (r == 0)
1102 ss << "removed data pool " << poolid << " from mdsmap";
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-10-17 13:27 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-10-17 13:27 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
4 new defect(s) introduced to ceph found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1247718: Explicit null dereferenced (FORWARD_NULL)
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
** CID 1247719: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/osdc/Striper.cc: 221 in Striper::get_num_objects(const ceph_file_layout &, unsigned long)()
** CID 1247720: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/osdc/Striper.cc: 225 in Striper::get_num_objects(const ceph_file_layout &, unsigned long)()
** CID 1247721: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd.cc: 2071 in main()
/rbd.cc: 2071 in main()
________________________________________________________________________________________________________
*** CID 1247718: Explicit null dereferenced (FORWARD_NULL)
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
3178 set_lock.pid = req->head.args.filelock_change.pid;
3179 set_lock.type = req->head.args.filelock_change.type;
3180 bool will_wait = req->head.args.filelock_change.wait;
3181
3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183
>>> CID 1247718: Explicit null dereferenced (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184 ceph_lock_state_t *lock_state = NULL;
3185 bool interrupt = false;
3186
3187 // get the appropriate lock state
3188 switch (req->head.args.filelock_change.rule) {
3189 case CEPH_LOCK_FLOCK_INTR:
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
3178 set_lock.pid = req->head.args.filelock_change.pid;
3179 set_lock.type = req->head.args.filelock_change.type;
3180 bool will_wait = req->head.args.filelock_change.wait;
3181
3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183
>>> CID 1247718: Explicit null dereferenced (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184 ceph_lock_state_t *lock_state = NULL;
3185 bool interrupt = false;
3186
3187 // get the appropriate lock state
3188 switch (req->head.args.filelock_change.rule) {
3189 case CEPH_LOCK_FLOCK_INTR:
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
3178 set_lock.pid = req->head.args.filelock_change.pid;
3179 set_lock.type = req->head.args.filelock_change.type;
3180 bool will_wait = req->head.args.filelock_change.wait;
3181
3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183
>>> CID 1247718: Explicit null dereferenced (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184 ceph_lock_state_t *lock_state = NULL;
3185 bool interrupt = false;
3186
3187 // get the appropriate lock state
3188 switch (req->head.args.filelock_change.rule) {
3189 case CEPH_LOCK_FLOCK_INTR:
/mds/Server.cc: 3184 in Server::handle_client_file_setlock(std::tr1::shared_ptr<MDRequestImpl> &)()
3178 set_lock.pid = req->head.args.filelock_change.pid;
3179 set_lock.type = req->head.args.filelock_change.type;
3180 bool will_wait = req->head.args.filelock_change.wait;
3181
3182 dout(10) << "handle_client_file_setlock: " << set_lock << dendl;
3183
>>> CID 1247718: Explicit null dereferenced (FORWARD_NULL)
>>> Assigning: "lock_state" = "NULL".
3184 ceph_lock_state_t *lock_state = NULL;
3185 bool interrupt = false;
3186
3187 // get the appropriate lock state
3188 switch (req->head.args.filelock_change.rule) {
3189 case CEPH_LOCK_FLOCK_INTR:
________________________________________________________________________________________________________
*** CID 1247719: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/osdc/Striper.cc: 221 in Striper::get_num_objects(const ceph_file_layout &, unsigned long)()
215 }
216 uint64_t Striper::get_num_objects(const ceph_file_layout& layout, uint64_t size)
217 {
218 __u32 object_size = layout.fl_object_size;
219 __u32 stripe_unit = layout.fl_stripe_unit;
220 __u32 stripe_count = layout.fl_stripe_count;
>>> CID 1247719: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "stripe_count * object_size" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "uint64_t" (64 bits, unsigned). To avoid overflow, cast either operand to "uint64_t" before performing the multiplication.
221 uint64_t period = stripe_count * object_size;
222 uint64_t num_periods = (size + period - 1) / period;
223 uint64_t remainder_bytes = size % period;
224 uint64_t remainder_objs = 0;
225 if ((remainder_bytes > 0) && (remainder_bytes < stripe_count * stripe_unit))
226 remainder_objs = stripe_count - ((remainder_bytes + stripe_unit - 1) / stripe_unit);
________________________________________________________________________________________________________
*** CID 1247720: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/osdc/Striper.cc: 225 in Striper::get_num_objects(const ceph_file_layout &, unsigned long)()
219 __u32 stripe_unit = layout.fl_stripe_unit;
220 __u32 stripe_count = layout.fl_stripe_count;
221 uint64_t period = stripe_count * object_size;
222 uint64_t num_periods = (size + period - 1) / period;
223 uint64_t remainder_bytes = size % period;
224 uint64_t remainder_objs = 0;
>>> CID 1247720: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "stripe_count * stripe_unit" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "uint64_t" (64 bits, unsigned). To avoid overflow, cast either operand to "uint64_t" before performing the multiplication.
225 if ((remainder_bytes > 0) && (remainder_bytes < stripe_count * stripe_unit))
226 remainder_objs = stripe_count - ((remainder_bytes + stripe_unit - 1) / stripe_unit);
227 return num_periods * stripe_count - remainder_objs;
228 }
229
230 // StripedReadResult
________________________________________________________________________________________________________
*** CID 1247721: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd.cc: 2071 in main()
2065 return false;
2066 return true;
2067 }
2068
2069 bool size_set;
2070
>>> CID 1247721: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2071 int main(int argc, const char **argv)
2072 {
2073 librados::Rados rados;
2074 librbd::RBD rbd;
2075 librados::IoCtx io_ctx, dest_io_ctx;
2076 librbd::Image image;
/rbd.cc: 2071 in main()
2065 return false;
2066 return true;
2067 }
2068
2069 bool size_set;
2070
>>> CID 1247721: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::buffer::end_of_buffer" is thrown and never caught.
2071 int main(int argc, const char **argv)
2072 {
2073 librados::Rados rados;
2074 librbd::RBD rbd;
2075 librados::IoCtx io_ctx, dest_io_ctx;
2076 librbd::Image image;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-10-09 13:23 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-10-09 13:23 UTC (permalink / raw)
To: ceph-devel
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
3 new defect(s) introduced to ceph found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1244227: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
/mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1244228: Uninitialized scalar field (UNINIT_CTOR)
/mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()()
** CID 1244229: Uninitialized scalar field (UNINIT_CTOR)
/messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, int, std::set<int, std::less<int>, std::allocator<int>> &, filepath &, bool)()
________________________________________________________________________________________________________
*** CID 1244227: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7011 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7005 // slave
7006 assert(!destdn || destdn->authority().first != whoami);
7007 assert(!straydn || straydn->authority().first != whoami);
7008
7009 bool force_journal_src = false;
7010 bool force_journal_dest = false;
>>> CID 1244227: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
7011 if (in && in->is_dir() && srcdn->authority().first != whoami)
7012 force_journal_src = _need_force_journal(in, false);
7013 if (in && target && target->is_dir())
7014 force_journal_dest = _need_force_journal(in, true);
7015
7016 version_t srcdnpv = 0;
/mds/Server.cc: 7130 in Server::do_rename_rollback(ceph::buffer::list &, mds_rank_t, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7124 le->commit.add_primary_dentry(target->get_projected_parent_dn(), target, true);
7125 }
7126
7127 if (force_journal_dest) {
7128 dout(10) << " noting rename target ino " << target->ino() << " in metablob" << dendl;
7129 le->commit.renamed_dirino = target->ino();
>>> CID 1244227: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
7130 } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) {
7131 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7132 le->commit.renamed_dirino = in->ino();
7133 }
7134
7135 if (target && target->is_dir()) {
________________________________________________________________________________________________________
*** CID 1244228: Uninitialized scalar field (UNINIT_CTOR)
/mds/MDSAuthCaps.h: 29 in MDSCapSpec::MDSCapSpec()()
23
24 struct MDSCapSpec {
25 bool read;
26 bool write;
27 bool any;
28
>>> CID 1244228: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "read" is not initialized in this constructor nor in any functions that it calls.
29 MDSCapSpec() : write(false), any(false) {}
30 MDSCapSpec(bool r_, bool w_, bool a_) : read(r_), write(w_), any(a_) {}
31
32 bool allow_all() const {return any;}
33 };
34
________________________________________________________________________________________________________
*** CID 1244229: Uninitialized scalar field (UNINIT_CTOR)
/messages/MDirUpdate.h: 55 in MDirUpdate::MDirUpdate(mds_rank_t, dirfrag_t, int, std::set<int, std::less<int>, std::allocator<int>> &, filepath &, bool)()
49 this->from_mds = f;
50 this->dirfrag = dirfrag;
51 this->dir_rep = dir_rep;
52 this->dir_rep_by = dir_rep_by;
53 if (discover) this->discover = 5;
54 this->path = path;
>>> CID 1244229: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "discover" is not initialized in this constructor nor in any functions that it calls.
55 }
56 private:
57 ~MDirUpdate() {}
58
59 public:
60 const char *get_type_name() const { return "dir_update"; }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-10-02 13:21 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-10-02 13:21 UTC (permalink / raw)
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1243158: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1370 in LibRBD_ListChildrenTiered_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1243158: Resource leak (RESOURCE_LEAK)
/test/librbd/test_librbd.cc: 1370 in LibRBD_ListChildrenTiered_Test::TestBody()()
1364
1365 int features = RBD_FEATURE_LAYERING;
1366 rbd_image_t parent;
1367 int order = 0;
1368
1369 // make a parent to clone from
>>> CID 1243158: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx2" going out of scope leaks the storage it points to.
1370 ASSERT_EQ(0, create_image_full(ioctx1, "parent", 4<<20, &order,
1371 false, features));
1372 ASSERT_EQ(0, rbd_open(ioctx1, "parent", &parent, NULL));
1373 // create a snapshot, reopen as the parent we're interested in
1374 ASSERT_EQ(0, rbd_snap_create(parent, "parent_snap"));
1375 ASSERT_EQ(0, rbd_snap_set(parent, "parent_snap"));
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-09-25 13:18 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-09-25 13:18 UTC (permalink / raw)
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1241497: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1241497: Thread deadlock (ORDER_REVERSAL)
/osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)()
308 return;
309 }
310
311 int max = 10 - pr->uncommitted;
312 while (pr->num > 0 && max > 0) {
313 object_t oid = file_object_t(pr->ino, pr->first);
>>> CID 1241497: Thread deadlock (ORDER_REVERSAL)
>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 15 / 30).
314 const OSDMap *osdmap = objecter->get_osdmap_read();
315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout);
316 objecter->put_osdmap_read();
317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags,
318 NULL, new C_PurgeRange(this, pr));
319 pr->uncommitted++;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-09-16 21:40 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-09-16 21:40 UTC (permalink / raw)
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 38 defect(s)
** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)()
** CID 1238869: Value not atomically updated (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
** CID 1238870: Unchecked return value (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()
** CID 1238871: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1238872: Unchecked return value (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
** CID 1238873: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
** CID 1238874: Missing unlock (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)()
** CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7737 in ()
** CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7735 in ()
** CID 1238877: Missing unlock (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()
** CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7734 in ()
** CID 1238879: Thread deadlock (ORDER_REVERSAL)
** CID 1238880: Thread deadlock (ORDER_REVERSAL)
** CID 1238881: Thread deadlock (ORDER_REVERSAL)
** CID 1238882: Thread deadlock (ORDER_REVERSAL)
** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()
** CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7733 in ()
** CID 1238885: Thread deadlock (ORDER_REVERSAL)
** CID 1238886: Thread deadlock (ORDER_REVERSAL)
** CID 1238887: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)()
243 suppress(0), state(0),
244 client_follows(0), client_xattr_version(0),
245 client_inline_version(0),
246 item_session_caps(this), item_snaprealm_caps(this), item_revoking_caps(this) {
247 g_num_cap++;
248 g_num_capa++;
>>> CID 717233: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "num_revoke_warnings" is not initialized in this constructor nor in any functions that it calls.
249 }
250 ~Capability() {
251 g_num_cap--;
252 g_num_caps++;
253 }
254
________________________________________________________________________________________________________
*** CID 1238869: Value not atomically updated (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
________________________________________________________________________________________________________
*** CID 1238870: Unchecked return value (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()
556 snap_to_hobject.find(*i);
557 assert(j->second.count(obj->first));
558 j->second.erase(obj->first);
559 }
560 {
561 PausyAsyncMap::Transaction t;
>>> CID 1238870: Unchecked return value (CHECKED_RETURN)
>>> Calling "remove_oid" without checking return value (as is done elsewhere 8 out of 10 times).
562 mapper->remove_oid(
563 obj->first,
564 &t);
565 driver->submit(&t);
566 }
567 hobject_to_snap.erase(obj);
________________________________________________________________________________________________________
*** CID 1238871: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
6982 // slave
6983 assert(!destdn || destdn->authority().first != whoami);
6984 assert(!straydn || straydn->authority().first != whoami);
6985
6986 bool force_journal_src = false;
6987 bool force_journal_dest = false;
>>> CID 1238871: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
6988 if (in && in->is_dir() && srcdn->authority().first != whoami)
6989 force_journal_src = _need_force_journal(in, false);
6990 if (in && target && target->is_dir())
6991 force_journal_dest = _need_force_journal(in, true);
6992
6993 version_t srcdnpv = 0;
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7101 le->commit.add_primary_dentry(target->get_projected_parent_dn(), target, true);
7102 }
7103
7104 if (force_journal_dest) {
7105 dout(10) << " noting rename target ino " << target->ino() << " in metablob" << dendl;
7106 le->commit.renamed_dirino = target->ino();
>>> CID 1238871: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
7107 } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) {
7108 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7109 le->commit.renamed_dirino = in->ino();
7110 }
7111
7112 if (target && target->is_dir()) {
________________________________________________________________________________________________________
*** CID 1238872: Unchecked return value (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
1278 }
1279 ret = cluster.conf_parse_env(NULL);
1280 if (ret) {
1281 cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
1282 return ret;
1283 }
>>> CID 1238872: Unchecked return value (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 14 out of 17 times).
1284 cluster.connect();
1285
1286 ret = cluster.ioctx_create(pool.c_str(), ioctx);
1287 if (ret < 0) {
1288 cerr << "ioctx_create " << pool << " failed with " << ret << std::endl;
1289 return ret;
________________________________________________________________________________________________________
*** CID 1238873: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
148 return m_action_trackers[id % m_num_action_trackers];
149 }
150
151 void Replayer::run(const std::string& replay_file) {
152 {
153 librados::Rados rados;
>>> CID 1238873: Unchecked return value (CHECKED_RETURN)
>>> Calling "init" without checking return value (as is done elsewhere 11 out of 12 times).
154 rados.init(NULL);
155 int r = rados.init_with_context(g_ceph_context);
156 if (r) {
157 cerr << "Unable to read conf file: " << r << std::endl;
158 goto out;
159 }
________________________________________________________________________________________________________
*** CID 1238874: Missing unlock (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)()
1849
1850 s->lock.get_write();
1851
1852 map<ceph_tid_t, Op*>::iterator p = s->ops.find(tid);
1853 if (p == s->ops.end()) {
1854 ldout(cct, 10) << __func__ << " tid " << tid << " dne" << dendl;
>>> CID 1238874: Missing unlock (LOCK)
>>> Returning without unlocking "s->lock.L".
1855 return -ENOENT;
1856 }
1857
1858 if (s->con) {
1859 ldout(cct, 20) << " revoking rx buffer for " << tid
1860 << " on " << s->con << dendl;
________________________________________________________________________________________________________
*** CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7737 in ()
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
>>> CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
7740 XATTR_LAYOUT_FIELD(dir, layout, stripe_count),
7741 XATTR_LAYOUT_FIELD(dir, layout, object_size),
7742 XATTR_LAYOUT_FIELD(dir, layout, pool),
________________________________________________________________________________________________________
*** CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7735 in ()
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
>>> CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
7740 XATTR_LAYOUT_FIELD(dir, layout, stripe_count),
________________________________________________________________________________________________________
*** CID 1238877: Missing unlock (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()
234 rwlock.unlock();
235 thread->join();
236 rwlock.get_write();
237 delete thread;
238 thread = NULL;
239 }
>>> CID 1238877: Missing unlock (LOCK)
>>> Returning without unlocking "this->rwlock->L".
240 }
241
242 void RWTimer::timer_thread()
243 {
244 rwlock.get_write();
245 ldout(cct,10) << "timer_thread starting" << dendl;
________________________________________________________________________________________________________
*** CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7734 in ()
7728 exists_cb: &Client::_vxattrcb_layout_exists, \
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
>>> CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
________________________________________________________________________________________________________
*** CID 1238879: Thread deadlock (ORDER_REVERSAL)
/librados/IoCtxImpl.cc: 1122 in librados::IoCtxImpl::notify(const object_t &, unsigned long, ceph::buffer::list &)()
1116 prepare_assert_ops(&rd);
1117 rd.notify(cookie, ver, inbl);
1118
1119 // Issue RADOS op
1120 C_SaferCond onack;
1121 version_t objver;
>>> CID 1238879: Thread deadlock (ORDER_REVERSAL)
>>> Calling "linger_read" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1122 wc->linger_id = objecter->linger_read(oid, oloc, rd, snap_seq, inbl, NULL, 0,
1123 &onack, &objver);
1124 lock->Unlock();
1125
1126 ldout(client->cct, 10) << __func__ << " issued linger op " << wc->linger_id << dendl;
1127 int r_issue = onack.wait();
________________________________________________________________________________________________________
*** CID 1238880: Thread deadlock (ORDER_REVERSAL)
/test/osd/RadosModel.h: 728 in WriteOp::_begin()()
722 if (do_append) {
723 ObjectDesc old_value;
724 bool found = context->find_object(oid, &old_value);
725 uint64_t prev_length = found && old_value.has_contents() ?
726 old_value.most_recent_gen()->get_length(old_value.most_recent()) :
727 0;
>>> CID 1238880: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pool_required_alignment" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
728 cont_gen = new AppendGenerator(
729 prev_length,
730 (context->io_ctx.pool_requires_alignment() ?
731 context->io_ctx.pool_required_alignment() : 0),
732 context->min_stride_size,
733 context->max_stride_size,
/test/osd/RadosModel.h: 728 in WriteOp::_begin()()
722 if (do_append) {
723 ObjectDesc old_value;
724 bool found = context->find_object(oid, &old_value);
725 uint64_t prev_length = found && old_value.has_contents() ?
726 old_value.most_recent_gen()->get_length(old_value.most_recent()) :
727 0;
>>> CID 1238880: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pool_requires_alignment" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
728 cont_gen = new AppendGenerator(
729 prev_length,
730 (context->io_ctx.pool_requires_alignment() ?
731 context->io_ctx.pool_required_alignment() : 0),
732 context->min_stride_size,
733 context->max_stride_size,
________________________________________________________________________________________________________
*** CID 1238881: Thread deadlock (ORDER_REVERSAL)
/test/osd/RadosModel.h: 1251 in SnapRemoveOp::_begin()()
1245 uint64_t snap = context->snaps[to_remove];
1246 context->remove_snap(to_remove);
1247
1248 if (context->pool_snaps) {
1249 string snapname;
1250
>>> CID 1238881: Thread deadlock (ORDER_REVERSAL)
>>> Calling "snap_get_name" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1251 assert(!context->io_ctx.snap_get_name(snap, &snapname));
1252 assert(!context->io_ctx.snap_remove(snapname.c_str()));
1253 } else {
1254 assert(!context->io_ctx.selfmanaged_snap_remove(snap));
1255
1256 vector<uint64_t> snapset(context->snaps.size());
/test/osd/RadosModel.h: 1252 in SnapRemoveOp::_begin()()
1246 context->remove_snap(to_remove);
1247
1248 if (context->pool_snaps) {
1249 string snapname;
1250
1251 assert(!context->io_ctx.snap_get_name(snap, &snapname));
>>> CID 1238881: Thread deadlock (ORDER_REVERSAL)
>>> Calling "snap_remove" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1252 assert(!context->io_ctx.snap_remove(snapname.c_str()));
1253 } else {
1254 assert(!context->io_ctx.selfmanaged_snap_remove(snap));
1255
1256 vector<uint64_t> snapset(context->snaps.size());
1257 int j = 0;
________________________________________________________________________________________________________
*** CID 1238882: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 786 in librados::RadosClient::osd_command(int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
780
781 if (osd < 0)
782 return -EINVAL;
783
784 lock.Lock();
785 // XXX do anything with tid?
>>> CID 1238882: Thread deadlock (ORDER_REVERSAL)
>>> Calling "osd_command" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
786 int r = objecter->osd_command(osd, cmd, inbl, &tid, poutbl, prs,
787 new C_SafeCond(&mylock, &cond, &done, &ret));
788 lock.Unlock();
789 if (r != 0)
790 return r;
791 mylock.Lock();
________________________________________________________________________________________________________
*** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()
956 }
957
958 // see who i am
959 addr = messenger->get_myaddr();
960 whoami = mdsmap->get_rank_gid(monc->get_global_id());
961 state = mdsmap->get_state_gid(monc->get_global_id());
>>> CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
>>> Assigning: signed variable "this->incarnation" = "get_inc_gid".
962 incarnation = mdsmap->get_inc_gid(monc->get_global_id());
963 dout(10) << "map says i am " << addr << " mds." << whoami << "." << incarnation
964 << " state " << ceph_mds_state_name(state) << dendl;
965
966 // mark down any failed peers
967 for (map<uint64_t,MDSMap::mds_info_t>::const_iterator p = oldmap->get_mds_info().begin();
________________________________________________________________________________________________________
*** CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7733 in ()
7727 hidden: true, \
7728 exists_cb: &Client::_vxattrcb_layout_exists, \
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
>>> CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
________________________________________________________________________________________________________
*** CID 1238885: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 702 in librados::RadosClient::do_watch_notify(MWatchNotify *)()
696 // trigger the callback
697 lock.Unlock();
698 wc->watch_ctx->notify(m->opcode, m->ver, m->bl);
699 lock.Lock();
700
701 // send ACK back to the OSD
>>> CID 1238885: Thread deadlock (ORDER_REVERSAL)
>>> Calling "_notify_ack" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
702 wc->io_ctx_impl->_notify_ack(wc->oid, m->notify_id, m->ver, m->cookie);
703
704 ldout(cct,10) << __func__ << " notify done" << dendl;
705 wc->put();
706 }
707 } else {
________________________________________________________________________________________________________
*** CID 1238886: Thread deadlock (ORDER_REVERSAL)
/client/SyntheticClient.cc: 2391 in SyntheticClient::object_rw(int, int, int, int, double, double)()
2385 m.ops.push_back(op);
2386 if (do_sync) {
2387 OSDOp op;
2388 op.op.op = CEPH_OSD_OP_STARTSYNC;
2389 m.ops.push_back(op);
2390 }
>>> CID 1238886: Thread deadlock (ORDER_REVERSAL)
>>> Calling "mutate" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
2391 client->objecter->mutate(oid, oloc, m, snapc, ceph_clock_now(client->cct), 0,
2392 NULL, new C_Ref(lock, cond, &unack));
2393 /*client->objecter->write(oid, layout, 0, osize, snapc, bl, 0,
2394 new C_Ref(lock, cond, &unack),
2395 new C_Ref(lock, cond, &unsafe));*/
2396 } else {
________________________________________________________________________________________________________
*** CID 1238887: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 808 in librados::RadosClient::pg_command(pg_t, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
802 Mutex mylock("RadosClient::pg_command::mylock");
803 Cond cond;
804 bool done;
805 int ret;
806 ceph_tid_t tid;
807 lock.Lock();
>>> CID 1238887: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pg_command" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
808 int r = objecter->pg_command(pgid, cmd, inbl, &tid, poutbl, prs,
809 new C_SafeCond(&mylock, &cond, &done, &ret));
810 lock.Unlock();
811 if (r != 0)
812 return r;
813 mylock.Lock();
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-08-16 21:31 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-08-16 21:31 UTC (permalink / raw)
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 1019567: Thread deadlock (ORDER_REVERSAL)
** CID 1231681: Thread deadlock (ORDER_REVERSAL)
** CID 1231682: Thread deadlock (ORDER_REVERSAL)
** CID 1231683: Thread deadlock (ORDER_REVERSAL)
** CID 1231684: Thread deadlock (ORDER_REVERSAL)
** CID 1231685: Use after free (USE_AFTER_FREE)
________________________________________________________________________________________________________
*** CID 1019567: Thread deadlock (ORDER_REVERSAL)
/osd/OSD.cc: 3689 in OSD::handle_osd_ping(MOSDPing *)()
3683 << ", " << debug_heartbeat_drops_remaining[from]
3684 << " remaining to drop" << dendl;
3685 break;
3686 }
3687 }
3688
>>> CID 1019567: Thread deadlock (ORDER_REVERSAL)
>>> Calling "is_healthy" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 7 / 14).
3689 if (!cct->get_heartbeat_map()->is_healthy()) {
3690 dout(10) << "internal heartbeat not healthy, dropping ping request" << dendl;
3691 break;
3692 }
3693
3694 Message *r = new MOSDPing(monc->get_fsid(),
________________________________________________________________________________________________________
*** CID 1231681: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 111 in librados::RadosClient::lookup_pool(const char *)()
105 int r = wait_for_osdmap();
106 if (r < 0) {
107 lock.Unlock();
108 return r;
109 }
110 int64_t ret = osdmap.lookup_pg_pool_name(name);
>>> CID 1231681: Thread deadlock (ORDER_REVERSAL)
>>> Calling "get_write" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 7 / 14).
111 pool_cache_rwl.get_write();
112 lock.Unlock();
113 if (ret < 0) {
114 pool_cache_rwl.unlock();
115 return -ENOENT;
116 }
________________________________________________________________________________________________________
*** CID 1231682: Thread deadlock (ORDER_REVERSAL)
/osd/OSD.cc: 2369 in OSD::shutdown()()
2363 service.start_shutdown();
2364
2365 clear_waiting_sessions();
2366
2367 // Shutdown PGs
2368 {
>>> CID 1231682: Thread deadlock (ORDER_REVERSAL)
>>> Calling "RLocker" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 7 / 14).
2369 RWLock::RLocker l(pg_map_lock);
2370 for (ceph::unordered_map<spg_t, PG*>::iterator p = pg_map.begin();
2371 p != pg_map.end();
2372 ++p) {
2373 dout(20) << " kicking pg " << p->first << dendl;
2374 p->second->lock();
________________________________________________________________________________________________________
*** CID 1231683: Thread deadlock (ORDER_REVERSAL)
/client/Client.cc: 372 in Client::init()()
366 client_lock.Unlock();
367 objecter->init_unlocked();
368 client_lock.Lock();
369
370 objecter->init_locked();
371
>>> CID 1231683: Thread deadlock (ORDER_REVERSAL)
>>> Calling "set_want_keys" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 7 / 14).
372 monclient->set_want_keys(CEPH_ENTITY_TYPE_MDS | CEPH_ENTITY_TYPE_OSD);
373 monclient->sub_want("mdsmap", 0, 0);
374 monclient->sub_want("osdmap", 0, CEPH_SUBSCRIBE_ONETIME);
375 monclient->renew_subs();
376
377 // logger
________________________________________________________________________________________________________
*** CID 1231684: Thread deadlock (ORDER_REVERSAL)
/osd/OSD.h: 2237 in OSD::RepScrubWQ::_process(MOSDRepScrub *, ThreadPool::TPHandle &)()
2231 ThreadPool::TPHandle &handle) {
2232 osd->osd_lock.Lock();
2233 if (osd->is_stopping()) {
2234 osd->osd_lock.Unlock();
2235 return;
2236 }
>>> CID 1231684: Thread deadlock (ORDER_REVERSAL)
>>> Calling "_have_pg" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 7 / 14).
2237 if (osd->_have_pg(msg->pgid)) {
2238 PG *pg = osd->_lookup_lock_pg(msg->pgid);
2239 osd->osd_lock.Unlock();
2240 pg->replica_scrub(msg, handle);
2241 msg->put();
2242 pg->unlock();
/osd/OSD.h: 2238 in OSD::RepScrubWQ::_process(MOSDRepScrub *, ThreadPool::TPHandle &)()
2232 osd->osd_lock.Lock();
2233 if (osd->is_stopping()) {
2234 osd->osd_lock.Unlock();
2235 return;
2236 }
2237 if (osd->_have_pg(msg->pgid)) {
>>> CID 1231684: Thread deadlock (ORDER_REVERSAL)
>>> Calling "_lookup_lock_pg" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 7 / 14).
2238 PG *pg = osd->_lookup_lock_pg(msg->pgid);
2239 osd->osd_lock.Unlock();
2240 pg->replica_scrub(msg, handle);
2241 msg->put();
2242 pg->unlock();
2243 } else {
________________________________________________________________________________________________________
*** CID 1231685: Use after free (USE_AFTER_FREE)
/osd/OSD.cc: 6223 in OSD::handle_osd_map(MOSDMap *)()
6217
6218 if (o->test_flag(CEPH_OSDMAP_FULL))
6219 last_marked_full = e;
6220 pinned_maps.push_back(add_map(o));
6221
6222 bufferlist fbl;
>>> CID 1231685: Use after free (USE_AFTER_FREE)
>>> Calling "encode" dereferences freed pointer "o".
6223 o->encode(fbl);
6224
6225 hobject_t fulloid = get_osdmap_pobject_name(e);
6226 t.write(coll_t::META_COLL, fulloid, 0, fbl.length(), fbl);
6227 pin_map_bl(e, fbl);
6228 continue;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
* New Defects reported by Coverity Scan for ceph
@ 2014-08-09 15:30 scan-admin
0 siblings, 0 replies; 124+ messages in thread
From: scan-admin @ 2014-08-09 15:30 UTC (permalink / raw)
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1230671: Missing unlock (LOCK)
/msg/SimpleMessenger.cc: 258 in SimpleMessenger::reaper()()
________________________________________________________________________________________________________
*** CID 1230671: Missing unlock (LOCK)
/msg/SimpleMessenger.cc: 258 in SimpleMessenger::reaper()()
252 ::close(p->sd);
253 ldout(cct,10) << "reaper reaped pipe " << p << " " << p->get_peer_addr() << dendl;
254 p->put();
255 ldout(cct,10) << "reaper deleted pipe " << p << dendl;
256 }
257 ldout(cct,10) << "reaper done" << dendl;
>>> CID 1230671: Missing unlock (LOCK)
>>> Returning without unlocking "this->lock._m".
258 }
259
260 void SimpleMessenger::queue_reap(Pipe *pipe)
261 {
262 ldout(cct,10) << "queue_reap " << pipe << dendl;
263 lock.Lock();
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 124+ messages in thread
end of thread, other threads:[~2022-08-23 16:27 UTC | newest]
Thread overview: 124+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-23 7:58 New Defects reported by Coverity Scan for ceph scan-admin
-- strict thread matches above, loose matches on Subject: below --
2022-08-20 12:22 scan-admin
2022-08-20 13:17 ` Jeff Layton
2022-08-22 3:54 ` Brad Hubbard
2022-08-23 12:52 ` Jeff Layton
2018-01-04 3:32 scan-admin
2017-12-28 1:57 scan-admin
2017-12-21 1:54 scan-admin
2017-12-21 3:34 ` Jos Collin
2017-12-21 4:03 ` Brad Hubbard
2017-12-14 6:49 scan-admin
2017-12-01 2:25 scan-admin
2017-11-23 0:19 scan-admin
2017-11-16 11:35 scan-admin
2017-11-09 11:36 scan-admin
2017-11-02 2:11 scan-admin
2017-10-27 0:31 scan-admin
2017-10-19 3:54 scan-admin
2017-10-12 5:54 scan-admin
2017-10-05 5:08 scan-admin
2017-09-28 5:09 scan-admin
2017-09-21 6:44 scan-admin
2017-09-14 7:19 scan-admin
2017-09-07 5:08 scan-admin
2017-08-31 6:39 scan-admin
2017-08-24 23:32 scan-admin
2017-08-17 3:29 scan-admin
2017-08-10 3:50 scan-admin
2017-08-03 4:57 scan-admin
2017-07-27 3:50 scan-admin
2017-07-28 18:42 ` Gregory Farnum
2017-07-28 22:22 ` Brad Hubbard
2017-07-20 4:08 scan-admin
2017-07-13 5:11 scan-admin
2017-07-06 5:03 scan-admin
2017-06-29 4:08 scan-admin
2017-06-22 4:27 scan-admin
2017-06-15 9:50 scan-admin
2017-06-11 23:46 scan-admin
2017-06-01 4:33 scan-admin
2017-05-25 6:22 scan-admin
2017-05-18 1:44 scan-admin
2017-05-11 5:32 scan-admin
2017-05-04 2:45 scan-admin
2017-04-27 2:22 scan-admin
2017-04-20 5:34 scan-admin
2017-04-13 6:25 scan-admin
2017-04-06 9:40 scan-admin
2017-03-31 1:25 scan-admin
2017-03-16 7:37 scan-admin
2017-03-09 6:12 scan-admin
2017-03-02 7:44 scan-admin
2017-02-23 9:09 scan-admin
2017-02-17 2:29 scan-admin
[not found] ` <CAJE9aOMoxWjhq=g+25hfhMhxSCnHAOwAyNhXvkxS1wwBEd3j+A@mail.gmail.com>
2017-02-17 5:19 ` kefu chai
2017-02-05 10:08 scan-admin
2017-01-27 13:22 scan-admin
2017-01-17 3:01 scan-admin
2017-01-09 10:05 scan-admin
2016-12-30 8:33 scan-admin
2016-12-23 9:16 scan-admin
2016-12-16 8:54 scan-admin
2016-12-09 11:29 scan-admin
2016-12-02 11:08 scan-admin
2016-11-25 7:55 scan-admin
2016-03-19 17:58 scan-admin
2016-03-13 17:40 scan-admin
2016-03-12 18:04 scan-admin
2016-03-05 17:55 scan-admin
2016-03-07 20:59 ` Gregory Farnum
2016-02-27 18:07 scan-admin
2016-02-20 18:26 scan-admin
2016-02-18 20:32 scan-admin
2016-02-13 17:47 scan-admin
2016-02-11 17:57 scan-admin
2016-02-11 22:01 ` Gregory Farnum
2016-02-12 16:36 ` Adam C. Emerson
2016-02-04 20:39 scan-admin
2016-02-03 20:40 scan-admin
2015-05-02 14:37 scan-admin
2015-01-21 1:41 scan-admin
2015-01-16 14:39 scan-admin
2015-01-16 15:17 ` Gregory Farnum
2015-01-16 16:00 ` John Spray
2015-01-16 16:08 ` Sage Weil
[not found] <54b528bef1f63_1b74f3532c63410@scan.coverity.com.mail>
2015-01-13 14:34 ` Sage Weil
2015-01-13 14:16 scan-admin
2015-01-10 14:36 scan-admin
2015-01-10 15:48 ` Haomai Wang
2015-01-09 14:30 scan-admin
2015-01-09 15:26 ` Sage Weil
2015-01-09 15:32 ` Danny Al-Gaaf
2015-01-04 14:14 scan-admin
2014-12-27 14:13 scan-admin
2014-12-28 6:03 ` Sage Weil
2014-12-26 14:19 scan-admin
2014-12-23 14:37 scan-admin
2014-12-21 14:13 scan-admin
2014-12-18 14:19 scan-admin
2014-12-14 14:17 scan-admin
2014-12-07 20:36 scan-admin
2014-12-05 14:11 scan-admin
2014-12-02 14:09 scan-admin
2014-11-25 14:09 scan-admin
2014-11-23 14:08 scan-admin
2014-11-20 14:20 scan-admin
2014-11-14 14:21 scan-admin
2014-11-13 14:21 scan-admin
2014-11-11 20:40 scan-admin
2014-11-09 14:12 scan-admin
2014-10-30 13:19 scan-admin
2014-10-30 16:08 ` Sage Weil
2014-10-28 13:16 scan-admin
2014-10-28 18:26 ` Danny Al-Gaaf
2014-10-26 13:17 scan-admin
2014-10-24 17:55 scan-admin
2014-10-24 17:59 ` Sage Weil
2014-10-17 13:27 scan-admin
2014-10-09 13:23 scan-admin
2014-10-02 13:21 scan-admin
2014-09-25 13:18 scan-admin
2014-09-16 21:40 scan-admin
2014-08-16 21:31 scan-admin
2014-08-09 15:30 scan-admin
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.