* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-04-12 4:06 Sage Weil
2014-04-12 8:26 ` Loic Dachary
0 siblings, 1 reply; 33+ messages in thread
From: Sage Weil @ 2014-04-12 4:06 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 132 bytes --]
Several new defects. This wasn't running for the last couple of weeks
because the submodules didn't update on the test checkout.
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 29923 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id C1C53803BC
for <sage@cobra.newdream.net>; Fri, 11 Apr 2014 19:03:21 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id BEA70120A67; Fri, 11 Apr 2014 19:03:21 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from diehard.dreamhost.com (caiajhbdcbfh.dreamhost.com
[208.97.132.157])
by destro.newdream.net (Postfix) with ESMTP id BC353120A53
for <sage@newdream.net>; Fri, 11 Apr 2014 19:03:21 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by diehard.dreamhost.com (Postfix) with ESMTP id B85C617BC7B4
for <sage@newdream.net>; Fri, 11 Apr 2014 19:03:21 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at diehard.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from godfather.dreamhost.com ([208.97.132.17])
by localhost (diehard.dreamhost.com [208.97.132.157]) (amavisd-new,
port 10024) with ESMTP id aDCzjB4XJuHI for <sage@newdream.net>;
Fri, 11 Apr 2014 19:03:21 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by godfather.dreamhost.com (Postfix) with ESMTP id 8F34B1B0059
for <sage@newdream.net>; Fri, 11 Apr 2014 19:03:21 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Fri, 11 Apr 2014 19:04:18 -0700
Date: Fri, 11 Apr 2014 19:03:21 -0700
From: scan-admin@coverity.com
Message-ID: <53489ee94320_640e7ac86c27621@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 12 Apr 2014 02:04:18.0731 (UTC)
FILETIME=[836B87B0:01CF55F3]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 41 defect(s)
** CID 1201374: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
** CID 1201375: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, ceph::buffer::list &)()
** CID 1201376: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 333 in main()
** CID 1201377: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 335 in main()
** CID 1201378: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 330 in main()
** CID 1201379: Copy-paste error (COPY_PASTE_ERROR)
/mds/Server.cc: 7119 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1201380: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 291 in gf_error_check()
** CID 1201381: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 376 in gf_error_check()
/erasure-code/jerasure/gf-complete/src/gf.c: 377 in gf_error_check()
** CID 1201382: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6073 in Server::_rename_prepare(std::tr1::shared_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
** CID 1201383: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7112 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1201384: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7154 in Server::_rename_rollback_finish(std::tr1::shared_ptr<MutationImpl> &, std::tr1::shared_ptr<MDRequestImpl> &, CDentry *, unsigned long, CDentry *, CDentry *, bool)()
** CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
** CID 1201386: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 371 in LibRadosLockECPP_BreakLockPP_Test::TestBody()()
** CID 1201387: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 330 in LibRadosLockECPP_ListLockersPP_Test::TestBody()()
** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 462 in Monitor::preinit()()
** CID 1201389: Out-of-bounds access (OVERRUN)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
** CID 1201390: Out-of-bounds access (OVERRUN_DYNAMIC)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
** CID 1201391: Out-of-bounds write (OVERRUN_STATIC)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1267 in gf_w8_table_init()
** CID 1201392: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 134 in RadosTestEC::cleanup_default_namespace(void *)()
/test/librados/TestCase.cc: 139 in RadosTestEC::cleanup_default_namespace(void *)()
/test/librados/TestCase.cc: 141 in RadosTestEC::cleanup_default_namespace(void *)()
** CID 1201393: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 1881 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
/test/librados/aio.cc: 1883 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1201374: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
1091 r = -EINVAL;
1092 poolid = -1;
1093 ss << "cannot remove default data pool";
1094 }
1095
1096 if (poolid >= 0) {
>>> CID 1201374: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "cmd_getval(g_ceph_context, cmdmap, std::string("poolid", std::allocator<char>()), poolid)".
1097 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1098 r = pending_mdsmap.remove_data_pool(poolid);
1099 if (r == -ENOENT)
1100 r = 0;
1101 if (r == 0)
1102 ss << "removed data pool " << poolid << " from mdsmap";
________________________________________________________________________________________________________
*** CID 1201375: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, ceph::buffer::list &)()
4454 }
4455
4456 fout.close();
4457 }
4458 else if (prefix == "debug kick_recovery_wq") {
4459 int64_t delay;
>>> CID 1201375: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "cmd_getval(this->cct, cmdmap, std::string("delay", std::allocator<char>()), delay)".
4460 cmd_getval(cct, cmdmap, "delay", delay);
4461 ostringstream oss;
4462 oss << delay;
4463 r = cct->_conf->set_val("osd_recovery_delay_start", oss.str().c_str());
4464 if (r != 0) {
4465 ss << "kick_recovery_wq: error setting "
________________________________________________________________________________________________________
*** CID 1201376: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 333 in main()
327 }
328
329 rados_t cl;
330 rados_create(&cl, NULL);
331 rados_conf_parse_argv(cl, argc, argv);
332 rados_conf_parse_argv(cl, argc, argv);
>>> CID 1201376: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "rados_conf_read_file(cl, NULL)".
333 rados_conf_read_file(cl, NULL);
334 rados_conf_parse_env(cl, NULL);
335 rados_connect(cl);
336 rados_pool_delete(cl, pool.c_str());
337
338 printf("******* SUCCESS **********\n");
339 return EXIT_SUCCESS;
________________________________________________________________________________________________________
*** CID 1201377: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 335 in main()
329 rados_t cl;
330 rados_create(&cl, NULL);
331 rados_conf_parse_argv(cl, argc, argv);
332 rados_conf_parse_argv(cl, argc, argv);
333 rados_conf_read_file(cl, NULL);
334 rados_conf_parse_env(cl, NULL);
>>> CID 1201377: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "rados_connect(cl)".
335 rados_connect(cl);
336 rados_pool_delete(cl, pool.c_str());
337
338 printf("******* SUCCESS **********\n");
339 return EXIT_SUCCESS;
________________________________________________________________________________________________________
*** CID 1201378: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 330 in main()
324 printf("got error: %s\n", error.c_str());
325 return EXIT_FAILURE;
326 }
327 }
328
329 rados_t cl;
>>> CID 1201378: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "rados_create(&cl, NULL)".
330 rados_create(&cl, NULL);
331 rados_conf_parse_argv(cl, argc, argv);
332 rados_conf_parse_argv(cl, argc, argv);
333 rados_conf_read_file(cl, NULL);
334 rados_conf_parse_env(cl, NULL);
335 rados_connect(cl);
________________________________________________________________________________________________________
*** CID 1201379: Copy-paste error (COPY_PASTE_ERROR)
/mds/Server.cc: 7119 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7113 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7114 le->commit.renamed_dirino = in->ino();
7115 }
7116
7117 if (target && target->is_dir()) {
7118 assert(destdn);
>>> CID 1201379: Copy-paste error (COPY_PASTE_ERROR)
>>> "in" in "this->mdcache->project_subtree_rename(in, straydir, destdir)" looks like a copy-paste error. Should it say "target" instead?
7119 mdcache->project_subtree_rename(in, straydir, destdir);
7120 }
7121
7122 if (in && in->is_dir()) {
7123 assert(srcdn);
7124 mdcache->project_subtree_rename(in, destdir, srcdir);
________________________________________________________________________________________________________
*** CID 1201380: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 291 in gf_error_check()
285 if (!pclmul) { _gf_errno = GF_E_PCLMULX; return 0; }
286 return 1;
287 }
288
289 if (mult_type == GF_MULT_BYTWO_p || mult_type == GF_MULT_BYTWO_b) {
290 if (raltmap) { _gf_errno = GF_E_ALT_BY2; return 0; }
>>> CID 1201380: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "_gf_errno = 27;".
291 if (rsse && !sse2) { _gf_errno = GF_E_BY2_SSE; return 0; }
292 return 1;
293 }
294
295 if (mult_type == GF_MULT_LOG_TABLE || mult_type == GF_MULT_LOG_ZERO
296 || mult_type == GF_MULT_LOG_ZERO_EXT ) {
________________________________________________________________________________________________________
*** CID 1201381: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 376 in gf_error_check()
370 } else { _gf_errno = GF_E_SP_64AR; return 0; }
371 } else if (w == 128) {
372 if (arg1 == 8 && arg2 == 128) {
373 if (rsse || rnosse) { _gf_errno = GF_E_SP128_S; return 0; }
374 if (raltmap) { _gf_errno = GF_E_SP128_A; return 0; }
375 } else if (arg1 == 4 && arg2 == 128) {
>>> CID 1201381: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "_gf_errno = 63;".
376 if (rsse && !sse3) { _gf_errno = GF_E_SP_SSE3; return 0; }
377 if (raltmap && !sse3) { _gf_errno = GF_E_SP128AS; return 0; }
378 if (raltmap && rnosse) { _gf_errno = GF_E_SP128AS; return 0; }
379 } else { _gf_errno = GF_E_SP128AR; return 0; }
380 } else { _gf_errno = GF_E_SPLIT_W; return 0; }
381 return 1;
/erasure-code/jerasure/gf-complete/src/gf.c: 377 in gf_error_check()
371 } else if (w == 128) {
372 if (arg1 == 8 && arg2 == 128) {
373 if (rsse || rnosse) { _gf_errno = GF_E_SP128_S; return 0; }
374 if (raltmap) { _gf_errno = GF_E_SP128_A; return 0; }
375 } else if (arg1 == 4 && arg2 == 128) {
376 if (rsse && !sse3) { _gf_errno = GF_E_SP_SSE3; return 0; }
>>> CID 1201381: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "_gf_errno = 46;".
377 if (raltmap && !sse3) { _gf_errno = GF_E_SP128AS; return 0; }
378 if (raltmap && rnosse) { _gf_errno = GF_E_SP128AS; return 0; }
379 } else { _gf_errno = GF_E_SP128AR; return 0; }
380 } else { _gf_errno = GF_E_SPLIT_W; return 0; }
381 return 1;
382 }
________________________________________________________________________________________________________
*** CID 1201382: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6073 in Server::_rename_prepare(std::tr1::shared_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
6067 force_journal_dest = true;
6068 } else
6069 force_journal_dest = _need_force_journal(srci, false);
6070 }
6071
6072 bool force_journal_stray = false;
>>> CID 1201382: Dereference after null check (FORWARD_NULL)
>>> Comparing "straydn" to null implies that "straydn" might be null.
6073 if (oldin && oldin->is_dir() && straydn && !straydn->is_auth())
6074 force_journal_stray = _need_force_journal(oldin, true);
6075
6076 if (linkmerge)
6077 dout(10) << " merging remote and primary links to the same inode" << dendl;
6078 if (silent)
________________________________________________________________________________________________________
*** CID 1201383: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7112 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7106 le->commit.add_primary_dentry(target->get_projected_parent_dn(), target, true);
7107 }
7108
7109 if (force_journal_dest) {
7110 dout(10) << " noting rename target ino " << target->ino() << " in metablob" << dendl;
7111 le->commit.renamed_dirino = target->ino();
>>> CID 1201383: Dereference after null check (FORWARD_NULL)
>>> Comparing "in" to null implies that "in" might be null.
7112 } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) {
7113 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7114 le->commit.renamed_dirino = in->ino();
7115 }
7116
7117 if (target && target->is_dir()) {
________________________________________________________________________________________________________
*** CID 1201384: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7154 in Server::_rename_rollback_finish(std::tr1::shared_ptr<MutationImpl> &, std::tr1::shared_ptr<MDRequestImpl> &, CDentry *, unsigned long, CDentry *, CDentry *, bool)()
7148 if (srcdn->authority().first == mds->get_nodeid())
7149 srcdn->mark_dirty(srcdnpv, mut->ls);
7150 }
7151
7152 mut->apply();
7153
>>> CID 1201384: Dereference after null check (FORWARD_NULL)
>>> Comparing "srcdn" to null implies that "srcdn" might be null.
7154 if (srcdn) {
7155 CInode *in = srcdn->get_linkage()->get_inode();
7156 // update subtree map?
7157 if (in && in->is_dir()) {
7158 assert(destdn);
7159 mdcache->adjust_subtree_after_rename(in, destdn->get_dir(), true);
________________________________________________________________________________________________________
*** CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
410 dout(10) << " already rdlocked " << *have << " " << *have->get_parent() << dendl;
411 continue;
412 }
413 }
414
415 // hose any stray locks
>>> CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "existing" though it is already past the end of its container.
416 if (*existing == *p) {
417 assert(need_wrlock || need_remote_wrlock);
418 SimpleLock *lock = *existing;
419 if (mdr->wrlocks.count(lock)) {
420 if (!need_wrlock)
421 dout(10) << " unlocking extra " << *lock << " " << *lock->get_parent() << dendl;
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
410 dout(10) << " already rdlocked " << *have << " " << *have->get_parent() << dendl;
411 continue;
412 }
413 }
414
415 // hose any stray locks
>>> CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "existing" though it is already past the end of its container.
416 if (*existing == *p) {
417 assert(need_wrlock || need_remote_wrlock);
418 SimpleLock *lock = *existing;
419 if (mdr->wrlocks.count(lock)) {
420 if (!need_wrlock)
421 dout(10) << " unlocking extra " << *lock << " " << *lock->get_parent() << dendl;
________________________________________________________________________________________________________
*** CID 1201386: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 371 in LibRadosLockECPP_BreakLockPP_Test::TestBody()()
365 sstm << "client." << cluster.get_instance_id();
366 std::string me = sstm.str();
367 ASSERT_EQ(0, ioctx.lock_exclusive("foo", "TestLock", "Cookie", "", NULL, 0));
368 ASSERT_EQ(1, ioctx.list_lockers("foo", "TestLock", &exclusive, &tag, &lockers));
369 std::list<librados::locker_t>::iterator it = lockers.begin();
370 ASSERT_FALSE(lockers.end() == it);
>>> CID 1201386: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "it" though it is already past the end of its container.
371 ASSERT_EQ(me, it->client);
372 ASSERT_EQ("Cookie", it->cookie);
373 ASSERT_EQ(0, ioctx.break_lock("foo", "TestLock", it->client, "Cookie"));
________________________________________________________________________________________________________
*** CID 1201387: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 330 in LibRadosLockECPP_ListLockersPP_Test::TestBody()()
324 int exclusive;
325 std::string tag;
326 std::list<librados::locker_t> lockers;
327 ASSERT_EQ(1, ioctx.list_lockers("foo", "TestLock", &exclusive, &tag, &lockers));
328 std::list<librados::locker_t>::iterator it = lockers.begin();
329 ASSERT_FALSE(lockers.end() == it);
>>> CID 1201387: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "it" though it is already past the end of its container.
330 ASSERT_EQ(me, it->client);
331 ASSERT_EQ("Cookie", it->cookie);
332 }
333 }
334
335 TEST_F(LibRadosLockEC, BreakLock) {
________________________________________________________________________________________________________
*** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 462 in Monitor::preinit()()
456 << "must have been removed" << dendl;
457 if (g_conf->mon_force_quorum_join) {
458 dout(0) << "we should have died but "
459 << "'mon_force_quorum_join' is set -- allowing boot" << dendl;
460 } else {
461 derr << "commit suicide!" << dendl;
>>> CID 1201388: Missing unlock (LOCK)
>>> Returning without unlocking "this->lock._m".
462 return -ENOENT;
463 }
464 }
465
466 {
467 // We have a potentially inconsistent store state in hands. Get rid of it
________________________________________________________________________________________________________
*** CID 1201389: Out-of-bounds access (OVERRUN)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
1819 uint64_t size = 2 << 20;
1820
1821 ASSERT_EQ(0, create_image(ioctx, name, size, &order));
1822 ASSERT_EQ(0, rbd_open(ioctx, name, &image, NULL));
1823
1824 const char *data = "blah";
>>> CID 1201389: Out-of-bounds access (OVERRUN)
>>> Allocating insufficient memory for the terminating null of the string.
1825 char read_data[strlen(data)];
1826 ASSERT_EQ((int)strlen(data), rbd_write(image, 0, strlen(data), data));
1827 ASSERT_EQ(0, rbd_discard(image, 0, 0));
1828 ASSERT_EQ((int)strlen(data), rbd_read(image, 0, strlen(data), read_data));
1829 ASSERT_EQ(0, memcmp(data, read_data, strlen(data)));
1830
________________________________________________________________________________________________________
*** CID 1201390: Out-of-bounds access (OVERRUN_DYNAMIC)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
1819 uint64_t size = 2 << 20;
1820
1821 ASSERT_EQ(0, create_image(ioctx, name, size, &order));
1822 ASSERT_EQ(0, rbd_open(ioctx, name, &image, NULL));
1823
1824 const char *data = "blah";
>>> CID 1201390: Out-of-bounds access (OVERRUN_DYNAMIC)
>>> Allocating insufficient memory for the terminating null of the string.
1825 char read_data[strlen(data)];
1826 ASSERT_EQ((int)strlen(data), rbd_write(image, 0, strlen(data), data));
1827 ASSERT_EQ(0, rbd_discard(image, 0, 0));
1828 ASSERT_EQ((int)strlen(data), rbd_read(image, 0, strlen(data), read_data));
1829 ASSERT_EQ(0, memcmp(data, read_data, strlen(data)));
1830
________________________________________________________________________________________________________
*** CID 1201391: Out-of-bounds write (OVERRUN_STATIC)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1267 in gf_w8_table_init()
1261 ltd->div[prod][b] = a;
1262 ltd->smult[a][b] = prod;
1263 break;
1264 case 3:
1265 dd->multtable[a][b] = prod;
1266 dd->divtable[prod][b] = a;
>>> CID 1201391: Out-of-bounds write (OVERRUN_STATIC)
>>> Overrunning static array "dd->low[a]", with 16 elements, at position 255 with index variable "b".
1267 if ((b & 0xf) == b) { dd->low[a][b] = prod; }
1268 if ((b & 0xf0) == b) { dd->high[a][b>>4] = prod; }
1269 break;
1270 }
1271 }
1272 }
________________________________________________________________________________________________________
*** CID 1201392: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 134 in RadosTestEC::cleanup_default_namespace(void *)()
128 void RadosTestEC::cleanup_default_namespace(rados_ioctx_t ioctx)
129 {
130 // remove all objects from the default namespace to avoid polluting
131 // other tests
132 rados_ioctx_set_namespace(ioctx, "");
133 rados_list_ctx_t list_ctx;
>>> CID 1201392: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
134 ASSERT_EQ(0, rados_objects_list_open(ioctx, &list_ctx));
135 int r;
136 const char *entry = NULL;
137 const char *key = NULL;
138 while ((r = rados_objects_list_next(list_ctx, &entry, &key)) != -ENOENT) {
139 ASSERT_EQ(0, r);
/test/librados/TestCase.cc: 139 in RadosTestEC::cleanup_default_namespace(void *)()
133 rados_list_ctx_t list_ctx;
134 ASSERT_EQ(0, rados_objects_list_open(ioctx, &list_ctx));
135 int r;
136 const char *entry = NULL;
137 const char *key = NULL;
138 while ((r = rados_objects_list_next(list_ctx, &entry, &key)) != -ENOENT) {
>>> CID 1201392: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
139 ASSERT_EQ(0, r);
140 rados_ioctx_locator_set_key(ioctx, key);
141 ASSERT_EQ(0, rados_remove(ioctx, entry));
142 }
143 rados_objects_list_close(list_ctx);
144 }
/test/librados/TestCase.cc: 141 in RadosTestEC::cleanup_default_namespace(void *)()
135 int r;
136 const char *entry = NULL;
137 const char *key = NULL;
138 while ((r = rados_objects_list_next(list_ctx, &entry, &key)) != -ENOENT) {
139 ASSERT_EQ(0, r);
140 rados_ioctx_locator_set_key(ioctx, key);
>>> CID 1201392: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
141 ASSERT_EQ(0, rados_remove(ioctx, entry));
142 }
143 rados_objects_list_close(list_ctx);
144 }
145
146 std::string RadosTestECPP::pool_name;
________________________________________________________________________________________________________
*** CID 1201393: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 1881 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
1875 }
1876
1877 TEST(LibRadosAioEC, RoundTripAppend) {
1878 AioTestDataEC test_data;
1879 rados_completion_t my_completion, my_completion2, my_completion3, my_completion4;
1880 ASSERT_EQ("", test_data.init());
>>> CID 1201393: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
1881 ASSERT_EQ(0, rados_aio_create_completion((void*)&test_data,
1882 set_completion_completeEC, set_completion_safeEC, &my_completion));
1883 ASSERT_TRUE(rados_ioctx_pool_requires_alignment(test_data.m_ioctx));
1884 uint64_t alignment = rados_ioctx_pool_required_alignment(test_data.m_ioctx);
1885 ASSERT_NE((unsigned)0, alignment);
1886
/test/librados/aio.cc: 1883 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
1877 TEST(LibRadosAioEC, RoundTripAppend) {
1878 AioTestDataEC test_data;
1879 rados_completion_t my_completion, my_completion2, my_completion3, my_completion4;
1880 ASSERT_EQ("", test_data.init());
1881 ASSERT_EQ(0, rados_aio_create_completion((void*)&test_data,
1882 set_completion_completeEC, set_completion_safeEC, &my_completion));
>>> CID 1201393: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
1883 ASSERT_TRUE(rados_ioctx_pool_requires_alignment(test_data.m_ioctx));
1884 uint64_t alignment = rados_ioctx_pool_required_alignment(test_data.m_ioctx);
1885 ASSERT_NE((unsigned)0, alignment);
1886
1887 int bsize = alignment;
1888 char *buf = (char *)new char[bsize];
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Fri, 11 Apr 2014 19:03:21 -0700
Message-ID: <53489ee94320_640e7ac86c27621@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 41 defect(s)
** CID 1201374: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
** CID 1201375: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, ceph::buffer::list &)()
** CID 1201376: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 333 in main()
** CID 1201377: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 335 in main()
** CID 1201378: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 330 in main()
** CID 1201379: Copy-paste error (COPY_PASTE_ERROR)
/mds/Server.cc: 7119 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1201380: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 291 in gf_error_check()
** CID 1201381: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 376 in gf_error_check()
/erasure-code/jerasure/gf-complete/src/gf.c: 377 in gf_error_check()
** CID 1201382: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6073 in Server::_rename_prepare(std::tr1::shared_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
** CID 1201383: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7112 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1201384: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7154 in Server::_rename_rollback_finish(std::tr1::shared_ptr<MutationImpl> &, std::tr1::shared_ptr<MDRequestImpl> &, CDentry *, unsigned long, CDentry *, CDentry *, bool)()
** CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
** CID 1201386: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 371 in LibRadosLockECPP_BreakLockPP_Test::TestBody()()
** CID 1201387: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 330 in LibRadosLockECPP_ListLockersPP_Test::TestBody()()
** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 462 in Monitor::preinit()()
** CID 1201389: Out-of-bounds access (OVERRUN)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
** CID 1201390: Out-of-bounds access (OVERRUN_DYNAMIC)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
** CID 1201391: Out-of-bounds write (OVERRUN_STATIC)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1267 in gf_w8_table_init()
** CID 1201392: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 134 in RadosTestEC::cleanup_default_namespace(void *)()
/test/librados/TestCase.cc: 139 in RadosTestEC::cleanup_default_namespace(void *)()
/test/librados/TestCase.cc: 141 in RadosTestEC::cleanup_default_namespace(void *)()
** CID 1201393: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 1881 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
/test/librados/aio.cc: 1883 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1201374: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1097 in MDSMonitor::prepare_command(MMonCommand *)()
1091 r = -EINVAL;
1092 poolid = -1;
1093 ss << "cannot remove default data pool";
1094 }
1095
1096 if (poolid >= 0) {
>>> CID 1201374: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "cmd_getval(g_ceph_context, cmdmap, std::string("poolid", std::allocator<char>()), poolid)".
1097 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1098 r = pending_mdsmap.remove_data_pool(poolid);
1099 if (r == -ENOENT)
1100 r = 0;
1101 if (r == 0)
1102 ss << "removed data pool " << poolid << " from mdsmap";
________________________________________________________________________________________________________
*** CID 1201375: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 4460 in OSD::do_command(Connection *, unsigned long, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, ceph::buffer::list &)()
4454 }
4455
4456 fout.close();
4457 }
4458 else if (prefix == "debug kick_recovery_wq") {
4459 int64_t delay;
>>> CID 1201375: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "cmd_getval(this->cct, cmdmap, std::string("delay", std::allocator<char>()), delay)".
4460 cmd_getval(cct, cmdmap, "delay", delay);
4461 ostringstream oss;
4462 oss << delay;
4463 r = cct->_conf->set_val("osd_recovery_delay_start", oss.str().c_str());
4464 if (r != 0) {
4465 ss << "kick_recovery_wq: error setting "
________________________________________________________________________________________________________
*** CID 1201376: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 333 in main()
327 }
328
329 rados_t cl;
330 rados_create(&cl, NULL);
331 rados_conf_parse_argv(cl, argc, argv);
332 rados_conf_parse_argv(cl, argc, argv);
>>> CID 1201376: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "rados_conf_read_file(cl, NULL)".
333 rados_conf_read_file(cl, NULL);
334 rados_conf_parse_env(cl, NULL);
335 rados_connect(cl);
336 rados_pool_delete(cl, pool.c_str());
337
338 printf("******* SUCCESS **********\n");
339 return EXIT_SUCCESS;
________________________________________________________________________________________________________
*** CID 1201377: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 335 in main()
329 rados_t cl;
330 rados_create(&cl, NULL);
331 rados_conf_parse_argv(cl, argc, argv);
332 rados_conf_parse_argv(cl, argc, argv);
333 rados_conf_read_file(cl, NULL);
334 rados_conf_parse_env(cl, NULL);
>>> CID 1201377: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "rados_connect(cl)".
335 rados_connect(cl);
336 rados_pool_delete(cl, pool.c_str());
337
338 printf("******* SUCCESS **********\n");
339 return EXIT_SUCCESS;
________________________________________________________________________________________________________
*** CID 1201378: Unchecked return value (CHECKED_RETURN)
/test/system/rados_list_parallel.cc: 330 in main()
324 printf("got error: %s\n", error.c_str());
325 return EXIT_FAILURE;
326 }
327 }
328
329 rados_t cl;
>>> CID 1201378: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "rados_create(&cl, NULL)".
330 rados_create(&cl, NULL);
331 rados_conf_parse_argv(cl, argc, argv);
332 rados_conf_parse_argv(cl, argc, argv);
333 rados_conf_read_file(cl, NULL);
334 rados_conf_parse_env(cl, NULL);
335 rados_connect(cl);
________________________________________________________________________________________________________
*** CID 1201379: Copy-paste error (COPY_PASTE_ERROR)
/mds/Server.cc: 7119 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7113 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7114 le->commit.renamed_dirino = in->ino();
7115 }
7116
7117 if (target && target->is_dir()) {
7118 assert(destdn);
>>> CID 1201379: Copy-paste error (COPY_PASTE_ERROR)
>>> "in" in "this->mdcache->project_subtree_rename(in, straydir, destdir)" looks like a copy-paste error. Should it say "target" instead?
7119 mdcache->project_subtree_rename(in, straydir, destdir);
7120 }
7121
7122 if (in && in->is_dir()) {
7123 assert(srcdn);
7124 mdcache->project_subtree_rename(in, destdir, srcdir);
________________________________________________________________________________________________________
*** CID 1201380: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 291 in gf_error_check()
285 if (!pclmul) { _gf_errno = GF_E_PCLMULX; return 0; }
286 return 1;
287 }
288
289 if (mult_type == GF_MULT_BYTWO_p || mult_type == GF_MULT_BYTWO_b) {
290 if (raltmap) { _gf_errno = GF_E_ALT_BY2; return 0; }
>>> CID 1201380: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "_gf_errno = 27;".
291 if (rsse && !sse2) { _gf_errno = GF_E_BY2_SSE; return 0; }
292 return 1;
293 }
294
295 if (mult_type == GF_MULT_LOG_TABLE || mult_type == GF_MULT_LOG_ZERO
296 || mult_type == GF_MULT_LOG_ZERO_EXT ) {
________________________________________________________________________________________________________
*** CID 1201381: Logically dead code (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 376 in gf_error_check()
370 } else { _gf_errno = GF_E_SP_64AR; return 0; }
371 } else if (w == 128) {
372 if (arg1 == 8 && arg2 == 128) {
373 if (rsse || rnosse) { _gf_errno = GF_E_SP128_S; return 0; }
374 if (raltmap) { _gf_errno = GF_E_SP128_A; return 0; }
375 } else if (arg1 == 4 && arg2 == 128) {
>>> CID 1201381: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "_gf_errno = 63;".
376 if (rsse && !sse3) { _gf_errno = GF_E_SP_SSE3; return 0; }
377 if (raltmap && !sse3) { _gf_errno = GF_E_SP128AS; return 0; }
378 if (raltmap && rnosse) { _gf_errno = GF_E_SP128AS; return 0; }
379 } else { _gf_errno = GF_E_SP128AR; return 0; }
380 } else { _gf_errno = GF_E_SPLIT_W; return 0; }
381 return 1;
/erasure-code/jerasure/gf-complete/src/gf.c: 377 in gf_error_check()
371 } else if (w == 128) {
372 if (arg1 == 8 && arg2 == 128) {
373 if (rsse || rnosse) { _gf_errno = GF_E_SP128_S; return 0; }
374 if (raltmap) { _gf_errno = GF_E_SP128_A; return 0; }
375 } else if (arg1 == 4 && arg2 == 128) {
376 if (rsse && !sse3) { _gf_errno = GF_E_SP_SSE3; return 0; }
>>> CID 1201381: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "_gf_errno = 46;".
377 if (raltmap && !sse3) { _gf_errno = GF_E_SP128AS; return 0; }
378 if (raltmap && rnosse) { _gf_errno = GF_E_SP128AS; return 0; }
379 } else { _gf_errno = GF_E_SP128AR; return 0; }
380 } else { _gf_errno = GF_E_SPLIT_W; return 0; }
381 return 1;
382 }
________________________________________________________________________________________________________
*** CID 1201382: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6073 in Server::_rename_prepare(std::tr1::shared_ptr<MDRequestImpl> &, EMetaBlob *, ceph::buffer::list *, CDentry *, CDentry *, CDentry *)()
6067 force_journal_dest = true;
6068 } else
6069 force_journal_dest = _need_force_journal(srci, false);
6070 }
6071
6072 bool force_journal_stray = false;
>>> CID 1201382: Dereference after null check (FORWARD_NULL)
>>> Comparing "straydn" to null implies that "straydn" might be null.
6073 if (oldin && oldin->is_dir() && straydn && !straydn->is_auth())
6074 force_journal_stray = _need_force_journal(oldin, true);
6075
6076 if (linkmerge)
6077 dout(10) << " merging remote and primary links to the same inode" << dendl;
6078 if (silent)
________________________________________________________________________________________________________
*** CID 1201383: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7112 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7106 le->commit.add_primary_dentry(target->get_projected_parent_dn(), target, true);
7107 }
7108
7109 if (force_journal_dest) {
7110 dout(10) << " noting rename target ino " << target->ino() << " in metablob" << dendl;
7111 le->commit.renamed_dirino = target->ino();
>>> CID 1201383: Dereference after null check (FORWARD_NULL)
>>> Comparing "in" to null implies that "in" might be null.
7112 } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) {
7113 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7114 le->commit.renamed_dirino = in->ino();
7115 }
7116
7117 if (target && target->is_dir()) {
________________________________________________________________________________________________________
*** CID 1201384: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 7154 in Server::_rename_rollback_finish(std::tr1::shared_ptr<MutationImpl> &, std::tr1::shared_ptr<MDRequestImpl> &, CDentry *, unsigned long, CDentry *, CDentry *, bool)()
7148 if (srcdn->authority().first == mds->get_nodeid())
7149 srcdn->mark_dirty(srcdnpv, mut->ls);
7150 }
7151
7152 mut->apply();
7153
>>> CID 1201384: Dereference after null check (FORWARD_NULL)
>>> Comparing "srcdn" to null implies that "srcdn" might be null.
7154 if (srcdn) {
7155 CInode *in = srcdn->get_linkage()->get_inode();
7156 // update subtree map?
7157 if (in && in->is_dir()) {
7158 assert(destdn);
7159 mdcache->adjust_subtree_after_rename(in, destdn->get_dir(), true);
________________________________________________________________________________________________________
*** CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
410 dout(10) << " already rdlocked " << *have << " " << *have->get_parent() << dendl;
411 continue;
412 }
413 }
414
415 // hose any stray locks
>>> CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "existing" though it is already past the end of its container.
416 if (*existing == *p) {
417 assert(need_wrlock || need_remote_wrlock);
418 SimpleLock *lock = *existing;
419 if (mdr->wrlocks.count(lock)) {
420 if (!need_wrlock)
421 dout(10) << " unlocking extra " << *lock << " " << *lock->get_parent() << dendl;
/mds/Locker.cc: 416 in Locker::acquire_locks(std::tr1::shared_ptr<MDRequestImpl> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::set<SimpleLock *, std::less<SimpleLock *>, std::allocator<SimpleLock *>> &, std::map<SimpleLock *, int, std::less<SimpleLock *>, std::allocator<std::pair<SimpleLock *const , int>>> *, CInode *, bool)()
410 dout(10) << " already rdlocked " << *have << " " << *have->get_parent() << dendl;
411 continue;
412 }
413 }
414
415 // hose any stray locks
>>> CID 1201385: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "existing" though it is already past the end of its container.
416 if (*existing == *p) {
417 assert(need_wrlock || need_remote_wrlock);
418 SimpleLock *lock = *existing;
419 if (mdr->wrlocks.count(lock)) {
420 if (!need_wrlock)
421 dout(10) << " unlocking extra " << *lock << " " << *lock->get_parent() << dendl;
________________________________________________________________________________________________________
*** CID 1201386: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 371 in LibRadosLockECPP_BreakLockPP_Test::TestBody()()
365 sstm << "client." << cluster.get_instance_id();
366 std::string me = sstm.str();
367 ASSERT_EQ(0, ioctx.lock_exclusive("foo", "TestLock", "Cookie", "", NULL, 0));
368 ASSERT_EQ(1, ioctx.list_lockers("foo", "TestLock", &exclusive, &tag, &lockers));
369 std::list<librados::locker_t>::iterator it = lockers.begin();
370 ASSERT_FALSE(lockers.end() == it);
>>> CID 1201386: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "it" though it is already past the end of its container.
371 ASSERT_EQ(me, it->client);
372 ASSERT_EQ("Cookie", it->cookie);
373 ASSERT_EQ(0, ioctx.break_lock("foo", "TestLock", it->client, "Cookie"));
________________________________________________________________________________________________________
*** CID 1201387: Using invalid iterator (INVALIDATE_ITERATOR)
/test/librados/lock.cc: 330 in LibRadosLockECPP_ListLockersPP_Test::TestBody()()
324 int exclusive;
325 std::string tag;
326 std::list<librados::locker_t> lockers;
327 ASSERT_EQ(1, ioctx.list_lockers("foo", "TestLock", &exclusive, &tag, &lockers));
328 std::list<librados::locker_t>::iterator it = lockers.begin();
329 ASSERT_FALSE(lockers.end() == it);
>>> CID 1201387: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "it" though it is already past the end of its container.
330 ASSERT_EQ(me, it->client);
331 ASSERT_EQ("Cookie", it->cookie);
332 }
333 }
334
335 TEST_F(LibRadosLockEC, BreakLock) {
________________________________________________________________________________________________________
*** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 462 in Monitor::preinit()()
456 << "must have been removed" << dendl;
457 if (g_conf->mon_force_quorum_join) {
458 dout(0) << "we should have died but "
459 << "'mon_force_quorum_join' is set -- allowing boot" << dendl;
460 } else {
461 derr << "commit suicide!" << dendl;
>>> CID 1201388: Missing unlock (LOCK)
>>> Returning without unlocking "this->lock._m".
462 return -ENOENT;
463 }
464 }
465
466 {
467 // We have a potentially inconsistent store state in hands. Get rid of it
________________________________________________________________________________________________________
*** CID 1201389: Out-of-bounds access (OVERRUN)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
1819 uint64_t size = 2 << 20;
1820
1821 ASSERT_EQ(0, create_image(ioctx, name, size, &order));
1822 ASSERT_EQ(0, rbd_open(ioctx, name, &image, NULL));
1823
1824 const char *data = "blah";
>>> CID 1201389: Out-of-bounds access (OVERRUN)
>>> Allocating insufficient memory for the terminating null of the string.
1825 char read_data[strlen(data)];
1826 ASSERT_EQ((int)strlen(data), rbd_write(image, 0, strlen(data), data));
1827 ASSERT_EQ(0, rbd_discard(image, 0, 0));
1828 ASSERT_EQ((int)strlen(data), rbd_read(image, 0, strlen(data), read_data));
1829 ASSERT_EQ(0, memcmp(data, read_data, strlen(data)));
1830
________________________________________________________________________________________________________
*** CID 1201390: Out-of-bounds access (OVERRUN_DYNAMIC)
/test/librbd/test_librbd.cc: 1825 in LibRBD_ZeroLengthDiscard_Test::TestBody()()
1819 uint64_t size = 2 << 20;
1820
1821 ASSERT_EQ(0, create_image(ioctx, name, size, &order));
1822 ASSERT_EQ(0, rbd_open(ioctx, name, &image, NULL));
1823
1824 const char *data = "blah";
>>> CID 1201390: Out-of-bounds access (OVERRUN_DYNAMIC)
>>> Allocating insufficient memory for the terminating null of the string.
1825 char read_data[strlen(data)];
1826 ASSERT_EQ((int)strlen(data), rbd_write(image, 0, strlen(data), data));
1827 ASSERT_EQ(0, rbd_discard(image, 0, 0));
1828 ASSERT_EQ((int)strlen(data), rbd_read(image, 0, strlen(data), read_data));
1829 ASSERT_EQ(0, memcmp(data, read_data, strlen(data)));
1830
________________________________________________________________________________________________________
*** CID 1201391: Out-of-bounds write (OVERRUN_STATIC)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1267 in gf_w8_table_init()
1261 ltd->div[prod][b] = a;
1262 ltd->smult[a][b] = prod;
1263 break;
1264 case 3:
1265 dd->multtable[a][b] = prod;
1266 dd->divtable[prod][b] = a;
>>> CID 1201391: Out-of-bounds write (OVERRUN_STATIC)
>>> Overrunning static array "dd->low[a]", with 16 elements, at position 255 with index variable "b".
1267 if ((b & 0xf) == b) { dd->low[a][b] = prod; }
1268 if ((b & 0xf0) == b) { dd->high[a][b>>4] = prod; }
1269 break;
1270 }
1271 }
1272 }
________________________________________________________________________________________________________
*** CID 1201392: Resource leak (RESOURCE_LEAK)
/test/librados/TestCase.cc: 134 in RadosTestEC::cleanup_default_namespace(void *)()
128 void RadosTestEC::cleanup_default_namespace(rados_ioctx_t ioctx)
129 {
130 // remove all objects from the default namespace to avoid polluting
131 // other tests
132 rados_ioctx_set_namespace(ioctx, "");
133 rados_list_ctx_t list_ctx;
>>> CID 1201392: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
134 ASSERT_EQ(0, rados_objects_list_open(ioctx, &list_ctx));
135 int r;
136 const char *entry = NULL;
137 const char *key = NULL;
138 while ((r = rados_objects_list_next(list_ctx, &entry, &key)) != -ENOENT) {
139 ASSERT_EQ(0, r);
/test/librados/TestCase.cc: 139 in RadosTestEC::cleanup_default_namespace(void *)()
133 rados_list_ctx_t list_ctx;
134 ASSERT_EQ(0, rados_objects_list_open(ioctx, &list_ctx));
135 int r;
136 const char *entry = NULL;
137 const char *key = NULL;
138 while ((r = rados_objects_list_next(list_ctx, &entry, &key)) != -ENOENT) {
>>> CID 1201392: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
139 ASSERT_EQ(0, r);
140 rados_ioctx_locator_set_key(ioctx, key);
141 ASSERT_EQ(0, rados_remove(ioctx, entry));
142 }
143 rados_objects_list_close(list_ctx);
144 }
/test/librados/TestCase.cc: 141 in RadosTestEC::cleanup_default_namespace(void *)()
135 int r;
136 const char *entry = NULL;
137 const char *key = NULL;
138 while ((r = rados_objects_list_next(list_ctx, &entry, &key)) != -ENOENT) {
139 ASSERT_EQ(0, r);
140 rados_ioctx_locator_set_key(ioctx, key);
>>> CID 1201392: Resource leak (RESOURCE_LEAK)
>>> Variable "list_ctx" going out of scope leaks the storage it points to.
141 ASSERT_EQ(0, rados_remove(ioctx, entry));
142 }
143 rados_objects_list_close(list_ctx);
144 }
145
146 std::string RadosTestECPP::pool_name;
________________________________________________________________________________________________________
*** CID 1201393: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 1881 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
1875 }
1876
1877 TEST(LibRadosAioEC, RoundTripAppend) {
1878 AioTestDataEC test_data;
1879 rados_completion_t my_completion, my_completion2, my_completion3, my_completion4;
1880 ASSERT_EQ("", test_data.init());
>>> CID 1201393: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
1881 ASSERT_EQ(0, rados_aio_create_completion((void*)&test_data,
1882 set_completion_completeEC, set_completion_safeEC, &my_completion));
1883 ASSERT_TRUE(rados_ioctx_pool_requires_alignment(test_data.m_ioctx));
1884 uint64_t alignment = rados_ioctx_pool_required_alignment(test_data.m_ioctx);
1885 ASSERT_NE((unsigned)0, alignment);
1886
/test/librados/aio.cc: 1883 in LibRadosAioEC_RoundTripAppend_Test::TestBody()()
1877 TEST(LibRadosAioEC, RoundTripAppend) {
1878 AioTestDataEC test_data;
1879 rados_completion_t my_completion, my_completion2, my_completion3, my_completion4;
1880 ASSERT_EQ("", test_data.init());
1881 ASSERT_EQ(0, rados_aio_create_completion((void*)&test_data,
1882 set_completion_completeEC, set_completion_safeEC, &my_completion));
>>> CID 1201393: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
1883 ASSERT_TRUE(rados_ioctx_pool_requires_alignment(test_data.m_ioctx));
1884 uint64_t alignment = rados_ioctx_pool_required_alignment(test_data.m_ioctx);
1885 ASSERT_NE((unsigned)0, alignment);
1886
1887 int bsize = alignment;
1888 char *buf = (char *)new char[bsize];
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-10-08 14:59 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-10-08 14:59 UTC (permalink / raw)
To: joao.luis, ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 9408 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 43FED80068
for <sage@cobra.newdream.net>; Wed, 8 Oct 2014 06:21:48 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 30D22120C85; Wed, 8 Oct 2014 06:21:48 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from madmax.dreamhost.com (caiajhbdcbdj.dreamhost.com
[208.97.132.139])
by destro.newdream.net (Postfix) with ESMTP id 2DC11120C7B
for <sage@newdream.net>; Wed, 8 Oct 2014 06:21:48 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by madmax.dreamhost.com (Postfix) with ESMTP id 2941FFD802D
for <sage@newdream.net>; Wed, 8 Oct 2014 06:21:48 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at madmax.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from godfather.dreamhost.com ([208.97.132.17])
by localhost (madmax.dreamhost.com [208.97.132.139]) (amavisd-new,
port 10024) with ESMTP id R6XTzsEcjqQv for <sage@newdream.net>;
Wed, 8 Oct 2014 06:21:48 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by godfather.dreamhost.com (Postfix) with ESMTP id 003EB1B0092
for <sage@newdream.net>; Wed, 8 Oct 2014 06:21:47 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Wed, 8 Oct 2014 06:22:02 -0700
Date: Wed, 08 Oct 2014 06:21:47 -0700
From: scan-admin@coverity.com
To: sage@newdream.net
Message-ID: <54353a6b94a4d_233fcf3334855f2@scan.coverity.com.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 08 Oct 2014 13:22:02.0252 (UTC)
FILETIME=[D8B5ACC0:01CFE2FA]
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
6 new defect(s) introduced to ceph found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 1244195: Dereference after null check (FORWARD_NULL)
/mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)()
** CID 1244196: Data race condition (MISSING_LOCK)
/test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()()
** CID 1244197: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)()
** CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
/test/mon/test-mon-msg.cc: 322 in main()
/test/mon/test-mon-msg.cc: 322 in main()
/test/mon/test-mon-msg.cc: 322 in main()
** CID 1244200: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 67 in MonClientHelper::MonClientHelper(CephContext *)()
** CID 1244199: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 225 in MonMsgTest::MonMsgTest()()
________________________________________________________________________________________________________
*** CID 1244195: Dereference after null check (FORWARD_NULL)
/mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)()
3104 if (s && s->closed) {
3105 caps = s->caps;
3106 reuse_caps = true;
3107 s->put();
3108 s = NULL;
3109 }
>>> CID 1244195: Dereference after null check (FORWARD_NULL)
>>> Comparing "s" to null implies that "s" might be null.
3110 if (!s) {
3111 // if the sender is not a monitor, make sure their first message for a
3112 // session is an MAuth. If it is not, assume it's a stray message,
3113 // and considering that we are creating a new session it is safe to
3114 // assume that the sender hasn't authenticated yet, so we have no way
3115 // of assessing whether we should handle it or not.
________________________________________________________________________________________________________
*** CID 1244196: Data race condition (MISSING_LOCK)
/test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()()
223 MonMsgTest() :
224 MonClientHelper(g_ceph_context),
225 lock("lock") { }
226
227 public:
228 virtual void SetUp() {
>>> CID 1244196: Data race condition (MISSING_LOCK)
>>> Accessing "this->reply_type" without holding lock "Mutex._m". Elsewhere, "MonMsgTest.reply_type" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
229 reply_type = -1;
230 if (reply_msg) {
231 reply_msg->put();
232 reply_msg = NULL;
233 }
234 ASSERT_EQ(init(), 0);
________________________________________________________________________________________________________
*** CID 1244197: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)()
3360 }
3361 break;
3362
3363 // elector messages
3364 case MSG_MON_ELECTION:
3365 //check privileges here for simplicity
>>> CID 1244197: Dereference before null check (REVERSE_INULL)
>>> Null-checking "s" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
3366 if (s &&
3367 !s->is_capable("mon", MON_CAP_X)) {
3368 dout(0) << "MMonElection received from entity without enough caps!"
3369 << s->caps << dendl;
3370 m->put();
3371 break;
________________________________________________________________________________________________________
*** CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
/test/mon/test-mon-msg.cc: 322 in main()
316
317 int r = monc.get_monmap();
318 ASSERT_EQ(r, 0);
319 ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321
>>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324 vector<const char*> def_args;
325 vector<const char*> args;
326 argv_to_vec(argc, (const char **)argv, args);
327
/test/mon/test-mon-msg.cc: 322 in main()
316
317 int r = monc.get_monmap();
318 ASSERT_EQ(r, 0);
319 ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321
>>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324 vector<const char*> def_args;
325 vector<const char*> args;
326 argv_to_vec(argc, (const char **)argv, args);
327
/test/mon/test-mon-msg.cc: 322 in main()
316
317 int r = monc.get_monmap();
318 ASSERT_EQ(r, 0);
319 ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321
>>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324 vector<const char*> def_args;
325 vector<const char*> args;
326 argv_to_vec(argc, (const char **)argv, args);
327
________________________________________________________________________________________________________
*** CID 1244200: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 67 in MonClientHelper::MonClientHelper(CephContext *)()
61
62 MonClientHelper(CephContext *cct_)
63 : Dispatcher(cct_),
64 cct(cct_),
65 monc(cct_),
66 lock("mon-msg-test::lock")
>>> CID 1244200: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "msg" is not initialized in this constructor nor in any functions that it calls.
67 { }
68
69
70 int post_init() {
71 dout(1) << __func__ << dendl;
72 if (!msg)
________________________________________________________________________________________________________
*** CID 1244199: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 225 in MonMsgTest::MonMsgTest()()
219 Message *reply_msg;
220 Mutex lock;
221 Cond cond;
222
223 MonMsgTest() :
224 MonClientHelper(g_ceph_context),
>>> CID 1244199: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "reply_msg" is not initialized in this constructor nor in any functions that it calls.
225 lock("lock") { }
226
227 public:
228 virtual void SetUp() {
229 reply_type = -1;
230 if (reply_msg) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: sage@newdream.net
Subject: New Defects reported by Coverity Scan for ceph
Date: Wed, 08 Oct 2014 06:21:47 -0700
Message-ID: <54353a6b94a4d_233fcf3334855f2@scan.coverity.com.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
6 new defect(s) introduced to ceph found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 6 of 6 defect(s)
** CID 1244195: Dereference after null check (FORWARD_NULL)
/mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)()
** CID 1244196: Data race condition (MISSING_LOCK)
/test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()()
** CID 1244197: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)()
** CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
/test/mon/test-mon-msg.cc: 322 in main()
/test/mon/test-mon-msg.cc: 322 in main()
/test/mon/test-mon-msg.cc: 322 in main()
** CID 1244200: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 67 in MonClientHelper::MonClientHelper(CephContext *)()
** CID 1244199: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 225 in MonMsgTest::MonMsgTest()()
________________________________________________________________________________________________________
*** CID 1244195: Dereference after null check (FORWARD_NULL)
/mon/Monitor.cc: 3110 in Monitor::_ms_dispatch(Message *)()
3104 if (s && s->closed) {
3105 caps = s->caps;
3106 reuse_caps = true;
3107 s->put();
3108 s = NULL;
3109 }
>>> CID 1244195: Dereference after null check (FORWARD_NULL)
>>> Comparing "s" to null implies that "s" might be null.
3110 if (!s) {
3111 // if the sender is not a monitor, make sure their first message for a
3112 // session is an MAuth. If it is not, assume it's a stray message,
3113 // and considering that we are creating a new session it is safe to
3114 // assume that the sender hasn't authenticated yet, so we have no way
3115 // of assessing whether we should handle it or not.
________________________________________________________________________________________________________
*** CID 1244196: Data race condition (MISSING_LOCK)
/test/mon/test-mon-msg.cc: 229 in MonMsgTest::SetUp()()
223 MonMsgTest() :
224 MonClientHelper(g_ceph_context),
225 lock("lock") { }
226
227 public:
228 virtual void SetUp() {
>>> CID 1244196: Data race condition (MISSING_LOCK)
>>> Accessing "this->reply_type" without holding lock "Mutex._m". Elsewhere, "MonMsgTest.reply_type" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
229 reply_type = -1;
230 if (reply_msg) {
231 reply_msg->put();
232 reply_msg = NULL;
233 }
234 ASSERT_EQ(init(), 0);
________________________________________________________________________________________________________
*** CID 1244197: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 3366 in Monitor::dispatch(MonSession *, Message *, bool)()
3360 }
3361 break;
3362
3363 // elector messages
3364 case MSG_MON_ELECTION:
3365 //check privileges here for simplicity
>>> CID 1244197: Dereference before null check (REVERSE_INULL)
>>> Null-checking "s" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
3366 if (s &&
3367 !s->is_capable("mon", MON_CAP_X)) {
3368 dout(0) << "MMonElection received from entity without enough caps!"
3369 << s->caps << dendl;
3370 m->put();
3371 break;
________________________________________________________________________________________________________
*** CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
/test/mon/test-mon-msg.cc: 322 in main()
316
317 int r = monc.get_monmap();
318 ASSERT_EQ(r, 0);
319 ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321
>>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324 vector<const char*> def_args;
325 vector<const char*> args;
326 argv_to_vec(argc, (const char **)argv, args);
327
/test/mon/test-mon-msg.cc: 322 in main()
316
317 int r = monc.get_monmap();
318 ASSERT_EQ(r, 0);
319 ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321
>>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324 vector<const char*> def_args;
325 vector<const char*> args;
326 argv_to_vec(argc, (const char **)argv, args);
327
/test/mon/test-mon-msg.cc: 322 in main()
316
317 int r = monc.get_monmap();
318 ASSERT_EQ(r, 0);
319 ASSERT_FALSE(monc.monmap.contains("client"));
320 }
321
>>> CID 1244198: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
322 int main(int argc, char *argv[])
323 {
324 vector<const char*> def_args;
325 vector<const char*> args;
326 argv_to_vec(argc, (const char **)argv, args);
327
________________________________________________________________________________________________________
*** CID 1244200: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 67 in MonClientHelper::MonClientHelper(CephContext *)()
61
62 MonClientHelper(CephContext *cct_)
63 : Dispatcher(cct_),
64 cct(cct_),
65 monc(cct_),
66 lock("mon-msg-test::lock")
>>> CID 1244200: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "msg" is not initialized in this constructor nor in any functions that it calls.
67 { }
68
69
70 int post_init() {
71 dout(1) << __func__ << dendl;
72 if (!msg)
________________________________________________________________________________________________________
*** CID 1244199: Uninitialized pointer field (UNINIT_CTOR)
/test/mon/test-mon-msg.cc: 225 in MonMsgTest::MonMsgTest()()
219 Message *reply_msg;
220 Mutex lock;
221 Cond cond;
222
223 MonMsgTest() :
224 MonClientHelper(g_ceph_context),
>>> CID 1244199: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "reply_msg" is not initialized in this constructor nor in any functions that it calls.
225 lock("lock") { }
226
227 public:
228 virtual void SetUp() {
229 reply_type = -1;
230 if (reply_msg) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-09-30 13:59 Sage Weil
2014-09-30 17:26 ` Loic Dachary
2014-09-30 17:36 ` Gregory Farnum
0 siblings, 2 replies; 33+ messages in thread
From: Sage Weil @ 2014-09-30 13:59 UTC (permalink / raw)
To: greg, loic; +Cc: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 49 bytes --]
Looks like recent changes from Greg, Loic, and I.
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 11122 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 02E398004B
for <sage@cobra.newdream.net>; Tue, 30 Sep 2014 06:21:26 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id F35F4120EAA; Tue, 30 Sep 2014 06:21:25 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdcbae.dreamhost.com
[208.97.132.104])
by destro.newdream.net (Postfix) with ESMTP id F1B83120E82
for <sage@newdream.net>; Tue, 30 Sep 2014 06:21:25 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
DEC7BA0C4F5
for <sage@newdream.net>; Tue, 30 Sep 2014 06:21:25 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from godfather.dreamhost.com ([208.97.132.17])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id Pp916bDsr5U0 for <sage@newdream.net>;
Tue, 30 Sep 2014 06:21:25 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by godfather.dreamhost.com (Postfix) with ESMTP id 3DE4E1B01BF
for <sage@newdream.net>; Tue, 30 Sep 2014 06:21:09 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Tue, 30 Sep 2014 06:21:19 -0700
Date: Tue, 30 Sep 2014 06:21:08 -0700
From: scan-admin@coverity.com
Message-ID: <542aae4497872_6695f0f3345816@scan.coverity.com.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 30 Sep 2014 13:21:19.0679 (UTC)
FILETIME=[6C078CF0:01CFDCB1]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1242019: Data race condition (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
** CID 1242021: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
** CID 1242020: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
** CID 1242018: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1242019: Data race condition (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
224 if (flush_count > 0) {
225 --flush_count;
226 active_flush = true;
227 }
228 if (pipe->in_q->can_fast_dispatch(m)) {
229 if (!stop_fast_dispatching_flag) {
>>> CID 1242019: Data race condition (MISSING_LOCK)
>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
230 delay_dispatching = true;
231 delay_lock.Unlock();
232 pipe->in_q->fast_dispatch(m);
233 delay_lock.Lock();
234 delay_dispatching = false;
235 if (stop_fast_dispatching_flag) {
________________________________________________________________________________________________________
*** CID 1242021: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1020 op.cache_evict();
1021 librados::AioCompletion *completion = cluster.aio_create_completion();
1022 ASSERT_EQ(0, cache_ioctx.aio_operate(
1023 "foo", completion, &op,
1024 librados::OPERATION_IGNORE_CACHE, NULL));
1025 completion->wait_for_safe();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1026 ASSERT_EQ(0, completion->get_return_value());
1027 completion->release();
1028 }
1029
1030 // verify the snapdir is not present in the cache pool
1031 {
/test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1016
1017 // evict
1018 {
1019 ObjectReadOperation op;
1020 op.cache_evict();
1021 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1022 ASSERT_EQ(0, cache_ioctx.aio_operate(
1023 "foo", completion, &op,
1024 librados::OPERATION_IGNORE_CACHE, NULL));
1025 completion->wait_for_safe();
1026 ASSERT_EQ(0, completion->get_return_value());
1027 completion->release();
/test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1034 op.list_snaps(&snapset, NULL);
1035 ioctx.snap_set_read(librados::SNAP_DIR);
1036 librados::AioCompletion *completion = cluster.aio_create_completion();
1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op,
1038 librados::OPERATION_IGNORE_CACHE, NULL));
1039 completion->wait_for_safe();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1040 ASSERT_EQ(-ENOENT, completion->get_return_value());
1041 completion->release();
1042 }
1043 }
1044
1045 TEST_F(LibRadosTwoPoolsPP, TryFlush) {
/test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1031 {
1032 ObjectReadOperation op;
1033 librados::snap_set_t snapset;
1034 op.list_snaps(&snapset, NULL);
1035 ioctx.snap_set_read(librados::SNAP_DIR);
1036 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op,
1038 librados::OPERATION_IGNORE_CACHE, NULL));
1039 completion->wait_for_safe();
1040 ASSERT_EQ(-ENOENT, completion->get_return_value());
1041 completion->release();
1042 }
________________________________________________________________________________________________________
*** CID 1242020: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
162 }
163
164 TEST(LibRadosAio, TooBig) {
165 AioTestData test_data;
166 rados_completion_t my_completion;
167 ASSERT_EQ("", test_data.init());
>>> CID 1242020: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
168 ASSERT_EQ(0, rados_aio_create_completion((void*)&test_data,
169 set_completion_complete, set_completion_safe, &my_completion));
170 char buf[128];
171 memset(buf, 0xcc, sizeof(buf));
172 ASSERT_EQ(-E2BIG, rados_aio_write(test_data.m_ioctx, "foo",
173 my_completion, buf, UINT_MAX, 0));
________________________________________________________________________________________________________
*** CID 1242018: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
182 ASSERT_EQ("", test_data.init());
183
184 bufferlist bl;
185 AioCompletion *aio_completion = test_data.m_cluster.aio_create_completion(
186 (void*)&test_data, NULL, NULL);
187 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_write("foo", aio_completion, bl, UINT_MAX, 0));
>>> CID 1242018: Resource leak (RESOURCE_LEAK)
>>> Variable "aio_completion" going out of scope leaks the storage it points to.
188 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_append("foo", aio_completion, bl, UINT_MAX));
189 // ioctx.aio_write_full no way to overflow bl.length()
190 }
191
192 TEST(LibRadosAio, SimpleWrite) {
193 AioTestData test_data;
/test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
184 bufferlist bl;
185 AioCompletion *aio_completion = test_data.m_cluster.aio_create_completion(
186 (void*)&test_data, NULL, NULL);
187 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_write("foo", aio_completion, bl, UINT_MAX, 0));
188 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_append("foo", aio_completion, bl, UINT_MAX));
189 // ioctx.aio_write_full no way to overflow bl.length()
>>> CID 1242018: Resource leak (RESOURCE_LEAK)
>>> Variable "aio_completion" going out of scope leaks the storage it points to.
190 }
191
192 TEST(LibRadosAio, SimpleWrite) {
193 AioTestData test_data;
194 rados_completion_t my_completion;
195 ASSERT_EQ("", test_data.init());
/test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
181 AioTestDataPP test_data;
182 ASSERT_EQ("", test_data.init());
183
184 bufferlist bl;
185 AioCompletion *aio_completion = test_data.m_cluster.aio_create_completion(
186 (void*)&test_data, NULL, NULL);
>>> CID 1242018: Resource leak (RESOURCE_LEAK)
>>> Variable "aio_completion" going out of scope leaks the storage it points to.
187 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_write("foo", aio_completion, bl, UINT_MAX, 0));
188 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_append("foo", aio_completion, bl, UINT_MAX));
189 // ioctx.aio_write_full no way to overflow bl.length()
190 }
191
192 TEST(LibRadosAio, SimpleWrite) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Tue, 30 Sep 2014 06:21:08 -0700
Message-ID: <542aae4497872_6695f0f3345816@scan.coverity.com.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1242019: Data race condition (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
** CID 1242021: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
/test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
** CID 1242020: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
** CID 1242018: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
/test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1242019: Data race condition (MISSING_LOCK)
/msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
224 if (flush_count > 0) {
225 --flush_count;
226 active_flush = true;
227 }
228 if (pipe->in_q->can_fast_dispatch(m)) {
229 if (!stop_fast_dispatching_flag) {
>>> CID 1242019: Data race condition (MISSING_LOCK)
>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
230 delay_dispatching = true;
231 delay_lock.Unlock();
232 pipe->in_q->fast_dispatch(m);
233 delay_lock.Lock();
234 delay_dispatching = false;
235 if (stop_fast_dispatching_flag) {
________________________________________________________________________________________________________
*** CID 1242021: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1020 op.cache_evict();
1021 librados::AioCompletion *completion = cluster.aio_create_completion();
1022 ASSERT_EQ(0, cache_ioctx.aio_operate(
1023 "foo", completion, &op,
1024 librados::OPERATION_IGNORE_CACHE, NULL));
1025 completion->wait_for_safe();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1026 ASSERT_EQ(0, completion->get_return_value());
1027 completion->release();
1028 }
1029
1030 // verify the snapdir is not present in the cache pool
1031 {
/test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1016
1017 // evict
1018 {
1019 ObjectReadOperation op;
1020 op.cache_evict();
1021 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1022 ASSERT_EQ(0, cache_ioctx.aio_operate(
1023 "foo", completion, &op,
1024 librados::OPERATION_IGNORE_CACHE, NULL));
1025 completion->wait_for_safe();
1026 ASSERT_EQ(0, completion->get_return_value());
1027 completion->release();
/test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1034 op.list_snaps(&snapset, NULL);
1035 ioctx.snap_set_read(librados::SNAP_DIR);
1036 librados::AioCompletion *completion = cluster.aio_create_completion();
1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op,
1038 librados::OPERATION_IGNORE_CACHE, NULL));
1039 completion->wait_for_safe();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1040 ASSERT_EQ(-ENOENT, completion->get_return_value());
1041 completion->release();
1042 }
1043 }
1044
1045 TEST_F(LibRadosTwoPoolsPP, TryFlush) {
/test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
1031 {
1032 ObjectReadOperation op;
1033 librados::snap_set_t snapset;
1034 op.list_snaps(&snapset, NULL);
1035 ioctx.snap_set_read(librados::SNAP_DIR);
1036 librados::AioCompletion *completion = cluster.aio_create_completion();
>>> CID 1242021: Resource leak (RESOURCE_LEAK)
>>> Variable "completion" going out of scope leaks the storage it points to.
1037 ASSERT_EQ(0, ioctx.aio_operate("foo", completion, &op,
1038 librados::OPERATION_IGNORE_CACHE, NULL));
1039 completion->wait_for_safe();
1040 ASSERT_EQ(-ENOENT, completion->get_return_value());
1041 completion->release();
1042 }
________________________________________________________________________________________________________
*** CID 1242020: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
162 }
163
164 TEST(LibRadosAio, TooBig) {
165 AioTestData test_data;
166 rados_completion_t my_completion;
167 ASSERT_EQ("", test_data.init());
>>> CID 1242020: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
168 ASSERT_EQ(0, rados_aio_create_completion((void*)&test_data,
169 set_completion_complete, set_completion_safe, &my_completion));
170 char buf[128];
171 memset(buf, 0xcc, sizeof(buf));
172 ASSERT_EQ(-E2BIG, rados_aio_write(test_data.m_ioctx, "foo",
173 my_completion, buf, UINT_MAX, 0));
________________________________________________________________________________________________________
*** CID 1242018: Resource leak (RESOURCE_LEAK)
/test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
182 ASSERT_EQ("", test_data.init());
183
184 bufferlist bl;
185 AioCompletion *aio_completion = test_data.m_cluster.aio_create_completion(
186 (void*)&test_data, NULL, NULL);
187 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_write("foo", aio_completion, bl, UINT_MAX, 0));
>>> CID 1242018: Resource leak (RESOURCE_LEAK)
>>> Variable "aio_completion" going out of scope leaks the storage it points to.
188 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_append("foo", aio_completion, bl, UINT_MAX));
189 // ioctx.aio_write_full no way to overflow bl.length()
190 }
191
192 TEST(LibRadosAio, SimpleWrite) {
193 AioTestData test_data;
/test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
184 bufferlist bl;
185 AioCompletion *aio_completion = test_data.m_cluster.aio_create_completion(
186 (void*)&test_data, NULL, NULL);
187 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_write("foo", aio_completion, bl, UINT_MAX, 0));
188 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_append("foo", aio_completion, bl, UINT_MAX));
189 // ioctx.aio_write_full no way to overflow bl.length()
>>> CID 1242018: Resource leak (RESOURCE_LEAK)
>>> Variable "aio_completion" going out of scope leaks the storage it points to.
190 }
191
192 TEST(LibRadosAio, SimpleWrite) {
193 AioTestData test_data;
194 rados_completion_t my_completion;
195 ASSERT_EQ("", test_data.init());
/test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
181 AioTestDataPP test_data;
182 ASSERT_EQ("", test_data.init());
183
184 bufferlist bl;
185 AioCompletion *aio_completion = test_data.m_cluster.aio_create_completion(
186 (void*)&test_data, NULL, NULL);
>>> CID 1242018: Resource leak (RESOURCE_LEAK)
>>> Variable "aio_completion" going out of scope leaks the storage it points to.
187 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_write("foo", aio_completion, bl, UINT_MAX, 0));
188 ASSERT_EQ(-E2BIG, test_data.m_ioctx.aio_append("foo", aio_completion, bl, UINT_MAX));
189 // ioctx.aio_write_full no way to overflow bl.length()
190 }
191
192 TEST(LibRadosAio, SimpleWrite) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-09-30 13:59 Sage Weil
@ 2014-09-30 17:26 ` Loic Dachary
2014-09-30 17:36 ` Gregory Farnum
1 sibling, 0 replies; 33+ messages in thread
From: Loic Dachary @ 2014-09-30 17:26 UTC (permalink / raw)
To: Sage Weil; +Cc: ceph-devel
[-- Attachment #1: Type: text/plain, Size: 185 bytes --]
I'll fix the aio.cc problems, thanks !
On 30/09/2014 15:59, Sage Weil wrote:
> Looks like recent changes from Greg, Loic, and I.
>
--
Loïc Dachary, Artisan Logiciel Libre
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 263 bytes --]
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-09-30 13:59 Sage Weil
2014-09-30 17:26 ` Loic Dachary
@ 2014-09-30 17:36 ` Gregory Farnum
2014-09-30 17:38 ` Sage Weil
1 sibling, 1 reply; 33+ messages in thread
From: Gregory Farnum @ 2014-09-30 17:36 UTC (permalink / raw)
To: Sage Weil; +Cc: Loic Dachary, ceph-devel@vger.kernel.org
On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil <sweil@redhat.com> wrote:
> Looks like recent changes from Greg, Loic, and I.
>
> ---------- Forwarded message ----------
> From: scan-admin@coverity.com
> To: undisclosed-recipients:;
> Cc:
> Date: Tue, 30 Sep 2014 06:21:08 -0700
> Subject: New Defects reported by Coverity Scan for ceph
>
>
> Hi,
>
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> Defect(s) Reported-by: Coverity Scan
> Showing 4 of 4 defect(s)
>
>
> ** CID 1242019: Data race condition (MISSING_LOCK)
> /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
>
> ** CID 1242021: Resource leak (RESOURCE_LEAK)
> /test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> /test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> /test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> /test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
>
> ** CID 1242020: Resource leak (RESOURCE_LEAK)
> /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
>
> ** CID 1242018: Resource leak (RESOURCE_LEAK)
> /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
> /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
> /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
>
>
> ________________________________________________________________________________________________________
> *** CID 1242019: Data race condition (MISSING_LOCK)
> /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
> 224 if (flush_count > 0) {
> 225 --flush_count;
> 226 active_flush = true;
> 227 }
> 228 if (pipe->in_q->can_fast_dispatch(m)) {
> 229 if (!stop_fast_dispatching_flag) {
>>>> CID 1242019: Data race condition (MISSING_LOCK)
>>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
> 230 delay_dispatching = true;
> 231 delay_lock.Unlock();
> 232 pipe->in_q->fast_dispatch(m);
> 233 delay_lock.Lock();
> 234 delay_dispatching = false;
> 235 if (stop_fast_dispatching_flag) {
This one's a false positive. (delay_dispatching is protected by the
delay_lock, but I think it's picking up on the Pipe::lock which is
held when DelayedDelivery is constructed and initialized.) Is there a
way I should annotate this, or is it something we need to adjust in
the Coverity web interface?
-Greg
^ permalink raw reply [flat|nested] 33+ messages in thread* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-09-30 17:36 ` Gregory Farnum
@ 2014-09-30 17:38 ` Sage Weil
2014-09-30 17:41 ` Ric Wheeler
0 siblings, 1 reply; 33+ messages in thread
From: Sage Weil @ 2014-09-30 17:38 UTC (permalink / raw)
To: Gregory Farnum; +Cc: Loic Dachary, ceph-devel@vger.kernel.org
On Tue, 30 Sep 2014, Gregory Farnum wrote:
> On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil <sweil@redhat.com> wrote:
> > Looks like recent changes from Greg, Loic, and I.
> >
> > ---------- Forwarded message ----------
> > From: scan-admin@coverity.com
> > To: undisclosed-recipients:;
> > Cc:
> > Date: Tue, 30 Sep 2014 06:21:08 -0700
> > Subject: New Defects reported by Coverity Scan for ceph
> >
> >
> > Hi,
> >
> >
> > Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
> >
> > Defect(s) Reported-by: Coverity Scan
> > Showing 4 of 4 defect(s)
> >
> >
> > ** CID 1242019: Data race condition (MISSING_LOCK)
> > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
> >
> > ** CID 1242021: Resource leak (RESOURCE_LEAK)
> > /test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> > /test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> > /test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> > /test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
> >
> > ** CID 1242020: Resource leak (RESOURCE_LEAK)
> > /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
> >
> > ** CID 1242018: Resource leak (RESOURCE_LEAK)
> > /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
> > /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
> > /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 1242019: Data race condition (MISSING_LOCK)
> > /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
> > 224 if (flush_count > 0) {
> > 225 --flush_count;
> > 226 active_flush = true;
> > 227 }
> > 228 if (pipe->in_q->can_fast_dispatch(m)) {
> > 229 if (!stop_fast_dispatching_flag) {
> >>>> CID 1242019: Data race condition (MISSING_LOCK)
> >>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
> > 230 delay_dispatching = true;
> > 231 delay_lock.Unlock();
> > 232 pipe->in_q->fast_dispatch(m);
> > 233 delay_lock.Lock();
> > 234 delay_dispatching = false;
> > 235 if (stop_fast_dispatching_flag) {
>
> This one's a false positive. (delay_dispatching is protected by the
> delay_lock, but I think it's picking up on the Pipe::lock which is
> held when DelayedDelivery is constructed and initialized.) Is there a
> way I should annotate this, or is it something we need to adjust in
> the Coverity web interface?
There are annotations but I don't know how they work. I've been marking
them through the web interface...
sage
^ permalink raw reply [flat|nested] 33+ messages in thread* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-09-30 17:38 ` Sage Weil
@ 2014-09-30 17:41 ` Ric Wheeler
0 siblings, 0 replies; 33+ messages in thread
From: Ric Wheeler @ 2014-09-30 17:41 UTC (permalink / raw)
To: Sage Weil, Gregory Farnum
Cc: Loic Dachary, ceph-devel@vger.kernel.org, Jeff Darcy,
Kaleb Keithley
On 09/30/2014 01:38 PM, Sage Weil wrote:
> On Tue, 30 Sep 2014, Gregory Farnum wrote:
>> On Tue, Sep 30, 2014 at 6:59 AM, Sage Weil <sweil@redhat.com> wrote:
>>> Looks like recent changes from Greg, Loic, and I.
>>>
>>> ---------- Forwarded message ----------
>>> From: scan-admin@coverity.com
>>> To: undisclosed-recipients:;
>>> Cc:
>>> Date: Tue, 30 Sep 2014 06:21:08 -0700
>>> Subject: New Defects reported by Coverity Scan for ceph
>>>
>>>
>>> Hi,
>>>
>>>
>>> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>>>
>>> Defect(s) Reported-by: Coverity Scan
>>> Showing 4 of 4 defect(s)
>>>
>>>
>>> ** CID 1242019: Data race condition (MISSING_LOCK)
>>> /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
>>>
>>> ** CID 1242021: Resource leak (RESOURCE_LEAK)
>>> /test/librados/tier.cc: 1026 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
>>> /test/librados/tier.cc: 1022 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
>>> /test/librados/tier.cc: 1040 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
>>> /test/librados/tier.cc: 1037 in LibRadosTwoPoolsPP_EvictSnap2_Test::TestBody()()
>>>
>>> ** CID 1242020: Resource leak (RESOURCE_LEAK)
>>> /test/librados/aio.cc: 168 in LibRadosAio_TooBig_Test::TestBody()()
>>>
>>> ** CID 1242018: Resource leak (RESOURCE_LEAK)
>>> /test/librados/aio.cc: 188 in LibRadosAio_TooBigPP_Test::TestBody()()
>>> /test/librados/aio.cc: 190 in LibRadosAio_TooBigPP_Test::TestBody()()
>>> /test/librados/aio.cc: 187 in LibRadosAio_TooBigPP_Test::TestBody()()
>>>
>>>
>>> ________________________________________________________________________________________________________
>>> *** CID 1242019: Data race condition (MISSING_LOCK)
>>> /msg/Pipe.cc: 230 in Pipe::DelayedDelivery::entry()()
>>> 224 if (flush_count > 0) {
>>> 225 --flush_count;
>>> 226 active_flush = true;
>>> 227 }
>>> 228 if (pipe->in_q->can_fast_dispatch(m)) {
>>> 229 if (!stop_fast_dispatching_flag) {
>>>>>> CID 1242019: Data race condition (MISSING_LOCK)
>>>>>> Accessing "this->delay_dispatching" without holding lock "Mutex._m". Elsewhere, "_ZN4Pipe15DelayedDeliveryE.delay_dispatching" is accessed with "Mutex._m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
>>> 230 delay_dispatching = true;
>>> 231 delay_lock.Unlock();
>>> 232 pipe->in_q->fast_dispatch(m);
>>> 233 delay_lock.Lock();
>>> 234 delay_dispatching = false;
>>> 235 if (stop_fast_dispatching_flag) {
>> This one's a false positive. (delay_dispatching is protected by the
>> delay_lock, but I think it's picking up on the Pipe::lock which is
>> held when DelayedDelivery is constructed and initialized.) Is there a
>> way I should annotate this, or is it something we need to adjust in
>> the Coverity web interface?
> There are annotations but I don't know how they work. I've been marking
> them through the web interface...
>
> sage
>
Jeff and Kaleb (last I remember) had more expertise in coverity magic - they
might know how to annotate those false positives...
ric
^ permalink raw reply [flat|nested] 33+ messages in thread
* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-09-25 15:02 Sage Weil
2014-09-25 15:27 ` John Spray
0 siblings, 1 reply; 33+ messages in thread
From: Sage Weil @ 2014-09-25 15:02 UTC (permalink / raw)
To: ceph-devel, john.spray
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 3524 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 6C7BC80079
for <sage@cobra.newdream.net>; Thu, 25 Sep 2014 06:19:45 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 6A3431211D6; Thu, 25 Sep 2014 06:19:45 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from madmax.dreamhost.com (caiajhbdcbdj.dreamhost.com
[208.97.132.139])
by destro.newdream.net (Postfix) with ESMTP id 693401211BB
for <sage@newdream.net>; Thu, 25 Sep 2014 06:19:45 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by madmax.dreamhost.com (Postfix) with ESMTP id 65D69FD800D
for <sage@newdream.net>; Thu, 25 Sep 2014 06:19:45 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at madmax.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from terminator.dreamhost.com ([208.97.132.17])
by localhost (madmax.dreamhost.com [208.97.132.139]) (amavisd-new,
port 10024) with ESMTP id 3XOxBMJfG5Cv for <sage@newdream.net>;
Thu, 25 Sep 2014 06:19:45 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by terminator.dreamhost.com (Postfix) with ESMTP id 4509C288406E
for <sage@newdream.net>; Thu, 25 Sep 2014 06:19:45 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Thu, 25 Sep 2014 06:18:54 -0700
Date: Thu, 25 Sep 2014 06:18:46 -0700
From: scan-admin@coverity.com
Message-ID: <5424163634449_26ad92732c8958d@scan.coverity.com.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 25 Sep 2014 13:18:54.0594 (UTC)
FILETIME=[417C9620:01CFD8C3]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1241497: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1241497: Thread deadlock (ORDER_REVERSAL)
/osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)()
308 return;
309 }
310
311 int max = 10 - pr->uncommitted;
312 while (pr->num > 0 && max > 0) {
313 object_t oid = file_object_t(pr->ino, pr->first);
>>> CID 1241497: Thread deadlock (ORDER_REVERSAL)
>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 15 / 30).
314 const OSDMap *osdmap = objecter->get_osdmap_read();
315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout);
316 objecter->put_osdmap_read();
317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags,
318 NULL, new C_PurgeRange(this, pr));
319 pr->uncommitted++;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Thu, 25 Sep 2014 06:18:46 -0700
Message-ID: <5424163634449_26ad92732c8958d@scan.coverity.com.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1241497: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 1241497: Thread deadlock (ORDER_REVERSAL)
/osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)()
308 return;
309 }
310
311 int max = 10 - pr->uncommitted;
312 while (pr->num > 0 && max > 0) {
313 object_t oid = file_object_t(pr->ino, pr->first);
>>> CID 1241497: Thread deadlock (ORDER_REVERSAL)
>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 15 / 30).
314 const OSDMap *osdmap = objecter->get_osdmap_read();
315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout);
316 objecter->put_osdmap_read();
317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags,
318 NULL, new C_PurgeRange(this, pr));
319 pr->uncommitted++;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-09-25 15:02 Sage Weil
@ 2014-09-25 15:27 ` John Spray
0 siblings, 0 replies; 33+ messages in thread
From: John Spray @ 2014-09-25 15:27 UTC (permalink / raw)
To: Sage Weil; +Cc: Ceph Development
Nice to see that coverity and lockdep agree :-)
This should go away with the fix for #9562.
John
On Thu, Sep 25, 2014 at 4:02 PM, Sage Weil <sweil@redhat.com> wrote:
>
>
> ---------- Forwarded message ----------
> From: scan-admin@coverity.com
> To: undisclosed-recipients:;
> Cc:
> Date: Thu, 25 Sep 2014 06:18:46 -0700
> Subject: New Defects reported by Coverity Scan for ceph
>
>
> Hi,
>
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> Defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
>
>
> ** CID 1241497: Thread deadlock (ORDER_REVERSAL)
>
>
>
> ________________________________________________________________________________________________________
> *** CID 1241497: Thread deadlock (ORDER_REVERSAL)
> /osdc/Filer.cc: 314 in Filer::_do_purge_range(PurgeRange *, int)()
> 308 return;
> 309 }
> 310
> 311 int max = 10 - pr->uncommitted;
> 312 while (pr->num > 0 && max > 0) {
> 313 object_t oid = file_object_t(pr->ino, pr->first);
>>>> CID 1241497: Thread deadlock (ORDER_REVERSAL)
>>>> Calling "get_osdmap_read" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 15 / 30).
> 314 const OSDMap *osdmap = objecter->get_osdmap_read();
> 315 object_locator_t oloc = osdmap->file_to_object_locator(pr->layout);
> 316 objecter->put_osdmap_read();
> 317 objecter->remove(oid, oloc, pr->snapc, pr->mtime, pr->flags,
> 318 NULL, new C_PurgeRange(this, pr));
> 319 pr->uncommitted++;
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
>
> To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
>
>
>
>
^ permalink raw reply [flat|nested] 33+ messages in thread
* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-09-16 21:44 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-09-16 21:44 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 25945 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 412E980079
for <sage@cobra.newdream.net>; Tue, 16 Sep 2014 14:40:14 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 3F3C6120F20; Tue, 16 Sep 2014 14:40:14 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from diehard.dreamhost.com (caiajhbdcbfh.dreamhost.com
[208.97.132.157])
by destro.newdream.net (Postfix) with ESMTP id 3C648120EDD
for <sage@newdream.net>; Tue, 16 Sep 2014 14:40:14 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by diehard.dreamhost.com (Postfix) with ESMTP id 389C217BE011
for <sage@newdream.net>; Tue, 16 Sep 2014 14:40:14 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at diehard.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from connor.dreamhost.com ([208.97.132.17])
by localhost (diehard.dreamhost.com [208.97.132.157]) (amavisd-new,
port 10024) with ESMTP id Hsg7ZYYKjjjK for <sage@newdream.net>;
Tue, 16 Sep 2014 14:40:14 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by connor.dreamhost.com (Postfix) with ESMTP id C25F32CA802C
for <sage@newdream.net>; Tue, 16 Sep 2014 14:40:13 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Tue, 16 Sep 2014 14:40:17 -0700
Date: Tue, 16 Sep 2014 14:40:12 -0700
From: scan-admin@coverity.com
Message-ID: <5418ae3ce3e39_2a5b6c7334536a4@scan.coverity.com.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 16 Sep 2014 21:40:17.0838 (UTC)
FILETIME=[CEC794E0:01CFD1F6]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 38 defect(s)
** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)()
** CID 1238869: Value not atomically updated (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
** CID 1238870: Unchecked return value (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()
** CID 1238871: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1238872: Unchecked return value (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
** CID 1238873: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
** CID 1238874: Missing unlock (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)()
** CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7737 in ()
** CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7735 in ()
** CID 1238877: Missing unlock (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()
** CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7734 in ()
** CID 1238879: Thread deadlock (ORDER_REVERSAL)
** CID 1238880: Thread deadlock (ORDER_REVERSAL)
** CID 1238881: Thread deadlock (ORDER_REVERSAL)
** CID 1238882: Thread deadlock (ORDER_REVERSAL)
** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()
** CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7733 in ()
** CID 1238885: Thread deadlock (ORDER_REVERSAL)
** CID 1238886: Thread deadlock (ORDER_REVERSAL)
** CID 1238887: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)()
243 suppress(0), state(0),
244 client_follows(0), client_xattr_version(0),
245 client_inline_version(0),
246 item_session_caps(this), item_snaprealm_caps(this), item_revoking_caps(this) {
247 g_num_cap++;
248 g_num_capa++;
>>> CID 717233: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "num_revoke_warnings" is not initialized in this constructor nor in any functions that it calls.
249 }
250 ~Capability() {
251 g_num_cap--;
252 g_num_caps++;
253 }
254
________________________________________________________________________________________________________
*** CID 1238869: Value not atomically updated (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
________________________________________________________________________________________________________
*** CID 1238870: Unchecked return value (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()
556 snap_to_hobject.find(*i);
557 assert(j->second.count(obj->first));
558 j->second.erase(obj->first);
559 }
560 {
561 PausyAsyncMap::Transaction t;
>>> CID 1238870: Unchecked return value (CHECKED_RETURN)
>>> Calling "remove_oid" without checking return value (as is done elsewhere 8 out of 10 times).
562 mapper->remove_oid(
563 obj->first,
564 &t);
565 driver->submit(&t);
566 }
567 hobject_to_snap.erase(obj);
________________________________________________________________________________________________________
*** CID 1238871: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
6982 // slave
6983 assert(!destdn || destdn->authority().first != whoami);
6984 assert(!straydn || straydn->authority().first != whoami);
6985
6986 bool force_journal_src = false;
6987 bool force_journal_dest = false;
>>> CID 1238871: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
6988 if (in && in->is_dir() && srcdn->authority().first != whoami)
6989 force_journal_src = _need_force_journal(in, false);
6990 if (in && target && target->is_dir())
6991 force_journal_dest = _need_force_journal(in, true);
6992
6993 version_t srcdnpv = 0;
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7101 le->commit.add_primary_dentry(target->get_projected_parent_dn(), target, true);
7102 }
7103
7104 if (force_journal_dest) {
7105 dout(10) << " noting rename target ino " << target->ino() << " in metablob" << dendl;
7106 le->commit.renamed_dirino = target->ino();
>>> CID 1238871: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
7107 } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) {
7108 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7109 le->commit.renamed_dirino = in->ino();
7110 }
7111
7112 if (target && target->is_dir()) {
________________________________________________________________________________________________________
*** CID 1238872: Unchecked return value (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
1278 }
1279 ret = cluster.conf_parse_env(NULL);
1280 if (ret) {
1281 cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
1282 return ret;
1283 }
>>> CID 1238872: Unchecked return value (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 14 out of 17 times).
1284 cluster.connect();
1285
1286 ret = cluster.ioctx_create(pool.c_str(), ioctx);
1287 if (ret < 0) {
1288 cerr << "ioctx_create " << pool << " failed with " << ret << std::endl;
1289 return ret;
________________________________________________________________________________________________________
*** CID 1238873: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
148 return m_action_trackers[id % m_num_action_trackers];
149 }
150
151 void Replayer::run(const std::string& replay_file) {
152 {
153 librados::Rados rados;
>>> CID 1238873: Unchecked return value (CHECKED_RETURN)
>>> Calling "init" without checking return value (as is done elsewhere 11 out of 12 times).
154 rados.init(NULL);
155 int r = rados.init_with_context(g_ceph_context);
156 if (r) {
157 cerr << "Unable to read conf file: " << r << std::endl;
158 goto out;
159 }
________________________________________________________________________________________________________
*** CID 1238874: Missing unlock (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)()
1849
1850 s->lock.get_write();
1851
1852 map<ceph_tid_t, Op*>::iterator p = s->ops.find(tid);
1853 if (p == s->ops.end()) {
1854 ldout(cct, 10) << __func__ << " tid " << tid << " dne" << dendl;
>>> CID 1238874: Missing unlock (LOCK)
>>> Returning without unlocking "s->lock.L".
1855 return -ENOENT;
1856 }
1857
1858 if (s->con) {
1859 ldout(cct, 20) << " revoking rx buffer for " << tid
1860 << " on " << s->con << dendl;
________________________________________________________________________________________________________
*** CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7737 in ()
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
>>> CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
7740 XATTR_LAYOUT_FIELD(dir, layout, stripe_count),
7741 XATTR_LAYOUT_FIELD(dir, layout, object_size),
7742 XATTR_LAYOUT_FIELD(dir, layout, pool),
________________________________________________________________________________________________________
*** CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7735 in ()
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
>>> CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
7740 XATTR_LAYOUT_FIELD(dir, layout, stripe_count),
________________________________________________________________________________________________________
*** CID 1238877: Missing unlock (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()
234 rwlock.unlock();
235 thread->join();
236 rwlock.get_write();
237 delete thread;
238 thread = NULL;
239 }
>>> CID 1238877: Missing unlock (LOCK)
>>> Returning without unlocking "this->rwlock->L".
240 }
241
242 void RWTimer::timer_thread()
243 {
244 rwlock.get_write();
245 ldout(cct,10) << "timer_thread starting" << dendl;
________________________________________________________________________________________________________
*** CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7734 in ()
7728 exists_cb: &Client::_vxattrcb_layout_exists, \
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
>>> CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
________________________________________________________________________________________________________
*** CID 1238879: Thread deadlock (ORDER_REVERSAL)
/librados/IoCtxImpl.cc: 1122 in librados::IoCtxImpl::notify(const object_t &, unsigned long, ceph::buffer::list &)()
1116 prepare_assert_ops(&rd);
1117 rd.notify(cookie, ver, inbl);
1118
1119 // Issue RADOS op
1120 C_SaferCond onack;
1121 version_t objver;
>>> CID 1238879: Thread deadlock (ORDER_REVERSAL)
>>> Calling "linger_read" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1122 wc->linger_id = objecter->linger_read(oid, oloc, rd, snap_seq, inbl, NULL, 0,
1123 &onack, &objver);
1124 lock->Unlock();
1125
1126 ldout(client->cct, 10) << __func__ << " issued linger op " << wc->linger_id << dendl;
1127 int r_issue = onack.wait();
________________________________________________________________________________________________________
*** CID 1238880: Thread deadlock (ORDER_REVERSAL)
/test/osd/RadosModel.h: 728 in WriteOp::_begin()()
722 if (do_append) {
723 ObjectDesc old_value;
724 bool found = context->find_object(oid, &old_value);
725 uint64_t prev_length = found && old_value.has_contents() ?
726 old_value.most_recent_gen()->get_length(old_value.most_recent()) :
727 0;
>>> CID 1238880: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pool_required_alignment" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
728 cont_gen = new AppendGenerator(
729 prev_length,
730 (context->io_ctx.pool_requires_alignment() ?
731 context->io_ctx.pool_required_alignment() : 0),
732 context->min_stride_size,
733 context->max_stride_size,
/test/osd/RadosModel.h: 728 in WriteOp::_begin()()
722 if (do_append) {
723 ObjectDesc old_value;
724 bool found = context->find_object(oid, &old_value);
725 uint64_t prev_length = found && old_value.has_contents() ?
726 old_value.most_recent_gen()->get_length(old_value.most_recent()) :
727 0;
>>> CID 1238880: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pool_requires_alignment" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
728 cont_gen = new AppendGenerator(
729 prev_length,
730 (context->io_ctx.pool_requires_alignment() ?
731 context->io_ctx.pool_required_alignment() : 0),
732 context->min_stride_size,
733 context->max_stride_size,
________________________________________________________________________________________________________
*** CID 1238881: Thread deadlock (ORDER_REVERSAL)
/test/osd/RadosModel.h: 1251 in SnapRemoveOp::_begin()()
1245 uint64_t snap = context->snaps[to_remove];
1246 context->remove_snap(to_remove);
1247
1248 if (context->pool_snaps) {
1249 string snapname;
1250
>>> CID 1238881: Thread deadlock (ORDER_REVERSAL)
>>> Calling "snap_get_name" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1251 assert(!context->io_ctx.snap_get_name(snap, &snapname));
1252 assert(!context->io_ctx.snap_remove(snapname.c_str()));
1253 } else {
1254 assert(!context->io_ctx.selfmanaged_snap_remove(snap));
1255
1256 vector<uint64_t> snapset(context->snaps.size());
/test/osd/RadosModel.h: 1252 in SnapRemoveOp::_begin()()
1246 context->remove_snap(to_remove);
1247
1248 if (context->pool_snaps) {
1249 string snapname;
1250
1251 assert(!context->io_ctx.snap_get_name(snap, &snapname));
>>> CID 1238881: Thread deadlock (ORDER_REVERSAL)
>>> Calling "snap_remove" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1252 assert(!context->io_ctx.snap_remove(snapname.c_str()));
1253 } else {
1254 assert(!context->io_ctx.selfmanaged_snap_remove(snap));
1255
1256 vector<uint64_t> snapset(context->snaps.size());
1257 int j = 0;
________________________________________________________________________________________________________
*** CID 1238882: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 786 in librados::RadosClient::osd_command(int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
780
781 if (osd < 0)
782 return -EINVAL;
783
784 lock.Lock();
785 // XXX do anything with tid?
>>> CID 1238882: Thread deadlock (ORDER_REVERSAL)
>>> Calling "osd_command" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
786 int r = objecter->osd_command(osd, cmd, inbl, &tid, poutbl, prs,
787 new C_SafeCond(&mylock, &cond, &done, &ret));
788 lock.Unlock();
789 if (r != 0)
790 return r;
791 mylock.Lock();
________________________________________________________________________________________________________
*** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()
956 }
957
958 // see who i am
959 addr = messenger->get_myaddr();
960 whoami = mdsmap->get_rank_gid(monc->get_global_id());
961 state = mdsmap->get_state_gid(monc->get_global_id());
>>> CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
>>> Assigning: signed variable "this->incarnation" = "get_inc_gid".
962 incarnation = mdsmap->get_inc_gid(monc->get_global_id());
963 dout(10) << "map says i am " << addr << " mds." << whoami << "." << incarnation
964 << " state " << ceph_mds_state_name(state) << dendl;
965
966 // mark down any failed peers
967 for (map<uint64_t,MDSMap::mds_info_t>::const_iterator p = oldmap->get_mds_info().begin();
________________________________________________________________________________________________________
*** CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7733 in ()
7727 hidden: true, \
7728 exists_cb: &Client::_vxattrcb_layout_exists, \
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
>>> CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
________________________________________________________________________________________________________
*** CID 1238885: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 702 in librados::RadosClient::do_watch_notify(MWatchNotify *)()
696 // trigger the callback
697 lock.Unlock();
698 wc->watch_ctx->notify(m->opcode, m->ver, m->bl);
699 lock.Lock();
700
701 // send ACK back to the OSD
>>> CID 1238885: Thread deadlock (ORDER_REVERSAL)
>>> Calling "_notify_ack" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
702 wc->io_ctx_impl->_notify_ack(wc->oid, m->notify_id, m->ver, m->cookie);
703
704 ldout(cct,10) << __func__ << " notify done" << dendl;
705 wc->put();
706 }
707 } else {
________________________________________________________________________________________________________
*** CID 1238886: Thread deadlock (ORDER_REVERSAL)
/client/SyntheticClient.cc: 2391 in SyntheticClient::object_rw(int, int, int, int, double, double)()
2385 m.ops.push_back(op);
2386 if (do_sync) {
2387 OSDOp op;
2388 op.op.op = CEPH_OSD_OP_STARTSYNC;
2389 m.ops.push_back(op);
2390 }
>>> CID 1238886: Thread deadlock (ORDER_REVERSAL)
>>> Calling "mutate" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
2391 client->objecter->mutate(oid, oloc, m, snapc, ceph_clock_now(client->cct), 0,
2392 NULL, new C_Ref(lock, cond, &unack));
2393 /*client->objecter->write(oid, layout, 0, osize, snapc, bl, 0,
2394 new C_Ref(lock, cond, &unack),
2395 new C_Ref(lock, cond, &unsafe));*/
2396 } else {
________________________________________________________________________________________________________
*** CID 1238887: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 808 in librados::RadosClient::pg_command(pg_t, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
802 Mutex mylock("RadosClient::pg_command::mylock");
803 Cond cond;
804 bool done;
805 int ret;
806 ceph_tid_t tid;
807 lock.Lock();
>>> CID 1238887: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pg_command" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
808 int r = objecter->pg_command(pgid, cmd, inbl, &tid, poutbl, prs,
809 new C_SafeCond(&mylock, &cond, &done, &ret));
810 lock.Unlock();
811 if (r != 0)
812 return r;
813 mylock.Lock();
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Tue, 16 Sep 2014 14:40:12 -0700
Message-ID: <5418ae3ce3e39_2a5b6c7334536a4@scan.coverity.com.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 38 defect(s)
** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)()
** CID 1238869: Value not atomically updated (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
** CID 1238870: Unchecked return value (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()
** CID 1238871: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
** CID 1238872: Unchecked return value (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
** CID 1238873: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
** CID 1238874: Missing unlock (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)()
** CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7737 in ()
** CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7735 in ()
** CID 1238877: Missing unlock (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()
** CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7734 in ()
** CID 1238879: Thread deadlock (ORDER_REVERSAL)
** CID 1238880: Thread deadlock (ORDER_REVERSAL)
** CID 1238881: Thread deadlock (ORDER_REVERSAL)
** CID 1238882: Thread deadlock (ORDER_REVERSAL)
** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()
** CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7733 in ()
** CID 1238885: Thread deadlock (ORDER_REVERSAL)
** CID 1238886: Thread deadlock (ORDER_REVERSAL)
** CID 1238887: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 717233: Uninitialized scalar field (UNINIT_CTOR)
/mds/Capability.h: 249 in Capability::Capability(CInode *, unsigned long, client_t)()
243 suppress(0), state(0),
244 client_follows(0), client_xattr_version(0),
245 client_inline_version(0),
246 item_session_caps(this), item_snaprealm_caps(this), item_revoking_caps(this) {
247 g_num_cap++;
248 g_num_capa++;
>>> CID 717233: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "num_revoke_warnings" is not initialized in this constructor nor in any functions that it calls.
249 }
250 ~Capability() {
251 g_num_cap--;
252 g_num_caps++;
253 }
254
________________________________________________________________________________________________________
*** CID 1238869: Value not atomically updated (ATOMICITY)
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
/osdc/Objecter.cc: 3055 in Objecter::handle_pool_op_reply(MPoolOpReply *)()
3049 if (!rwlock.is_wlocked()) {
3050 rwlock.unlock();
3051 rwlock.get_write();
3052 }
3053 iter = pool_ops.find(tid);
3054 if (iter != pool_ops.end()) {
>>> CID 1238869: Value not atomically updated (ATOMICITY)
>>> Using an unreliable value of "op" inside the second locked section. If the data that "op" depends on was changed by another thread, this use might be incorrect.
3055 _finish_pool_op(op);
3056 }
3057 } else {
3058 ldout(cct, 10) << "unknown request " << tid << dendl;
3059 }
3060 rwlock.unlock();
________________________________________________________________________________________________________
*** CID 1238870: Unchecked return value (CHECKED_RETURN)
/test/test_snap_mapper.cc: 562 in MapperVerifier::remove_oid()()
556 snap_to_hobject.find(*i);
557 assert(j->second.count(obj->first));
558 j->second.erase(obj->first);
559 }
560 {
561 PausyAsyncMap::Transaction t;
>>> CID 1238870: Unchecked return value (CHECKED_RETURN)
>>> Calling "remove_oid" without checking return value (as is done elsewhere 8 out of 10 times).
562 mapper->remove_oid(
563 obj->first,
564 &t);
565 driver->submit(&t);
566 }
567 hobject_to_snap.erase(obj);
________________________________________________________________________________________________________
*** CID 1238871: Dereference after null check (FORWARD_NULL)
/mds/Server.cc: 6988 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
6982 // slave
6983 assert(!destdn || destdn->authority().first != whoami);
6984 assert(!straydn || straydn->authority().first != whoami);
6985
6986 bool force_journal_src = false;
6987 bool force_journal_dest = false;
>>> CID 1238871: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
6988 if (in && in->is_dir() && srcdn->authority().first != whoami)
6989 force_journal_src = _need_force_journal(in, false);
6990 if (in && target && target->is_dir())
6991 force_journal_dest = _need_force_journal(in, true);
6992
6993 version_t srcdnpv = 0;
/mds/Server.cc: 7107 in Server::do_rename_rollback(ceph::buffer::list &, int, std::tr1::shared_ptr<MDRequestImpl> &, bool)()
7101 le->commit.add_primary_dentry(target->get_projected_parent_dn(), target, true);
7102 }
7103
7104 if (force_journal_dest) {
7105 dout(10) << " noting rename target ino " << target->ino() << " in metablob" << dendl;
7106 le->commit.renamed_dirino = target->ino();
>>> CID 1238871: Dereference after null check (FORWARD_NULL)
>>> Passing null pointer "srcdn" to "authority", which dereferences it. (The dereference happens because this is a virtual function call.)
7107 } else if (force_journal_src || (in && in->is_dir() && srcdn->authority().first == whoami)) {
7108 dout(10) << " noting renamed dir ino " << in->ino() << " in metablob" << dendl;
7109 le->commit.renamed_dirino = in->ino();
7110 }
7111
7112 if (target && target->is_dir()) {
________________________________________________________________________________________________________
*** CID 1238872: Unchecked return value (CHECKED_RETURN)
/tools/ceph_objectstore_tool.cc: 1284 in do_import_rados(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
1278 }
1279 ret = cluster.conf_parse_env(NULL);
1280 if (ret) {
1281 cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
1282 return ret;
1283 }
>>> CID 1238872: Unchecked return value (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 14 out of 17 times).
1284 cluster.connect();
1285
1286 ret = cluster.ioctx_create(pool.c_str(), ioctx);
1287 if (ret < 0) {
1288 cerr << "ioctx_create " << pool << " failed with " << ret << std::endl;
1289 return ret;
________________________________________________________________________________________________________
*** CID 1238873: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&)()
148 return m_action_trackers[id % m_num_action_trackers];
149 }
150
151 void Replayer::run(const std::string& replay_file) {
152 {
153 librados::Rados rados;
>>> CID 1238873: Unchecked return value (CHECKED_RETURN)
>>> Calling "init" without checking return value (as is done elsewhere 11 out of 12 times).
154 rados.init(NULL);
155 int r = rados.init_with_context(g_ceph_context);
156 if (r) {
157 cerr << "Unable to read conf file: " << r << std::endl;
158 goto out;
159 }
________________________________________________________________________________________________________
*** CID 1238874: Missing unlock (LOCK)
/osdc/Objecter.cc: 1855 in Objecter::op_cancel(Objecter::OSDSession *, unsigned long, int)()
1849
1850 s->lock.get_write();
1851
1852 map<ceph_tid_t, Op*>::iterator p = s->ops.find(tid);
1853 if (p == s->ops.end()) {
1854 ldout(cct, 10) << __func__ << " tid " << tid << " dne" << dendl;
>>> CID 1238874: Missing unlock (LOCK)
>>> Returning without unlocking "s->lock.L".
1855 return -ENOENT;
1856 }
1857
1858 if (s->con) {
1859 ldout(cct, 20) << " revoking rx buffer for " << tid
1860 << " on " << s->con << dendl;
________________________________________________________________________________________________________
*** CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7737 in ()
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
>>> CID 1238875: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
7740 XATTR_LAYOUT_FIELD(dir, layout, stripe_count),
7741 XATTR_LAYOUT_FIELD(dir, layout, object_size),
7742 XATTR_LAYOUT_FIELD(dir, layout, pool),
________________________________________________________________________________________________________
*** CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7735 in ()
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
>>> CID 1238876: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
7740 XATTR_LAYOUT_FIELD(dir, layout, stripe_count),
________________________________________________________________________________________________________
*** CID 1238877: Missing unlock (LOCK)
/common/Timer.cc: 240 in RWTimer::shutdown()()
234 rwlock.unlock();
235 thread->join();
236 rwlock.get_write();
237 delete thread;
238 thread = NULL;
239 }
>>> CID 1238877: Missing unlock (LOCK)
>>> Returning without unlocking "this->rwlock->L".
240 }
241
242 void RWTimer::timer_thread()
243 {
244 rwlock.get_write();
245 ldout(cct,10) << "timer_thread starting" << dendl;
________________________________________________________________________________________________________
*** CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7734 in ()
7728 exists_cb: &Client::_vxattrcb_layout_exists, \
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
7733 name: "ceph.dir.layout",
>>> CID 1238878: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
7739 XATTR_LAYOUT_FIELD(dir, layout, stripe_unit),
________________________________________________________________________________________________________
*** CID 1238879: Thread deadlock (ORDER_REVERSAL)
/librados/IoCtxImpl.cc: 1122 in librados::IoCtxImpl::notify(const object_t &, unsigned long, ceph::buffer::list &)()
1116 prepare_assert_ops(&rd);
1117 rd.notify(cookie, ver, inbl);
1118
1119 // Issue RADOS op
1120 C_SaferCond onack;
1121 version_t objver;
>>> CID 1238879: Thread deadlock (ORDER_REVERSAL)
>>> Calling "linger_read" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1122 wc->linger_id = objecter->linger_read(oid, oloc, rd, snap_seq, inbl, NULL, 0,
1123 &onack, &objver);
1124 lock->Unlock();
1125
1126 ldout(client->cct, 10) << __func__ << " issued linger op " << wc->linger_id << dendl;
1127 int r_issue = onack.wait();
________________________________________________________________________________________________________
*** CID 1238880: Thread deadlock (ORDER_REVERSAL)
/test/osd/RadosModel.h: 728 in WriteOp::_begin()()
722 if (do_append) {
723 ObjectDesc old_value;
724 bool found = context->find_object(oid, &old_value);
725 uint64_t prev_length = found && old_value.has_contents() ?
726 old_value.most_recent_gen()->get_length(old_value.most_recent()) :
727 0;
>>> CID 1238880: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pool_required_alignment" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
728 cont_gen = new AppendGenerator(
729 prev_length,
730 (context->io_ctx.pool_requires_alignment() ?
731 context->io_ctx.pool_required_alignment() : 0),
732 context->min_stride_size,
733 context->max_stride_size,
/test/osd/RadosModel.h: 728 in WriteOp::_begin()()
722 if (do_append) {
723 ObjectDesc old_value;
724 bool found = context->find_object(oid, &old_value);
725 uint64_t prev_length = found && old_value.has_contents() ?
726 old_value.most_recent_gen()->get_length(old_value.most_recent()) :
727 0;
>>> CID 1238880: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pool_requires_alignment" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
728 cont_gen = new AppendGenerator(
729 prev_length,
730 (context->io_ctx.pool_requires_alignment() ?
731 context->io_ctx.pool_required_alignment() : 0),
732 context->min_stride_size,
733 context->max_stride_size,
________________________________________________________________________________________________________
*** CID 1238881: Thread deadlock (ORDER_REVERSAL)
/test/osd/RadosModel.h: 1251 in SnapRemoveOp::_begin()()
1245 uint64_t snap = context->snaps[to_remove];
1246 context->remove_snap(to_remove);
1247
1248 if (context->pool_snaps) {
1249 string snapname;
1250
>>> CID 1238881: Thread deadlock (ORDER_REVERSAL)
>>> Calling "snap_get_name" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1251 assert(!context->io_ctx.snap_get_name(snap, &snapname));
1252 assert(!context->io_ctx.snap_remove(snapname.c_str()));
1253 } else {
1254 assert(!context->io_ctx.selfmanaged_snap_remove(snap));
1255
1256 vector<uint64_t> snapset(context->snaps.size());
/test/osd/RadosModel.h: 1252 in SnapRemoveOp::_begin()()
1246 context->remove_snap(to_remove);
1247
1248 if (context->pool_snaps) {
1249 string snapname;
1250
1251 assert(!context->io_ctx.snap_get_name(snap, &snapname));
>>> CID 1238881: Thread deadlock (ORDER_REVERSAL)
>>> Calling "snap_remove" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
1252 assert(!context->io_ctx.snap_remove(snapname.c_str()));
1253 } else {
1254 assert(!context->io_ctx.selfmanaged_snap_remove(snap));
1255
1256 vector<uint64_t> snapset(context->snaps.size());
1257 int j = 0;
________________________________________________________________________________________________________
*** CID 1238882: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 786 in librados::RadosClient::osd_command(int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
780
781 if (osd < 0)
782 return -EINVAL;
783
784 lock.Lock();
785 // XXX do anything with tid?
>>> CID 1238882: Thread deadlock (ORDER_REVERSAL)
>>> Calling "osd_command" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
786 int r = objecter->osd_command(osd, cmd, inbl, &tid, poutbl, prs,
787 new C_SafeCond(&mylock, &cond, &done, &ret));
788 lock.Unlock();
789 if (r != 0)
790 return r;
791 mylock.Lock();
________________________________________________________________________________________________________
*** CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
/mds/MDS.cc: 962 in MDS::handle_mds_map(MMDSMap *)()
956 }
957
958 // see who i am
959 addr = messenger->get_myaddr();
960 whoami = mdsmap->get_rank_gid(monc->get_global_id());
961 state = mdsmap->get_state_gid(monc->get_global_id());
>>> CID 1238883: Improper use of negative value (NEGATIVE_RETURNS)
>>> Assigning: signed variable "this->incarnation" = "get_inc_gid".
962 incarnation = mdsmap->get_inc_gid(monc->get_global_id());
963 dout(10) << "map says i am " << addr << " mds." << whoami << "." << incarnation
964 << " state " << ceph_mds_state_name(state) << dendl;
965
966 // mark down any failed peers
967 for (map<uint64_t,MDSMap::mds_info_t>::const_iterator p = oldmap->get_mds_info().begin();
________________________________________________________________________________________________________
*** CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
/client/Client.cc: 7733 in ()
7727 hidden: true, \
7728 exists_cb: &Client::_vxattrcb_layout_exists, \
7729 }
7730
7731 const Client::VXattr Client::_dir_vxattrs[] = {
7732 {
>>> CID 1238884: Unrecoverable parse warning (PARSE_ERROR)
>>> designator may not specify a non-POD subobject
7733 name: "ceph.dir.layout",
7734 getxattr_cb: &Client::_vxattrcb_layout,
7735 readonly: false,
7736 hidden: true,
7737 exists_cb: &Client::_vxattrcb_layout_exists,
7738 },
________________________________________________________________________________________________________
*** CID 1238885: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 702 in librados::RadosClient::do_watch_notify(MWatchNotify *)()
696 // trigger the callback
697 lock.Unlock();
698 wc->watch_ctx->notify(m->opcode, m->ver, m->bl);
699 lock.Lock();
700
701 // send ACK back to the OSD
>>> CID 1238885: Thread deadlock (ORDER_REVERSAL)
>>> Calling "_notify_ack" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
702 wc->io_ctx_impl->_notify_ack(wc->oid, m->notify_id, m->ver, m->cookie);
703
704 ldout(cct,10) << __func__ << " notify done" << dendl;
705 wc->put();
706 }
707 } else {
________________________________________________________________________________________________________
*** CID 1238886: Thread deadlock (ORDER_REVERSAL)
/client/SyntheticClient.cc: 2391 in SyntheticClient::object_rw(int, int, int, int, double, double)()
2385 m.ops.push_back(op);
2386 if (do_sync) {
2387 OSDOp op;
2388 op.op.op = CEPH_OSD_OP_STARTSYNC;
2389 m.ops.push_back(op);
2390 }
>>> CID 1238886: Thread deadlock (ORDER_REVERSAL)
>>> Calling "mutate" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
2391 client->objecter->mutate(oid, oloc, m, snapc, ceph_clock_now(client->cct), 0,
2392 NULL, new C_Ref(lock, cond, &unack));
2393 /*client->objecter->write(oid, layout, 0, osize, snapc, bl, 0,
2394 new C_Ref(lock, cond, &unack),
2395 new C_Ref(lock, cond, &unsafe));*/
2396 } else {
________________________________________________________________________________________________________
*** CID 1238887: Thread deadlock (ORDER_REVERSAL)
/librados/RadosClient.cc: 808 in librados::RadosClient::pg_command(pg_t, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &, const ceph::buffer::list &, ceph::buffer::list *, std::basic_string<char, std::char_traits<char>, std::allocator<char>>*)()
802 Mutex mylock("RadosClient::pg_command::mylock");
803 Cond cond;
804 bool done;
805 int ret;
806 ceph_tid_t tid;
807 lock.Lock();
>>> CID 1238887: Thread deadlock (ORDER_REVERSAL)
>>> Calling "pg_command" acquires lock "RWLock.L" while holding lock "Mutex._m" (count: 14 / 29).
808 int r = objecter->pg_command(pgid, cmd, inbl, &tid, poutbl, prs,
809 new C_SafeCond(&mylock, &cond, &done, &ret));
810 lock.Unlock();
811 if (r != 0)
812 return r;
813 mylock.Lock();
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-08-23 16:04 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-08-23 16:04 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 16715 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 9FA4D80069
for <sage@cobra.newdream.net>; Sat, 23 Aug 2014 06:43:45 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 9BCFA120AF3; Sat, 23 Aug 2014 06:43:45 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdcbae.dreamhost.com
[208.97.132.104])
by destro.newdream.net (Postfix) with ESMTP id 95412120A42
for <sage@newdream.net>; Sat, 23 Aug 2014 06:43:45 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
90BCA161606E
for <sage@newdream.net>; Sat, 23 Aug 2014 06:43:45 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from terminator.dreamhost.com ([208.97.132.17])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id wrUtf19zqhJD for <sage@newdream.net>;
Sat, 23 Aug 2014 06:43:45 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by terminator.dreamhost.com (Postfix) with ESMTP id 6C8AC2884077
for <sage@newdream.net>; Sat, 23 Aug 2014 06:43:45 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Sat, 23 Aug 2014 06:43:26 -0700
Date: Sat, 23 Aug 2014 06:43:44 -0700
From: scan-admin@coverity.com
Message-ID: <53f89a90d6618_578610ab31494984@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 23 Aug 2014 13:43:26.0687 (UTC)
FILETIME=[374A66F0:01CFBED8]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 1232599: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
** CID 1232600: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
** CID 1232601: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
** CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO)
/mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, const std::set<long, std::less<long>, std::allocator<long>> *)()
** CID 1232603: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/test/objectstore/store_test.cc: 138 in StoreTest_SimpleColPreHashTest_Test::TestBody()()
** CID 1232604: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/os/HashIndex.cc: 378 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
** CID 1232605: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
** CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
** CID 1232607: Uninitialized pointer field (UNINIT_CTOR)
/rbd_replay/Replayer.cc: 141 in rbd_replay::Replayer::Replayer(int)()
________________________________________________________________________________________________________
*** CID 1232599: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
427 leavies /= subs;
428 while (leavies > 1) {
429 ++level;
430 leavies = leavies >> 4;
431 }
432 for (uint32_t i = 0; i < subs; ++i) {
>>> CID 1232599: Bad bit shift operation (BAD_SHIFT)
>>> In expression "i << (4 - split_bits) % 4", shifting by a negative amount has undefined behavior. The shift amount, "(4 - split_bits) % 4", is -1.
433 int v = tmp_id | (i << ((4 - split_bits) % 4));
434 paths.push_back(to_hex(v));
435 ret = create_path(paths);
436 if (ret < 0 && ret != -EEXIST)
437 return ret;
438 ret = recursive_create_path(paths, level);
________________________________________________________________________________________________________
*** CID 1232600: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
415 // this variable denotes how many bits (for this level) that can be
416 // used for sub folder splitting
417 int split_bits = 4 - left_bits;
418 // the below logic is inspired by rados.h#ceph_stable_mod,
419 // it basically determines how many sub-folders should we
420 // create for splitting
>>> CID 1232600: Bad bit shift operation (BAD_SHIFT)
>>> In expression "1 << pg_num_bits - 1", shifting by a negative amount has undefined behavior. The shift amount, "pg_num_bits - 1", is -1.
421 if (((1 << (pg_num_bits - 1)) | ps) >= pg_num) {
422 ++split_bits;
423 }
424 const uint32_t subs = (1 << split_bits);
425 // Calculate how many levels we create starting from here
426 int level = 0;
________________________________________________________________________________________________________
*** CID 1232601: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
148 return m_action_trackers[id % m_num_action_trackers];
149 }
150
151 void Replayer::run(const std::string replay_file) {
152 {
153 librados::Rados rados;
>>> CID 1232601: Unchecked return value (CHECKED_RETURN)
>>> Calling "init" without checking return value (as is done elsewhere 10 out of 11 times).
154 rados.init(NULL);
155 int r = rados.init_with_context(g_ceph_context);
156 if (r) {
157 cerr << "Unable to read conf file: " << r << std::endl;
158 goto out;
159 }
________________________________________________________________________________________________________
*** CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO)
/mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, const std::set<long, std::less<long>, std::allocator<long>> *)()
484 }
485 ++pgs_by_osd[*q];
486 ++num_pg_copies;
487 }
488 }
489
>>> CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "num_pg_copies / num_osds", division by expression "num_osds" which may be zero has undefined behavior.
490 if (num_pg_copies / num_osds < g_conf->mon_reweight_min_pgs_per_osd) {
491 ostringstream oss;
492 oss << "Refusing to reweight: we only have " << num_pg_copies
493 << " PGs across " << num_osds << " osds!\n";
494 out_str = oss.str();
495 return -EDOM;
________________________________________________________________________________________________________
*** CID 1232603: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/test/objectstore/store_test.cc: 138 in StoreTest_SimpleColPreHashTest_Test::TestBody()()
132 boost::uniform_int<> pg_id_range(0, pg_num);
133 gen_type rng(time(NULL));
134 int pg_id = pg_id_range(rng);
135
136 int objs_per_folder = abs(merge_threshold) * 16 * g_ceph_context->_conf->filestore_split_multiple;
137 boost::uniform_int<> folders_range(5, 256);
>>> CID 1232603: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "objs_per_folder * folders_range(rng)" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "uint64_t" (64 bits, unsigned). To avoid overflow, cast either operand to "uint64_t" before performing the multiplication.
138 uint64_t expected_num_objs = (uint64_t)(objs_per_folder * folders_range(rng));
139
140 char buf[100];
141 snprintf(buf, 100, "1.%x_head", pg_id);
142
143 coll_t cid(buf);
________________________________________________________________________________________________________
*** CID 1232604: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/os/HashIndex.cc: 378 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
372 // Do not split if the expected number of objects in this collection is zero (by default)
373 if (expected_num_objs == 0)
374 return 0;
375
376 // Calculate the number of leaf folders (which actually store files)
377 // need to be created
>>> CID 1232604: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "(unsigned int)abs(this->merge_threshold) * 16U * this->split_multiplier" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "uint64_t const" (64 bits, unsigned). To avoid overflow, cast either operand to "uint64_t const" before performing the multiplication.
378 const uint64_t objs_per_folder = (unsigned)(abs(merge_threshold)) * 16 * split_multiplier;
379 uint64_t leavies = expected_num_objs / objs_per_folder ;
380 // No need to split
381 if (leavies == 0 || expected_num_objs == objs_per_folder)
382 return 0;
383
________________________________________________________________________________________________________
*** CID 1232605: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232605: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
________________________________________________________________________________________________________
*** CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
________________________________________________________________________________________________________
*** CID 1232607: Uninitialized pointer field (UNINIT_CTOR)
/rbd_replay/Replayer.cc: 141 in rbd_replay::Replayer::Replayer(int)()
135
136 Replayer::Replayer(int num_action_trackers)
137 : m_pool_name("rbd"),
138 m_num_action_trackers(num_action_trackers),
139 m_action_trackers(new action_tracker_d[m_num_action_trackers]) {
140 assertf(num_action_trackers > 0, "num_action_trackers = %d", num_action_trackers);
>>> CID 1232607: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "m_readonly" is not initialized in this constructor nor in any functions that it calls.
141 }
142
143 Replayer::~Replayer() {
144 delete[] m_action_trackers;
145 }
146
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Sat, 23 Aug 2014 06:43:44 -0700
Message-ID: <53f89a90d6618_578610ab31494984@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 1232599: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
** CID 1232600: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
** CID 1232601: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
** CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO)
/mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, const std::set<long, std::less<long>, std::allocator<long>> *)()
** CID 1232603: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/test/objectstore/store_test.cc: 138 in StoreTest_SimpleColPreHashTest_Test::TestBody()()
** CID 1232604: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/os/HashIndex.cc: 378 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
** CID 1232605: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
** CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
/rbd_replay/rbd-replay.cc: 51 in main()
** CID 1232607: Uninitialized pointer field (UNINIT_CTOR)
/rbd_replay/Replayer.cc: 141 in rbd_replay::Replayer::Replayer(int)()
________________________________________________________________________________________________________
*** CID 1232599: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 433 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
427 leavies /= subs;
428 while (leavies > 1) {
429 ++level;
430 leavies = leavies >> 4;
431 }
432 for (uint32_t i = 0; i < subs; ++i) {
>>> CID 1232599: Bad bit shift operation (BAD_SHIFT)
>>> In expression "i << (4 - split_bits) % 4", shifting by a negative amount has undefined behavior. The shift amount, "(4 - split_bits) % 4", is -1.
433 int v = tmp_id | (i << ((4 - split_bits) % 4));
434 paths.push_back(to_hex(v));
435 ret = create_path(paths);
436 if (ret < 0 && ret != -EEXIST)
437 return ret;
438 ret = recursive_create_path(paths, level);
________________________________________________________________________________________________________
*** CID 1232600: Bad bit shift operation (BAD_SHIFT)
/os/HashIndex.cc: 421 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
415 // this variable denotes how many bits (for this level) that can be
416 // used for sub folder splitting
417 int split_bits = 4 - left_bits;
418 // the below logic is inspired by rados.h#ceph_stable_mod,
419 // it basically determines how many sub-folders should we
420 // create for splitting
>>> CID 1232600: Bad bit shift operation (BAD_SHIFT)
>>> In expression "1 << pg_num_bits - 1", shifting by a negative amount has undefined behavior. The shift amount, "pg_num_bits - 1", is -1.
421 if (((1 << (pg_num_bits - 1)) | ps) >= pg_num) {
422 ++split_bits;
423 }
424 const uint32_t subs = (1 << split_bits);
425 // Calculate how many levels we create starting from here
426 int level = 0;
________________________________________________________________________________________________________
*** CID 1232601: Unchecked return value (CHECKED_RETURN)
/rbd_replay/Replayer.cc: 154 in rbd_replay::Replayer::run(std::basic_string<char, std::char_traits<char>, std::allocator<char>>)()
148 return m_action_trackers[id % m_num_action_trackers];
149 }
150
151 void Replayer::run(const std::string replay_file) {
152 {
153 librados::Rados rados;
>>> CID 1232601: Unchecked return value (CHECKED_RETURN)
>>> Calling "init" without checking return value (as is done elsewhere 10 out of 11 times).
154 rados.init(NULL);
155 int r = rados.init_with_context(g_ceph_context);
156 if (r) {
157 cerr << "Unable to read conf file: " << r << std::endl;
158 goto out;
159 }
________________________________________________________________________________________________________
*** CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO)
/mon/OSDMonitor.cc: 490 in OSDMonitor::reweight_by_utilization(int, std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, bool, const std::set<long, std::less<long>, std::allocator<long>> *)()
484 }
485 ++pgs_by_osd[*q];
486 ++num_pg_copies;
487 }
488 }
489
>>> CID 1232602: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "num_pg_copies / num_osds", division by expression "num_osds" which may be zero has undefined behavior.
490 if (num_pg_copies / num_osds < g_conf->mon_reweight_min_pgs_per_osd) {
491 ostringstream oss;
492 oss << "Refusing to reweight: we only have " << num_pg_copies
493 << " PGs across " << num_osds << " osds!\n";
494 out_str = oss.str();
495 return -EDOM;
________________________________________________________________________________________________________
*** CID 1232603: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/test/objectstore/store_test.cc: 138 in StoreTest_SimpleColPreHashTest_Test::TestBody()()
132 boost::uniform_int<> pg_id_range(0, pg_num);
133 gen_type rng(time(NULL));
134 int pg_id = pg_id_range(rng);
135
136 int objs_per_folder = abs(merge_threshold) * 16 * g_ceph_context->_conf->filestore_split_multiple;
137 boost::uniform_int<> folders_range(5, 256);
>>> CID 1232603: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "objs_per_folder * folders_range(rng)" with type "int" (32 bits, signed) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "uint64_t" (64 bits, unsigned). To avoid overflow, cast either operand to "uint64_t" before performing the multiplication.
138 uint64_t expected_num_objs = (uint64_t)(objs_per_folder * folders_range(rng));
139
140 char buf[100];
141 snprintf(buf, 100, "1.%x_head", pg_id);
142
143 coll_t cid(buf);
________________________________________________________________________________________________________
*** CID 1232604: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
/os/HashIndex.cc: 378 in HashIndex::pre_split_folder(unsigned int, unsigned long)()
372 // Do not split if the expected number of objects in this collection is zero (by default)
373 if (expected_num_objs == 0)
374 return 0;
375
376 // Calculate the number of leaf folders (which actually store files)
377 // need to be created
>>> CID 1232604: Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN)
>>> Potentially overflowing expression "(unsigned int)abs(this->merge_threshold) * 16U * this->split_multiplier" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type "uint64_t const" (64 bits, unsigned). To avoid overflow, cast either operand to "uint64_t const" before performing the multiplication.
378 const uint64_t objs_per_folder = (unsigned)(abs(merge_threshold)) * 16 * split_multiplier;
379 uint64_t leavies = expected_num_objs / objs_per_folder ;
380 // No need to split
381 if (leavies == 0 || expected_num_objs == objs_per_folder)
382 return 0;
383
________________________________________________________________________________________________________
*** CID 1232605: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232605: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<boost::lock_error> >" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
________________________________________________________________________________________________________
*** CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
/rbd_replay/rbd-replay.cc: 51 in main()
45 cout << std::endl;
46 cout << "Image mapping rules:" << std::endl;
47 cout << "A rule of image1@snap1=image2@snap2 would map snap1 of image1 to snap2 of" << std::endl;
48 cout << "image2." << std::endl;
49 }
50
>>> CID 1232606: Uncaught exception (UNCAUGHT_EXCEPT)
>>> In function "main(int, char const **)" an exception of type "ceph::FailedAssertion" is thrown and never caught.
51 int main(int argc, const char **argv) {
52 vector<const char*> args;
53
54 argv_to_vec(argc, argv, args);
55 env_to_vec(args);
56 global_init(NULL, args, CEPH_ENTITY_TYPE_CLIENT, CODE_ENVIRONMENT_UTILITY, 0);
________________________________________________________________________________________________________
*** CID 1232607: Uninitialized pointer field (UNINIT_CTOR)
/rbd_replay/Replayer.cc: 141 in rbd_replay::Replayer::Replayer(int)()
135
136 Replayer::Replayer(int num_action_trackers)
137 : m_pool_name("rbd"),
138 m_num_action_trackers(num_action_trackers),
139 m_action_trackers(new action_tracker_d[m_num_action_trackers]) {
140 assertf(num_action_trackers > 0, "num_action_trackers = %d", num_action_trackers);
>>> CID 1232607: Uninitialized pointer field (UNINIT_CTOR)
>>> Non-static class member "m_readonly" is not initialized in this constructor nor in any functions that it calls.
141 }
142
143 Replayer::~Replayer() {
144 delete[] m_action_trackers;
145 }
146
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-07-11 3:39 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-07-11 3:39 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 10907 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 627FB81354
for <sage@cobra.newdream.net>; Thu, 10 Jul 2014 20:18:30 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 4A9BF120A85; Thu, 10 Jul 2014 20:18:30 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from diehard.dreamhost.com (caiajhbdcbfh.dreamhost.com
[208.97.132.157])
by destro.newdream.net (Postfix) with ESMTP id 49260120A5D
for <sage@newdream.net>; Thu, 10 Jul 2014 20:18:30 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by diehard.dreamhost.com (Postfix) with ESMTP id 3B0B717BD664
for <sage@newdream.net>; Thu, 10 Jul 2014 20:18:30 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at diehard.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from godfather.dreamhost.com ([208.97.132.17])
by localhost (diehard.dreamhost.com [208.97.132.157]) (amavisd-new,
port 10024) with ESMTP id laofewFC5imo for <sage@newdream.net>;
Thu, 10 Jul 2014 20:18:30 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by godfather.dreamhost.com (Postfix) with ESMTP id 163731B006A
for <sage@newdream.net>; Thu, 10 Jul 2014 20:18:30 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Thu, 10 Jul 2014 20:18:29 -0700
Date: Thu, 10 Jul 2014 20:18:29 -0700
From: scan-admin@coverity.com
Message-ID: <53bf57855235f_634cff331839678@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 11 Jul 2014 03:18:29.0570 (UTC)
FILETIME=[C9812A20:01CF9CB6]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 438 in Monitor::preinit()()
** CID 1225099: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::
basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<cha
r>> &, int &)()
** CID 1225100: Missing unlock (LOCK)
/mds/MDLog.cc: 511 in MDLog::trim(int)()
/mds/MDLog.cc: 511 in MDLog::trim(int)()
** CID 1225101: Missing unlock (LOCK)
/mds/MDLog.cc: 394 in MDLog::shutdown()()
** CID 1225102: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 746 in Monitor::shutdown()()
________________________________________________________________________________________________________
*** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 438 in Monitor::preinit()()
432
433 dout(1) << "preinit fsid " << monmap->fsid << dendl;
434
435 int r = sanitize_options();
436 if (r < 0) {
437 derr << "option sanitization failed!" << dendl;
>>> CID 1201388: Missing unlock (LOCK)
>>> Returning without unlocking "this->lock._m".
438 return r;
439 }
440
441 assert(!logger);
442 {
443 PerfCountersBuilder pcb(g_ceph_context, "mon", l_mon_first, l_mon_last);
________________________________________________________________________________________________________
*** CID 1225099: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::
basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<cha
r>> &, int &)()
1403 r = -EINVAL;
1404 poolid = -1;
1405 ss << "cannot remove default data pool";
1406 }
1407
1408 if (poolid >= 0) {
>>> CID 1225099: Unchecked return value (CHECKED_RETURN)
>>> Calling "cmd_getval" without checking return value (as is done elsewhere 22 out of 25 times).
1409 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1410 r = pending_mdsmap.remove_data_pool(poolid);
1411 if (r == -ENOENT)
1412 r = 0;
1413 if (r == 0)
1414 ss << "removed data pool " << poolid << " from mdsmap";
________________________________________________________________________________________________________
*** CID 1225100: Missing unlock (LOCK)
/mds/MDLog.cc: 511 in MDLog::trim(int)()
505 p = segments.lower_bound(last_seq + 1);
506 }
507 }
508
509 // discard expired segments and unlock submit_mutex
510 _trim_expired_segments();
>>> CID 1225100: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
511 }
512
513
514 void MDLog::try_expire(LogSegment *ls, int op_prio)
515 {
516 C_GatherBuilder gather_bld(g_ceph_context);
/mds/MDLog.cc: 511 in MDLog::trim(int)()
505 p = segments.lower_bound(last_seq + 1);
506 }
507 }
508
509 // discard expired segments and unlock submit_mutex
510 _trim_expired_segments();
>>> CID 1225100: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
511 }
512
513
514 void MDLog::try_expire(LogSegment *ls, int op_prio)
515 {
516 C_GatherBuilder gather_bld(g_ceph_context);
________________________________________________________________________________________________________
*** CID 1225101: Missing unlock (LOCK)
/mds/MDLog.cc: 394 in MDLog::shutdown()()
388 submit_mutex.Lock();
389 stopping = true;
390 submit_cond.Signal();
391 submit_mutex.Unlock();
392
393 mds->mds_lock.Lock();
>>> CID 1225101: Missing unlock (LOCK)
>>> Returning without unlocking "this->mds->mds_lock._m".
394 }
395
396
397 // -----------------------------
398 // segments
399
________________________________________________________________________________________________________
*** CID 1225102: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 746 in Monitor::shutdown()()
740 finish_contexts(g_ceph_context, maybe_wait_for_quorum, -ECANCELED);
741
742 timer.shutdown();
743
744 remove_all_sessions();
745
>>> CID 1225102: Dereference before null check (REVERSE_INULL)
>>> Null-checking "this->logger" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
746 if (logger) {
747 cct->get_perfcounters_collection()->remove(logger);
748 delete logger;
749 logger = NULL;
750 }
751 if (cluster_logger) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Thu, 10 Jul 2014 20:18:29 -0700
Message-ID: <53bf57855235f_634cff331839678@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 5 of 5 defect(s)
** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 438 in Monitor::preinit()()
** CID 1225099: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::
basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<cha
r>> &, int &)()
** CID 1225100: Missing unlock (LOCK)
/mds/MDLog.cc: 511 in MDLog::trim(int)()
/mds/MDLog.cc: 511 in MDLog::trim(int)()
** CID 1225101: Missing unlock (LOCK)
/mds/MDLog.cc: 394 in MDLog::shutdown()()
** CID 1225102: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 746 in Monitor::shutdown()()
________________________________________________________________________________________________________
*** CID 1201388: Missing unlock (LOCK)
/mon/Monitor.cc: 438 in Monitor::preinit()()
432
433 dout(1) << "preinit fsid " << monmap->fsid << dendl;
434
435 int r = sanitize_options();
436 if (r < 0) {
437 derr << "option sanitization failed!" << dendl;
>>> CID 1201388: Missing unlock (LOCK)
>>> Returning without unlocking "this->lock._m".
438 return r;
439 }
440
441 assert(!logger);
442 {
443 PerfCountersBuilder pcb(g_ceph_context, "mon", l_mon_first, l_mon_last);
________________________________________________________________________________________________________
*** CID 1225099: Unchecked return value (CHECKED_RETURN)
/mon/MDSMonitor.cc: 1409 in MDSMonitor::filesystem_command(MMonCommand *, const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>, std::less<std::
basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, boost::variant<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, bool, long, double, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detai
l::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_, boost::detail::variant::void_>>>> &, std::basic_stringstream<char, std::char_traits<char>, std::allocator<cha
r>> &, int &)()
1403 r = -EINVAL;
1404 poolid = -1;
1405 ss << "cannot remove default data pool";
1406 }
1407
1408 if (poolid >= 0) {
>>> CID 1225099: Unchecked return value (CHECKED_RETURN)
>>> Calling "cmd_getval" without checking return value (as is done elsewhere 22 out of 25 times).
1409 cmd_getval(g_ceph_context, cmdmap, "poolid", poolid);
1410 r = pending_mdsmap.remove_data_pool(poolid);
1411 if (r == -ENOENT)
1412 r = 0;
1413 if (r == 0)
1414 ss << "removed data pool " << poolid << " from mdsmap";
________________________________________________________________________________________________________
*** CID 1225100: Missing unlock (LOCK)
/mds/MDLog.cc: 511 in MDLog::trim(int)()
505 p = segments.lower_bound(last_seq + 1);
506 }
507 }
508
509 // discard expired segments and unlock submit_mutex
510 _trim_expired_segments();
>>> CID 1225100: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
511 }
512
513
514 void MDLog::try_expire(LogSegment *ls, int op_prio)
515 {
516 C_GatherBuilder gather_bld(g_ceph_context);
/mds/MDLog.cc: 511 in MDLog::trim(int)()
505 p = segments.lower_bound(last_seq + 1);
506 }
507 }
508
509 // discard expired segments and unlock submit_mutex
510 _trim_expired_segments();
>>> CID 1225100: Missing unlock (LOCK)
>>> Returning without unlocking "this->submit_mutex._m".
511 }
512
513
514 void MDLog::try_expire(LogSegment *ls, int op_prio)
515 {
516 C_GatherBuilder gather_bld(g_ceph_context);
________________________________________________________________________________________________________
*** CID 1225101: Missing unlock (LOCK)
/mds/MDLog.cc: 394 in MDLog::shutdown()()
388 submit_mutex.Lock();
389 stopping = true;
390 submit_cond.Signal();
391 submit_mutex.Unlock();
392
393 mds->mds_lock.Lock();
>>> CID 1225101: Missing unlock (LOCK)
>>> Returning without unlocking "this->mds->mds_lock._m".
394 }
395
396
397 // -----------------------------
398 // segments
399
________________________________________________________________________________________________________
*** CID 1225102: Dereference before null check (REVERSE_INULL)
/mon/Monitor.cc: 746 in Monitor::shutdown()()
740 finish_contexts(g_ceph_context, maybe_wait_for_quorum, -ECANCELED);
741
742 timer.shutdown();
743
744 remove_all_sessions();
745
>>> CID 1225102: Dereference before null check (REVERSE_INULL)
>>> Null-checking "this->logger" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
746 if (logger) {
747 cct->get_perfcounters_collection()->remove(logger);
748 delete logger;
749 logger = NULL;
750 }
751 if (cluster_logger) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-06-20 14:46 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-06-20 14:46 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 4518 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id B32DA80060
for <sage@cobra.newdream.net>; Fri, 20 Jun 2014 07:40:50 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id B0E1E12097A; Fri, 20 Jun 2014 07:40:50 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdcbae.dreamhost.com
[208.97.132.104])
by destro.newdream.net (Postfix) with ESMTP id AFF72120979
for <sage@newdream.net>; Fri, 20 Jun 2014 07:40:50 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
A9D391616280
for <sage@newdream.net>; Fri, 20 Jun 2014 07:40:50 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from connor.dreamhost.com ([208.97.132.17])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id UpNBQZKeatze for <sage@newdream.net>;
Fri, 20 Jun 2014 07:40:50 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by connor.dreamhost.com (Postfix) with ESMTP id 790E12CA803B
for <sage@newdream.net>; Fri, 20 Jun 2014 07:40:50 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Fri, 20 Jun 2014 07:40:49 -0700
Date: Fri, 20 Jun 2014 07:40:48 -0700
From: scan-admin@coverity.com
Message-ID: <53a447f0c9bf4_726b7ed3307621f@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 20 Jun 2014 14:40:49.0021 (UTC)
FILETIME=[A0A4E2D0:01CF8C95]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO)
/tools/rados/rados.cc: 1368 in rados_tool_common(const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &, std::vector<const char *, std::allocator<const char *>> &)()
________________________________________________________________________________________________________
*** CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO)
/tools/rados/rados.cc: 1368 in rados_tool_common(const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &, std::vector<const char *, std::allocator<const char *>> &)()
1362 }
1363
1364 // align op_size
1365 if (io_ctx.pool_requires_alignment()) {
1366 const uint64_t align = io_ctx.pool_required_alignment();
1367 const bool wrn = (op_size != (1<<22));
>>> CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "(op_size + align - 1UL) / align", division by expression "align" which may be zero has undefined behavior.
1368 op_size = uint64_t((op_size + align - 1) / align) * align;
1369 if (wrn)
1370 cerr << "INFO: op_size has been rounded to " << op_size << std::endl;
1371 }
1372
1373 // snapname?
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Fri, 20 Jun 2014 07:40:48 -0700
Message-ID: <53a447f0c9bf4_726b7ed3307621f@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO)
/tools/rados/rados.cc: 1368 in rados_tool_common(const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &, std::vector<const char *, std::allocator<const char *>> &)()
________________________________________________________________________________________________________
*** CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO)
/tools/rados/rados.cc: 1368 in rados_tool_common(const std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::basic_string<char, std::char_traits<char>, std::allocator<char>>>>> &, std::vector<const char *, std::allocator<const char *>> &)()
1362 }
1363
1364 // align op_size
1365 if (io_ctx.pool_requires_alignment()) {
1366 const uint64_t align = io_ctx.pool_required_alignment();
1367 const bool wrn = (op_size != (1<<22));
>>> CID 1223276: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "(op_size + align - 1UL) / align", division by expression "align" which may be zero has undefined behavior.
1368 op_size = uint64_t((op_size + align - 1) / align) * align;
1369 if (wrn)
1370 cerr << "INFO: op_size has been rounded to " << op_size << std::endl;
1371 }
1372
1373 // snapname?
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-06-07 16:12 Sage Weil
2014-06-08 8:38 ` Sebastien Ponce
2014-06-18 7:37 ` Sebastien Ponce
0 siblings, 2 replies; 33+ messages in thread
From: Sage Weil @ 2014-06-07 16:12 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 60 bytes --]
Mostly stuff in teh new libradosstriper code, it looks like.
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 58057 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id F25B08048A
for <sage@cobra.newdream.net>; Sat, 7 Jun 2014 07:47:46 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id EBB2E1208BE; Sat, 7 Jun 2014 07:47:46 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdcbae.dreamhost.com
[208.97.132.104])
by destro.newdream.net (Postfix) with ESMTP id E8AEB1208BC
for <sage@newdream.net>; Sat, 7 Jun 2014 07:47:46 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
E38B91616071
for <sage@newdream.net>; Sat, 7 Jun 2014 07:47:46 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from godfather.dreamhost.com ([208.97.132.17])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id Ms4TkJ9N8UWX for <sage@newdream.net>;
Sat, 7 Jun 2014 07:47:46 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by godfather.dreamhost.com (Postfix) with ESMTP id B20251B0059
for <sage@newdream.net>; Sat, 7 Jun 2014 07:47:46 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Sat, 7 Jun 2014 07:47:46 -0700
Date: Sat, 07 Jun 2014 07:47:45 -0700
From: scan-admin@coverity.com
Message-ID: <53932611e02a6_1b1f6b531474516@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 07 Jun 2014 14:47:46.0395 (UTC)
FILETIME=[720C5AB0:01CF825F]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 41 defect(s)
** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 68 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1221500: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/io.cc: 341 in StriperTest_XattrIter_Test::TestBody()()
/test/libradosstriper/io.cc: 335 in StriperTest_XattrIter_Test::TestBody()()
** CID 1221501: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 513 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
** CID 1221502: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 537 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 538 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 532 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
** CID 1221503: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
** CID 1221504: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 428 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 424 in StriperTest_Flush_Test::TestBody()()
** CID 1221505: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
** CID 1221506: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 285 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 281 in StriperTest_IsSafe_Test::TestBody()()
** CID 1221507: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 453 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
** CID 1221508: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
** CID 1221509: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
** CID 1221510: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 108 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 104 in StriperTest_RoundTrip_Test::TestBody()()
** CID 1221511: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 319 in StriperTestPP_IsSafePP_Test::TestBody()()
** CID 1221512: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
** CID 1221513: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
** CID 1221514: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 218 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 214 in StriperTest_IsComplete_Test::TestBody()()
** CID 1221515: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
** CID 1221516: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 136 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 132 in StriperTest_RoundTrip2_Test::TestBody()()
** CID 1221517: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 52 in StriperTest_SimpleWrite_Test::TestBody()()
/test/libradosstriper/aio.cc: 48 in StriperTest_SimpleWrite_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(xa_size, size);
56 // checking object content from rados point of view
57 // we will go stripe by stripe, read the content of each of them and
58 // check with expectations
>>> CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "object_size / stripe_unit", division by expression "stripe_unit" which may be zero has undefined behavior.
59 uint64_t stripe_per_object = object_size / stripe_unit;
60 uint64_t stripe_per_objectset = stripe_per_object * stripe_count;
61 uint64_t nb_stripes_in_object = (size+stripe_unit-1)/stripe_unit;
62 for (uint64_t stripe_nb = 0;
63 stripe_nb < nb_stripes_in_object;
64 stripe_nb++) {
________________________________________________________________________________________________________
*** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 68 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
62 for (uint64_t stripe_nb = 0;
63 stripe_nb < nb_stripes_in_object;
64 stripe_nb++) {
65 // find out where this stripe is stored
66 uint64_t objectset = stripe_nb / stripe_per_objectset;
67 uint64_t stripe_in_object_set = stripe_nb % stripe_per_objectset;
>>> CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "stripe_in_object_set % stripe_count", modulo by expression "stripe_count" which may be zero has undefined behavior.
68 uint64_t object_in_set = stripe_in_object_set % stripe_count;
69 uint64_t stripe_in_object = stripe_in_object_set / stripe_count;
70 uint64_t object_nb = objectset * stripe_count + object_in_set;
71 uint64_t start = stripe_in_object * stripe_unit;
72 uint64_t len = stripe_unit;
73 if (stripe_nb == nb_stripes_in_object-1 and size % stripe_unit != 0) {
________________________________________________________________________________________________________
*** CID 1221500: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/io.cc: 341 in StriperTest_XattrIter_Test::TestBody()()
335 ASSERT_EQ(0, rados_striper_getxattrs(striper, "RmXattr", &iter));
336 int num_seen = 0;
337 while (true) {
338 const char *name;
339 const char *val;
340 size_t len;
>>> CID 1221500: Resource leak (RESOURCE_LEAK)
>>> Variable "iter" going out of scope leaks the storage it points to.
341 ASSERT_EQ(0, rados_getxattrs_next(iter, &name, &val, &len));
342 if (name == NULL) {
343 break;
344 }
345 ASSERT_LT(num_seen, 2) << "Extra attribute : " << name;
346 if ((strcmp(name, "attr1") == 0) && (memcmp(val, attr1_buf, len) == 0)) {
/test/libradosstriper/io.cc: 335 in StriperTest_XattrIter_Test::TestBody()()
329 }
330 memset(buf, 0xaa, sizeof(buf));
331 ASSERT_EQ(0, rados_striper_write(striper, "RmXattr", buf, sizeof(buf), 0));
332 ASSERT_EQ(0, rados_striper_setxattr(striper, "RmXattr", "attr1", attr1_buf, sizeof(attr1_buf)));
333 ASSERT_EQ(0, rados_striper_setxattr(striper, "RmXattr", "attr2", attr2_buf, sizeof(attr2_buf)));
334 rados_xattrs_iter_t iter;
>>> CID 1221500: Resource leak (RESOURCE_LEAK)
>>> Variable "iter" going out of scope leaks the storage it points to.
335 ASSERT_EQ(0, rados_striper_getxattrs(striper, "RmXattr", &iter));
336 int num_seen = 0;
337 while (true) {
338 const char *name;
339 const char *val;
340 size_t len;
________________________________________________________________________________________________________
*** CID 1221501: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 513 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
507 AioCompletion *my_completion = librados::Rados::aio_create_completion
508 ((void*)&test_data, set_completion_complete, set_completion_safe);
509 char buf[128];
510 memset(buf, 0xcc, sizeof(buf));
511 bufferlist bl1;
512 bl1.append(buf, sizeof(buf));
>>> CID 1221501: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
513 ASSERT_EQ(0, striper.aio_write("RoundTripWriteFullPP", my_completion, bl1, sizeof(buf), 0));
514 {
515 TestAlarm alarm;
516 my_completion->wait_for_complete();
517 }
518 char buf2[64];
________________________________________________________________________________________________________
*** CID 1221502: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 537 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
531 ((void*)&test_data, set_completion_complete, set_completion_safe);
532 ASSERT_EQ(0, striper.aio_read("RoundTripWriteFullPP", my_completion3, &bl3, sizeof(buf), 0));
533 {
534 TestAlarm alarm;
535 my_completion3->wait_for_complete();
536 }
>>> CID 1221502: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
537 ASSERT_EQ(sizeof(buf2), my_completion3->get_return_value());
538 ASSERT_EQ(0, memcmp(bl3.c_str(), buf2, sizeof(buf2)));
539 my_completion->release();
540 my_completion2->release();
541 my_completion3->release();
/test/libradosstriper/aio.cc: 538 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
532 ASSERT_EQ(0, striper.aio_read("RoundTripWriteFullPP", my_completion3, &bl3, sizeof(buf), 0));
533 {
534 TestAlarm alarm;
535 my_completion3->wait_for_complete();
536 }
537 ASSERT_EQ(sizeof(buf2), my_completion3->get_return_value());
>>> CID 1221502: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
538 ASSERT_EQ(0, memcmp(bl3.c_str(), buf2, sizeof(buf2)));
539 my_completion->release();
540 my_completion2->release();
541 my_completion3->release();
/test/libradosstriper/aio.cc: 532 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
526 TestAlarm alarm;
527 my_completion2->wait_for_complete();
528 }
529 bufferlist bl3;
530 AioCompletion *my_completion3 = librados::Rados::aio_create_completion
531 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221502: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
532 ASSERT_EQ(0, striper.aio_read("RoundTripWriteFullPP", my_completion3, &bl3, sizeof(buf), 0));
533 {
534 TestAlarm alarm;
535 my_completion3->wait_for_complete();
536 }
537 ASSERT_EQ(sizeof(buf2), my_completion3->get_return_value());
________________________________________________________________________________________________________
*** CID 1221503: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
>>> CID 1221503: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
441 rados_aio_release(my_completion);
442 rados_aio_release(my_completion2);
443 }
444
445 TEST_F(StriperTestPP, FlushPP) {
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221503: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
427 memset(buf, 0xee, sizeof(buf));
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
>>> CID 1221503: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
________________________________________________________________________________________________________
*** CID 1221504: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 428 in StriperTest_Flush_Test::TestBody()()
422 AioTestData test_data;
423 rados_completion_t my_completion;
424 ASSERT_EQ(0, rados_aio_create_completion
425 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
426 char buf[128];
427 memset(buf, 0xee, sizeof(buf));
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
433 ASSERT_EQ(0, rados_aio_create_completion
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
427 memset(buf, 0xee, sizeof(buf));
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
441 rados_aio_release(my_completion);
442 rados_aio_release(my_completion2);
443 }
444
445 TEST_F(StriperTestPP, FlushPP) {
/test/libradosstriper/aio.cc: 424 in StriperTest_Flush_Test::TestBody()()
418 my_completion3->release();
419 }
420
421 TEST_F(StriperTest, Flush) {
422 AioTestData test_data;
423 rados_completion_t my_completion;
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
424 ASSERT_EQ(0, rados_aio_create_completion
425 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
426 char buf[128];
427 memset(buf, 0xee, sizeof(buf));
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
________________________________________________________________________________________________________
*** CID 1221505: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
>>> CID 1221505: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
307 rados_aio_release(my_completion);
308 rados_aio_release(my_completion2);
309 }
310
311 TEST_F(StriperTestPP, IsSafePP) {
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221505: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
293 break;
294 }
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
>>> CID 1221505: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
________________________________________________________________________________________________________
*** CID 1221506: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
293 break;
294 }
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
307 rados_aio_release(my_completion);
308 rados_aio_release(my_completion2);
309 }
310
311 TEST_F(StriperTestPP, IsSafePP) {
/test/libradosstriper/aio.cc: 285 in StriperTest_IsSafe_Test::TestBody()()
279 AioTestData test_data;
280 rados_completion_t my_completion;
281 ASSERT_EQ(0, rados_aio_create_completion
282 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
283 char buf[128];
284 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
285 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsSafe", my_completion, buf, sizeof(buf), 0));
286 {
287 TestAlarm alarm;
288 // Busy-wait until the AIO completes.
289 // Normally we wouldn't do this, but we want to test rados_aio_is_safe.
290 while (true) {
/test/libradosstriper/aio.cc: 281 in StriperTest_IsSafe_Test::TestBody()()
275 my_completion2->release();
276 }
277
278 TEST_F(StriperTest, IsSafe) {
279 AioTestData test_data;
280 rados_completion_t my_completion;
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
281 ASSERT_EQ(0, rados_aio_create_completion
282 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
283 char buf[128];
284 memset(buf, 0xcc, sizeof(buf));
285 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsSafe", my_completion, buf, sizeof(buf), 0));
286 {
________________________________________________________________________________________________________
*** CID 1221507: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 453 in StriperTestPP_FlushPP_Test::TestBody()()
447 AioCompletion *my_completion = librados::Rados::aio_create_completion
448 ((void*)&test_data, set_completion_complete, set_completion_safe);
449 char buf[128];
450 memset(buf, 0xee, sizeof(buf));
451 bufferlist bl1;
452 bl1.append(buf, sizeof(buf));
>>> CID 1221507: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
453 ASSERT_EQ(0, striper.aio_write("FlushPP", my_completion, bl1, sizeof(buf), 0));
454 striper.aio_flush();
455 bufferlist bl2;
456 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
452 bl1.append(buf, sizeof(buf));
453 ASSERT_EQ(0, striper.aio_write("FlushPP", my_completion, bl1, sizeof(buf), 0));
454 striper.aio_flush();
455 bufferlist bl2;
456 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221507: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
>>> CID 1221507: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
464 my_completion->release();
465 my_completion2->release();
466 }
467
468 TEST_F(StriperTest, RoundTripWriteFull) {
________________________________________________________________________________________________________
*** CID 1221508: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
>>> CID 1221508: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
464 my_completion->release();
465 my_completion2->release();
466 }
467
468 TEST_F(StriperTest, RoundTripWriteFull) {
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
452 bl1.append(buf, sizeof(buf));
453 ASSERT_EQ(0, striper.aio_write("FlushPP", my_completion, bl1, sizeof(buf), 0));
454 striper.aio_flush();
455 bufferlist bl2;
456 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221508: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
________________________________________________________________________________________________________
*** CID 1221509: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
>>> CID 1221509: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
125 rados_aio_release(my_completion);
126 rados_aio_release(my_completion2);
127 }
128
129 TEST_F(StriperTest, RoundTrip2) {
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221509: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
111 sem_wait(&test_data.m_sem);
112 sem_wait(&test_data.m_sem);
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
>>> CID 1221509: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
________________________________________________________________________________________________________
*** CID 1221510: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 108 in StriperTest_RoundTrip_Test::TestBody()()
102 AioTestData test_data;
103 rados_completion_t my_completion;
104 ASSERT_EQ(0, rados_aio_create_completion
105 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
106 char buf[128];
107 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
108 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip", my_completion, buf, sizeof(buf), 0));
109 {
110 TestAlarm alarm;
111 sem_wait(&test_data.m_sem);
112 sem_wait(&test_data.m_sem);
113 }
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
111 sem_wait(&test_data.m_sem);
112 sem_wait(&test_data.m_sem);
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
125 rados_aio_release(my_completion);
126 rados_aio_release(my_completion2);
127 }
128
129 TEST_F(StriperTest, RoundTrip2) {
/test/libradosstriper/aio.cc: 104 in StriperTest_RoundTrip_Test::TestBody()()
98 my_completion->release();
99 }
100
101 TEST_F(StriperTest, RoundTrip) {
102 AioTestData test_data;
103 rados_completion_t my_completion;
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
104 ASSERT_EQ(0, rados_aio_create_completion
105 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
106 char buf[128];
107 memset(buf, 0xcc, sizeof(buf));
108 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip", my_completion, buf, sizeof(buf), 0));
109 {
________________________________________________________________________________________________________
*** CID 1221511: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
327 break;
328 }
329 }
330 bufferlist bl2;
331 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221511: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
>>> CID 1221511: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
339 my_completion->release();
340 my_completion2->release();
341 }
342
343 TEST_F(StriperTest, RoundTripAppend) {
/test/libradosstriper/aio.cc: 319 in StriperTestPP_IsSafePP_Test::TestBody()()
313 AioCompletion *my_completion = librados::Rados::aio_create_completion
314 ((void*)&test_data, set_completion_complete, set_completion_safe);
315 char buf[128];
316 memset(buf, 0xcc, sizeof(buf));
317 bufferlist bl1;
318 bl1.append(buf, sizeof(buf));
>>> CID 1221511: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
319 ASSERT_EQ(0, striper.aio_write("IsSafePP", my_completion, bl1, sizeof(buf), 0));
320 {
321 TestAlarm alarm;
322 // Busy-wait until the AIO completes.
323 // Normally we wouldn't do this, but we want to test rados_aio_is_safe.
324 while (true) {
________________________________________________________________________________________________________
*** CID 1221512: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
>>> CID 1221512: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
339 my_completion->release();
340 my_completion2->release();
341 }
342
343 TEST_F(StriperTest, RoundTripAppend) {
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
327 break;
328 }
329 }
330 bufferlist bl2;
331 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221512: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
________________________________________________________________________________________________________
*** CID 1221513: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
234 while (true) {
235 int is_complete = rados_aio_is_complete(my_completion2);
236 if (is_complete)
237 break;
238 }
239 }
>>> CID 1221513: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
240 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
241 rados_aio_release(my_completion);
242 rados_aio_release(my_completion2);
243 }
244
245 TEST_F(StriperTestPP, IsCompletePP) {
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221513: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
233 // Normally we wouldn't do this, but we want to test rados_aio_is_complete.
234 while (true) {
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
221 sem_wait(&test_data.m_sem);
222 sem_wait(&test_data.m_sem);
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
>>> CID 1221513: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
________________________________________________________________________________________________________
*** CID 1221514: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 218 in StriperTest_IsComplete_Test::TestBody()()
212 AioTestData test_data;
213 rados_completion_t my_completion;
214 ASSERT_EQ(0, rados_aio_create_completion
215 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
216 char buf[128];
217 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
218 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsComplete", my_completion, buf, sizeof(buf), 0));
219 {
220 TestAlarm alarm;
221 sem_wait(&test_data.m_sem);
222 sem_wait(&test_data.m_sem);
223 }
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
221 sem_wait(&test_data.m_sem);
222 sem_wait(&test_data.m_sem);
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
233 // Normally we wouldn't do this, but we want to test rados_aio_is_complete.
234 while (true) {
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
234 while (true) {
235 int is_complete = rados_aio_is_complete(my_completion2);
236 if (is_complete)
237 break;
238 }
239 }
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
240 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
241 rados_aio_release(my_completion);
242 rados_aio_release(my_completion2);
243 }
244
245 TEST_F(StriperTestPP, IsCompletePP) {
/test/libradosstriper/aio.cc: 214 in StriperTest_IsComplete_Test::TestBody()()
208 my_completion2->release();
209 }
210
211 TEST_F(StriperTest, IsComplete) {
212 AioTestData test_data;
213 rados_completion_t my_completion;
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
214 ASSERT_EQ(0, rados_aio_create_completion
215 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
216 char buf[128];
217 memset(buf, 0xcc, sizeof(buf));
218 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsComplete", my_completion, buf, sizeof(buf), 0));
219 {
________________________________________________________________________________________________________
*** CID 1221515: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
>>> CID 1221515: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
153 rados_aio_release(my_completion);
154 rados_aio_release(my_completion2);
155 }
156
157 TEST_F(StriperTestPP, RoundTripPP) {
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221515: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
139 sem_wait(&test_data.m_sem);
140 sem_wait(&test_data.m_sem);
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
>>> CID 1221515: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
________________________________________________________________________________________________________
*** CID 1221516: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 136 in StriperTest_RoundTrip2_Test::TestBody()()
130 AioTestData test_data;
131 rados_completion_t my_completion;
132 ASSERT_EQ(0, rados_aio_create_completion
133 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
134 char buf[128];
135 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
136 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip2", my_completion, buf, sizeof(buf), 0));
137 {
138 TestAlarm alarm;
139 sem_wait(&test_data.m_sem);
140 sem_wait(&test_data.m_sem);
141 }
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
139 sem_wait(&test_data.m_sem);
140 sem_wait(&test_data.m_sem);
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
153 rados_aio_release(my_completion);
154 rados_aio_release(my_completion2);
155 }
156
157 TEST_F(StriperTestPP, RoundTripPP) {
/test/libradosstriper/aio.cc: 132 in StriperTest_RoundTrip2_Test::TestBody()()
126 rados_aio_release(my_completion2);
127 }
128
129 TEST_F(StriperTest, RoundTrip2) {
130 AioTestData test_data;
131 rados_completion_t my_completion;
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
132 ASSERT_EQ(0, rados_aio_create_completion
133 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
134 char buf[128];
135 memset(buf, 0xcc, sizeof(buf));
136 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip2", my_completion, buf, sizeof(buf), 0));
137 {
________________________________________________________________________________________________________
*** CID 1221517: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 52 in StriperTest_SimpleWrite_Test::TestBody()()
46 AioTestData test_data;
47 rados_completion_t my_completion;
48 ASSERT_EQ(0, rados_aio_create_completion
49 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
50 char buf[128];
51 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221517: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
52 ASSERT_EQ(0, rados_striper_aio_write(striper, "StriperTest", my_completion, buf, sizeof(buf), 0));
53 TestAlarm alarm;
54 sem_wait(&test_data.m_sem);
55 sem_wait(&test_data.m_sem);
56 rados_aio_release(my_completion);
57 }
/test/libradosstriper/aio.cc: 48 in StriperTest_SimpleWrite_Test::TestBody()()
42 sem_post(&test->m_sem);
43 }
44
45 TEST_F(StriperTest, SimpleWrite) {
46 AioTestData test_data;
47 rados_completion_t my_completion;
>>> CID 1221517: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
48 ASSERT_EQ(0, rados_aio_create_completion
49 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
50 char buf[128];
51 memset(buf, 0xcc, sizeof(buf));
52 ASSERT_EQ(0, rados_striper_aio_write(striper, "StriperTest", my_completion, buf, sizeof(buf), 0));
53 TestAlarm alarm;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Sat, 07 Jun 2014 07:47:45 -0700
Message-ID: <53932611e02a6_1b1f6b531474516@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 41 defect(s)
** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 68 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
** CID 1221500: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/io.cc: 341 in StriperTest_XattrIter_Test::TestBody()()
/test/libradosstriper/io.cc: 335 in StriperTest_XattrIter_Test::TestBody()()
** CID 1221501: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 513 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
** CID 1221502: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 537 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 538 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 532 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
** CID 1221503: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
** CID 1221504: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 428 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
/test/libradosstriper/aio.cc: 424 in StriperTest_Flush_Test::TestBody()()
** CID 1221505: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
** CID 1221506: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 285 in StriperTest_IsSafe_Test::TestBody()()
/test/libradosstriper/aio.cc: 281 in StriperTest_IsSafe_Test::TestBody()()
** CID 1221507: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 453 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
** CID 1221508: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
** CID 1221509: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
** CID 1221510: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 108 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
/test/libradosstriper/aio.cc: 104 in StriperTest_RoundTrip_Test::TestBody()()
** CID 1221511: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 319 in StriperTestPP_IsSafePP_Test::TestBody()()
** CID 1221512: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
** CID 1221513: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
** CID 1221514: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 218 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
/test/libradosstriper/aio.cc: 214 in StriperTest_IsComplete_Test::TestBody()()
** CID 1221515: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
** CID 1221516: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 136 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
/test/libradosstriper/aio.cc: 132 in StriperTest_RoundTrip2_Test::TestBody()()
** CID 1221517: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 52 in StriperTest_SimpleWrite_Test::TestBody()()
/test/libradosstriper/aio.cc: 48 in StriperTest_SimpleWrite_Test::TestBody()()
________________________________________________________________________________________________________
*** CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 59 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
53 s_xattr = std::string(xattrbl.c_str(), xattrbl.length()); // adds 0 byte at the end
54 uint64_t xa_size = strtoll(s_xattr.c_str(), NULL, 10);
55 ASSERT_EQ(xa_size, size);
56 // checking object content from rados point of view
57 // we will go stripe by stripe, read the content of each of them and
58 // check with expectations
>>> CID 1221498: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "object_size / stripe_unit", division by expression "stripe_unit" which may be zero has undefined behavior.
59 uint64_t stripe_per_object = object_size / stripe_unit;
60 uint64_t stripe_per_objectset = stripe_per_object * stripe_count;
61 uint64_t nb_stripes_in_object = (size+stripe_unit-1)/stripe_unit;
62 for (uint64_t stripe_nb = 0;
63 stripe_nb < nb_stripes_in_object;
64 stripe_nb++) {
________________________________________________________________________________________________________
*** CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
/test/libradosstriper/striping.cc: 68 in StriperTestRT::checkObjectFromRados(const std::basic_string<char, std::char_traits<char>, std::allocator<char>>&, ceph::buffer::list &, unsigned long, unsigned long, unsigned long, unsigned long, unsigned long)()
62 for (uint64_t stripe_nb = 0;
63 stripe_nb < nb_stripes_in_object;
64 stripe_nb++) {
65 // find out where this stripe is stored
66 uint64_t objectset = stripe_nb / stripe_per_objectset;
67 uint64_t stripe_in_object_set = stripe_nb % stripe_per_objectset;
>>> CID 1221499: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "stripe_in_object_set % stripe_count", modulo by expression "stripe_count" which may be zero has undefined behavior.
68 uint64_t object_in_set = stripe_in_object_set % stripe_count;
69 uint64_t stripe_in_object = stripe_in_object_set / stripe_count;
70 uint64_t object_nb = objectset * stripe_count + object_in_set;
71 uint64_t start = stripe_in_object * stripe_unit;
72 uint64_t len = stripe_unit;
73 if (stripe_nb == nb_stripes_in_object-1 and size % stripe_unit != 0) {
________________________________________________________________________________________________________
*** CID 1221500: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/io.cc: 341 in StriperTest_XattrIter_Test::TestBody()()
335 ASSERT_EQ(0, rados_striper_getxattrs(striper, "RmXattr", &iter));
336 int num_seen = 0;
337 while (true) {
338 const char *name;
339 const char *val;
340 size_t len;
>>> CID 1221500: Resource leak (RESOURCE_LEAK)
>>> Variable "iter" going out of scope leaks the storage it points to.
341 ASSERT_EQ(0, rados_getxattrs_next(iter, &name, &val, &len));
342 if (name == NULL) {
343 break;
344 }
345 ASSERT_LT(num_seen, 2) << "Extra attribute : " << name;
346 if ((strcmp(name, "attr1") == 0) && (memcmp(val, attr1_buf, len) == 0)) {
/test/libradosstriper/io.cc: 335 in StriperTest_XattrIter_Test::TestBody()()
329 }
330 memset(buf, 0xaa, sizeof(buf));
331 ASSERT_EQ(0, rados_striper_write(striper, "RmXattr", buf, sizeof(buf), 0));
332 ASSERT_EQ(0, rados_striper_setxattr(striper, "RmXattr", "attr1", attr1_buf, sizeof(attr1_buf)));
333 ASSERT_EQ(0, rados_striper_setxattr(striper, "RmXattr", "attr2", attr2_buf, sizeof(attr2_buf)));
334 rados_xattrs_iter_t iter;
>>> CID 1221500: Resource leak (RESOURCE_LEAK)
>>> Variable "iter" going out of scope leaks the storage it points to.
335 ASSERT_EQ(0, rados_striper_getxattrs(striper, "RmXattr", &iter));
336 int num_seen = 0;
337 while (true) {
338 const char *name;
339 const char *val;
340 size_t len;
________________________________________________________________________________________________________
*** CID 1221501: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 513 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
507 AioCompletion *my_completion = librados::Rados::aio_create_completion
508 ((void*)&test_data, set_completion_complete, set_completion_safe);
509 char buf[128];
510 memset(buf, 0xcc, sizeof(buf));
511 bufferlist bl1;
512 bl1.append(buf, sizeof(buf));
>>> CID 1221501: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
513 ASSERT_EQ(0, striper.aio_write("RoundTripWriteFullPP", my_completion, bl1, sizeof(buf), 0));
514 {
515 TestAlarm alarm;
516 my_completion->wait_for_complete();
517 }
518 char buf2[64];
________________________________________________________________________________________________________
*** CID 1221502: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 537 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
531 ((void*)&test_data, set_completion_complete, set_completion_safe);
532 ASSERT_EQ(0, striper.aio_read("RoundTripWriteFullPP", my_completion3, &bl3, sizeof(buf), 0));
533 {
534 TestAlarm alarm;
535 my_completion3->wait_for_complete();
536 }
>>> CID 1221502: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
537 ASSERT_EQ(sizeof(buf2), my_completion3->get_return_value());
538 ASSERT_EQ(0, memcmp(bl3.c_str(), buf2, sizeof(buf2)));
539 my_completion->release();
540 my_completion2->release();
541 my_completion3->release();
/test/libradosstriper/aio.cc: 538 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
532 ASSERT_EQ(0, striper.aio_read("RoundTripWriteFullPP", my_completion3, &bl3, sizeof(buf), 0));
533 {
534 TestAlarm alarm;
535 my_completion3->wait_for_complete();
536 }
537 ASSERT_EQ(sizeof(buf2), my_completion3->get_return_value());
>>> CID 1221502: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
538 ASSERT_EQ(0, memcmp(bl3.c_str(), buf2, sizeof(buf2)));
539 my_completion->release();
540 my_completion2->release();
541 my_completion3->release();
/test/libradosstriper/aio.cc: 532 in StriperTestPP_RoundTripWriteFullPP_Test::TestBody()()
526 TestAlarm alarm;
527 my_completion2->wait_for_complete();
528 }
529 bufferlist bl3;
530 AioCompletion *my_completion3 = librados::Rados::aio_create_completion
531 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221502: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion3" going out of scope leaks the storage it points to.
532 ASSERT_EQ(0, striper.aio_read("RoundTripWriteFullPP", my_completion3, &bl3, sizeof(buf), 0));
533 {
534 TestAlarm alarm;
535 my_completion3->wait_for_complete();
536 }
537 ASSERT_EQ(sizeof(buf2), my_completion3->get_return_value());
________________________________________________________________________________________________________
*** CID 1221503: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
>>> CID 1221503: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
441 rados_aio_release(my_completion);
442 rados_aio_release(my_completion2);
443 }
444
445 TEST_F(StriperTestPP, FlushPP) {
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221503: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
427 memset(buf, 0xee, sizeof(buf));
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
>>> CID 1221503: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
________________________________________________________________________________________________________
*** CID 1221504: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 428 in StriperTest_Flush_Test::TestBody()()
422 AioTestData test_data;
423 rados_completion_t my_completion;
424 ASSERT_EQ(0, rados_aio_create_completion
425 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
426 char buf[128];
427 memset(buf, 0xee, sizeof(buf));
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
433 ASSERT_EQ(0, rados_aio_create_completion
/test/libradosstriper/aio.cc: 433 in StriperTest_Flush_Test::TestBody()()
427 memset(buf, 0xee, sizeof(buf));
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
/test/libradosstriper/aio.cc: 435 in StriperTest_Flush_Test::TestBody()()
429 rados_striper_aio_flush(striper);
430 char buf2[128];
431 memset(buf2, 0, sizeof(buf2));
432 rados_completion_t my_completion2;
433 ASSERT_EQ(0, rados_aio_create_completion
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 440 in StriperTest_Flush_Test::TestBody()()
434 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
435 ASSERT_EQ(0, rados_striper_aio_read(striper, "Flush", my_completion2, buf2, sizeof(buf2), 0));
436 {
437 TestAlarm alarm;
438 rados_aio_wait_for_complete(my_completion2);
439 }
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
440 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
441 rados_aio_release(my_completion);
442 rados_aio_release(my_completion2);
443 }
444
445 TEST_F(StriperTestPP, FlushPP) {
/test/libradosstriper/aio.cc: 424 in StriperTest_Flush_Test::TestBody()()
418 my_completion3->release();
419 }
420
421 TEST_F(StriperTest, Flush) {
422 AioTestData test_data;
423 rados_completion_t my_completion;
>>> CID 1221504: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
424 ASSERT_EQ(0, rados_aio_create_completion
425 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
426 char buf[128];
427 memset(buf, 0xee, sizeof(buf));
428 ASSERT_EQ(0, rados_striper_aio_write(striper, "Flush", my_completion, buf, sizeof(buf), 0));
429 rados_striper_aio_flush(striper);
________________________________________________________________________________________________________
*** CID 1221505: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
>>> CID 1221505: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
307 rados_aio_release(my_completion);
308 rados_aio_release(my_completion2);
309 }
310
311 TEST_F(StriperTestPP, IsSafePP) {
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221505: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
293 break;
294 }
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
>>> CID 1221505: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
________________________________________________________________________________________________________
*** CID 1221506: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 299 in StriperTest_IsSafe_Test::TestBody()()
293 break;
294 }
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
/test/libradosstriper/aio.cc: 301 in StriperTest_IsSafe_Test::TestBody()()
295 }
296 char buf2[128];
297 memset(buf2, 0, sizeof(buf2));
298 rados_completion_t my_completion2;
299 ASSERT_EQ(0, rados_aio_create_completion
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 306 in StriperTest_IsSafe_Test::TestBody()()
300 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
301 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsSafe", my_completion2, buf2, sizeof(buf2), 0));
302 {
303 TestAlarm alarm;
304 rados_aio_wait_for_complete(my_completion2);
305 }
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
306 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
307 rados_aio_release(my_completion);
308 rados_aio_release(my_completion2);
309 }
310
311 TEST_F(StriperTestPP, IsSafePP) {
/test/libradosstriper/aio.cc: 285 in StriperTest_IsSafe_Test::TestBody()()
279 AioTestData test_data;
280 rados_completion_t my_completion;
281 ASSERT_EQ(0, rados_aio_create_completion
282 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
283 char buf[128];
284 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
285 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsSafe", my_completion, buf, sizeof(buf), 0));
286 {
287 TestAlarm alarm;
288 // Busy-wait until the AIO completes.
289 // Normally we wouldn't do this, but we want to test rados_aio_is_safe.
290 while (true) {
/test/libradosstriper/aio.cc: 281 in StriperTest_IsSafe_Test::TestBody()()
275 my_completion2->release();
276 }
277
278 TEST_F(StriperTest, IsSafe) {
279 AioTestData test_data;
280 rados_completion_t my_completion;
>>> CID 1221506: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
281 ASSERT_EQ(0, rados_aio_create_completion
282 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
283 char buf[128];
284 memset(buf, 0xcc, sizeof(buf));
285 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsSafe", my_completion, buf, sizeof(buf), 0));
286 {
________________________________________________________________________________________________________
*** CID 1221507: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 453 in StriperTestPP_FlushPP_Test::TestBody()()
447 AioCompletion *my_completion = librados::Rados::aio_create_completion
448 ((void*)&test_data, set_completion_complete, set_completion_safe);
449 char buf[128];
450 memset(buf, 0xee, sizeof(buf));
451 bufferlist bl1;
452 bl1.append(buf, sizeof(buf));
>>> CID 1221507: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
453 ASSERT_EQ(0, striper.aio_write("FlushPP", my_completion, bl1, sizeof(buf), 0));
454 striper.aio_flush();
455 bufferlist bl2;
456 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
452 bl1.append(buf, sizeof(buf));
453 ASSERT_EQ(0, striper.aio_write("FlushPP", my_completion, bl1, sizeof(buf), 0));
454 striper.aio_flush();
455 bufferlist bl2;
456 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221507: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
>>> CID 1221507: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
464 my_completion->release();
465 my_completion2->release();
466 }
467
468 TEST_F(StriperTest, RoundTripWriteFull) {
________________________________________________________________________________________________________
*** CID 1221508: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 463 in StriperTestPP_FlushPP_Test::TestBody()()
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
>>> CID 1221508: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
464 my_completion->release();
465 my_completion2->release();
466 }
467
468 TEST_F(StriperTest, RoundTripWriteFull) {
/test/libradosstriper/aio.cc: 458 in StriperTestPP_FlushPP_Test::TestBody()()
452 bl1.append(buf, sizeof(buf));
453 ASSERT_EQ(0, striper.aio_write("FlushPP", my_completion, bl1, sizeof(buf), 0));
454 striper.aio_flush();
455 bufferlist bl2;
456 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
457 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221508: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
458 ASSERT_EQ(0, striper.aio_read("FlushPP", my_completion2, &bl2, sizeof(buf), 0));
459 {
460 TestAlarm alarm;
461 my_completion2->wait_for_complete();
462 }
463 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
________________________________________________________________________________________________________
*** CID 1221509: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
>>> CID 1221509: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
125 rados_aio_release(my_completion);
126 rados_aio_release(my_completion2);
127 }
128
129 TEST_F(StriperTest, RoundTrip2) {
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221509: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
111 sem_wait(&test_data.m_sem);
112 sem_wait(&test_data.m_sem);
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
>>> CID 1221509: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
________________________________________________________________________________________________________
*** CID 1221510: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 108 in StriperTest_RoundTrip_Test::TestBody()()
102 AioTestData test_data;
103 rados_completion_t my_completion;
104 ASSERT_EQ(0, rados_aio_create_completion
105 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
106 char buf[128];
107 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
108 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip", my_completion, buf, sizeof(buf), 0));
109 {
110 TestAlarm alarm;
111 sem_wait(&test_data.m_sem);
112 sem_wait(&test_data.m_sem);
113 }
/test/libradosstriper/aio.cc: 117 in StriperTest_RoundTrip_Test::TestBody()()
111 sem_wait(&test_data.m_sem);
112 sem_wait(&test_data.m_sem);
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
/test/libradosstriper/aio.cc: 119 in StriperTest_RoundTrip_Test::TestBody()()
113 }
114 char buf2[128];
115 memset(buf2, 0, sizeof(buf2));
116 rados_completion_t my_completion2;
117 ASSERT_EQ(0, rados_aio_create_completion
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 124 in StriperTest_RoundTrip_Test::TestBody()()
118 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
119 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip", my_completion2, buf2, sizeof(buf2), 0));
120 {
121 TestAlarm alarm;
122 rados_aio_wait_for_complete(my_completion2);
123 }
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
124 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
125 rados_aio_release(my_completion);
126 rados_aio_release(my_completion2);
127 }
128
129 TEST_F(StriperTest, RoundTrip2) {
/test/libradosstriper/aio.cc: 104 in StriperTest_RoundTrip_Test::TestBody()()
98 my_completion->release();
99 }
100
101 TEST_F(StriperTest, RoundTrip) {
102 AioTestData test_data;
103 rados_completion_t my_completion;
>>> CID 1221510: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
104 ASSERT_EQ(0, rados_aio_create_completion
105 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
106 char buf[128];
107 memset(buf, 0xcc, sizeof(buf));
108 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip", my_completion, buf, sizeof(buf), 0));
109 {
________________________________________________________________________________________________________
*** CID 1221511: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
327 break;
328 }
329 }
330 bufferlist bl2;
331 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221511: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
>>> CID 1221511: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
339 my_completion->release();
340 my_completion2->release();
341 }
342
343 TEST_F(StriperTest, RoundTripAppend) {
/test/libradosstriper/aio.cc: 319 in StriperTestPP_IsSafePP_Test::TestBody()()
313 AioCompletion *my_completion = librados::Rados::aio_create_completion
314 ((void*)&test_data, set_completion_complete, set_completion_safe);
315 char buf[128];
316 memset(buf, 0xcc, sizeof(buf));
317 bufferlist bl1;
318 bl1.append(buf, sizeof(buf));
>>> CID 1221511: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
319 ASSERT_EQ(0, striper.aio_write("IsSafePP", my_completion, bl1, sizeof(buf), 0));
320 {
321 TestAlarm alarm;
322 // Busy-wait until the AIO completes.
323 // Normally we wouldn't do this, but we want to test rados_aio_is_safe.
324 while (true) {
________________________________________________________________________________________________________
*** CID 1221512: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 338 in StriperTestPP_IsSafePP_Test::TestBody()()
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
>>> CID 1221512: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
339 my_completion->release();
340 my_completion2->release();
341 }
342
343 TEST_F(StriperTest, RoundTripAppend) {
/test/libradosstriper/aio.cc: 333 in StriperTestPP_IsSafePP_Test::TestBody()()
327 break;
328 }
329 }
330 bufferlist bl2;
331 AioCompletion *my_completion2 = librados::Rados::aio_create_completion
332 ((void*)&test_data, set_completion_complete, set_completion_safe);
>>> CID 1221512: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
333 ASSERT_EQ(0, striper.aio_read("IsSafePP", my_completion2, &bl2, sizeof(buf), 0));
334 {
335 TestAlarm alarm;
336 my_completion2->wait_for_complete();
337 }
338 ASSERT_EQ(0, memcmp(buf, bl2.c_str(), sizeof(buf)));
________________________________________________________________________________________________________
*** CID 1221513: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
234 while (true) {
235 int is_complete = rados_aio_is_complete(my_completion2);
236 if (is_complete)
237 break;
238 }
239 }
>>> CID 1221513: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
240 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
241 rados_aio_release(my_completion);
242 rados_aio_release(my_completion2);
243 }
244
245 TEST_F(StriperTestPP, IsCompletePP) {
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221513: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
233 // Normally we wouldn't do this, but we want to test rados_aio_is_complete.
234 while (true) {
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
221 sem_wait(&test_data.m_sem);
222 sem_wait(&test_data.m_sem);
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
>>> CID 1221513: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
________________________________________________________________________________________________________
*** CID 1221514: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 218 in StriperTest_IsComplete_Test::TestBody()()
212 AioTestData test_data;
213 rados_completion_t my_completion;
214 ASSERT_EQ(0, rados_aio_create_completion
215 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
216 char buf[128];
217 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
218 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsComplete", my_completion, buf, sizeof(buf), 0));
219 {
220 TestAlarm alarm;
221 sem_wait(&test_data.m_sem);
222 sem_wait(&test_data.m_sem);
223 }
/test/libradosstriper/aio.cc: 227 in StriperTest_IsComplete_Test::TestBody()()
221 sem_wait(&test_data.m_sem);
222 sem_wait(&test_data.m_sem);
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
/test/libradosstriper/aio.cc: 229 in StriperTest_IsComplete_Test::TestBody()()
223 }
224 char buf2[128];
225 memset(buf2, 0, sizeof(buf2));
226 rados_completion_t my_completion2;
227 ASSERT_EQ(0, rados_aio_create_completion
228 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
229 ASSERT_EQ(0, rados_striper_aio_read(striper, "IsComplete", my_completion2, buf2, sizeof(buf2), 0));
230 {
231 TestAlarm alarm;
232 // Busy-wait until the AIO completes.
233 // Normally we wouldn't do this, but we want to test rados_aio_is_complete.
234 while (true) {
/test/libradosstriper/aio.cc: 240 in StriperTest_IsComplete_Test::TestBody()()
234 while (true) {
235 int is_complete = rados_aio_is_complete(my_completion2);
236 if (is_complete)
237 break;
238 }
239 }
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
240 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
241 rados_aio_release(my_completion);
242 rados_aio_release(my_completion2);
243 }
244
245 TEST_F(StriperTestPP, IsCompletePP) {
/test/libradosstriper/aio.cc: 214 in StriperTest_IsComplete_Test::TestBody()()
208 my_completion2->release();
209 }
210
211 TEST_F(StriperTest, IsComplete) {
212 AioTestData test_data;
213 rados_completion_t my_completion;
>>> CID 1221514: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
214 ASSERT_EQ(0, rados_aio_create_completion
215 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
216 char buf[128];
217 memset(buf, 0xcc, sizeof(buf));
218 ASSERT_EQ(0, rados_striper_aio_write(striper, "IsComplete", my_completion, buf, sizeof(buf), 0));
219 {
________________________________________________________________________________________________________
*** CID 1221515: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
>>> CID 1221515: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
153 rados_aio_release(my_completion);
154 rados_aio_release(my_completion2);
155 }
156
157 TEST_F(StriperTestPP, RoundTripPP) {
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221515: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
139 sem_wait(&test_data.m_sem);
140 sem_wait(&test_data.m_sem);
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
>>> CID 1221515: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion2" going out of scope leaks the storage it points to.
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
________________________________________________________________________________________________________
*** CID 1221516: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 136 in StriperTest_RoundTrip2_Test::TestBody()()
130 AioTestData test_data;
131 rados_completion_t my_completion;
132 ASSERT_EQ(0, rados_aio_create_completion
133 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
134 char buf[128];
135 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
136 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip2", my_completion, buf, sizeof(buf), 0));
137 {
138 TestAlarm alarm;
139 sem_wait(&test_data.m_sem);
140 sem_wait(&test_data.m_sem);
141 }
/test/libradosstriper/aio.cc: 145 in StriperTest_RoundTrip2_Test::TestBody()()
139 sem_wait(&test_data.m_sem);
140 sem_wait(&test_data.m_sem);
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
/test/libradosstriper/aio.cc: 147 in StriperTest_RoundTrip2_Test::TestBody()()
141 }
142 char buf2[128];
143 memset(buf2, 0, sizeof(buf2));
144 rados_completion_t my_completion2;
145 ASSERT_EQ(0, rados_aio_create_completion
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
/test/libradosstriper/aio.cc: 152 in StriperTest_RoundTrip2_Test::TestBody()()
146 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion2));
147 ASSERT_EQ(0, rados_striper_aio_read(striper, "RoundTrip2", my_completion2, buf2, sizeof(buf2), 0));
148 {
149 TestAlarm alarm;
150 rados_aio_wait_for_safe(my_completion2);
151 }
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
152 ASSERT_EQ(0, memcmp(buf, buf2, sizeof(buf)));
153 rados_aio_release(my_completion);
154 rados_aio_release(my_completion2);
155 }
156
157 TEST_F(StriperTestPP, RoundTripPP) {
/test/libradosstriper/aio.cc: 132 in StriperTest_RoundTrip2_Test::TestBody()()
126 rados_aio_release(my_completion2);
127 }
128
129 TEST_F(StriperTest, RoundTrip2) {
130 AioTestData test_data;
131 rados_completion_t my_completion;
>>> CID 1221516: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
132 ASSERT_EQ(0, rados_aio_create_completion
133 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
134 char buf[128];
135 memset(buf, 0xcc, sizeof(buf));
136 ASSERT_EQ(0, rados_striper_aio_write(striper, "RoundTrip2", my_completion, buf, sizeof(buf), 0));
137 {
________________________________________________________________________________________________________
*** CID 1221517: Resource leak (RESOURCE_LEAK)
/test/libradosstriper/aio.cc: 52 in StriperTest_SimpleWrite_Test::TestBody()()
46 AioTestData test_data;
47 rados_completion_t my_completion;
48 ASSERT_EQ(0, rados_aio_create_completion
49 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
50 char buf[128];
51 memset(buf, 0xcc, sizeof(buf));
>>> CID 1221517: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
52 ASSERT_EQ(0, rados_striper_aio_write(striper, "StriperTest", my_completion, buf, sizeof(buf), 0));
53 TestAlarm alarm;
54 sem_wait(&test_data.m_sem);
55 sem_wait(&test_data.m_sem);
56 rados_aio_release(my_completion);
57 }
/test/libradosstriper/aio.cc: 48 in StriperTest_SimpleWrite_Test::TestBody()()
42 sem_post(&test->m_sem);
43 }
44
45 TEST_F(StriperTest, SimpleWrite) {
46 AioTestData test_data;
47 rados_completion_t my_completion;
>>> CID 1221517: Resource leak (RESOURCE_LEAK)
>>> Variable "my_completion" going out of scope leaks the storage it points to.
48 ASSERT_EQ(0, rados_aio_create_completion
49 ((void*)&test_data, set_completion_complete, set_completion_safe, &my_completion));
50 char buf[128];
51 memset(buf, 0xcc, sizeof(buf));
52 ASSERT_EQ(0, rados_striper_aio_write(striper, "StriperTest", my_completion, buf, sizeof(buf), 0));
53 TestAlarm alarm;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-06-07 16:12 Sage Weil
@ 2014-06-08 8:38 ` Sebastien Ponce
2014-06-18 7:37 ` Sebastien Ponce
1 sibling, 0 replies; 33+ messages in thread
From: Sebastien Ponce @ 2014-06-08 8:38 UTC (permalink / raw)
To: Sage Weil; +Cc: ceph-devel
Not surprising, this was just integrated and I did not have the
possibility to run a coverity scan myself.
I'll fix all this.
Sebastien
On Sat, 2014-06-07 at 09:12 -0700, Sage Weil wrote:
> Mostly stuff in teh new libradosstriper code, it looks like.
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-06-07 16:12 Sage Weil
2014-06-08 8:38 ` Sebastien Ponce
@ 2014-06-18 7:37 ` Sebastien Ponce
1 sibling, 0 replies; 33+ messages in thread
From: Sebastien Ponce @ 2014-06-18 7:37 UTC (permalink / raw)
To: Sage Weil; +Cc: ceph-devel
I've now looked at the defects. And according to me, there are mostly
irrelevant.
There are 2 cases :
- the 2 "division by zero" will never happen because we will never run
the test with a zero parameter. Still, I've added an ASSERT to avoid
their report.
- all the rest is a clash between gtest and coverity : whenever you
allocate something via the C API and you have an assert between this
allocation and the deallocation, you have a potential resource leak if
the assert fails. However, avoiding it means wrapping all the C API in a
kind of autoPtr interface. I do not believe it's worth it for test code.
By the way, the rados tests must have the same leaks a priori and I
suppose they are ignored.
So is it ok to commit the 2 new asserts and ignore the other defects ?
Cheers,
Sebastien
On Sat, 2014-06-07 at 09:12 -0700, Sage Weil wrote:
> Mostly stuff in teh new libradosstriper code, it looks like.
^ permalink raw reply [flat|nested] 33+ messages in thread
* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-06-06 15:54 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-06-06 15:54 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 4884 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id E677780060
for <sage@cobra.newdream.net>; Fri, 6 Jun 2014 06:23:27 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id E534712094E; Fri, 6 Jun 2014 06:23:27 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from madmax.dreamhost.com (caiajhbdcbdj.dreamhost.com
[208.97.132.139])
by destro.newdream.net (Postfix) with ESMTP id DA2491209E3
for <sage@newdream.net>; Fri, 6 Jun 2014 06:23:27 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by madmax.dreamhost.com (Postfix) with ESMTP id D70B4FD77AB
for <sage@newdream.net>; Fri, 6 Jun 2014 06:23:27 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at madmax.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from terminator.dreamhost.com ([208.97.132.17])
by localhost (madmax.dreamhost.com [208.97.132.139]) (amavisd-new,
port 10024) with ESMTP id tKRhdcNBhlju for <sage@newdream.net>;
Fri, 6 Jun 2014 06:23:27 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by terminator.dreamhost.com (Postfix) with ESMTP id B5610288406D
for <sage@newdream.net>; Fri, 6 Jun 2014 06:23:27 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Fri, 6 Jun 2014 06:23:27 -0700
Date: Fri, 06 Jun 2014 06:23:27 -0700
From: scan-admin@coverity.com
Message-ID: <5391c0cf3a857_59a5b533307584f@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 06 Jun 2014 13:23:27.0455 (UTC)
FILETIME=[80459EF0:01CF818A]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
/osd/PG.cc: 981 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
/osd/PG.cc: 981 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
975 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >=
976 auth_log_shard->second.log_tail) {
977 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl;
978 want[i] = acting[i];
979 ++usable;
980 } else {
>>> CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to "all_info_by_shard[shard_id_t(i)]->end()" from "all_info_by_shard[shard_id_t(i)]".
981 for (set<pg_shard_t>::iterator j = all_info_by_shard[shard_id_t(i)].begin();
982 j != all_info_by_shard[shard_id_t(i)].end();
983 ++j) {
984 assert(j->shard == i);
985 if (!all_info.find(*j)->second.is_incomplete() &&
986 all_info.find(*j)->second.last_update >=
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Fri, 06 Jun 2014 06:23:27 -0700
Message-ID: <5391c0cf3a857_59a5b533307584f@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
/osd/PG.cc: 981 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
________________________________________________________________________________________________________
*** CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
/osd/PG.cc: 981 in PG::calc_ec_acting(std::_Rb_tree_const_iterator<std::pair<const pg_shard_t, pg_info_t>>, unsigned int, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::vector<int, std::allocator<int>> &, pg_shard_t, const std::map<pg_shard_t, pg_info_t, std::less<pg_shard_t>, std::allocator<std::pair<const pg_shard_t, pg_info_t>>> &, bool, std::vector<int, std::allocator<int>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, std::set<pg_shard_t, std::less<pg_shard_t>, std::allocator<pg_shard_t>> *, pg_shard_t *, std::basic_ostream<char, std::char_traits<char>>&)()
975 all_info.find(pg_shard_t(acting[i], shard_id_t(i)))->second.last_update >=
976 auth_log_shard->second.log_tail) {
977 ss << " selecting acting[i]: " << pg_shard_t(acting[i], shard_id_t(i)) << std::endl;
978 want[i] = acting[i];
979 ++usable;
980 } else {
>>> CID 1220854: Invalid iterator comparison (MISMATCHED_ITERATOR)
>>> Comparing "j" from "all_info_by_shard[shard_id_t(i)]" to "all_info_by_shard[shard_id_t(i)]->end()" from "all_info_by_shard[shard_id_t(i)]".
981 for (set<pg_shard_t>::iterator j = all_info_by_shard[shard_id_t(i)].begin();
982 j != all_info_by_shard[shard_id_t(i)].end();
983 ++j) {
984 assert(j->shard == i);
985 if (!all_info.find(*j)->second.is_incomplete() &&
986 all_info.find(*j)->second.last_update >=
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-05-30 13:54 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-05-30 13:54 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 210 bytes --]
I just upgraded the coverity build code because the version I had was too
old. These are either accumulated since it last ran (not very long I
thought?) or new errors that the new version is detecting.
sage
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 73377 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id EB17E80452
for <sage@cobra.newdream.net>; Fri, 30 May 2014 06:49:27 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id E7A541209E7; Fri, 30 May 2014 06:49:27 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from madmax.dreamhost.com (caiajhbdcbdj.dreamhost.com
[208.97.132.139])
by destro.newdream.net (Postfix) with ESMTP id DF3B61209DE
for <sage@newdream.net>; Fri, 30 May 2014 06:49:27 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by madmax.dreamhost.com (Postfix) with ESMTP id D6FA3FD7904
for <sage@newdream.net>; Fri, 30 May 2014 06:49:27 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at madmax.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from godfather.dreamhost.com ([208.97.132.17])
by localhost (madmax.dreamhost.com [208.97.132.139]) (amavisd-new,
port 10024) with ESMTP id Kq9GBGEVCy75 for <sage@newdream.net>;
Fri, 30 May 2014 06:49:27 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by godfather.dreamhost.com (Postfix) with ESMTP id 6A5731B00A3
for <sage@newdream.net>; Fri, 30 May 2014 06:49:26 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Fri, 30 May 2014 06:51:02 -0700
Date: Fri, 30 May 2014 06:49:25 -0700
From: scan-admin@coverity.com
Message-ID: <53888c65bf97f_37a8f2f3144729e@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 30 May 2014 13:51:02.0087 (UTC)
FILETIME=[319E2D70:01CF7C0E]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 227 defect(s)
** CID 716871: Unchecked return value (CHECKED_RETURN)
/test/multi_stress_watch.cc: 151 in main()
** CID 717110: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 174 in RadosAddObjectsR::run()()
** CID 717112: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 93 in RadosDeleteObjectsR::run()()
** CID 717116: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_delete_objs.cc: 60 in StRadosDeleteObjs::run()()
** CID 739605: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_create_pool.cc: 96 in StRadosCreatePool::run()()
** CID 966617: Resource leak (RESOURCE_LEAK)
/test/libcephfs/readdir_r_cb.cc: 61 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 60 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 57 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 56 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 55 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 54 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 51 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 50 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 49 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 46 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 45 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 44 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 41 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 40 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 36 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 30 in LibCephFS_ReaddirRCB_Test::TestBody()()
** CID 1054844: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 153 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 155 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 156 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 157 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 177 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 179 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 180 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 181 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 166 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 170 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 171 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 172 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 187 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 192 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 197 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 202 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 204 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 205 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 206 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 212 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 217 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 222 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 227 in cls_rgw_test_version_inc_cond_Test::TestBody()()
** CID 1054845: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 51 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 53 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 54 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 55 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 61 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 65 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 66 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 67 in cls_rgw_test_version_inc_read_Test::TestBody()()
** CID 1054846: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 76 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 77 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 78 in cls_rgw_test_version_inc_read_Test::TestBody()()
** CID 1054847: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 259 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 261 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 262 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 263 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
** CID 1054848: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 305 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 310 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 315 in cls_rgw_test_version_inc_check_Test::TestBody()()
** CID 1090104: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/test/librbd/fsx.c: 840 in save_buffer()
** CID 1128383: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mount/mount.ceph.c: 179 in parse_options()
** CID 1128384: Ignoring number of bytes read (CHECKED_RETURN)
/arch/neon.c: 23 in get_auxval()
** CID 1128390: Copy-paste error (COPY_PASTE_ERROR)
/client/SyntheticClient.cc: 3075 in SyntheticClient::foo()()
** CID 1128391: Logically dead code (DEADCODE)
/rgw/rgw_rados.cc: 4258 in RGWRados::prepare_get_obj(void *, rgw_obj &, long *, long *, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> *, const long *, const long *, long *, const char *, const char *, unsigned long *, unsigned long *, RGWObjVersionTracker *, void **, rgw_err *)()
** CID 1128392: Division or modulo by zero (DIVIDE_BY_ZERO)
/mds/MDS.cc: 2119 in MDS::_dispatch(Message *)()
** CID 1128395: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 387 in FileJournal::create()()
** CID 1128396: Use after free (USE_AFTER_FREE)
/os/FileJournal.cc: 347 in FileJournal::check()()
/os/FileJournal.cc: 332 in FileJournal::check()()
** CID 1128397: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 464 in FileJournal::open(unsigned long)()
________________________________________________________________________________________________________
*** CID 716871: Unchecked return value (CHECKED_RETURN)
/test/multi_stress_watch.cc: 151 in main()
145 }
146 ret = cluster.conf_parse_env(NULL);
147 if (ret) {
148 std::cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
149 return ret;
150 }
>>> CID 716871: Unchecked return value (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 13 out of 15 times).
151 cluster.connect();
152
153 if (type == "rep")
154 test_replicated(cluster, pool_name, obj_name);
155 else if (type == "ec")
156 test_erasure(cluster, pool_name, obj_name);
157
158 sem_destroy(&sem);
159 return 0;
________________________________________________________________________________________________________
*** CID 717110: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 174 in RadosAddObjectsR::run()()
168 break;
169 int r = rand() % to_add.size();
170 std::map <int, std::string>::iterator d = to_add.begin();
171 for (int i = 0; i < r; ++i)
172 ++d;
173 if (d == to_add.end()) {
>>> CID 717110: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
174 return -EDOM;
175 }
176 std::string oid(d->second);
177 to_add.erase(d);
178
179 std::string buf(StRadosCreatePool::get_random_buf(256));
________________________________________________________________________________________________________
*** CID 717112: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 93 in RadosDeleteObjectsR::run()()
87 break;
88 int r = rand() % to_delete.size();
89 std::map <int, std::string>::iterator d = to_delete.begin();
90 for (int i = 0; i < r; ++i)
91 ++d;
92 if (d == to_delete.end()) {
>>> CID 717112: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
93 return -EDOM;
94 }
95 std::string oid(d->second);
96 to_delete.erase(d);
97 int ret = rados_remove(io_ctx, oid.c_str());
98 if (ret != 0) {
________________________________________________________________________________________________________
*** CID 717116: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_delete_objs.cc: 60 in StRadosDeleteObjs::run()()
54 rados_pool_create(cl, m_pool_name.c_str());
55 RETURN1_IF_NONZERO(rados_ioctx_create(cl, m_pool_name.c_str(), &io_ctx));
56
57 for (int i = 0; i < m_num_objs; ++i) {
58 char oid[128];
59 snprintf(oid, sizeof(oid), "%d%s", i, m_suffix.c_str());
>>> CID 717116: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
60 RETURN1_IF_NONZERO(rados_remove(io_ctx, oid));
61 if (((i % 25) == 0) || (i == m_num_objs - 1)) {
62 printf("%s: deleted object %d...\n", get_id_str(), i);
63 }
64 }
65
________________________________________________________________________________________________________
*** CID 739605: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_create_pool.cc: 96 in StRadosCreatePool::run()()
90 char oid[128];
91 snprintf(oid, sizeof(oid), "%d%s", i, m_suffix.c_str());
92 std::string buf(get_random_buf(256));
93 int ret = rados_write(io_ctx, oid, buf.c_str(), buf.size(), 0);
94 if (ret != 0) {
95 printf("%s: rados_write error %d\n", get_id_str(), ret);
>>> CID 739605: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
96 return ret;
97 }
98 if (((i % 25) == 0) || (i == m_num_objects - 1)) {
99 printf("%s: created object %d...\n", get_id_str(), i);
100 }
101 }
________________________________________________________________________________________________________
*** CID 966617: Resource leak (RESOURCE_LEAK)
/test/libcephfs/readdir_r_cb.cc: 61 in LibCephFS_ReaddirRCB_Test::TestBody()()
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 60 in LibCephFS_ReaddirRCB_Test::TestBody()()
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 57 in LibCephFS_ReaddirRCB_Test::TestBody()()
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 56 in LibCephFS_ReaddirRCB_Test::TestBody()()
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 55 in LibCephFS_ReaddirRCB_Test::TestBody()()
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 54 in LibCephFS_ReaddirRCB_Test::TestBody()()
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 51 in LibCephFS_ReaddirRCB_Test::TestBody()()
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
/test/libcephfs/readdir_r_cb.cc: 50 in LibCephFS_ReaddirRCB_Test::TestBody()()
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
/test/libcephfs/readdir_r_cb.cc: 49 in LibCephFS_ReaddirRCB_Test::TestBody()()
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
/test/libcephfs/readdir_r_cb.cc: 46 in LibCephFS_ReaddirRCB_Test::TestBody()()
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
/test/libcephfs/readdir_r_cb.cc: 45 in LibCephFS_ReaddirRCB_Test::TestBody()()
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
/test/libcephfs/readdir_r_cb.cc: 44 in LibCephFS_ReaddirRCB_Test::TestBody()()
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
/test/libcephfs/readdir_r_cb.cc: 41 in LibCephFS_ReaddirRCB_Test::TestBody()()
35 // . is 2, .. is 3 (for null terminators)
36 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, buflen));
37 char c_file[256];
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
/test/libcephfs/readdir_r_cb.cc: 40 in LibCephFS_ReaddirRCB_Test::TestBody()()
34 char *buf = new char[buflen];
35 // . is 2, .. is 3 (for null terminators)
36 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, buflen));
37 char c_file[256];
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
/test/libcephfs/readdir_r_cb.cc: 36 in LibCephFS_ReaddirRCB_Test::TestBody()()
30 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
31
32 // dir is empty, check that it only contains . and ..
33 int buflen = 100;
34 char *buf = new char[buflen];
35 // . is 2, .. is 3 (for null terminators)
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
36 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, buflen));
37 char c_file[256];
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
/test/libcephfs/readdir_r_cb.cc: 30 in LibCephFS_ReaddirRCB_Test::TestBody()()
24 ASSERT_EQ(0, ceph_mount(cmount, "/"));
25
26 char c_dir[256];
27 sprintf(c_dir, "/readdir_r_cb_tests_%d", getpid());
28 struct ceph_dir_result *dirp;
29 ASSERT_EQ(0, ceph_mkdirs(cmount, c_dir, 0777));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
30 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
31
32 // dir is empty, check that it only contains . and ..
33 int buflen = 100;
34 char *buf = new char[buflen];
35 // . is 2, .. is 3 (for null terminators)
________________________________________________________________________________________________________
*** CID 1054844: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 153 in cls_rgw_test_version_inc_cond_Test::TestBody()()
147 ASSERT_EQ(0, (long long)ver.ver);
148 ASSERT_EQ(0, (int)ver.tag.size());
149
150 /* inc version */
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
156 ASSERT_GT((long long)ver.ver, 0);
157 ASSERT_NE(0, (int)ver.tag.size());
158
/test/cls_version/test_cls_version.cc: 155 in cls_rgw_test_version_inc_cond_Test::TestBody()()
149
150 /* inc version */
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
156 ASSERT_GT((long long)ver.ver, 0);
157 ASSERT_NE(0, (int)ver.tag.size());
158
159 obj_version cond_ver = ver;
160
/test/cls_version/test_cls_version.cc: 156 in cls_rgw_test_version_inc_cond_Test::TestBody()()
150 /* inc version */
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
156 ASSERT_GT((long long)ver.ver, 0);
157 ASSERT_NE(0, (int)ver.tag.size());
158
159 obj_version cond_ver = ver;
160
161
/test/cls_version/test_cls_version.cc: 157 in cls_rgw_test_version_inc_cond_Test::TestBody()()
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
156 ASSERT_GT((long long)ver.ver, 0);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
157 ASSERT_NE(0, (int)ver.tag.size());
158
159 obj_version cond_ver = ver;
160
161
162 /* inc version again! */
/test/cls_version/test_cls_version.cc: 177 in cls_rgw_test_version_inc_cond_Test::TestBody()()
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
/test/cls_version/test_cls_version.cc: 179 in cls_rgw_test_version_inc_cond_Test::TestBody()()
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
/test/cls_version/test_cls_version.cc: 180 in cls_rgw_test_version_inc_cond_Test::TestBody()()
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
185 op = new_op();
/test/cls_version/test_cls_version.cc: 181 in cls_rgw_test_version_inc_cond_Test::TestBody()()
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
185 op = new_op();
186 cls_version_inc(*op, cond_ver, VER_COND_EQ);
/test/cls_version/test_cls_version.cc: 166 in cls_rgw_test_version_inc_cond_Test::TestBody()()
160
161
162 /* inc version again! */
163 delete op;
164 op = new_op();
165 cls_version_inc(*op);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
/test/cls_version/test_cls_version.cc: 170 in cls_rgw_test_version_inc_cond_Test::TestBody()()
164 op = new_op();
165 cls_version_inc(*op);
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
/test/cls_version/test_cls_version.cc: 171 in cls_rgw_test_version_inc_cond_Test::TestBody()()
165 cls_version_inc(*op);
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
/test/cls_version/test_cls_version.cc: 172 in cls_rgw_test_version_inc_cond_Test::TestBody()()
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 187 in cls_rgw_test_version_inc_cond_Test::TestBody()()
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
185 op = new_op();
186 cls_version_inc(*op, cond_ver, VER_COND_EQ);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
187 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
188
189 delete op;
190 op = new_op();
191 cls_version_inc(*op, cond_ver, VER_COND_LT);
192 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 192 in cls_rgw_test_version_inc_cond_Test::TestBody()()
186 cls_version_inc(*op, cond_ver, VER_COND_EQ);
187 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
188
189 delete op;
190 op = new_op();
191 cls_version_inc(*op, cond_ver, VER_COND_LT);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
192 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
193
194 delete op;
195 op = new_op();
196 cls_version_inc(*op, cond_ver, VER_COND_LE);
197 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 197 in cls_rgw_test_version_inc_cond_Test::TestBody()()
191 cls_version_inc(*op, cond_ver, VER_COND_LT);
192 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
193
194 delete op;
195 op = new_op();
196 cls_version_inc(*op, cond_ver, VER_COND_LE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
197 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
198
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 202 in cls_rgw_test_version_inc_cond_Test::TestBody()()
196 cls_version_inc(*op, cond_ver, VER_COND_LE);
197 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
198
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
/test/cls_version/test_cls_version.cc: 204 in cls_rgw_test_version_inc_cond_Test::TestBody()()
198
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
/test/cls_version/test_cls_version.cc: 205 in cls_rgw_test_version_inc_cond_Test::TestBody()()
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
210 op = new_op();
/test/cls_version/test_cls_version.cc: 206 in cls_rgw_test_version_inc_cond_Test::TestBody()()
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
210 op = new_op();
211 cls_version_inc(*op, ver2, VER_COND_EQ);
/test/cls_version/test_cls_version.cc: 212 in cls_rgw_test_version_inc_cond_Test::TestBody()()
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
210 op = new_op();
211 cls_version_inc(*op, ver2, VER_COND_EQ);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
212 ASSERT_EQ(0, ioctx.operate(oid, op));
213
214 delete op;
215 op = new_op();
216 cls_version_inc(*op, cond_ver, VER_COND_GT);
217 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 217 in cls_rgw_test_version_inc_cond_Test::TestBody()()
211 cls_version_inc(*op, ver2, VER_COND_EQ);
212 ASSERT_EQ(0, ioctx.operate(oid, op));
213
214 delete op;
215 op = new_op();
216 cls_version_inc(*op, cond_ver, VER_COND_GT);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
217 ASSERT_EQ(0, ioctx.operate(oid, op));
218
219 delete op;
220 op = new_op();
221 cls_version_inc(*op, cond_ver, VER_COND_GE);
222 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 222 in cls_rgw_test_version_inc_cond_Test::TestBody()()
216 cls_version_inc(*op, cond_ver, VER_COND_GT);
217 ASSERT_EQ(0, ioctx.operate(oid, op));
218
219 delete op;
220 op = new_op();
221 cls_version_inc(*op, cond_ver, VER_COND_GE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
222 ASSERT_EQ(0, ioctx.operate(oid, op));
223
224 delete op;
225 op = new_op();
226 cls_version_inc(*op, cond_ver, VER_COND_TAG_EQ);
227 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 227 in cls_rgw_test_version_inc_cond_Test::TestBody()()
221 cls_version_inc(*op, cond_ver, VER_COND_GE);
222 ASSERT_EQ(0, ioctx.operate(oid, op));
223
224 delete op;
225 op = new_op();
226 cls_version_inc(*op, cond_ver, VER_COND_TAG_EQ);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
227 ASSERT_EQ(0, ioctx.operate(oid, op));
228
229 delete op;
230 }
231
232 TEST(cls_rgw, test_version_inc_check)
________________________________________________________________________________________________________
*** CID 1054845: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 51 in cls_rgw_test_version_inc_read_Test::TestBody()()
45 ASSERT_EQ(0, (int)ver.tag.size());
46
47
48 /* inc version */
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
54 ASSERT_GT((long long)ver.ver, 0);
55 ASSERT_NE(0, (int)ver.tag.size());
56
/test/cls_version/test_cls_version.cc: 53 in cls_rgw_test_version_inc_read_Test::TestBody()()
47
48 /* inc version */
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
54 ASSERT_GT((long long)ver.ver, 0);
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
/test/cls_version/test_cls_version.cc: 54 in cls_rgw_test_version_inc_read_Test::TestBody()()
48 /* inc version */
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
54 ASSERT_GT((long long)ver.ver, 0);
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
59 op = new_op();
/test/cls_version/test_cls_version.cc: 55 in cls_rgw_test_version_inc_read_Test::TestBody()()
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
54 ASSERT_GT((long long)ver.ver, 0);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
59 op = new_op();
60 cls_version_inc(*op);
/test/cls_version/test_cls_version.cc: 61 in cls_rgw_test_version_inc_read_Test::TestBody()()
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
59 op = new_op();
60 cls_version_inc(*op);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
/test/cls_version/test_cls_version.cc: 65 in cls_rgw_test_version_inc_read_Test::TestBody()()
59 op = new_op();
60 cls_version_inc(*op);
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
67 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
68
69 delete op;
70
/test/cls_version/test_cls_version.cc: 66 in cls_rgw_test_version_inc_read_Test::TestBody()()
60 cls_version_inc(*op);
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
67 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
68
69 delete op;
70
71 obj_version ver3;
/test/cls_version/test_cls_version.cc: 67 in cls_rgw_test_version_inc_read_Test::TestBody()()
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
67 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
68
69 delete op;
70
71 obj_version ver3;
72
________________________________________________________________________________________________________
*** CID 1054846: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 76 in cls_rgw_test_version_inc_read_Test::TestBody()()
70
71 obj_version ver3;
72
73 librados::ObjectReadOperation *rop = new_rop();
74 cls_version_read(*rop, &ver3);
75 bufferlist outbl;
>>> CID 1054846: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
76 ASSERT_EQ(0, ioctx.operate(oid, rop, &outbl));
77 ASSERT_EQ(ver2.ver, ver3.ver);
78 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
79
80 delete rop;
81 }
/test/cls_version/test_cls_version.cc: 77 in cls_rgw_test_version_inc_read_Test::TestBody()()
71 obj_version ver3;
72
73 librados::ObjectReadOperation *rop = new_rop();
74 cls_version_read(*rop, &ver3);
75 bufferlist outbl;
76 ASSERT_EQ(0, ioctx.operate(oid, rop, &outbl));
>>> CID 1054846: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
77 ASSERT_EQ(ver2.ver, ver3.ver);
78 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
79
80 delete rop;
81 }
82
/test/cls_version/test_cls_version.cc: 78 in cls_rgw_test_version_inc_read_Test::TestBody()()
72
73 librados::ObjectReadOperation *rop = new_rop();
74 cls_version_read(*rop, &ver3);
75 bufferlist outbl;
76 ASSERT_EQ(0, ioctx.operate(oid, rop, &outbl));
77 ASSERT_EQ(ver2.ver, ver3.ver);
>>> CID 1054846: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
78 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
79
80 delete rop;
81 }
82
83
________________________________________________________________________________________________________
*** CID 1054847: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 259 in cls_rgw_test_version_inc_check_Test::TestBody()()
253 ASSERT_EQ(0, (long long)ver.ver);
254 ASSERT_EQ(0, (int)ver.tag.size());
255
256 /* inc version */
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
262 ASSERT_GT((long long)ver.ver, 0);
263 ASSERT_NE(0, (int)ver.tag.size());
264
/test/cls_version/test_cls_version.cc: 261 in cls_rgw_test_version_inc_check_Test::TestBody()()
255
256 /* inc version */
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
262 ASSERT_GT((long long)ver.ver, 0);
263 ASSERT_NE(0, (int)ver.tag.size());
264
265 obj_version cond_ver = ver;
266
/test/cls_version/test_cls_version.cc: 262 in cls_rgw_test_version_inc_check_Test::TestBody()()
256 /* inc version */
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
262 ASSERT_GT((long long)ver.ver, 0);
263 ASSERT_NE(0, (int)ver.tag.size());
264
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
/test/cls_version/test_cls_version.cc: 263 in cls_rgw_test_version_inc_check_Test::TestBody()()
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
262 ASSERT_GT((long long)ver.ver, 0);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
263 ASSERT_NE(0, (int)ver.tag.size());
264
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
268 librados::ObjectReadOperation *rop = new_rop();
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
268 librados::ObjectReadOperation *rop = new_rop();
269 cls_version_check(*rop, cond_ver, VER_COND_EQ);
270 bufferlist bl;
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
270 bufferlist bl;
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
302 delete rop;
________________________________________________________________________________________________________
*** CID 1054848: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
268 librados::ObjectReadOperation *rop = new_rop();
269 cls_version_check(*rop, cond_ver, VER_COND_EQ);
270 bufferlist bl;
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
270 bufferlist bl;
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
302 delete rop;
/test/cls_version/test_cls_version.cc: 305 in cls_rgw_test_version_inc_check_Test::TestBody()()
299 delete op;
300
301 /* a bunch of conditions that should fail */
302 delete rop;
303 rop = new_rop();
304 cls_version_check(*rop, ver, VER_COND_LT);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
305 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
306
307 delete rop;
308 rop = new_rop();
309 cls_version_check(*rop, cond_ver, VER_COND_LE);
310 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 310 in cls_rgw_test_version_inc_check_Test::TestBody()()
304 cls_version_check(*rop, ver, VER_COND_LT);
305 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
306
307 delete rop;
308 rop = new_rop();
309 cls_version_check(*rop, cond_ver, VER_COND_LE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
310 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
311
312 delete rop;
313 rop = new_rop();
314 cls_version_check(*rop, cond_ver, VER_COND_TAG_NE);
315 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
316
317 delete rop;
/test/cls_version/test_cls_version.cc: 315 in cls_rgw_test_version_inc_check_Test::TestBody()()
309 cls_version_check(*rop, cond_ver, VER_COND_LE);
310 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
311
312 delete rop;
313 rop = new_rop();
314 cls_version_check(*rop, cond_ver, VER_COND_TAG_NE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
315 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
316
317 delete rop;
________________________________________________________________________________________________________
*** CID 1090104: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/test/librbd/fsx.c: 840 in save_buffer()
834 off_t ret;
835 ssize_t byteswritten;
836
837 if (fd <= 0 || bufferlength == 0)
838 return;
839
>>> CID 1090104: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
>>> "bufferlength > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of if.
840 if (bufferlength > SSIZE_MAX) {
841 prt("fsx flaw: overflow in save_buffer\n");
842 exit(67);
843 }
844
845 ret = lseek(fd, (off_t)0, SEEK_SET);
________________________________________________________________________________________________________
*** CID 1128383: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mount/mount.ceph.c: 179 in parse_options()
173
174 /* secret is only added to kernel options as
175 backwards compatilbity, if add_key doesn't
176 recognize our keytype; hence, it is skipped
177 here and appended to options on add_key
178 failure */
>>> CID 1128383: Buffer not null terminated (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 1000 bytes on destination array "secret" of size 1000 bytes might leave the destination string unterminated.
179 strncpy(secret, value, sizeof(secret));
180 saw_secret = secret;
181 skip = 1;
182 } else if (strncmp(data, "name", 4) == 0) {
183 if (!value || !*value) {
184 printf("mount option name requires a value.\n");
________________________________________________________________________________________________________
*** CID 1128384: Ignoring number of bytes read (CHECKED_RETURN)
/arch/neon.c: 23 in get_auxval()
17 static unsigned long get_auxval(unsigned long type)
18 {
19 unsigned long result = 0;
20 FILE *f = fopen("/proc/self/auxv", "r");
21 if (f) {
22 ElfW(auxv_t) entry;
>>> CID 1128384: Ignoring number of bytes read (CHECKED_RETURN)
>>> "fread(void * restrict, size_t, size_t, FILE * restrict)" returns the number of bytes read, but it is ignored.
23 while (fread(&entry, sizeof(entry), 1, f)) {
24 if (entry.a_type == type) {
25 result = entry.a_un.a_val;
26 break;
27 }
28 }
________________________________________________________________________________________________________
*** CID 1128390: Copy-paste error (COPY_PASTE_ERROR)
/client/SyntheticClient.cc: 3075 in SyntheticClient::foo()()
3069 int c = rand() % s;
3070 int d = rand() % s;
3071 int e = rand() % s;
3072 int f = rand() % s;
3073 char src[80];
3074 char dst[80];
>>> CID 1128390: Copy-paste error (COPY_PASTE_ERROR)
>>> ""syn.0.0/dir.%d/dir.%d/file.%d"" in ""syn.0.0/dir.%d/dir.%d/file.%d"" looks like a copy-paste error.
3075 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
3076 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/newlink.%d", d, e, f);
3077 client->link(src, dst);
3078 }
3079 srand(0);
3080 for (int i=0; i<100; i++) {
________________________________________________________________________________________________________
*** CID 1128391: Logically dead code (DEADCODE)
/rgw/rgw_rados.cc: 4258 in RGWRados::prepare_get_obj(void *, rgw_obj &, long *, long *, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> *, const long *, const long *, long *, const char *, const char *, unsigned long *, unsigned long *, RGWObjVersionTracker *, void **, rgw_err *)()
4252 if (cct->_conf->subsys.should_gather(ceph_subsys_rgw, 20)) {
4253 for (iter = attrs->begin(); iter != attrs->end(); ++iter) {
4254 ldout(cct, 20) << "Read xattr: " << iter->first << dendl;
4255 }
4256 }
4257 if (r < 0)
>>> CID 1128391: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "goto done_err;".
4258 goto done_err;
4259 }
4260
4261 /* Convert all times go GMT to make them compatible */
4262 if (mod_ptr || unmod_ptr) {
4263 ctime = astate->mtime;
________________________________________________________________________________________________________
*** CID 1128392: Division or modulo by zero (DIVIDE_BY_ZERO)
/mds/MDS.cc: 2119 in MDS::_dispatch(Message *)()
2113
2114 list<CDir*> ls;
2115 in->get_dirfrags(ls);
2116 if (ls.empty())
2117 continue; // must be an open dir.
2118 list<CDir*>::iterator p = ls.begin();
>>> CID 1128392: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "rand() % ls.size()", modulo by expression "ls.size()" which may be zero has undefined behavior.
2119 int n = rand() % ls.size();
2120 while (n--)
2121 ++p;
2122 CDir *dir = *p;
2123 if (!dir->get_parent_dir()) continue; // must be linked.
2124 if (!dir->is_auth()) continue; // must be auth.
________________________________________________________________________________________________________
*** CID 1128395: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 387 in FileJournal::create()()
381 // static zeroed buffer for alignment padding
382 delete [] zero_buf;
383 zero_buf = new char[header.alignment];
384 memset(zero_buf, 0, header.alignment);
385
386 bp = prepare_header();
>>> CID 1128395: Use after close (USE_AFTER_FREE)
>>> Passing closed handle "this->fd" as an argument to "pwrite".
387 if (TEMP_FAILURE_RETRY(::pwrite(fd, bp.c_str(), bp.length(), 0)) < 0) {
388 ret = errno;
389 derr << "FileJournal::create : create write header error "
390 << cpp_strerror(ret) << dendl;
391 goto close_fd;
392 }
________________________________________________________________________________________________________
*** CID 1128396: Use after free (USE_AFTER_FREE)
/os/FileJournal.cc: 347 in FileJournal::check()()
341 }
342
343 dout(1) << "check: header looks ok" << dendl;
344 ret = 0;
345
346 done:
>>> CID 1128396: Use after free (USE_AFTER_FREE)
>>> Calling "close(int)" closes handle "this->fd" which has already been closed.
347 VOID_TEMP_FAILURE_RETRY(::close(fd));
348 fd = -1;
349 return ret;
350 }
351
352
/os/FileJournal.cc: 332 in FileJournal::check()()
326 int ret;
327
328 ret = _open(false, false);
329 if (ret < 0)
330 goto done;
331
>>> CID 1128396: Use after free (USE_AFTER_FREE)
>>> Passing closed handle "this->fd" as an argument to "read_header".
332 ret = read_header();
333 if (ret < 0)
334 goto done;
335
336 if (header.fsid != fsid) {
337 derr << "check: ondisk fsid " << header.fsid << " doesn't match expected " << fsid
________________________________________________________________________________________________________
*** CID 1128397: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 464 in FileJournal::open(unsigned long)()
458
459 // assume writeable, unless...
460 read_pos = 0;
461 write_pos = get_top();
462
463 // read header?
>>> CID 1128397: Use after close (USE_AFTER_FREE)
>>> Passing closed handle "this->fd" as an argument to "read_header".
464 err = read_header();
465 if (err < 0)
466 return err;
467
468 // static zeroed buffer for alignment padding
469 delete [] zero_buf;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Fri, 30 May 2014 06:49:25 -0700
Message-ID: <53888c65bf97f_37a8f2f3144729e@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 227 defect(s)
** CID 716871: Unchecked return value (CHECKED_RETURN)
/test/multi_stress_watch.cc: 151 in main()
** CID 717110: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 174 in RadosAddObjectsR::run()()
** CID 717112: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 93 in RadosDeleteObjectsR::run()()
** CID 717116: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_delete_objs.cc: 60 in StRadosDeleteObjs::run()()
** CID 739605: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_create_pool.cc: 96 in StRadosCreatePool::run()()
** CID 966617: Resource leak (RESOURCE_LEAK)
/test/libcephfs/readdir_r_cb.cc: 61 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 60 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 57 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 56 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 55 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 54 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 51 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 50 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 49 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 46 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 45 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 44 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 41 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 40 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 36 in LibCephFS_ReaddirRCB_Test::TestBody()()
/test/libcephfs/readdir_r_cb.cc: 30 in LibCephFS_ReaddirRCB_Test::TestBody()()
** CID 1054844: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 153 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 155 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 156 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 157 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 177 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 179 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 180 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 181 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 166 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 170 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 171 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 172 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 187 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 192 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 197 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 202 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 204 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 205 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 206 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 212 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 217 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 222 in cls_rgw_test_version_inc_cond_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 227 in cls_rgw_test_version_inc_cond_Test::TestBody()()
** CID 1054845: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 51 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 53 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 54 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 55 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 61 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 65 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 66 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 67 in cls_rgw_test_version_inc_read_Test::TestBody()()
** CID 1054846: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 76 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 77 in cls_rgw_test_version_inc_read_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 78 in cls_rgw_test_version_inc_read_Test::TestBody()()
** CID 1054847: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 259 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 261 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 262 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 263 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
** CID 1054848: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 305 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 310 in cls_rgw_test_version_inc_check_Test::TestBody()()
/test/cls_version/test_cls_version.cc: 315 in cls_rgw_test_version_inc_check_Test::TestBody()()
** CID 1090104: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/test/librbd/fsx.c: 840 in save_buffer()
** CID 1128383: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mount/mount.ceph.c: 179 in parse_options()
** CID 1128384: Ignoring number of bytes read (CHECKED_RETURN)
/arch/neon.c: 23 in get_auxval()
** CID 1128390: Copy-paste error (COPY_PASTE_ERROR)
/client/SyntheticClient.cc: 3075 in SyntheticClient::foo()()
** CID 1128391: Logically dead code (DEADCODE)
/rgw/rgw_rados.cc: 4258 in RGWRados::prepare_get_obj(void *, rgw_obj &, long *, long *, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> *, const long *, const long *, long *, const char *, const char *, unsigned long *, unsigned long *, RGWObjVersionTracker *, void **, rgw_err *)()
** CID 1128392: Division or modulo by zero (DIVIDE_BY_ZERO)
/mds/MDS.cc: 2119 in MDS::_dispatch(Message *)()
** CID 1128395: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 387 in FileJournal::create()()
** CID 1128396: Use after free (USE_AFTER_FREE)
/os/FileJournal.cc: 347 in FileJournal::check()()
/os/FileJournal.cc: 332 in FileJournal::check()()
** CID 1128397: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 464 in FileJournal::open(unsigned long)()
________________________________________________________________________________________________________
*** CID 716871: Unchecked return value (CHECKED_RETURN)
/test/multi_stress_watch.cc: 151 in main()
145 }
146 ret = cluster.conf_parse_env(NULL);
147 if (ret) {
148 std::cerr << "Error " << ret << " in cluster.conf_read_env" << std::endl;
149 return ret;
150 }
>>> CID 716871: Unchecked return value (CHECKED_RETURN)
>>> Calling "connect" without checking return value (as is done elsewhere 13 out of 15 times).
151 cluster.connect();
152
153 if (type == "rep")
154 test_replicated(cluster, pool_name, obj_name);
155 else if (type == "ec")
156 test_erasure(cluster, pool_name, obj_name);
157
158 sem_destroy(&sem);
159 return 0;
________________________________________________________________________________________________________
*** CID 717110: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 174 in RadosAddObjectsR::run()()
168 break;
169 int r = rand() % to_add.size();
170 std::map <int, std::string>::iterator d = to_add.begin();
171 for (int i = 0; i < r; ++i)
172 ++d;
173 if (d == to_add.end()) {
>>> CID 717110: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
174 return -EDOM;
175 }
176 std::string oid(d->second);
177 to_add.erase(d);
178
179 std::string buf(StRadosCreatePool::get_random_buf(256));
________________________________________________________________________________________________________
*** CID 717112: Resource leak (RESOURCE_LEAK)
/test/system/rados_list_parallel.cc: 93 in RadosDeleteObjectsR::run()()
87 break;
88 int r = rand() % to_delete.size();
89 std::map <int, std::string>::iterator d = to_delete.begin();
90 for (int i = 0; i < r; ++i)
91 ++d;
92 if (d == to_delete.end()) {
>>> CID 717112: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
93 return -EDOM;
94 }
95 std::string oid(d->second);
96 to_delete.erase(d);
97 int ret = rados_remove(io_ctx, oid.c_str());
98 if (ret != 0) {
________________________________________________________________________________________________________
*** CID 717116: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_delete_objs.cc: 60 in StRadosDeleteObjs::run()()
54 rados_pool_create(cl, m_pool_name.c_str());
55 RETURN1_IF_NONZERO(rados_ioctx_create(cl, m_pool_name.c_str(), &io_ctx));
56
57 for (int i = 0; i < m_num_objs; ++i) {
58 char oid[128];
59 snprintf(oid, sizeof(oid), "%d%s", i, m_suffix.c_str());
>>> CID 717116: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
60 RETURN1_IF_NONZERO(rados_remove(io_ctx, oid));
61 if (((i % 25) == 0) || (i == m_num_objs - 1)) {
62 printf("%s: deleted object %d...\n", get_id_str(), i);
63 }
64 }
65
________________________________________________________________________________________________________
*** CID 739605: Resource leak (RESOURCE_LEAK)
/test/system/st_rados_create_pool.cc: 96 in StRadosCreatePool::run()()
90 char oid[128];
91 snprintf(oid, sizeof(oid), "%d%s", i, m_suffix.c_str());
92 std::string buf(get_random_buf(256));
93 int ret = rados_write(io_ctx, oid, buf.c_str(), buf.size(), 0);
94 if (ret != 0) {
95 printf("%s: rados_write error %d\n", get_id_str(), ret);
>>> CID 739605: Resource leak (RESOURCE_LEAK)
>>> Variable "io_ctx" going out of scope leaks the storage it points to.
96 return ret;
97 }
98 if (((i % 25) == 0) || (i == m_num_objects - 1)) {
99 printf("%s: created object %d...\n", get_id_str(), i);
100 }
101 }
________________________________________________________________________________________________________
*** CID 966617: Resource leak (RESOURCE_LEAK)
/test/libcephfs/readdir_r_cb.cc: 61 in LibCephFS_ReaddirRCB_Test::TestBody()()
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 60 in LibCephFS_ReaddirRCB_Test::TestBody()()
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 57 in LibCephFS_ReaddirRCB_Test::TestBody()()
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 56 in LibCephFS_ReaddirRCB_Test::TestBody()()
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 55 in LibCephFS_ReaddirRCB_Test::TestBody()()
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 54 in LibCephFS_ReaddirRCB_Test::TestBody()()
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
57 ASSERT_EQ(4, ceph_getdnames(cmount, dirp, buf, 6));
58
59 // free cmount after finishing testing
60 ASSERT_LE(0, ceph_closedir(cmount, dirp));
61 ASSERT_EQ(0, ceph_unmount(cmount));
62 ASSERT_EQ(0, ceph_release(cmount));
/test/libcephfs/readdir_r_cb.cc: 51 in LibCephFS_ReaddirRCB_Test::TestBody()()
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
56 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, 6));
/test/libcephfs/readdir_r_cb.cc: 50 in LibCephFS_ReaddirRCB_Test::TestBody()()
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
55 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
/test/libcephfs/readdir_r_cb.cc: 49 in LibCephFS_ReaddirRCB_Test::TestBody()()
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
52
53 //check correctness if it needs to split listing
54 ASSERT_LE(0, ceph_closedir(cmount, dirp));
/test/libcephfs/readdir_r_cb.cc: 46 in LibCephFS_ReaddirRCB_Test::TestBody()()
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
51 ASSERT_EQ(-ERANGE, ceph_getdnames(cmount, dirp, buf, 1));
/test/libcephfs/readdir_r_cb.cc: 45 in LibCephFS_ReaddirRCB_Test::TestBody()()
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
50 ASSERT_GE(0, ceph_opendir(cmount, c_dir, &dirp));
/test/libcephfs/readdir_r_cb.cc: 44 in LibCephFS_ReaddirRCB_Test::TestBody()()
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
47
48 // check correctness if buffer is too small
49 ASSERT_LE(0, ceph_closedir(cmount, dirp));
/test/libcephfs/readdir_r_cb.cc: 41 in LibCephFS_ReaddirRCB_Test::TestBody()()
35 // . is 2, .. is 3 (for null terminators)
36 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, buflen));
37 char c_file[256];
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
46 ASSERT_EQ(9, ceph_getdnames(cmount, dirp, buf, buflen)); // ., .., foo
/test/libcephfs/readdir_r_cb.cc: 40 in LibCephFS_ReaddirRCB_Test::TestBody()()
34 char *buf = new char[buflen];
35 // . is 2, .. is 3 (for null terminators)
36 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, buflen));
37 char c_file[256];
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
42
43 // check correctness with one entry
44 ASSERT_LE(0, ceph_closedir(cmount, dirp));
45 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
/test/libcephfs/readdir_r_cb.cc: 36 in LibCephFS_ReaddirRCB_Test::TestBody()()
30 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
31
32 // dir is empty, check that it only contains . and ..
33 int buflen = 100;
34 char *buf = new char[buflen];
35 // . is 2, .. is 3 (for null terminators)
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
36 ASSERT_EQ(5, ceph_getdnames(cmount, dirp, buf, buflen));
37 char c_file[256];
38 sprintf(c_file, "/readdir_r_cb_tests_%d/foo", getpid());
39 int fd = ceph_open(cmount, c_file, O_CREAT, 0777);
40 ASSERT_LT(0, fd);
41 ASSERT_EQ(0, ceph_close(cmount, fd));
/test/libcephfs/readdir_r_cb.cc: 30 in LibCephFS_ReaddirRCB_Test::TestBody()()
24 ASSERT_EQ(0, ceph_mount(cmount, "/"));
25
26 char c_dir[256];
27 sprintf(c_dir, "/readdir_r_cb_tests_%d", getpid());
28 struct ceph_dir_result *dirp;
29 ASSERT_EQ(0, ceph_mkdirs(cmount, c_dir, 0777));
>>> CID 966617: Resource leak (RESOURCE_LEAK)
>>> Variable "cmount" going out of scope leaks the storage it points to.
30 ASSERT_LE(0, ceph_opendir(cmount, c_dir, &dirp));
31
32 // dir is empty, check that it only contains . and ..
33 int buflen = 100;
34 char *buf = new char[buflen];
35 // . is 2, .. is 3 (for null terminators)
________________________________________________________________________________________________________
*** CID 1054844: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 153 in cls_rgw_test_version_inc_cond_Test::TestBody()()
147 ASSERT_EQ(0, (long long)ver.ver);
148 ASSERT_EQ(0, (int)ver.tag.size());
149
150 /* inc version */
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
156 ASSERT_GT((long long)ver.ver, 0);
157 ASSERT_NE(0, (int)ver.tag.size());
158
/test/cls_version/test_cls_version.cc: 155 in cls_rgw_test_version_inc_cond_Test::TestBody()()
149
150 /* inc version */
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
156 ASSERT_GT((long long)ver.ver, 0);
157 ASSERT_NE(0, (int)ver.tag.size());
158
159 obj_version cond_ver = ver;
160
/test/cls_version/test_cls_version.cc: 156 in cls_rgw_test_version_inc_cond_Test::TestBody()()
150 /* inc version */
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
156 ASSERT_GT((long long)ver.ver, 0);
157 ASSERT_NE(0, (int)ver.tag.size());
158
159 obj_version cond_ver = ver;
160
161
/test/cls_version/test_cls_version.cc: 157 in cls_rgw_test_version_inc_cond_Test::TestBody()()
151 librados::ObjectWriteOperation *op = new_op();
152 cls_version_inc(*op);
153 ASSERT_EQ(0, ioctx.operate(oid, op));
154
155 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
156 ASSERT_GT((long long)ver.ver, 0);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
157 ASSERT_NE(0, (int)ver.tag.size());
158
159 obj_version cond_ver = ver;
160
161
162 /* inc version again! */
/test/cls_version/test_cls_version.cc: 177 in cls_rgw_test_version_inc_cond_Test::TestBody()()
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
/test/cls_version/test_cls_version.cc: 179 in cls_rgw_test_version_inc_cond_Test::TestBody()()
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
/test/cls_version/test_cls_version.cc: 180 in cls_rgw_test_version_inc_cond_Test::TestBody()()
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
185 op = new_op();
/test/cls_version/test_cls_version.cc: 181 in cls_rgw_test_version_inc_cond_Test::TestBody()()
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
178
179 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
180 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
185 op = new_op();
186 cls_version_inc(*op, cond_ver, VER_COND_EQ);
/test/cls_version/test_cls_version.cc: 166 in cls_rgw_test_version_inc_cond_Test::TestBody()()
160
161
162 /* inc version again! */
163 delete op;
164 op = new_op();
165 cls_version_inc(*op);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
/test/cls_version/test_cls_version.cc: 170 in cls_rgw_test_version_inc_cond_Test::TestBody()()
164 op = new_op();
165 cls_version_inc(*op);
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
/test/cls_version/test_cls_version.cc: 171 in cls_rgw_test_version_inc_cond_Test::TestBody()()
165 cls_version_inc(*op);
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
/test/cls_version/test_cls_version.cc: 172 in cls_rgw_test_version_inc_cond_Test::TestBody()()
166 ASSERT_EQ(0, ioctx.operate(oid, op));
167
168 obj_version ver2;
169
170 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
171 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
172 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
173
174
175 /* now check various condition tests */
176 cls_version_inc(*op, cond_ver, VER_COND_NONE);
177 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 187 in cls_rgw_test_version_inc_cond_Test::TestBody()()
181 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
182
183 /* a bunch of conditions that should fail */
184 delete op;
185 op = new_op();
186 cls_version_inc(*op, cond_ver, VER_COND_EQ);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
187 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
188
189 delete op;
190 op = new_op();
191 cls_version_inc(*op, cond_ver, VER_COND_LT);
192 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 192 in cls_rgw_test_version_inc_cond_Test::TestBody()()
186 cls_version_inc(*op, cond_ver, VER_COND_EQ);
187 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
188
189 delete op;
190 op = new_op();
191 cls_version_inc(*op, cond_ver, VER_COND_LT);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
192 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
193
194 delete op;
195 op = new_op();
196 cls_version_inc(*op, cond_ver, VER_COND_LE);
197 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 197 in cls_rgw_test_version_inc_cond_Test::TestBody()()
191 cls_version_inc(*op, cond_ver, VER_COND_LT);
192 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
193
194 delete op;
195 op = new_op();
196 cls_version_inc(*op, cond_ver, VER_COND_LE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
197 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
198
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 202 in cls_rgw_test_version_inc_cond_Test::TestBody()()
196 cls_version_inc(*op, cond_ver, VER_COND_LE);
197 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
198
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
/test/cls_version/test_cls_version.cc: 204 in cls_rgw_test_version_inc_cond_Test::TestBody()()
198
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
/test/cls_version/test_cls_version.cc: 205 in cls_rgw_test_version_inc_cond_Test::TestBody()()
199 delete op;
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
210 op = new_op();
/test/cls_version/test_cls_version.cc: 206 in cls_rgw_test_version_inc_cond_Test::TestBody()()
200 op = new_op();
201 cls_version_inc(*op, cond_ver, VER_COND_TAG_NE);
202 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, op));
203
204 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
205 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
210 op = new_op();
211 cls_version_inc(*op, ver2, VER_COND_EQ);
/test/cls_version/test_cls_version.cc: 212 in cls_rgw_test_version_inc_cond_Test::TestBody()()
206 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
207
208 /* a bunch of conditions that should succeed */
209 delete op;
210 op = new_op();
211 cls_version_inc(*op, ver2, VER_COND_EQ);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
212 ASSERT_EQ(0, ioctx.operate(oid, op));
213
214 delete op;
215 op = new_op();
216 cls_version_inc(*op, cond_ver, VER_COND_GT);
217 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 217 in cls_rgw_test_version_inc_cond_Test::TestBody()()
211 cls_version_inc(*op, ver2, VER_COND_EQ);
212 ASSERT_EQ(0, ioctx.operate(oid, op));
213
214 delete op;
215 op = new_op();
216 cls_version_inc(*op, cond_ver, VER_COND_GT);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
217 ASSERT_EQ(0, ioctx.operate(oid, op));
218
219 delete op;
220 op = new_op();
221 cls_version_inc(*op, cond_ver, VER_COND_GE);
222 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 222 in cls_rgw_test_version_inc_cond_Test::TestBody()()
216 cls_version_inc(*op, cond_ver, VER_COND_GT);
217 ASSERT_EQ(0, ioctx.operate(oid, op));
218
219 delete op;
220 op = new_op();
221 cls_version_inc(*op, cond_ver, VER_COND_GE);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
222 ASSERT_EQ(0, ioctx.operate(oid, op));
223
224 delete op;
225 op = new_op();
226 cls_version_inc(*op, cond_ver, VER_COND_TAG_EQ);
227 ASSERT_EQ(0, ioctx.operate(oid, op));
/test/cls_version/test_cls_version.cc: 227 in cls_rgw_test_version_inc_cond_Test::TestBody()()
221 cls_version_inc(*op, cond_ver, VER_COND_GE);
222 ASSERT_EQ(0, ioctx.operate(oid, op));
223
224 delete op;
225 op = new_op();
226 cls_version_inc(*op, cond_ver, VER_COND_TAG_EQ);
>>> CID 1054844: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
227 ASSERT_EQ(0, ioctx.operate(oid, op));
228
229 delete op;
230 }
231
232 TEST(cls_rgw, test_version_inc_check)
________________________________________________________________________________________________________
*** CID 1054845: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 51 in cls_rgw_test_version_inc_read_Test::TestBody()()
45 ASSERT_EQ(0, (int)ver.tag.size());
46
47
48 /* inc version */
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
54 ASSERT_GT((long long)ver.ver, 0);
55 ASSERT_NE(0, (int)ver.tag.size());
56
/test/cls_version/test_cls_version.cc: 53 in cls_rgw_test_version_inc_read_Test::TestBody()()
47
48 /* inc version */
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
54 ASSERT_GT((long long)ver.ver, 0);
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
/test/cls_version/test_cls_version.cc: 54 in cls_rgw_test_version_inc_read_Test::TestBody()()
48 /* inc version */
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
54 ASSERT_GT((long long)ver.ver, 0);
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
59 op = new_op();
/test/cls_version/test_cls_version.cc: 55 in cls_rgw_test_version_inc_read_Test::TestBody()()
49 librados::ObjectWriteOperation *op = new_op();
50 cls_version_inc(*op);
51 ASSERT_EQ(0, ioctx.operate(oid, op));
52
53 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
54 ASSERT_GT((long long)ver.ver, 0);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
59 op = new_op();
60 cls_version_inc(*op);
/test/cls_version/test_cls_version.cc: 61 in cls_rgw_test_version_inc_read_Test::TestBody()()
55 ASSERT_NE(0, (int)ver.tag.size());
56
57 /* inc version again! */
58 delete op;
59 op = new_op();
60 cls_version_inc(*op);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
/test/cls_version/test_cls_version.cc: 65 in cls_rgw_test_version_inc_read_Test::TestBody()()
59 op = new_op();
60 cls_version_inc(*op);
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
67 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
68
69 delete op;
70
/test/cls_version/test_cls_version.cc: 66 in cls_rgw_test_version_inc_read_Test::TestBody()()
60 cls_version_inc(*op);
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
67 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
68
69 delete op;
70
71 obj_version ver3;
/test/cls_version/test_cls_version.cc: 67 in cls_rgw_test_version_inc_read_Test::TestBody()()
61 ASSERT_EQ(0, ioctx.operate(oid, op));
62
63 obj_version ver2;
64
65 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
66 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054845: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
67 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
68
69 delete op;
70
71 obj_version ver3;
72
________________________________________________________________________________________________________
*** CID 1054846: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 76 in cls_rgw_test_version_inc_read_Test::TestBody()()
70
71 obj_version ver3;
72
73 librados::ObjectReadOperation *rop = new_rop();
74 cls_version_read(*rop, &ver3);
75 bufferlist outbl;
>>> CID 1054846: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
76 ASSERT_EQ(0, ioctx.operate(oid, rop, &outbl));
77 ASSERT_EQ(ver2.ver, ver3.ver);
78 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
79
80 delete rop;
81 }
/test/cls_version/test_cls_version.cc: 77 in cls_rgw_test_version_inc_read_Test::TestBody()()
71 obj_version ver3;
72
73 librados::ObjectReadOperation *rop = new_rop();
74 cls_version_read(*rop, &ver3);
75 bufferlist outbl;
76 ASSERT_EQ(0, ioctx.operate(oid, rop, &outbl));
>>> CID 1054846: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
77 ASSERT_EQ(ver2.ver, ver3.ver);
78 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
79
80 delete rop;
81 }
82
/test/cls_version/test_cls_version.cc: 78 in cls_rgw_test_version_inc_read_Test::TestBody()()
72
73 librados::ObjectReadOperation *rop = new_rop();
74 cls_version_read(*rop, &ver3);
75 bufferlist outbl;
76 ASSERT_EQ(0, ioctx.operate(oid, rop, &outbl));
77 ASSERT_EQ(ver2.ver, ver3.ver);
>>> CID 1054846: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
78 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
79
80 delete rop;
81 }
82
83
________________________________________________________________________________________________________
*** CID 1054847: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 259 in cls_rgw_test_version_inc_check_Test::TestBody()()
253 ASSERT_EQ(0, (long long)ver.ver);
254 ASSERT_EQ(0, (int)ver.tag.size());
255
256 /* inc version */
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
262 ASSERT_GT((long long)ver.ver, 0);
263 ASSERT_NE(0, (int)ver.tag.size());
264
/test/cls_version/test_cls_version.cc: 261 in cls_rgw_test_version_inc_check_Test::TestBody()()
255
256 /* inc version */
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
262 ASSERT_GT((long long)ver.ver, 0);
263 ASSERT_NE(0, (int)ver.tag.size());
264
265 obj_version cond_ver = ver;
266
/test/cls_version/test_cls_version.cc: 262 in cls_rgw_test_version_inc_check_Test::TestBody()()
256 /* inc version */
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
262 ASSERT_GT((long long)ver.ver, 0);
263 ASSERT_NE(0, (int)ver.tag.size());
264
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
/test/cls_version/test_cls_version.cc: 263 in cls_rgw_test_version_inc_check_Test::TestBody()()
257 librados::ObjectWriteOperation *op = new_op();
258 cls_version_inc(*op);
259 ASSERT_EQ(0, ioctx.operate(oid, op));
260
261 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver));
262 ASSERT_GT((long long)ver.ver, 0);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
263 ASSERT_NE(0, (int)ver.tag.size());
264
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
268 librados::ObjectReadOperation *rop = new_rop();
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
268 librados::ObjectReadOperation *rop = new_rop();
269 cls_version_check(*rop, cond_ver, VER_COND_EQ);
270 bufferlist bl;
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
270 bufferlist bl;
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054847: Resource leak (RESOURCE_LEAK)
>>> Variable "op" going out of scope leaks the storage it points to.
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
302 delete rop;
________________________________________________________________________________________________________
*** CID 1054848: Resource leak (RESOURCE_LEAK)
/test/cls_version/test_cls_version.cc: 271 in cls_rgw_test_version_inc_check_Test::TestBody()()
265 obj_version cond_ver = ver;
266
267 /* a bunch of conditions that should succeed */
268 librados::ObjectReadOperation *rop = new_rop();
269 cls_version_check(*rop, cond_ver, VER_COND_EQ);
270 bufferlist bl;
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 276 in cls_rgw_test_version_inc_check_Test::TestBody()()
270 bufferlist bl;
271 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
272
273 delete rop;
274 rop = new_rop();
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 281 in cls_rgw_test_version_inc_check_Test::TestBody()()
275 cls_version_check(*rop, cond_ver, VER_COND_GE);
276 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
277
278 delete rop;
279 rop = new_rop();
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 286 in cls_rgw_test_version_inc_check_Test::TestBody()()
280 cls_version_check(*rop, cond_ver, VER_COND_LE);
281 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
282
283 delete rop;
284 rop = new_rop();
285 cls_version_check(*rop, cond_ver, VER_COND_TAG_EQ);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
286 ASSERT_EQ(0, ioctx.operate(oid, rop, &bl));
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
/test/cls_version/test_cls_version.cc: 293 in cls_rgw_test_version_inc_check_Test::TestBody()()
287
288 obj_version ver2;
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
/test/cls_version/test_cls_version.cc: 295 in cls_rgw_test_version_inc_check_Test::TestBody()()
289
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
/test/cls_version/test_cls_version.cc: 296 in cls_rgw_test_version_inc_check_Test::TestBody()()
290 delete op;
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
/test/cls_version/test_cls_version.cc: 297 in cls_rgw_test_version_inc_check_Test::TestBody()()
291 op = new_op();
292 cls_version_inc(*op);
293 ASSERT_EQ(0, ioctx.operate(oid, op));
294
295 ASSERT_EQ(0, cls_version_read(ioctx, oid, &ver2));
296 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
297 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
298
299 delete op;
300
301 /* a bunch of conditions that should fail */
302 delete rop;
/test/cls_version/test_cls_version.cc: 305 in cls_rgw_test_version_inc_check_Test::TestBody()()
299 delete op;
300
301 /* a bunch of conditions that should fail */
302 delete rop;
303 rop = new_rop();
304 cls_version_check(*rop, ver, VER_COND_LT);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
305 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
306
307 delete rop;
308 rop = new_rop();
309 cls_version_check(*rop, cond_ver, VER_COND_LE);
310 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
/test/cls_version/test_cls_version.cc: 310 in cls_rgw_test_version_inc_check_Test::TestBody()()
304 cls_version_check(*rop, ver, VER_COND_LT);
305 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
306
307 delete rop;
308 rop = new_rop();
309 cls_version_check(*rop, cond_ver, VER_COND_LE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
310 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
311
312 delete rop;
313 rop = new_rop();
314 cls_version_check(*rop, cond_ver, VER_COND_TAG_NE);
315 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
316
317 delete rop;
/test/cls_version/test_cls_version.cc: 315 in cls_rgw_test_version_inc_check_Test::TestBody()()
309 cls_version_check(*rop, cond_ver, VER_COND_LE);
310 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
311
312 delete rop;
313 rop = new_rop();
314 cls_version_check(*rop, cond_ver, VER_COND_TAG_NE);
>>> CID 1054848: Resource leak (RESOURCE_LEAK)
>>> Variable "rop" going out of scope leaks the storage it points to.
315 ASSERT_EQ(-ECANCELED, ioctx.operate(oid, rop, &bl));
316
317 delete rop;
________________________________________________________________________________________________________
*** CID 1090104: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/test/librbd/fsx.c: 840 in save_buffer()
834 off_t ret;
835 ssize_t byteswritten;
836
837 if (fd <= 0 || bufferlength == 0)
838 return;
839
>>> CID 1090104: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
>>> "bufferlength > 9223372036854775807L" is always false regardless of the values of its operands. This occurs as the logical operand of if.
840 if (bufferlength > SSIZE_MAX) {
841 prt("fsx flaw: overflow in save_buffer\n");
842 exit(67);
843 }
844
845 ret = lseek(fd, (off_t)0, SEEK_SET);
________________________________________________________________________________________________________
*** CID 1128383: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mount/mount.ceph.c: 179 in parse_options()
173
174 /* secret is only added to kernel options as
175 backwards compatilbity, if add_key doesn't
176 recognize our keytype; hence, it is skipped
177 here and appended to options on add_key
178 failure */
>>> CID 1128383: Buffer not null terminated (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 1000 bytes on destination array "secret" of size 1000 bytes might leave the destination string unterminated.
179 strncpy(secret, value, sizeof(secret));
180 saw_secret = secret;
181 skip = 1;
182 } else if (strncmp(data, "name", 4) == 0) {
183 if (!value || !*value) {
184 printf("mount option name requires a value.\n");
________________________________________________________________________________________________________
*** CID 1128384: Ignoring number of bytes read (CHECKED_RETURN)
/arch/neon.c: 23 in get_auxval()
17 static unsigned long get_auxval(unsigned long type)
18 {
19 unsigned long result = 0;
20 FILE *f = fopen("/proc/self/auxv", "r");
21 if (f) {
22 ElfW(auxv_t) entry;
>>> CID 1128384: Ignoring number of bytes read (CHECKED_RETURN)
>>> "fread(void * restrict, size_t, size_t, FILE * restrict)" returns the number of bytes read, but it is ignored.
23 while (fread(&entry, sizeof(entry), 1, f)) {
24 if (entry.a_type == type) {
25 result = entry.a_un.a_val;
26 break;
27 }
28 }
________________________________________________________________________________________________________
*** CID 1128390: Copy-paste error (COPY_PASTE_ERROR)
/client/SyntheticClient.cc: 3075 in SyntheticClient::foo()()
3069 int c = rand() % s;
3070 int d = rand() % s;
3071 int e = rand() % s;
3072 int f = rand() % s;
3073 char src[80];
3074 char dst[80];
>>> CID 1128390: Copy-paste error (COPY_PASTE_ERROR)
>>> ""syn.0.0/dir.%d/dir.%d/file.%d"" in ""syn.0.0/dir.%d/dir.%d/file.%d"" looks like a copy-paste error.
3075 snprintf(src, sizeof(src), "syn.0.0/dir.%d/dir.%d/file.%d", a, b, c);
3076 snprintf(dst, sizeof(dst), "syn.0.0/dir.%d/dir.%d/newlink.%d", d, e, f);
3077 client->link(src, dst);
3078 }
3079 srand(0);
3080 for (int i=0; i<100; i++) {
________________________________________________________________________________________________________
*** CID 1128391: Logically dead code (DEADCODE)
/rgw/rgw_rados.cc: 4258 in RGWRados::prepare_get_obj(void *, rgw_obj &, long *, long *, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>, std::allocator<std::pair<const std::basic_string<char, std::char_traits<char>, std::allocator<char>>, ceph::buffer::list>>> *, const long *, const long *, long *, const char *, const char *, unsigned long *, unsigned long *, RGWObjVersionTracker *, void **, rgw_err *)()
4252 if (cct->_conf->subsys.should_gather(ceph_subsys_rgw, 20)) {
4253 for (iter = attrs->begin(); iter != attrs->end(); ++iter) {
4254 ldout(cct, 20) << "Read xattr: " << iter->first << dendl;
4255 }
4256 }
4257 if (r < 0)
>>> CID 1128391: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "goto done_err;".
4258 goto done_err;
4259 }
4260
4261 /* Convert all times go GMT to make them compatible */
4262 if (mod_ptr || unmod_ptr) {
4263 ctime = astate->mtime;
________________________________________________________________________________________________________
*** CID 1128392: Division or modulo by zero (DIVIDE_BY_ZERO)
/mds/MDS.cc: 2119 in MDS::_dispatch(Message *)()
2113
2114 list<CDir*> ls;
2115 in->get_dirfrags(ls);
2116 if (ls.empty())
2117 continue; // must be an open dir.
2118 list<CDir*>::iterator p = ls.begin();
>>> CID 1128392: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "rand() % ls.size()", modulo by expression "ls.size()" which may be zero has undefined behavior.
2119 int n = rand() % ls.size();
2120 while (n--)
2121 ++p;
2122 CDir *dir = *p;
2123 if (!dir->get_parent_dir()) continue; // must be linked.
2124 if (!dir->is_auth()) continue; // must be auth.
________________________________________________________________________________________________________
*** CID 1128395: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 387 in FileJournal::create()()
381 // static zeroed buffer for alignment padding
382 delete [] zero_buf;
383 zero_buf = new char[header.alignment];
384 memset(zero_buf, 0, header.alignment);
385
386 bp = prepare_header();
>>> CID 1128395: Use after close (USE_AFTER_FREE)
>>> Passing closed handle "this->fd" as an argument to "pwrite".
387 if (TEMP_FAILURE_RETRY(::pwrite(fd, bp.c_str(), bp.length(), 0)) < 0) {
388 ret = errno;
389 derr << "FileJournal::create : create write header error "
390 << cpp_strerror(ret) << dendl;
391 goto close_fd;
392 }
________________________________________________________________________________________________________
*** CID 1128396: Use after free (USE_AFTER_FREE)
/os/FileJournal.cc: 347 in FileJournal::check()()
341 }
342
343 dout(1) << "check: header looks ok" << dendl;
344 ret = 0;
345
346 done:
>>> CID 1128396: Use after free (USE_AFTER_FREE)
>>> Calling "close(int)" closes handle "this->fd" which has already been closed.
347 VOID_TEMP_FAILURE_RETRY(::close(fd));
348 fd = -1;
349 return ret;
350 }
351
352
/os/FileJournal.cc: 332 in FileJournal::check()()
326 int ret;
327
328 ret = _open(false, false);
329 if (ret < 0)
330 goto done;
331
>>> CID 1128396: Use after free (USE_AFTER_FREE)
>>> Passing closed handle "this->fd" as an argument to "read_header".
332 ret = read_header();
333 if (ret < 0)
334 goto done;
335
336 if (header.fsid != fsid) {
337 derr << "check: ondisk fsid " << header.fsid << " doesn't match expected " << fsid
________________________________________________________________________________________________________
*** CID 1128397: Use after close (USE_AFTER_FREE)
/os/FileJournal.cc: 464 in FileJournal::open(unsigned long)()
458
459 // assume writeable, unless...
460 read_pos = 0;
461 write_pos = get_top();
462
463 // read header?
>>> CID 1128397: Use after close (USE_AFTER_FREE)
>>> Passing closed handle "this->fd" as an argument to "read_header".
464 err = read_header();
465 if (err < 0)
466 return err;
467
468 // static zeroed buffer for alignment padding
469 delete [] zero_buf;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-05-20 16:16 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-05-20 16:16 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 3755 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id F2822803BC
for <sage@cobra.newdream.net>; Tue, 20 May 2014 06:18:54 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id EE2E51209A4; Tue, 20 May 2014 06:18:54 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from diehard.dreamhost.com (caiajhbdcbfh.dreamhost.com
[208.97.132.157])
by destro.newdream.net (Postfix) with ESMTP id E8D511209A0
for <sage@newdream.net>; Tue, 20 May 2014 06:18:54 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by diehard.dreamhost.com (Postfix) with ESMTP id E45353C421C
for <sage@newdream.net>; Tue, 20 May 2014 06:18:54 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at diehard.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from connor.dreamhost.com ([208.97.132.17])
by localhost (diehard.dreamhost.com [208.97.132.157]) (amavisd-new,
port 10024) with ESMTP id g6sVAR2lPwsI for <sage@newdream.net>;
Tue, 20 May 2014 06:18:54 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by connor.dreamhost.com (Postfix) with ESMTP id 8E86E2CA830F
for <sage@newdream.net>; Tue, 20 May 2014 06:17:45 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Tue, 20 May 2014 06:19:14 -0700
Date: Tue, 20 May 2014 06:17:44 -0700
From: scan-admin@coverity.com
Message-ID: <537b55f82226c_1e8939b31849687@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 20 May 2014 13:19:14.0803 (UTC)
FILETIME=[18A83C30:01CF742E]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1214678: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr<const OSDMap>, std::tr1::shared_ptr<const OSDMap>, spg_t)()
________________________________________________________________________________________________________
*** CID 1214678: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr<const OSDMap>, std::tr1::shared_ptr<const OSDMap>, spg_t)()
312 OSDMapRef new_map,
313 spg_t pgid)
314 {
315 assert(old_map->have_pg_pool(pgid.pool()));
316 if (pgid.ps() < static_cast<unsigned>(old_map->get_pg_num(pgid.pool()))) {
317 set<spg_t> children;
>>> CID 1214678: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "pgid.is_split(old_map->get_pg_num(pgid.pool()), new_map->get_pg_num(pgid.pool()), &children)".
318 pgid.is_split(old_map->get_pg_num(pgid.pool()),
319 new_map->get_pg_num(pgid.pool()), &children);
320 _start_split(pgid, children);
321 } else {
322 assert(pgid.ps() < static_cast<unsigned>(new_map->get_pg_num(pgid.pool())));
323 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Tue, 20 May 2014 06:17:44 -0700
Message-ID: <537b55f82226c_1e8939b31849687@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)
** CID 1214678: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr<const OSDMap>, std::tr1::shared_ptr<const OSDMap>, spg_t)()
________________________________________________________________________________________________________
*** CID 1214678: Unchecked return value (CHECKED_RETURN)
/osd/OSD.cc: 318 in OSDService::_maybe_split_pgid(std::tr1::shared_ptr<const OSDMap>, std::tr1::shared_ptr<const OSDMap>, spg_t)()
312 OSDMapRef new_map,
313 spg_t pgid)
314 {
315 assert(old_map->have_pg_pool(pgid.pool()));
316 if (pgid.ps() < static_cast<unsigned>(old_map->get_pg_num(pgid.pool()))) {
317 set<spg_t> children;
>>> CID 1214678: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "pgid.is_split(old_map->get_pg_num(pgid.pool()), new_map->get_pg_num(pgid.pool()), &children)".
318 pgid.is_split(old_map->get_pg_num(pgid.pool()),
319 new_map->get_pg_num(pgid.pool()), &children);
320 _start_split(pgid, children);
321 } else {
322 assert(pgid.ps() < static_cast<unsigned>(new_map->get_pg_num(pgid.pool())));
323 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-05-10 16:03 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-05-10 16:03 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 10539 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 16C6080466
for <sage@cobra.newdream.net>; Sat, 10 May 2014 02:35:27 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 13FA212097D; Sat, 10 May 2014 02:35:27 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from diehard.dreamhost.com (caiajhbdcbfh.dreamhost.com
[208.97.132.157])
by destro.newdream.net (Postfix) with ESMTP id 1281412097C
for <sage@newdream.net>; Sat, 10 May 2014 02:35:27 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by diehard.dreamhost.com (Postfix) with ESMTP id 0CD1617BD5D4
for <sage@newdream.net>; Sat, 10 May 2014 02:35:27 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at diehard.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from connor.dreamhost.com ([208.97.132.17])
by localhost (diehard.dreamhost.com [208.97.132.157]) (amavisd-new,
port 10024) with ESMTP id oUice6qz0mNh for <sage@newdream.net>;
Sat, 10 May 2014 02:35:26 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by connor.dreamhost.com (Postfix) with ESMTP id BE31A2CA8029
for <sage@newdream.net>; Sat, 10 May 2014 02:35:26 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Sat, 10 May 2014 02:36:46 -0700
Date: Sat, 10 May 2014 02:35:26 -0700
From: scan-admin@coverity.com
Message-ID: <536df2de21f2b_137ae8a06c2933@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 10 May 2014 09:36:46.0143 (UTC)
FILETIME=[5C1ADCF0:01CF6C33]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 717008: Dereference null return value (NULL_RETURNS)
** CID 1128417: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)()
** CID 1213580: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr<OpRequest>, std::tr1::shared_ptr<const OSDMap>)()
** CID 1213581: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)()
** CID 1213582: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 359 in Watch::discard_state()()
** CID 1213583: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 321 in Watch::connect(boost::intrusive_ptr<Connection>)()
** CID 1213584: Thread deadlock (ORDER_REVERSAL)
** CID 1213585: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 717008: Dereference null return value (NULL_RETURNS)
/osd/ReplicatedPG.cc: 4962 in ReplicatedPG::do_osd_op_effects(ReplicatedPG::OpContext *)()
4956
4957 void ReplicatedPG::do_osd_op_effects(OpContext *ctx)
4958 {
4959 ConnectionRef conn(ctx->op->get_req()->get_connection());
4960 boost::intrusive_ptr<OSD::Session> session(
4961 (OSD::Session *)conn->get_priv());
>>> CID 717008: Dereference null return value (NULL_RETURNS)
>>> Dereferencing a pointer that might be null "session" when calling "RefCountedObject::put()".
4962 session->put(); // get_priv() takes a ref, and so does the intrusive_ptr
4963 entity_name_t entity = ctx->reqid.name;
4964
4965 dout(15) << "do_osd_op_effects on session " << session.get() << dendl;
4966
4967 for (list<watch_info_t>::iterator i = ctx->watch_connects.begin();
________________________________________________________________________________________________________
*** CID 1128417: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)()
9980 } else {
9981 // note: this can only happen our first way around this loop.
9982 if (p.end() && m->is_flag_error_dn()) {
9983 fg = cur->pick_dirfrag(m->get_error_dentry());
9984 curdir = cur->get_dirfrag(fg);
9985 } else
>>> CID 1128417: Dereference null return value (NULL_RETURNS)
>>> Assigning: "curdir" = null return value from "CInode::get_dirfrag(frag_t)".
9986 curdir = cur->get_dirfrag(m->get_base_dir_frag());
9987 }
9988
9989 if (p.end())
9990 break;
9991
________________________________________________________________________________________________________
*** CID 1213580: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr<OpRequest>, std::tr1::shared_ptr<const OSDMap>)()
5144 // we're shutting down, so drop the op
5145 return true;
5146 }
5147
5148 epoch_t msg_epoch(op_required_epoch(op));
5149 if (msg_epoch > osdmap->get_epoch()) {
>>> CID 1213580: Dereference null return value (NULL_RETURNS)
>>> Assigning: "s" = null return value from "Connection::get_priv()".
5150 Session *s = static_cast<Session*>(op->get_req()->
5151 get_connection()->get_priv());
5152 s->received_map_lock.Lock();
5153 epoch_t received_epoch = s->received_map_epoch;
5154 s->received_map_lock.Unlock();
5155 if (received_epoch < msg_epoch) {
________________________________________________________________________________________________________
*** CID 1213581: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)()
4938
4939 void OSD::ms_fast_preprocess(Message *m)
4940 {
4941 if (m->get_connection()->get_peer_type() == CEPH_ENTITY_TYPE_OSD) {
4942 if (m->get_type() == CEPH_MSG_OSD_MAP) {
4943 MOSDMap *mm = static_cast<MOSDMap*>(m);
>>> CID 1213581: Dereference null return value (NULL_RETURNS)
>>> Assigning: "s" = null return value from "Connection::get_priv()".
4944 Session *s = static_cast<Session*>(m->get_connection()->get_priv());
4945 s->received_map_lock.Lock();
4946 s->received_map_epoch = mm->get_last();
4947 s->received_map_lock.Unlock();
4948 s->put();
4949 }
________________________________________________________________________________________________________
*** CID 1213582: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 359 in Watch::discard_state()()
353 assert(!discarded);
354 assert(obc);
355 in_progress_notifies.clear();
356 unregister_cb();
357 discarded = true;
358 if (conn) {
>>> CID 1213582: Dereference null return value (NULL_RETURNS)
>>> Assigning: "sessionref" = null return value from "Connection::get_priv()".
359 OSD::Session* sessionref(static_cast<OSD::Session*>(conn->get_priv()));
360 sessionref->wstate.removeWatch(self.lock());
361 sessionref->put();
362 conn = ConnectionRef();
363 }
364 obc = ObjectContextRef();
________________________________________________________________________________________________________
*** CID 1213583: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 321 in Watch::connect(boost::intrusive_ptr<Connection>)()
315 }
316
317 void Watch::connect(ConnectionRef con)
318 {
319 dout(10) << "connecting" << dendl;
320 conn = con;
>>> CID 1213583: Dereference null return value (NULL_RETURNS)
>>> Assigning: "sessionref" = null return value from "Connection::get_priv()".
321 OSD::Session* sessionref(static_cast<OSD::Session*>(con->get_priv()));
322 sessionref->wstate.addWatch(self.lock());
323 sessionref->put();
324 for (map<uint64_t, NotifyRef>::iterator i = in_progress_notifies.begin();
325 i != in_progress_notifies.end();
326 ++i) {
________________________________________________________________________________________________________
*** CID 1213584: Thread deadlock (ORDER_REVERSAL)
/osd/OSD.cc: 8089 in C_CompleteSplits::finish(int)()
8083 PG::RecoveryCtx rctx = osd->create_context();
8084 set<spg_t> to_complete;
8085 for (set<boost::intrusive_ptr<PG> >::iterator i = pgs.begin();
8086 i != pgs.end();
8087 ++i) {
8088 osd->pg_map_lock.get_write();
>>> CID 1213584: Thread deadlock (ORDER_REVERSAL)
>>> Calling "PG::lock(bool)" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 13).
8089 (*i)->lock();
8090 osd->add_newly_split_pg(&**i, &rctx);
8091 if (!((*i)->deleting)) {
8092 to_complete.insert((*i)->info.pgid);
8093 osd->service.complete_split(to_complete);
8094 }
________________________________________________________________________________________________________
*** CID 1213585: Thread deadlock (ORDER_REVERSAL)
/osd/OSD.cc: 7447 in OSD::check_replay_queue()()
7441 replay_queue_lock.Unlock();
7442
7443 for (list< pair<spg_t,utime_t> >::iterator p = pgids.begin(); p != pgids.end(); ++p) {
7444 spg_t pgid = p->first;
7445 pg_map_lock.get_read();
7446 if (pg_map.count(pgid)) {
>>> CID 1213585: Thread deadlock (ORDER_REVERSAL)
>>> Calling "OSD::_lookup_lock_pg_with_map_lock_held(spg_t)" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 13).
7447 PG *pg = _lookup_lock_pg_with_map_lock_held(pgid);
7448 pg_map_lock.unlock();
7449 dout(10) << "check_replay_queue " << *pg << dendl;
7450 if (pg->is_active() &&
7451 pg->is_replay() &&
7452 pg->is_primary() &&
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Sat, 10 May 2014 02:35:26 -0700
Message-ID: <536df2de21f2b_137ae8a06c2933@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 8 of 8 defect(s)
** CID 717008: Dereference null return value (NULL_RETURNS)
** CID 1128417: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)()
** CID 1213580: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr<OpRequest>, std::tr1::shared_ptr<const OSDMap>)()
** CID 1213581: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)()
** CID 1213582: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 359 in Watch::discard_state()()
** CID 1213583: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 321 in Watch::connect(boost::intrusive_ptr<Connection>)()
** CID 1213584: Thread deadlock (ORDER_REVERSAL)
** CID 1213585: Thread deadlock (ORDER_REVERSAL)
________________________________________________________________________________________________________
*** CID 717008: Dereference null return value (NULL_RETURNS)
/osd/ReplicatedPG.cc: 4962 in ReplicatedPG::do_osd_op_effects(ReplicatedPG::OpContext *)()
4956
4957 void ReplicatedPG::do_osd_op_effects(OpContext *ctx)
4958 {
4959 ConnectionRef conn(ctx->op->get_req()->get_connection());
4960 boost::intrusive_ptr<OSD::Session> session(
4961 (OSD::Session *)conn->get_priv());
>>> CID 717008: Dereference null return value (NULL_RETURNS)
>>> Dereferencing a pointer that might be null "session" when calling "RefCountedObject::put()".
4962 session->put(); // get_priv() takes a ref, and so does the intrusive_ptr
4963 entity_name_t entity = ctx->reqid.name;
4964
4965 dout(15) << "do_osd_op_effects on session " << session.get() << dendl;
4966
4967 for (list<watch_info_t>::iterator i = ctx->watch_connects.begin();
________________________________________________________________________________________________________
*** CID 1128417: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 9986 in MDCache::handle_discover_reply(MDiscoverReply *)()
9980 } else {
9981 // note: this can only happen our first way around this loop.
9982 if (p.end() && m->is_flag_error_dn()) {
9983 fg = cur->pick_dirfrag(m->get_error_dentry());
9984 curdir = cur->get_dirfrag(fg);
9985 } else
>>> CID 1128417: Dereference null return value (NULL_RETURNS)
>>> Assigning: "curdir" = null return value from "CInode::get_dirfrag(frag_t)".
9986 curdir = cur->get_dirfrag(m->get_base_dir_frag());
9987 }
9988
9989 if (p.end())
9990 break;
9991
________________________________________________________________________________________________________
*** CID 1213580: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 5150 in OSD::dispatch_op_fast(std::tr1::shared_ptr<OpRequest>, std::tr1::shared_ptr<const OSDMap>)()
5144 // we're shutting down, so drop the op
5145 return true;
5146 }
5147
5148 epoch_t msg_epoch(op_required_epoch(op));
5149 if (msg_epoch > osdmap->get_epoch()) {
>>> CID 1213580: Dereference null return value (NULL_RETURNS)
>>> Assigning: "s" = null return value from "Connection::get_priv()".
5150 Session *s = static_cast<Session*>(op->get_req()->
5151 get_connection()->get_priv());
5152 s->received_map_lock.Lock();
5153 epoch_t received_epoch = s->received_map_epoch;
5154 s->received_map_lock.Unlock();
5155 if (received_epoch < msg_epoch) {
________________________________________________________________________________________________________
*** CID 1213581: Dereference null return value (NULL_RETURNS)
/osd/OSD.cc: 4944 in OSD::ms_fast_preprocess(Message *)()
4938
4939 void OSD::ms_fast_preprocess(Message *m)
4940 {
4941 if (m->get_connection()->get_peer_type() == CEPH_ENTITY_TYPE_OSD) {
4942 if (m->get_type() == CEPH_MSG_OSD_MAP) {
4943 MOSDMap *mm = static_cast<MOSDMap*>(m);
>>> CID 1213581: Dereference null return value (NULL_RETURNS)
>>> Assigning: "s" = null return value from "Connection::get_priv()".
4944 Session *s = static_cast<Session*>(m->get_connection()->get_priv());
4945 s->received_map_lock.Lock();
4946 s->received_map_epoch = mm->get_last();
4947 s->received_map_lock.Unlock();
4948 s->put();
4949 }
________________________________________________________________________________________________________
*** CID 1213582: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 359 in Watch::discard_state()()
353 assert(!discarded);
354 assert(obc);
355 in_progress_notifies.clear();
356 unregister_cb();
357 discarded = true;
358 if (conn) {
>>> CID 1213582: Dereference null return value (NULL_RETURNS)
>>> Assigning: "sessionref" = null return value from "Connection::get_priv()".
359 OSD::Session* sessionref(static_cast<OSD::Session*>(conn->get_priv()));
360 sessionref->wstate.removeWatch(self.lock());
361 sessionref->put();
362 conn = ConnectionRef();
363 }
364 obc = ObjectContextRef();
________________________________________________________________________________________________________
*** CID 1213583: Dereference null return value (NULL_RETURNS)
/osd/Watch.cc: 321 in Watch::connect(boost::intrusive_ptr<Connection>)()
315 }
316
317 void Watch::connect(ConnectionRef con)
318 {
319 dout(10) << "connecting" << dendl;
320 conn = con;
>>> CID 1213583: Dereference null return value (NULL_RETURNS)
>>> Assigning: "sessionref" = null return value from "Connection::get_priv()".
321 OSD::Session* sessionref(static_cast<OSD::Session*>(con->get_priv()));
322 sessionref->wstate.addWatch(self.lock());
323 sessionref->put();
324 for (map<uint64_t, NotifyRef>::iterator i = in_progress_notifies.begin();
325 i != in_progress_notifies.end();
326 ++i) {
________________________________________________________________________________________________________
*** CID 1213584: Thread deadlock (ORDER_REVERSAL)
/osd/OSD.cc: 8089 in C_CompleteSplits::finish(int)()
8083 PG::RecoveryCtx rctx = osd->create_context();
8084 set<spg_t> to_complete;
8085 for (set<boost::intrusive_ptr<PG> >::iterator i = pgs.begin();
8086 i != pgs.end();
8087 ++i) {
8088 osd->pg_map_lock.get_write();
>>> CID 1213584: Thread deadlock (ORDER_REVERSAL)
>>> Calling "PG::lock(bool)" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 13).
8089 (*i)->lock();
8090 osd->add_newly_split_pg(&**i, &rctx);
8091 if (!((*i)->deleting)) {
8092 to_complete.insert((*i)->info.pgid);
8093 osd->service.complete_split(to_complete);
8094 }
________________________________________________________________________________________________________
*** CID 1213585: Thread deadlock (ORDER_REVERSAL)
/osd/OSD.cc: 7447 in OSD::check_replay_queue()()
7441 replay_queue_lock.Unlock();
7442
7443 for (list< pair<spg_t,utime_t> >::iterator p = pgids.begin(); p != pgids.end(); ++p) {
7444 spg_t pgid = p->first;
7445 pg_map_lock.get_read();
7446 if (pg_map.count(pgid)) {
>>> CID 1213585: Thread deadlock (ORDER_REVERSAL)
>>> Calling "OSD::_lookup_lock_pg_with_map_lock_held(spg_t)" acquires lock "Mutex._m" while holding lock "RWLock.L" (count: 5 / 13).
7447 PG *pg = _lookup_lock_pg_with_map_lock_held(pgid);
7448 pg_map_lock.unlock();
7449 dout(10) << "check_replay_queue " << *pg << dendl;
7450 if (pg->is_active() &&
7451 pg->is_replay() &&
7452 pg->is_primary() &&
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-04-22 15:26 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2014-04-22 15:26 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 7442 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id D7AC080466
for <sage@cobra.newdream.net>; Tue, 22 Apr 2014 07:13:09 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id D5135120996; Tue, 22 Apr 2014 07:13:09 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from madmax.dreamhost.com (caiajhbdcbdj.dreamhost.com
[208.97.132.139])
by destro.newdream.net (Postfix) with ESMTP id D2101120992
for <sage@newdream.net>; Tue, 22 Apr 2014 07:13:09 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by madmax.dreamhost.com (Postfix) with ESMTP id B812AFD6CE9
for <sage@newdream.net>; Tue, 22 Apr 2014 07:13:09 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at madmax.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from terminator.dreamhost.com ([208.97.132.17])
by localhost (madmax.dreamhost.com [208.97.132.139]) (amavisd-new,
port 10024) with ESMTP id tSS6+oFcfbEm for <sage@newdream.net>;
Tue, 22 Apr 2014 07:13:09 -0700 (PDT)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by terminator.dreamhost.com (Postfix) with ESMTP id 1BF112884064
for <sage@newdream.net>; Tue, 22 Apr 2014 07:13:07 -0700 (PDT)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Tue, 22 Apr 2014 07:14:05 -0700
Date: Tue, 22 Apr 2014 07:13:05 -0700
From: scan-admin@coverity.com
Message-ID: <535678f165c82_2069a3406c928f3@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 22 Apr 2014 14:14:05.0749 (UTC)
FILETIME=[1EA5BE50:01CF5E35]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mds/MDS.cc: 1714 in MDS::respawn()()
** CID 1204294: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 980 in ReplicatedPG::do_pg_op(std::tr1::shared_ptr<OpRequest>)()
** CID 1204295: Uninitialized scalar field (UNINIT_CTOR)
/osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()()
** CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
________________________________________________________________________________________________________
*** CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mds/MDS.cc: 1714 in MDS::respawn()()
1708 char buf[PATH_MAX];
1709 char *cwd = getcwd(buf, sizeof(buf));
1710 assert(cwd);
1711 dout(1) << " cwd " << cwd << dendl;
1712
1713 /* Fall back to a best-effort: just running in our CWD */
>>> CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 4096 bytes on destination array "exe_path" of size 4096 bytes might leave the destination string unterminated.
1714 strncpy(exe_path, orig_argv[0], sizeof(exe_path));
1715 }
1716
1717 dout(1) << " exe_path " << exe_path << dendl;
1718
1719 unblock_all_signals(NULL);
________________________________________________________________________________________________________
*** CID 1204294: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 980 in ReplicatedPG::do_pg_op(std::tr1::shared_ptr<OpRequest>)()
974 // FIXME: EC not supported yet
975 result = -EOPNOTSUPP;
976 break;
977 }
978 if (is_unreadable_object(oid)) {
979 wait_for_unreadable_object(oid, op);
>>> CID 1204294: Resource leak (RESOURCE_LEAK)
>>> Variable "filter" going out of scope leaks the storage it points to.
980 return;
981 }
982 result = osd->store->read(coll, oid, 0, 0, osd_op.outdata);
983 }
984 }
985 break;
________________________________________________________________________________________________________
*** CID 1204295: Uninitialized scalar field (UNINIT_CTOR)
/osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()()
2710 /// if set, restart backfill when we can get a read lock
2711 bool backfill_read_marker;
2712
2713 /// if set, requeue snaptrim on lock release
2714 bool snaptrimmer_write_marker;
2715
>>> CID 1204295: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "snaptrimmer_write_marker" is not initialized in this constructor nor in any functions that it calls.
2716 RWState() : state(RWNONE), count(0), backfill_read_marker(false) {}
2717 bool get_read(OpRequestRef op) {
2718 if (get_read_lock()) {
2719 return true;
2720 } // else
2721 waiters.push_back(op);
________________________________________________________________________________________________________
*** CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
1159 out_handler[i] = NULL;
1160 out_rval[i] = NULL;
1161 }
1162
1163 if (target.base_oloc.key == o)
1164 target.base_oloc.key.clear();
>>> CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "used_replica" is not initialized in this constructor nor in any functions that it calls.
1165 }
1166 ~Op() {
1167 while (!out_handler.empty()) {
1168 delete out_handler.back();
1169 out_handler.pop_back();
1170 }
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
1159 out_handler[i] = NULL;
1160 out_rval[i] = NULL;
1161 }
1162
1163 if (target.base_oloc.key == o)
1164 target.base_oloc.key.clear();
>>> CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "used_replica" is not initialized in this constructor nor in any functions that it calls.
1165 }
1166 ~Op() {
1167 while (!out_handler.empty()) {
1168 delete out_handler.back();
1169 out_handler.pop_back();
1170 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Tue, 22 Apr 2014 07:13:05 -0700
Message-ID: <535678f165c82_2069a3406c928f3@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mds/MDS.cc: 1714 in MDS::respawn()()
** CID 1204294: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 980 in ReplicatedPG::do_pg_op(std::tr1::shared_ptr<OpRequest>)()
** CID 1204295: Uninitialized scalar field (UNINIT_CTOR)
/osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()()
** CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
________________________________________________________________________________________________________
*** CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING)
/mds/MDS.cc: 1714 in MDS::respawn()()
1708 char buf[PATH_MAX];
1709 char *cwd = getcwd(buf, sizeof(buf));
1710 assert(cwd);
1711 dout(1) << " cwd " << cwd << dendl;
1712
1713 /* Fall back to a best-effort: just running in our CWD */
>>> CID 1204293: Buffer not null terminated (BUFFER_SIZE_WARNING)
>>> Calling strncpy with a maximum size argument of 4096 bytes on destination array "exe_path" of size 4096 bytes might leave the destination string unterminated.
1714 strncpy(exe_path, orig_argv[0], sizeof(exe_path));
1715 }
1716
1717 dout(1) << " exe_path " << exe_path << dendl;
1718
1719 unblock_all_signals(NULL);
________________________________________________________________________________________________________
*** CID 1204294: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 980 in ReplicatedPG::do_pg_op(std::tr1::shared_ptr<OpRequest>)()
974 // FIXME: EC not supported yet
975 result = -EOPNOTSUPP;
976 break;
977 }
978 if (is_unreadable_object(oid)) {
979 wait_for_unreadable_object(oid, op);
>>> CID 1204294: Resource leak (RESOURCE_LEAK)
>>> Variable "filter" going out of scope leaks the storage it points to.
980 return;
981 }
982 result = osd->store->read(coll, oid, 0, 0, osd_op.outdata);
983 }
984 }
985 break;
________________________________________________________________________________________________________
*** CID 1204295: Uninitialized scalar field (UNINIT_CTOR)
/osd/osd_types.h: 2716 in ObjectContext::RWState::RWState()()
2710 /// if set, restart backfill when we can get a read lock
2711 bool backfill_read_marker;
2712
2713 /// if set, requeue snaptrim on lock release
2714 bool snaptrimmer_write_marker;
2715
>>> CID 1204295: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "snaptrimmer_write_marker" is not initialized in this constructor nor in any functions that it calls.
2716 RWState() : state(RWNONE), count(0), backfill_read_marker(false) {}
2717 bool get_read(OpRequestRef op) {
2718 if (get_read_lock()) {
2719 return true;
2720 } // else
2721 waiters.push_back(op);
________________________________________________________________________________________________________
*** CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
1159 out_handler[i] = NULL;
1160 out_rval[i] = NULL;
1161 }
1162
1163 if (target.base_oloc.key == o)
1164 target.base_oloc.key.clear();
>>> CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "used_replica" is not initialized in this constructor nor in any functions that it calls.
1165 }
1166 ~Op() {
1167 while (!out_handler.empty()) {
1168 delete out_handler.back();
1169 out_handler.pop_back();
1170 }
/osdc/Objecter.h: 1165 in Objecter::Op::Op(const object_t &, const object_locator_t &, std::vector<OSDOp, std::allocator<OSDOp>> &, int, Context *, Context *, unsigned long *)()
1159 out_handler[i] = NULL;
1160 out_rval[i] = NULL;
1161 }
1162
1163 if (target.base_oloc.key == o)
1164 target.base_oloc.key.clear();
>>> CID 1204296: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "used_replica" is not initialized in this constructor nor in any functions that it calls.
1165 }
1166 ~Op() {
1167 while (!out_handler.empty()) {
1168 delete out_handler.back();
1169 out_handler.pop_back();
1170 }
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2014-03-03 22:23 Sage Weil
2014-03-03 22:53 ` John Spray
0 siblings, 1 reply; 33+ messages in thread
From: Sage Weil @ 2014-03-03 22:23 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 22397 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id E9EF181376
for <sage@cobra.newdream.net>; Mon, 3 Mar 2014 10:52:15 -0800 (PST)
Received: by destro.newdream.net (Postfix)
id DBA3C120AD7; Mon, 3 Mar 2014 10:52:15 -0800 (PST)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdccah.dreamhost.com
[208.97.132.207])
by destro.newdream.net (Postfix) with ESMTP id D98E5120ACB
for <sage@newdream.net>; Mon, 3 Mar 2014 10:52:15 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
34433A0C105
for <sage@newdream.net>; Mon, 3 Mar 2014 10:52:14 -0800 (PST)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from connor.dreamhost.com ([208.97.132.205])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id H+1k+uDI1FiS for <sage@newdream.net>;
Mon, 3 Mar 2014 10:52:14 -0800 (PST)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by connor.dreamhost.com (Postfix) with ESMTP id 655EA2CA800B
for <sage@newdream.net>; Mon, 3 Mar 2014 10:52:13 -0800 (PST)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Mon, 3 Mar 2014 10:51:33 -0800
Date: Mon, 03 Mar 2014 10:51:03 -0800
From: scan-admin@coverity.com
Message-ID: <5314cf17686c2_5c916390704162e@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 03 Mar 2014 18:51:33.0371 (UTC)
FILETIME=[98BFC4B0:01CF3711]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 15 of 15 defect(s)
** CID 1188299: Data race condition (MISSING_LOCK)
/mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()
** CID 717359: Uninitialized scalar field (UNINIT_CTOR)
/rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)()
** CID 1188131: Division or modulo by zero (DIVIDE_BY_ZERO)
/common/histogram.h: 97 in pow2_hist_t::get_position_micro(int, unsigned long *, unsigned long *)()
** CID 716921: Dereference after null check (FORWARD_NULL)
/mds/MDCache.cc: 6950 in MDCache::handle_cache_expire(MCacheExpire *)()
** CID 1188134: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 428 in RPGTransaction::append(PGBackend::PGTransaction *)()
** CID 1188135: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 494 in ReplicatedBackend::submit_transaction(const hobject_t &, const eversion_t &, PGBackend::PGTransaction *, const eversion_t &, std::vector<pg_log_entry_t, std::allocator<pg_log_entry_t>> &, Context *, Context *, Context *, unsigned long, osd_reqid_t, std::tr1::shared_ptr<OpRequest>)()
** CID 716990: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 10098 in MDCache::handle_discover(MDiscover *)()
** CID 1135931: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
** CID 1135933: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
** CID 1188126: Unchecked return value (CHECKED_RETURN)
/test/objectstore/store_test.cc: 564 in SyntheticWorkloadState::stat()()
** CID 1188145: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 5231 in ReplicatedPG::fill_in_copy_get(ReplicatedPG::OpContext *, ceph::buffer::list::iterator &, OSDOp &, std::tr1::shared_ptr<ObjectContext> &, bool)()
** CID 1188156: Resource leak (RESOURCE_LEAK)
/test/librados/c_write_operations.cc: 131 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 134 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 136 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 138 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 139 in LibRadosCWriteOps_Exec_Test::TestBody()()
** CID 1160848: Uninitialized scalar variable (UNINIT)
/osdc/Objecter.cc: 1519 in Objecter::recalc_op_target(Objecter::Op *)()
** CID 1030132: Uninitialized scalar variable (UNINIT)
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
** CID 1135932: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
________________________________________________________________________________________________________
*** CID 1188299: Data race condition (MISSING_LOCK)
/mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()
136
137 void MDSUtility::handle_mds_map(MMDSMap* m)
138 {
139 mdsmap->decode(m->get_encoded());
140 if (waiting_for_mds_map) {
141 waiting_for_mds_map->complete(0);
>>> CID 1188299: Data race condition (MISSING_LOCK)
>>> Accessing "this->waiting_for_mds_map" ("MDSUtility.waiting_for_mds_map") requires the "Mutex._m" lock.
142 waiting_for_mds_map = NULL;
143 }
144 }
145
146
147 bool MDSUtility::ms_get_authorizer(int dest_type, AuthAuthorizer **authorizer,
________________________________________________________________________________________________________
*** CID 717359: Uninitialized scalar field (UNINIT_CTOR)
/rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)()
155 length = NULL;
156 copy_source = NULL;
157 http_auth = NULL;
158 local_source = false;
159
160 obj_ctx = NULL;
>>> CID 717359: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "bucket_exists" is not initialized in this constructor nor in any functions that it calls.
161 }
162
163 req_state::~req_state() {
164 delete formatter;
165 delete bucket_acl;
166 delete object_acl;
________________________________________________________________________________________________________
*** CID 1188131: Division or modulo by zero (DIVIDE_BY_ZERO)
/common/histogram.h: 97 in pow2_hist_t::get_position_micro(int, unsigned long *, unsigned long *)()
91 if (i <= bin)
92 upper_sum += h[i];
93 if (i < bin)
94 lower_sum += h[i];
95 total += h[i];
96 }
>>> CID 1188131: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "lower_sum * 1000000UL / total", division by expression "total" which may be zero has undefined behavior.
97 *lower = lower_sum * 1000000 / total;
98 *upper = upper_sum * 1000000 / total;
99 return 0;
100 }
101
102 void add(const pow2_hist_t& o) {
________________________________________________________________________________________________________
*** CID 716921: Dereference after null check (FORWARD_NULL)
/mds/MDCache.cc: 6950 in MDCache::handle_cache_expire(MCacheExpire *)()
6944 for (map<pair<string,snapid_t>,uint32_t>::iterator p = pd->second.begin();
6945 p != pd->second.end();
6946 ++p) {
6947 unsigned nonce = p->second;
6948 CDentry *dn;
6949
>>> CID 716921: Dereference after null check (FORWARD_NULL)
>>> Comparing "dir" to null implies that "dir" might be null.
6950 if (dir) {
6951 dn = dir->lookup(p->first.first, p->first.second);
6952 } else {
6953 // which dirfrag for this dentry?
6954 CDir *dir = diri->get_dirfrag(diri->pick_dirfrag(p->first.first));
6955 assert(dir);
________________________________________________________________________________________________________
*** CID 1188134: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 428 in RPGTransaction::append(PGBackend::PGTransaction *)()
422 }
423
424 void append(
425 PGTransaction *_to_append
426 ) {
427 RPGTransaction *to_append = dynamic_cast<RPGTransaction*>(_to_append);
>>> CID 1188134: Unchecked dynamic_cast (FORWARD_NULL)
>>> Dereferencing null pointer "to_append".
428 t->append(*(to_append->t));
429 for (set<hobject_t>::iterator i = to_append->temp_added.begin();
430 i != to_append->temp_added.end();
431 ++i) {
432 temp_cleared.erase(*i);
433 temp_added.insert(*i);
________________________________________________________________________________________________________
*** CID 1188135: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 494 in ReplicatedBackend::submit_transaction(const hobject_t &, const eversion_t &, PGBackend::PGTransaction *, const eversion_t &, std::vector<pg_log_entry_t, std::allocator<pg_log_entry_t>> &, Context *, Context *, Context *, unsigned long, osd_reqid_t, std::tr1::shared_ptr<OpRequest>)()
488 Context *on_all_acked,
489 Context *on_all_commit,
490 tid_t tid,
491 osd_reqid_t reqid,
492 OpRequestRef orig_op)
493 {
>>> CID 1188135: Unchecked dynamic_cast (FORWARD_NULL)
>>> Assigning: "t" = "dynamic_cast <RPGTransaction *>(_t)".
494 RPGTransaction *t = dynamic_cast<RPGTransaction*>(_t);
495 ObjectStore::Transaction *op_t = t->get_transaction();
496
497 assert(t->get_temp_added().size() <= 1);
498 assert(t->get_temp_cleared().size() <= 1);
499
________________________________________________________________________________________________________
*** CID 716990: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 10098 in MDCache::handle_discover(MDiscover *)()
10092 // wants root
10093 dout(7) << "handle_discover from mds." << from
10094 << " wants base + " << dis->get_want().get_path()
10095 << " snap " << snapid
10096 << dendl;
10097
>>> CID 716990: Dereference null return value (NULL_RETURNS)
>>> Assigning: "cur" = null return value from "MDCache::get_inode(inodeno_t, snapid_t)".
10098 cur = get_inode(dis->get_base_ino());
10099
10100 // add root
10101 reply->starts_with = MDiscoverReply::INODE;
10102 replicate_inode(cur, from, reply->trace);
10103 dout(10) << "added base " << *cur << dendl;
________________________________________________________________________________________________________
*** CID 1135931: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
1733 Context *ondisk;
1734 Context *onreadable_sync;
1735 ObjectStore::Transaction::collect_contexts(
1736 tls, &onreadable, &ondisk, &onreadable_sync);
1737 if (g_conf->filestore_blackhole) {
1738 dout(0) << "queue_transactions filestore_blackhole = TRUE, dropping transaction" << dendl;
>>> CID 1135931: Resource leak (RESOURCE_LEAK)
>>> Variable "ondisk" going out of scope leaks the storage it points to.
1739 return 0;
1740 }
1741
1742 // set up the sequencer
1743 OpSequencer *osr;
1744 if (!posr)
________________________________________________________________________________________________________
*** CID 1135933: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
1733 Context *ondisk;
1734 Context *onreadable_sync;
1735 ObjectStore::Transaction::collect_contexts(
1736 tls, &onreadable, &ondisk, &onreadable_sync);
1737 if (g_conf->filestore_blackhole) {
1738 dout(0) << "queue_transactions filestore_blackhole = TRUE, dropping transaction" << dendl;
>>> CID 1135933: Resource leak (RESOURCE_LEAK)
>>> Variable "onreadable_sync" going out of scope leaks the storage it points to.
1739 return 0;
1740 }
1741
1742 // set up the sequencer
1743 OpSequencer *osr;
1744 if (!posr)
________________________________________________________________________________________________________
*** CID 1188126: Unchecked return value (CHECKED_RETURN)
/test/objectstore/store_test.cc: 564 in SyntheticWorkloadState::stat()()
558 hoid = get_uniform_random_object();
559 in_flight_objects.insert(hoid);
560 available_objects.erase(hoid);
561 ++in_flight;
562 }
563 struct stat buf;
>>> CID 1188126: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "this->store->stat(coll_t(this->cid), hoid, &buf, false)".
564 store->stat(cid, hoid, &buf);
565 ASSERT_TRUE(buf.st_size == contents[hoid].length());
566 {
567 Mutex::Locker locker(lock);
568 --in_flight;
569 cond.Signal();
________________________________________________________________________________________________________
*** CID 1188145: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 5231 in ReplicatedPG::fill_in_copy_get(ReplicatedPG::OpContext *, ceph::buffer::list::iterator &, OSDOp &, std::tr1::shared_ptr<ObjectContext> &, bool)()
5225 if (!cursor.attr_complete) {
5226 result = getattrs_maybe_cache(
5227 ctx->obc,
5228 &out_attrs,
5229 true);
5230 if (result < 0)
>>> CID 1188145: Resource leak (RESOURCE_LEAK)
>>> Variable "cb" going out of scope leaks the storage it points to.
5231 return result;
5232 cursor.attr_complete = true;
5233 dout(20) << " got attrs" << dendl;
5234 }
5235
5236 int64_t left = out_max - osd_op.outdata.length();
________________________________________________________________________________________________________
*** CID 1188156: Resource leak (RESOURCE_LEAK)
/test/librados/c_write_operations.cc: 131 in LibRadosCWriteOps_Exec_Test::TestBody()()
125
126 int rval = 1;
127 rados_write_op_t op = rados_create_write_op();
128 rados_write_op_exec(op, "hello", "record_hello", "test", 4, &rval);
129 ASSERT_EQ(0, rados_write_op_operate(op, ioctx, "test", NULL, 0));
130 rados_release_write_op(op);
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
131 ASSERT_EQ(0, rval);
132
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 134 in LibRadosCWriteOps_Exec_Test::TestBody()()
128 rados_write_op_exec(op, "hello", "record_hello", "test", 4, &rval);
129 ASSERT_EQ(0, rados_write_op_operate(op, ioctx, "test", NULL, 0));
130 rados_release_write_op(op);
131 ASSERT_EQ(0, rval);
132
133 char hi[100];
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 136 in LibRadosCWriteOps_Exec_Test::TestBody()()
130 rados_release_write_op(op);
131 ASSERT_EQ(0, rval);
132
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 138 in LibRadosCWriteOps_Exec_Test::TestBody()()
132
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 139 in LibRadosCWriteOps_Exec_Test::TestBody()()
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
________________________________________________________________________________________________________
*** CID 1160848: Uninitialized scalar variable (UNINIT)
/osdc/Objecter.cc: 1519 in Objecter::recalc_op_target(Objecter::Op *)()
1513 best = i;
1514 best_locality = locality;
1515 if (i)
1516 op->used_replica = true;
1517 }
1518 }
>>> CID 1160848: Uninitialized scalar variable (UNINIT)
>>> Using uninitialized value "best".
1519 assert(best >= 0);
1520 osd = acting[best];
1521 } else {
1522 osd = primary;
1523 }
1524 s = get_session(osd);
________________________________________________________________________________________________________
*** CID 1030132: Uninitialized scalar variable (UNINIT)
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
1973
1974 int PGMonitor::dump_stuck_pg_stats(stringstream &ds,
1975 Formatter *f,
1976 int threshold,
1977 vector<string>& args) const
1978 {
>>> CID 1030132: Uninitialized scalar variable (UNINIT)
>>> Declaring variable "stuck_type" without initializer.
1979 PGMap::StuckPG stuck_type;
1980 string type = args[0];
1981 if (type == "inactive")
1982 stuck_type = PGMap::STUCK_INACTIVE;
1983 if (type == "unclean")
1984 stuck_type = PGMap::STUCK_UNCLEAN;
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
1973
1974 int PGMonitor::dump_stuck_pg_stats(stringstream &ds,
1975 Formatter *f,
1976 int threshold,
1977 vector<string>& args) const
1978 {
>>> CID 1030132: Uninitialized scalar variable (UNINIT)
>>> Declaring variable "stuck_type" without initializer.
1979 PGMap::StuckPG stuck_type;
1980 string type = args[0];
1981 if (type == "inactive")
1982 stuck_type = PGMap::STUCK_INACTIVE;
1983 if (type == "unclean")
1984 stuck_type = PGMap::STUCK_UNCLEAN;
________________________________________________________________________________________________________
*** CID 1135932: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
1733 Context *ondisk;
1734 Context *onreadable_sync;
1735 ObjectStore::Transaction::collect_contexts(
1736 tls, &onreadable, &ondisk, &onreadable_sync);
1737 if (g_conf->filestore_blackhole) {
1738 dout(0) << "queue_transactions filestore_blackhole = TRUE, dropping transaction" << dendl;
>>> CID 1135932: Resource leak (RESOURCE_LEAK)
>>> Variable "onreadable" going out of scope leaks the storage it points to.
1739 return 0;
1740 }
1741
1742 // set up the sequencer
1743 OpSequencer *osr;
1744 if (!posr)
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Mon, 03 Mar 2014 10:51:03 -0800
Message-ID: <5314cf17686c2_5c916390704162e@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 15 of 15 defect(s)
** CID 1188299: Data race condition (MISSING_LOCK)
/mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()
** CID 717359: Uninitialized scalar field (UNINIT_CTOR)
/rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)()
** CID 1188131: Division or modulo by zero (DIVIDE_BY_ZERO)
/common/histogram.h: 97 in pow2_hist_t::get_position_micro(int, unsigned long *, unsigned long *)()
** CID 716921: Dereference after null check (FORWARD_NULL)
/mds/MDCache.cc: 6950 in MDCache::handle_cache_expire(MCacheExpire *)()
** CID 1188134: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 428 in RPGTransaction::append(PGBackend::PGTransaction *)()
** CID 1188135: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 494 in ReplicatedBackend::submit_transaction(const hobject_t &, const eversion_t &, PGBackend::PGTransaction *, const eversion_t &, std::vector<pg_log_entry_t, std::allocator<pg_log_entry_t>> &, Context *, Context *, Context *, unsigned long, osd_reqid_t, std::tr1::shared_ptr<OpRequest>)()
** CID 716990: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 10098 in MDCache::handle_discover(MDiscover *)()
** CID 1135931: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
** CID 1135933: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
** CID 1188126: Unchecked return value (CHECKED_RETURN)
/test/objectstore/store_test.cc: 564 in SyntheticWorkloadState::stat()()
** CID 1188145: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 5231 in ReplicatedPG::fill_in_copy_get(ReplicatedPG::OpContext *, ceph::buffer::list::iterator &, OSDOp &, std::tr1::shared_ptr<ObjectContext> &, bool)()
** CID 1188156: Resource leak (RESOURCE_LEAK)
/test/librados/c_write_operations.cc: 131 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 134 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 136 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 138 in LibRadosCWriteOps_Exec_Test::TestBody()()
/test/librados/c_write_operations.cc: 139 in LibRadosCWriteOps_Exec_Test::TestBody()()
** CID 1160848: Uninitialized scalar variable (UNINIT)
/osdc/Objecter.cc: 1519 in Objecter::recalc_op_target(Objecter::Op *)()
** CID 1030132: Uninitialized scalar variable (UNINIT)
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
** CID 1135932: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
________________________________________________________________________________________________________
*** CID 1188299: Data race condition (MISSING_LOCK)
/mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()
136
137 void MDSUtility::handle_mds_map(MMDSMap* m)
138 {
139 mdsmap->decode(m->get_encoded());
140 if (waiting_for_mds_map) {
141 waiting_for_mds_map->complete(0);
>>> CID 1188299: Data race condition (MISSING_LOCK)
>>> Accessing "this->waiting_for_mds_map" ("MDSUtility.waiting_for_mds_map") requires the "Mutex._m" lock.
142 waiting_for_mds_map = NULL;
143 }
144 }
145
146
147 bool MDSUtility::ms_get_authorizer(int dest_type, AuthAuthorizer **authorizer,
________________________________________________________________________________________________________
*** CID 717359: Uninitialized scalar field (UNINIT_CTOR)
/rgw/rgw_common.cc: 161 in req_state::req_state(CephContext *, RGWEnv *)()
155 length = NULL;
156 copy_source = NULL;
157 http_auth = NULL;
158 local_source = false;
159
160 obj_ctx = NULL;
>>> CID 717359: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "bucket_exists" is not initialized in this constructor nor in any functions that it calls.
161 }
162
163 req_state::~req_state() {
164 delete formatter;
165 delete bucket_acl;
166 delete object_acl;
________________________________________________________________________________________________________
*** CID 1188131: Division or modulo by zero (DIVIDE_BY_ZERO)
/common/histogram.h: 97 in pow2_hist_t::get_position_micro(int, unsigned long *, unsigned long *)()
91 if (i <= bin)
92 upper_sum += h[i];
93 if (i < bin)
94 lower_sum += h[i];
95 total += h[i];
96 }
>>> CID 1188131: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "lower_sum * 1000000UL / total", division by expression "total" which may be zero has undefined behavior.
97 *lower = lower_sum * 1000000 / total;
98 *upper = upper_sum * 1000000 / total;
99 return 0;
100 }
101
102 void add(const pow2_hist_t& o) {
________________________________________________________________________________________________________
*** CID 716921: Dereference after null check (FORWARD_NULL)
/mds/MDCache.cc: 6950 in MDCache::handle_cache_expire(MCacheExpire *)()
6944 for (map<pair<string,snapid_t>,uint32_t>::iterator p = pd->second.begin();
6945 p != pd->second.end();
6946 ++p) {
6947 unsigned nonce = p->second;
6948 CDentry *dn;
6949
>>> CID 716921: Dereference after null check (FORWARD_NULL)
>>> Comparing "dir" to null implies that "dir" might be null.
6950 if (dir) {
6951 dn = dir->lookup(p->first.first, p->first.second);
6952 } else {
6953 // which dirfrag for this dentry?
6954 CDir *dir = diri->get_dirfrag(diri->pick_dirfrag(p->first.first));
6955 assert(dir);
________________________________________________________________________________________________________
*** CID 1188134: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 428 in RPGTransaction::append(PGBackend::PGTransaction *)()
422 }
423
424 void append(
425 PGTransaction *_to_append
426 ) {
427 RPGTransaction *to_append = dynamic_cast<RPGTransaction*>(_to_append);
>>> CID 1188134: Unchecked dynamic_cast (FORWARD_NULL)
>>> Dereferencing null pointer "to_append".
428 t->append(*(to_append->t));
429 for (set<hobject_t>::iterator i = to_append->temp_added.begin();
430 i != to_append->temp_added.end();
431 ++i) {
432 temp_cleared.erase(*i);
433 temp_added.insert(*i);
________________________________________________________________________________________________________
*** CID 1188135: Unchecked dynamic_cast (FORWARD_NULL)
/osd/ReplicatedBackend.cc: 494 in ReplicatedBackend::submit_transaction(const hobject_t &, const eversion_t &, PGBackend::PGTransaction *, const eversion_t &, std::vector<pg_log_entry_t, std::allocator<pg_log_entry_t>> &, Context *, Context *, Context *, unsigned long, osd_reqid_t, std::tr1::shared_ptr<OpRequest>)()
488 Context *on_all_acked,
489 Context *on_all_commit,
490 tid_t tid,
491 osd_reqid_t reqid,
492 OpRequestRef orig_op)
493 {
>>> CID 1188135: Unchecked dynamic_cast (FORWARD_NULL)
>>> Assigning: "t" = "dynamic_cast <RPGTransaction *>(_t)".
494 RPGTransaction *t = dynamic_cast<RPGTransaction*>(_t);
495 ObjectStore::Transaction *op_t = t->get_transaction();
496
497 assert(t->get_temp_added().size() <= 1);
498 assert(t->get_temp_cleared().size() <= 1);
499
________________________________________________________________________________________________________
*** CID 716990: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 10098 in MDCache::handle_discover(MDiscover *)()
10092 // wants root
10093 dout(7) << "handle_discover from mds." << from
10094 << " wants base + " << dis->get_want().get_path()
10095 << " snap " << snapid
10096 << dendl;
10097
>>> CID 716990: Dereference null return value (NULL_RETURNS)
>>> Assigning: "cur" = null return value from "MDCache::get_inode(inodeno_t, snapid_t)".
10098 cur = get_inode(dis->get_base_ino());
10099
10100 // add root
10101 reply->starts_with = MDiscoverReply::INODE;
10102 replicate_inode(cur, from, reply->trace);
10103 dout(10) << "added base " << *cur << dendl;
________________________________________________________________________________________________________
*** CID 1135931: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
1733 Context *ondisk;
1734 Context *onreadable_sync;
1735 ObjectStore::Transaction::collect_contexts(
1736 tls, &onreadable, &ondisk, &onreadable_sync);
1737 if (g_conf->filestore_blackhole) {
1738 dout(0) << "queue_transactions filestore_blackhole = TRUE, dropping transaction" << dendl;
>>> CID 1135931: Resource leak (RESOURCE_LEAK)
>>> Variable "ondisk" going out of scope leaks the storage it points to.
1739 return 0;
1740 }
1741
1742 // set up the sequencer
1743 OpSequencer *osr;
1744 if (!posr)
________________________________________________________________________________________________________
*** CID 1135933: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
1733 Context *ondisk;
1734 Context *onreadable_sync;
1735 ObjectStore::Transaction::collect_contexts(
1736 tls, &onreadable, &ondisk, &onreadable_sync);
1737 if (g_conf->filestore_blackhole) {
1738 dout(0) << "queue_transactions filestore_blackhole = TRUE, dropping transaction" << dendl;
>>> CID 1135933: Resource leak (RESOURCE_LEAK)
>>> Variable "onreadable_sync" going out of scope leaks the storage it points to.
1739 return 0;
1740 }
1741
1742 // set up the sequencer
1743 OpSequencer *osr;
1744 if (!posr)
________________________________________________________________________________________________________
*** CID 1188126: Unchecked return value (CHECKED_RETURN)
/test/objectstore/store_test.cc: 564 in SyntheticWorkloadState::stat()()
558 hoid = get_uniform_random_object();
559 in_flight_objects.insert(hoid);
560 available_objects.erase(hoid);
561 ++in_flight;
562 }
563 struct stat buf;
>>> CID 1188126: Unchecked return value (CHECKED_RETURN)
>>> No check of the return value of "this->store->stat(coll_t(this->cid), hoid, &buf, false)".
564 store->stat(cid, hoid, &buf);
565 ASSERT_TRUE(buf.st_size == contents[hoid].length());
566 {
567 Mutex::Locker locker(lock);
568 --in_flight;
569 cond.Signal();
________________________________________________________________________________________________________
*** CID 1188145: Resource leak (RESOURCE_LEAK)
/osd/ReplicatedPG.cc: 5231 in ReplicatedPG::fill_in_copy_get(ReplicatedPG::OpContext *, ceph::buffer::list::iterator &, OSDOp &, std::tr1::shared_ptr<ObjectContext> &, bool)()
5225 if (!cursor.attr_complete) {
5226 result = getattrs_maybe_cache(
5227 ctx->obc,
5228 &out_attrs,
5229 true);
5230 if (result < 0)
>>> CID 1188145: Resource leak (RESOURCE_LEAK)
>>> Variable "cb" going out of scope leaks the storage it points to.
5231 return result;
5232 cursor.attr_complete = true;
5233 dout(20) << " got attrs" << dendl;
5234 }
5235
5236 int64_t left = out_max - osd_op.outdata.length();
________________________________________________________________________________________________________
*** CID 1188156: Resource leak (RESOURCE_LEAK)
/test/librados/c_write_operations.cc: 131 in LibRadosCWriteOps_Exec_Test::TestBody()()
125
126 int rval = 1;
127 rados_write_op_t op = rados_create_write_op();
128 rados_write_op_exec(op, "hello", "record_hello", "test", 4, &rval);
129 ASSERT_EQ(0, rados_write_op_operate(op, ioctx, "test", NULL, 0));
130 rados_release_write_op(op);
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
131 ASSERT_EQ(0, rval);
132
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 134 in LibRadosCWriteOps_Exec_Test::TestBody()()
128 rados_write_op_exec(op, "hello", "record_hello", "test", 4, &rval);
129 ASSERT_EQ(0, rados_write_op_operate(op, ioctx, "test", NULL, 0));
130 rados_release_write_op(op);
131 ASSERT_EQ(0, rval);
132
133 char hi[100];
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 136 in LibRadosCWriteOps_Exec_Test::TestBody()()
130 rados_release_write_op(op);
131 ASSERT_EQ(0, rval);
132
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 138 in LibRadosCWriteOps_Exec_Test::TestBody()()
132
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
/test/librados/c_write_operations.cc: 139 in LibRadosCWriteOps_Exec_Test::TestBody()()
133 char hi[100];
134 ASSERT_EQ(12, rados_read(ioctx, "test", hi, 100, 0));
135 hi[12] = '\0';
136 ASSERT_EQ(0, strcmp("Hello, test!", hi));
137
138 ASSERT_EQ(0, destroy_one_pool(pool_name, &cluster));
>>> CID 1188156: Resource leak (RESOURCE_LEAK)
>>> Variable "ioctx" going out of scope leaks the storage it points to.
________________________________________________________________________________________________________
*** CID 1160848: Uninitialized scalar variable (UNINIT)
/osdc/Objecter.cc: 1519 in Objecter::recalc_op_target(Objecter::Op *)()
1513 best = i;
1514 best_locality = locality;
1515 if (i)
1516 op->used_replica = true;
1517 }
1518 }
>>> CID 1160848: Uninitialized scalar variable (UNINIT)
>>> Using uninitialized value "best".
1519 assert(best >= 0);
1520 osd = acting[best];
1521 } else {
1522 osd = primary;
1523 }
1524 s = get_session(osd);
________________________________________________________________________________________________________
*** CID 1030132: Uninitialized scalar variable (UNINIT)
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
1973
1974 int PGMonitor::dump_stuck_pg_stats(stringstream &ds,
1975 Formatter *f,
1976 int threshold,
1977 vector<string>& args) const
1978 {
>>> CID 1030132: Uninitialized scalar variable (UNINIT)
>>> Declaring variable "stuck_type" without initializer.
1979 PGMap::StuckPG stuck_type;
1980 string type = args[0];
1981 if (type == "inactive")
1982 stuck_type = PGMap::STUCK_INACTIVE;
1983 if (type == "unclean")
1984 stuck_type = PGMap::STUCK_UNCLEAN;
/mon/PGMonitor.cc: 1979 in PGMonitor::dump_stuck_pg_stats(std::basic_stringstream<char, std::char_traits<char>, std::allocator<char>> &, ceph::Formatter *, int, std::vector<std::basic_string<char, std::char_traits<char>, std::allocator<char>>, std::allocator<std::basic_string<char, std::char_traits<char>, std::allocator<char>>>> &) const()
1973
1974 int PGMonitor::dump_stuck_pg_stats(stringstream &ds,
1975 Formatter *f,
1976 int threshold,
1977 vector<string>& args) const
1978 {
>>> CID 1030132: Uninitialized scalar variable (UNINIT)
>>> Declaring variable "stuck_type" without initializer.
1979 PGMap::StuckPG stuck_type;
1980 string type = args[0];
1981 if (type == "inactive")
1982 stuck_type = PGMap::STUCK_INACTIVE;
1983 if (type == "unclean")
1984 stuck_type = PGMap::STUCK_UNCLEAN;
________________________________________________________________________________________________________
*** CID 1135932: Resource leak (RESOURCE_LEAK)
/os/FileStore.cc: 1739 in FileStore::queue_transactions(ObjectStore::Sequencer *, std::list<ObjectStore::Transaction *, std::allocator<ObjectStore::Transaction *>> &, std::tr1::shared_ptr<TrackedOp>, ThreadPool::TPHandle *)()
1733 Context *ondisk;
1734 Context *onreadable_sync;
1735 ObjectStore::Transaction::collect_contexts(
1736 tls, &onreadable, &ondisk, &onreadable_sync);
1737 if (g_conf->filestore_blackhole) {
1738 dout(0) << "queue_transactions filestore_blackhole = TRUE, dropping transaction" << dendl;
>>> CID 1135932: Resource leak (RESOURCE_LEAK)
>>> Variable "onreadable" going out of scope leaks the storage it points to.
1739 return 0;
1740 }
1741
1742 // set up the sequencer
1743 OpSequencer *osr;
1744 if (!posr)
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/25?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-03-03 22:23 Sage Weil
@ 2014-03-03 22:53 ` John Spray
2014-03-04 0:53 ` Li Wang
0 siblings, 1 reply; 33+ messages in thread
From: John Spray @ 2014-03-03 22:53 UTC (permalink / raw)
To: Sage Weil; +Cc: ceph-devel
On Mon, Mar 3, 2014 at 10:23 PM, Sage Weil <sage@inktank.com> wrote:
> ** CID 1188299: Data race condition (MISSING_LOCK)
> /mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()
Is there a trick to getting coverity to realise that the lock is held,
but by the calling function? Does it recognise assertions that the
lock is held?
Cheers,
John
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph (fwd)
2014-03-03 22:53 ` John Spray
@ 2014-03-04 0:53 ` Li Wang
0 siblings, 0 replies; 33+ messages in thread
From: Li Wang @ 2014-03-04 0:53 UTC (permalink / raw)
To: John Spray, Sage Weil; +Cc: ceph-devel
Then it seems that Coverity is only able to perform intra-procedure
check, is there any inter-procedure check option to turn on?
On 2014/3/4 6:53, John Spray wrote:
> On Mon, Mar 3, 2014 at 10:23 PM, Sage Weil <sage@inktank.com> wrote:
>> ** CID 1188299: Data race condition (MISSING_LOCK)
>> /mds/MDSUtility.cc: 142 in MDSUtility::handle_mds_map(MMDSMap *)()
>
> Is there a trick to getting coverity to realise that the lock is held,
> but by the calling function? Does it recognise assertions that the
> lock is held?
>
> Cheers,
> John
> --
> To unsubscribe from this list: send the line "unsubscribe ceph-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply [flat|nested] 33+ messages in thread
* New Defects reported by Coverity Scan for ceph (fwd)
@ 2013-12-17 17:10 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2013-12-17 17:10 UTC (permalink / raw)
To: zheng.z.yan, ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 3709 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 7448F80446
for <sage@cobra.newdream.net>; Tue, 17 Dec 2013 05:58:52 -0800 (PST)
Received: by destro.newdream.net (Postfix)
id 714D21209E9; Tue, 17 Dec 2013 05:58:52 -0800 (PST)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdcahe.dreamhost.com
[208.97.132.74])
by destro.newdream.net (Postfix) with ESMTP id 702881209D9
for <sage@newdream.net>; Tue, 17 Dec 2013 05:58:52 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
6AD501616066
for <sage@newdream.net>; Tue, 17 Dec 2013 05:58:52 -0800 (PST)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from connor.dreamhost.com ([208.97.132.205])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id NpDl4L5xmpsE for <sage@newdream.net>;
Tue, 17 Dec 2013 05:58:52 -0800 (PST)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by connor.dreamhost.com (Postfix) with ESMTP id 0F5052CA802B
for <sage@newdream.net>; Tue, 17 Dec 2013 05:58:52 -0800 (PST)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Tue, 17 Dec 2013 05:58:49 -0800
Date: Tue, 17 Dec 2013 05:58:50 -0800
From: scan-admin@coverity.com
Message-ID: <52b0589a75e56_19c8115dff048236@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 17 Dec 2013 13:58:49.0185 (UTC)
FILETIME=[1C48AD10:01CEFB30]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 7 of 13 defect(s)
** CID 1138583: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 5074 in MDCache::process_imported_caps()()
** CID 1138584: Dereference null return value (NULL_RETURNS)
/mds/Migrator.cc: 2480 in Migrator::import_finish(CDir *, bool, bool)()
** CID 1138585: Dereference null return value (NULL_RETURNS)
/mds/Migrator.cc: 2289 in Migrator::import_reverse(CDir *)()
** CID 1138586: Dereference null return value (NULL_RETURNS)
/mds/Migrator.cc: 2297 in Migrator::import_reverse(CDir *)()
** CID 1138587: Out-of-bounds access (OVERRUN)
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
** CID 1138588: Out-of-bounds access (OVERRUN)
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
** CID 739602: Dereference null return value (NULL_RETURNS)
/mds/Server.cc: 707 in Server::reconnect_tick()()
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Tue, 17 Dec 2013 05:58:50 -0800
Message-ID: <52b0589a75e56_19c8115dff048236@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 7 of 13 defect(s)
** CID 1138583: Dereference null return value (NULL_RETURNS)
/mds/MDCache.cc: 5074 in MDCache::process_imported_caps()()
** CID 1138584: Dereference null return value (NULL_RETURNS)
/mds/Migrator.cc: 2480 in Migrator::import_finish(CDir *, bool, bool)()
** CID 1138585: Dereference null return value (NULL_RETURNS)
/mds/Migrator.cc: 2289 in Migrator::import_reverse(CDir *)()
** CID 1138586: Dereference null return value (NULL_RETURNS)
/mds/Migrator.cc: 2297 in Migrator::import_reverse(CDir *)()
** CID 1138587: Out-of-bounds access (OVERRUN)
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
/messages/MClientCaps.h: 170 in MClientCaps::decode_payload()()
** CID 1138588: Out-of-bounds access (OVERRUN)
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
/messages/MClientCaps.h: 179 in MClientCaps::encode_payload(unsigned long)()
** CID 739602: Dereference null return value (NULL_RETURNS)
/mds/Server.cc: 707 in Server::reconnect_tick()()
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread
* New Defects reported by Coverity Scan for ceph (fwd)
@ 2013-12-16 16:07 Sage Weil
2013-12-17 9:01 ` Ilya Dryomov
0 siblings, 1 reply; 33+ messages in thread
From: Sage Weil @ 2013-12-16 16:07 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 3191 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id CBE9F8044C
for <sage@cobra.newdream.net>; Mon, 16 Dec 2013 00:57:58 -0800 (PST)
Received: by destro.newdream.net (Postfix)
id C9B30120962; Mon, 16 Dec 2013 00:57:58 -0800 (PST)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (caiajhbdcahe.dreamhost.com
[208.97.132.74])
by destro.newdream.net (Postfix) with ESMTP id C746C12093B
for <sage@newdream.net>; Mon, 16 Dec 2013 00:57:58 -0800 (PST)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
C425C16160C0
for <sage@newdream.net>; Mon, 16 Dec 2013 00:57:58 -0800 (PST)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from connor.dreamhost.com ([208.97.132.205])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id 4zWZyEIcar6L for <sage@newdream.net>;
Mon, 16 Dec 2013 00:57:58 -0800 (PST)
Received: from scanrelay.coverity.com (scanrelay.coverity.com [209.249.196.67])
by connor.dreamhost.com (Postfix) with ESMTP id 8BBCB2CA801D
for <sage@newdream.net>; Mon, 16 Dec 2013 00:57:58 -0800 (PST)
Received: from localhost.localdomain ([208.69.177.215]) by
scanrelay.coverity.com with Microsoft SMTPSVC(7.5.7601.17514);
Mon, 16 Dec 2013 00:57:56 -0800
Date: Mon, 16 Dec 2013 00:57:57 -0800
From: scan-admin@coverity.com
Message-ID: <52aec095b64cb_36d4115dff04827c@209.249.196.67.mail>
Subject: New Defects reported by Coverity Scan for ceph
Mime-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 16 Dec 2013 08:57:56.0310 (UTC)
FILETIME=[E984CF60:01CEFA3C]
To: undisclosed-recipients:;
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1138366: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 96 in LibRadosMisc_HitSetNone_Test::TestBody()()
/test/librados/tier.cc: 98 in LibRadosMisc_HitSetNone_Test::TestBody()()
/test/librados/tier.cc: 99 in LibRadosMisc_HitSetNone_Test::TestBody()()
** CID 1138367: Time of check time of use (TOCTOU)
/rbd.cc: 2024 in do_kernel_rm(const char *)()
** CID 1138368: Time of check time of use (TOCTOU)
/rbd.cc: 1735 in do_kernel_add(const char *, const char *, const char *)()
** CID 1138369: Uncaught exception (UNCAUGHT_EXCEPT)
/test/librados/tier.cc: 369 in main()
/test/librados/tier.cc: 369 in main()
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: undisclosed-recipients:;
Subject: New Defects reported by Coverity Scan for ceph
Date: Mon, 16 Dec 2013 00:57:57 -0800
Message-ID: <52aec095b64cb_36d4115dff04827c@209.249.196.67.mail>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)
** CID 1138366: Resource leak (RESOURCE_LEAK)
/test/librados/tier.cc: 96 in LibRadosMisc_HitSetNone_Test::TestBody()()
/test/librados/tier.cc: 98 in LibRadosMisc_HitSetNone_Test::TestBody()()
/test/librados/tier.cc: 99 in LibRadosMisc_HitSetNone_Test::TestBody()()
** CID 1138367: Time of check time of use (TOCTOU)
/rbd.cc: 2024 in do_kernel_rm(const char *)()
** CID 1138368: Time of check time of use (TOCTOU)
/rbd.cc: 1735 in do_kernel_add(const char *, const char *, const char *)()
** CID 1138369: Uncaught exception (UNCAUGHT_EXCEPT)
/test/librados/tier.cc: 369 in main()
/test/librados/tier.cc: 369 in main()
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread
* Re: New Defects reported by Coverity Scan for ceph (fwd)
2013-12-16 16:07 Sage Weil
@ 2013-12-17 9:01 ` Ilya Dryomov
0 siblings, 0 replies; 33+ messages in thread
From: Ilya Dryomov @ 2013-12-17 9:01 UTC (permalink / raw)
To: Sage Weil; +Cc: ceph-devel
On Mon, Dec 16, 2013 at 6:07 PM, Sage Weil <sage@inktank.com> wrote:
>
>
> ---------- Forwarded message ----------
> From: scan-admin@coverity.com
> To: undisclosed-recipients:;
> Cc:
> Date: Mon, 16 Dec 2013 00:57:57 -0800
> Subject: New Defects reported by Coverity Scan for ceph
>
>
> Hi,
>
>
> Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
>
> Defect(s) Reported-by: Coverity Scan
> Showing 4 of 4 defect(s)
>
>
> ** CID 1138366: Resource leak (RESOURCE_LEAK)
> /test/librados/tier.cc: 96 in LibRadosMisc_HitSetNone_Test::TestBody()()
> /test/librados/tier.cc: 98 in LibRadosMisc_HitSetNone_Test::TestBody()()
> /test/librados/tier.cc: 99 in LibRadosMisc_HitSetNone_Test::TestBody()()
>
> ** CID 1138367: Time of check time of use (TOCTOU)
> /rbd.cc: 2024 in do_kernel_rm(const char *)()
>
> ** CID 1138368: Time of check time of use (TOCTOU)
> /rbd.cc: 1735 in do_kernel_add(const char *, const char *, const char *)()
Look like these two refer to my recent work on rbd:
2019 const char *fname = "/sys/bus/rbd/remove_single_major";
2020 if (stat(fname, &sbuf)) {
2021 fname = "/sys/bus/rbd/remove";
2022 }
2023
2024 int fd = open(fname, O_WRONLY); <---
2025 if (fd < 0) {
This is not a TOCTOU as there is no race here, so technically
annotations are in order, but I'll redo it as two open()s instead.
Thanks,
Ilya
^ permalink raw reply [flat|nested] 33+ messages in thread
* New Defects reported by Coverity Scan for ceph (fwd)
@ 2013-08-21 4:09 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2013-08-21 4:09 UTC (permalink / raw)
To: zheng.z.yan; +Cc: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 193 bytes --]
Coverity picked up some issues with the filestore code. These are mostly
old issues that appear new becuase code moved around, but this is probably
a good opportunity to fix them... :)
sage
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 12074 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 8DB858004F
for <sage@cobra.newdream.net>; Tue, 20 Aug 2013 19:49:39 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 1023612064D; Tue, 20 Aug 2013 20:01:25 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from madmax.dreamhost.com (caiajhbdcahe.dreamhost.com
[208.97.132.74])
by destro.newdream.net (Postfix) with ESMTP id 0E8D8120253
for <sage@newdream.net>; Tue, 20 Aug 2013 20:01:25 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by madmax.dreamhost.com (Postfix) with ESMTP id 7B912FD7321
for <sage@newdream.net>; Tue, 20 Aug 2013 19:49:39 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at madmax.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from godfather.dreamhost.com ([208.97.132.81])
by localhost (madmax.dreamhost.com [208.97.132.139]) (amavisd-new,
port 10024) with ESMTP id QXWKl3SzX0B8 for <sage@newdream.net>;
Tue, 20 Aug 2013 19:49:39 -0700 (PDT)
Received: from build-l3.scan.coverity.com (unknown [208.69.177.216])
by godfather.dreamhost.com (Postfix) with ESMTP id 3B02D1B0059
for <sage@newdream.net>; Tue, 20 Aug 2013 19:49:39 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=build-l3.scan.coverity.com)
by build-l3.scan.coverity.com with esmtp (Exim 4.69)
(envelope-from <scan-admin@coverity.com>)
id 1VByUM-0004JM-Ih; Tue, 20 Aug 2013 19:49:38 -0700
From: scan-admin@coverity.com
To: sage@newdream.net
CC:
Subject: New Defects reported by Coverity Scan for ceph
Message-Id: <E1VByUM-0004JM-Ih@build-l3.scan.coverity.com>
Date: Tue, 20 Aug 2013 19:49:38 -0700
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
Showing 7 of 9 defects
** CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
/os/BtrfsFileStoreBackend.cc: 57
** CID 1063703: Time of check time of use (TOCTOU)
/os/GenericFileStoreBackend.cc: 170
** CID 1063702: Time of check time of use (TOCTOU)
/os/BtrfsFileStoreBackend.cc: 246
** CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 458
** CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 370
** CID 1063699: Resource leak (RESOURCE_LEAK)
/os/BtrfsFileStoreBackend.cc: 345
** CID 1063698: Improper use of negative value (NEGATIVE_RETURNS)
________________________________________________________________________
CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
/os/BtrfsFileStoreBackend.h: 25 ( member_decl)
22 private:
23 bool has_clone_range; ///< clone range ioctl is supported
24 bool has_snap_create; ///< snap create ioctl is supported
>>> Class member declaration for "has_snap_destroy".
25 bool has_snap_destroy; ///< snap destroy ioctl is supported
26 bool has_snap_create_v2; ///< snap create v2 ioctl (async!) is supported
27 bool has_wait_sync; ///< wait sync ioctl is supported
28 bool stable_commits;
29 bool m_filestore_btrfs_clone_range;
/os/BtrfsFileStoreBackend.cc: 57 ( uninit_member)
54 GenericFileStoreBackend(fs), has_clone_range(false), has_snap_create(false),
55 has_snap_create_v2(false), has_wait_sync(false), stable_commits(false),
56 m_filestore_btrfs_clone_range(g_conf->filestore_btrfs_clone_range),
>>> CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "has_snap_destroy" is not initialized in this constructor nor in any functions that it calls.
57 m_filestore_btrfs_snap (g_conf->filestore_btrfs_snap) { }
58
59 int BtrfsFileStoreBackend::detect_features()
60 {
61 int r;
________________________________________________________________________
CID 1063703: Time of check time of use (TOCTOU)
/os/GenericFileStoreBackend.cc: 170 ( fs_check_call)
167 int GenericFileStoreBackend::create_current()
168 {
169 struct stat st;
>>> CID 1063703: Time of check time of use (TOCTOU)
>>> Calling function "stat(char const *, stat *)" to perform check on "this->get_current_path()->c_str()".
170 int ret = ::stat(get_current_path().c_str(), &st);
171 if (ret == 0) {
172 // current/ exists
173 if (!S_ISDIR(st.st_mode)) {
174 dout(0) << "_create_current: current/ exists but is not a directory" << dendl;
/os/GenericFileStoreBackend.cc: 178 ( toctou)
175 ret = -EINVAL;
176 }
177 } else {
>>> Calling function "mkdir(char const *, __mode_t)" that uses "this->get_current_path()->c_str()" after a check function. This can cause a time-of-check, time-of-use race condition.
178 ret = ::mkdir(get_current_path().c_str(), 0755);
179 if (ret < 0) {
180 ret = -errno;
181 dout(0) << "_create_current: mkdir " << get_current_path() << " failed: "<< cpp_strerror(ret) << dendl;
182 }
________________________________________________________________________
CID 1063702: Time of check time of use (TOCTOU)
/os/BtrfsFileStoreBackend.cc: 246 ( fs_check_call)
243 int BtrfsFileStoreBackend::create_current()
244 {
245 struct stat st;
>>> CID 1063702: Time of check time of use (TOCTOU)
>>> Calling function "stat(char const *, stat *)" to perform check on "this->get_current_path()->c_str()".
246 int ret = ::stat(get_current_path().c_str(), &st);
247 if (ret == 0) {
248 // current/ exists
249 if (!S_ISDIR(st.st_mode)) {
250 dout(0) << "create_current: current/ exists but is not a directory" << dendl;
/os/BtrfsFileStoreBackend.cc: 288 ( toctou)
285 }
286
287 dout(2) << "create_current: created btrfs subvol " << get_current_path() << dendl;
>>> Calling function "chmod(char const *, __mode_t)" that uses "this->get_current_path()->c_str()" after a check function. This can cause a time-of-check, time-of-use race condition.
288 if (::chmod(get_current_path().c_str(), 0755) < 0) {
289 ret = -errno;
290 dout(0) << "create_current: failed to chmod " << get_current_path() << " to 0755: "
291 << cpp_strerror(ret) << dendl;
292 return ret;
________________________________________________________________________
CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 458 ( fixed_size_dest)
455 btrfs_ioctl_vol_args vol_args;
456 memset(&vol_args, 0, sizeof(vol_args));
457 vol_args.fd = 0;
>>> CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 4088 byte fixed-size string "vol_args.name" by copying the return value of "std::basic_string<char, std::char_traits<char>, std::allocator<char> >::c_str() const" without checking the length.
458 strcpy(vol_args.name, name.c_str());
459
460 int ret = ::ioctl(get_basedir_fd(), BTRFS_IOC_SNAP_DESTROY, &vol_args);
461 if (ret) {
462 ret = -errno;
________________________________________________________________________
CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 370 ( fixed_size_dest)
367 memset(&async_args, 0, sizeof(async_args));
368 async_args.fd = get_current_fd();
369 async_args.flags = BTRFS_SUBVOL_CREATE_ASYNC;
>>> CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 4040 byte fixed-size string "async_args.name" by copying the return value of "std::basic_string<char, std::char_traits<char>, std::allocator<char> >::c_str() const" without checking the length.
370 strcpy(async_args.name, name.c_str());
371
372 int r = ::ioctl(get_basedir_fd(), BTRFS_IOC_SNAP_CREATE_V2, &async_args);
373 if (r < 0) {
374 r = -errno;
________________________________________________________________________
CID 1063699: Resource leak (RESOURCE_LEAK)
/os/BtrfsFileStoreBackend.cc: 310 ( alloc_fn)
307 }
308
309 // get snap list
>>> Storage is returned from allocation function "opendir(char const *)".
310 DIR *dir = ::opendir(get_basedir_path().c_str());
311 if (!dir) {
312 ret = -errno;
313 dout(0) << "list_checkpoints: opendir '" << get_basedir_path() << "' failed: "
314 << cpp_strerror(ret) << dendl;
/os/BtrfsFileStoreBackend.cc: 310 ( var_assign)
307 }
308
309 // get snap list
>>> Assigning: "dir" = storage returned from "opendir(this->get_basedir_path()->c_str())".
310 DIR *dir = ::opendir(get_basedir_path().c_str());
311 if (!dir) {
312 ret = -errno;
313 dout(0) << "list_checkpoints: opendir '" << get_basedir_path() << "' failed: "
314 << cpp_strerror(ret) << dendl;
/os/BtrfsFileStoreBackend.cc: 321 ( noescape)
318 list<string> snaps;
319 char path[PATH_MAX];
320 struct dirent buf, *de;
>>> Resource "dir" is not freed or pointed-to in function "readdir_r(DIR *, dirent *, dirent **)".
321 while (::readdir_r(dir, &buf, &de) == 0) {
322 if (!de)
323 break;
324
325 snprintf(path, sizeof(path), "%s/%s", get_basedir_path().c_str(), de->d_name);
/os/BtrfsFileStoreBackend.cc: 321 ( noescape)
318 list<string> snaps;
319 char path[PATH_MAX];
320 struct dirent buf, *de;
>>> Resource "dir" is not freed or pointed-to in function "readdir_r(DIR *, dirent *, dirent **)".
321 while (::readdir_r(dir, &buf, &de) == 0) {
322 if (!de)
323 break;
324
325 snprintf(path, sizeof(path), "%s/%s", get_basedir_path().c_str(), de->d_name);
/os/BtrfsFileStoreBackend.cc: 345 ( leaked_storage)
342 ret = -errno;
343 dout(0) << "list_checkpoints: statfs '" << path << "' failed: "
344 << cpp_strerror(ret) << dendl;
>>> CID 1063699: Resource leak (RESOURCE_LEAK)
>>> Variable "dir" going out of scope leaks the storage it points to.
345 return ret;
346 }
347
348 if (fs.f_type == BTRFS_SUPER_MAGIC && basest.st_dev != st.st_dev)
349 snaps.push_back(string(de->d_name));
________________________________________________________________________
CID 1063698: Improper use of negative value (NEGATIVE_RETURNS)
/tools/ceph-monstore-tool.cc: 182 ( var_tested_neg)
179
180 int fd;
181 if (vm.count("out")) {
>>> Variable "fd" tests negative.
182 if ((fd = open(out_path.c_str(), O_WRONLY|O_CREAT|O_TRUNC, 0666)) == -1) {
183 int _err = errno;
184 if (_err != EISDIR) {
185 std::cerr << "Couldn't open " << out_path << ": " << cpp_strerror(_err) << std::endl;
186 return 1;
/tools/ceph-monstore-tool.cc: 236 ( negative_returns)
233 std::cerr << "Error getting map: " << cpp_strerror(r) << std::endl;
234 goto done;
235 }
>>> CID 1063698: Improper use of negative value (NEGATIVE_RETURNS)
>>> "fd" is passed to a parameter that cannot be negative.
236 bl.write_fd(fd);
237 } else if (cmd == "getosdmap") {
238 if (!store_path.size()) {
239 std::cerr << "need mon store path" << std::endl;
240 std::cerr << desc << std::endl;
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: sage@newdream.net
Cc:
Subject: New Defects reported by Coverity Scan for ceph
Date: Tue, 20 Aug 2013 19:49:38 -0700
Message-ID: <E1VByUM-0004JM-Ih@build-l3.scan.coverity.com>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
Showing 7 of 9 defects
** CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
/os/BtrfsFileStoreBackend.cc: 57
** CID 1063703: Time of check time of use (TOCTOU)
/os/GenericFileStoreBackend.cc: 170
** CID 1063702: Time of check time of use (TOCTOU)
/os/BtrfsFileStoreBackend.cc: 246
** CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 458
** CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 370
** CID 1063699: Resource leak (RESOURCE_LEAK)
/os/BtrfsFileStoreBackend.cc: 345
** CID 1063698: Improper use of negative value (NEGATIVE_RETURNS)
________________________________________________________________________
CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
/os/BtrfsFileStoreBackend.h: 25 ( member_decl)
22 private:
23 bool has_clone_range; ///< clone range ioctl is supported
24 bool has_snap_create; ///< snap create ioctl is supported
>>> Class member declaration for "has_snap_destroy".
25 bool has_snap_destroy; ///< snap destroy ioctl is supported
26 bool has_snap_create_v2; ///< snap create v2 ioctl (async!) is supported
27 bool has_wait_sync; ///< wait sync ioctl is supported
28 bool stable_commits;
29 bool m_filestore_btrfs_clone_range;
/os/BtrfsFileStoreBackend.cc: 57 ( uninit_member)
54 GenericFileStoreBackend(fs), has_clone_range(false), has_snap_create(false),
55 has_snap_create_v2(false), has_wait_sync(false), stable_commits(false),
56 m_filestore_btrfs_clone_range(g_conf->filestore_btrfs_clone_range),
>>> CID 1063704: Uninitialized scalar field (UNINIT_CTOR)
>>> Non-static class member "has_snap_destroy" is not initialized in this constructor nor in any functions that it calls.
57 m_filestore_btrfs_snap (g_conf->filestore_btrfs_snap) { }
58
59 int BtrfsFileStoreBackend::detect_features()
60 {
61 int r;
________________________________________________________________________
CID 1063703: Time of check time of use (TOCTOU)
/os/GenericFileStoreBackend.cc: 170 ( fs_check_call)
167 int GenericFileStoreBackend::create_current()
168 {
169 struct stat st;
>>> CID 1063703: Time of check time of use (TOCTOU)
>>> Calling function "stat(char const *, stat *)" to perform check on "this->get_current_path()->c_str()".
170 int ret = ::stat(get_current_path().c_str(), &st);
171 if (ret == 0) {
172 // current/ exists
173 if (!S_ISDIR(st.st_mode)) {
174 dout(0) << "_create_current: current/ exists but is not a directory" << dendl;
/os/GenericFileStoreBackend.cc: 178 ( toctou)
175 ret = -EINVAL;
176 }
177 } else {
>>> Calling function "mkdir(char const *, __mode_t)" that uses "this->get_current_path()->c_str()" after a check function. This can cause a time-of-check, time-of-use race condition.
178 ret = ::mkdir(get_current_path().c_str(), 0755);
179 if (ret < 0) {
180 ret = -errno;
181 dout(0) << "_create_current: mkdir " << get_current_path() << " failed: "<< cpp_strerror(ret) << dendl;
182 }
________________________________________________________________________
CID 1063702: Time of check time of use (TOCTOU)
/os/BtrfsFileStoreBackend.cc: 246 ( fs_check_call)
243 int BtrfsFileStoreBackend::create_current()
244 {
245 struct stat st;
>>> CID 1063702: Time of check time of use (TOCTOU)
>>> Calling function "stat(char const *, stat *)" to perform check on "this->get_current_path()->c_str()".
246 int ret = ::stat(get_current_path().c_str(), &st);
247 if (ret == 0) {
248 // current/ exists
249 if (!S_ISDIR(st.st_mode)) {
250 dout(0) << "create_current: current/ exists but is not a directory" << dendl;
/os/BtrfsFileStoreBackend.cc: 288 ( toctou)
285 }
286
287 dout(2) << "create_current: created btrfs subvol " << get_current_path() << dendl;
>>> Calling function "chmod(char const *, __mode_t)" that uses "this->get_current_path()->c_str()" after a check function. This can cause a time-of-check, time-of-use race condition.
288 if (::chmod(get_current_path().c_str(), 0755) < 0) {
289 ret = -errno;
290 dout(0) << "create_current: failed to chmod " << get_current_path() << " to 0755: "
291 << cpp_strerror(ret) << dendl;
292 return ret;
________________________________________________________________________
CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 458 ( fixed_size_dest)
455 btrfs_ioctl_vol_args vol_args;
456 memset(&vol_args, 0, sizeof(vol_args));
457 vol_args.fd = 0;
>>> CID 1063701: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 4088 byte fixed-size string "vol_args.name" by copying the return value of "std::basic_string<char, std::char_traits<char>, std::allocator<char> >::c_str() const" without checking the length.
458 strcpy(vol_args.name, name.c_str());
459
460 int ret = ::ioctl(get_basedir_fd(), BTRFS_IOC_SNAP_DESTROY, &vol_args);
461 if (ret) {
462 ret = -errno;
________________________________________________________________________
CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW)
/os/BtrfsFileStoreBackend.cc: 370 ( fixed_size_dest)
367 memset(&async_args, 0, sizeof(async_args));
368 async_args.fd = get_current_fd();
369 async_args.flags = BTRFS_SUBVOL_CREATE_ASYNC;
>>> CID 1063700: Copy into fixed size buffer (STRING_OVERFLOW)
>>> You might overrun the 4040 byte fixed-size string "async_args.name" by copying the return value of "std::basic_string<char, std::char_traits<char>, std::allocator<char> >::c_str() const" without checking the length.
370 strcpy(async_args.name, name.c_str());
371
372 int r = ::ioctl(get_basedir_fd(), BTRFS_IOC_SNAP_CREATE_V2, &async_args);
373 if (r < 0) {
374 r = -errno;
________________________________________________________________________
CID 1063699: Resource leak (RESOURCE_LEAK)
/os/BtrfsFileStoreBackend.cc: 310 ( alloc_fn)
307 }
308
309 // get snap list
>>> Storage is returned from allocation function "opendir(char const *)".
310 DIR *dir = ::opendir(get_basedir_path().c_str());
311 if (!dir) {
312 ret = -errno;
313 dout(0) << "list_checkpoints: opendir '" << get_basedir_path() << "' failed: "
314 << cpp_strerror(ret) << dendl;
/os/BtrfsFileStoreBackend.cc: 310 ( var_assign)
307 }
308
309 // get snap list
>>> Assigning: "dir" = storage returned from "opendir(this->get_basedir_path()->c_str())".
310 DIR *dir = ::opendir(get_basedir_path().c_str());
311 if (!dir) {
312 ret = -errno;
313 dout(0) << "list_checkpoints: opendir '" << get_basedir_path() << "' failed: "
314 << cpp_strerror(ret) << dendl;
/os/BtrfsFileStoreBackend.cc: 321 ( noescape)
318 list<string> snaps;
319 char path[PATH_MAX];
320 struct dirent buf, *de;
>>> Resource "dir" is not freed or pointed-to in function "readdir_r(DIR *, dirent *, dirent **)".
321 while (::readdir_r(dir, &buf, &de) == 0) {
322 if (!de)
323 break;
324
325 snprintf(path, sizeof(path), "%s/%s", get_basedir_path().c_str(), de->d_name);
/os/BtrfsFileStoreBackend.cc: 321 ( noescape)
318 list<string> snaps;
319 char path[PATH_MAX];
320 struct dirent buf, *de;
>>> Resource "dir" is not freed or pointed-to in function "readdir_r(DIR *, dirent *, dirent **)".
321 while (::readdir_r(dir, &buf, &de) == 0) {
322 if (!de)
323 break;
324
325 snprintf(path, sizeof(path), "%s/%s", get_basedir_path().c_str(), de->d_name);
/os/BtrfsFileStoreBackend.cc: 345 ( leaked_storage)
342 ret = -errno;
343 dout(0) << "list_checkpoints: statfs '" << path << "' failed: "
344 << cpp_strerror(ret) << dendl;
>>> CID 1063699: Resource leak (RESOURCE_LEAK)
>>> Variable "dir" going out of scope leaks the storage it points to.
345 return ret;
346 }
347
348 if (fs.f_type == BTRFS_SUPER_MAGIC && basest.st_dev != st.st_dev)
349 snaps.push_back(string(de->d_name));
________________________________________________________________________
CID 1063698: Improper use of negative value (NEGATIVE_RETURNS)
/tools/ceph-monstore-tool.cc: 182 ( var_tested_neg)
179
180 int fd;
181 if (vm.count("out")) {
>>> Variable "fd" tests negative.
182 if ((fd = open(out_path.c_str(), O_WRONLY|O_CREAT|O_TRUNC, 0666)) == -1) {
183 int _err = errno;
184 if (_err != EISDIR) {
185 std::cerr << "Couldn't open " << out_path << ": " << cpp_strerror(_err) << std::endl;
186 return 1;
/tools/ceph-monstore-tool.cc: 236 ( negative_returns)
233 std::cerr << "Error getting map: " << cpp_strerror(r) << std::endl;
234 goto done;
235 }
>>> CID 1063698: Improper use of negative value (NEGATIVE_RETURNS)
>>> "fd" is passed to a parameter that cannot be negative.
236 bl.write_fd(fd);
237 } else if (cmd == "getosdmap") {
238 if (!store_path.size()) {
239 std::cerr << "need mon store path" << std::endl;
240 std::cerr << desc << std::endl;
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2013-07-25 20:31 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2013-07-25 20:31 UTC (permalink / raw)
To: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 0 bytes --]
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 3962 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 242528004F
for <sage@cobra.newdream.net>; Thu, 25 Jul 2013 13:22:10 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id BDD0B120837; Thu, 25 Jul 2013 13:26:23 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from madmax.dreamhost.com (caiajhbdccac.dreamhost.com
[208.97.132.202])
by destro.newdream.net (Postfix) with ESMTP id BAF4212023F
for <sage@newdream.net>; Thu, 25 Jul 2013 13:26:23 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by madmax.dreamhost.com (Postfix) with ESMTP id 14976FD699B
for <sage@newdream.net>; Thu, 25 Jul 2013 13:22:10 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at madmax.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from godfather.dreamhost.com ([208.97.132.119])
by localhost (madmax.dreamhost.com [208.97.132.139]) (amavisd-new,
port 10024) with ESMTP id XaWh-805Edjp for <sage@newdream.net>;
Thu, 25 Jul 2013 13:22:09 -0700 (PDT)
Received: from build-l3.scan.coverity.com (unknown [208.69.177.216])
by godfather.dreamhost.com (Postfix) with ESMTP id BF7EC1B00A9
for <sage@newdream.net>; Thu, 25 Jul 2013 13:22:09 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=build-l3.scan.coverity.com)
by build-l3.scan.coverity.com with esmtp (Exim 4.69)
(envelope-from <scan-admin@coverity.com>)
id 1V2S37-0000Aw-Ac; Thu, 25 Jul 2013 13:22:09 -0700
From: scan-admin@coverity.com
To: sage@newdream.net
CC:
Subject: New Defects reported by Coverity Scan for ceph
Message-Id: <E1V2S37-0000Aw-Ac@build-l3.scan.coverity.com>
Date: Thu, 25 Jul 2013 13:22:09 -0700
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
** CID 1057291: Resource leak (RESOURCE_LEAK)
/rgw/rgw_rados.cc: 2643
________________________________________________________________________
CID 1057291: Resource leak (RESOURCE_LEAK)
/rgw/rgw_rados.cc: 2641 ( alloc_arg)
2638
2639 RGWRESTStreamWriteRequest *out_stream_req;
2640
>>> "RGWRESTConn::put_obj_init(std::string const &, rgw_obj &, uint64_t, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char> >, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::basic_string<char, std::char_traits<char>, std::allocator<char> > const, ceph::buffer::list> > > &, RGWRESTStreamWriteRequest **)" allocates memory that is stored into "out_stream_req".
2641 int ret = rest_master_conn->put_obj_init(user_id, dest_obj, astate->size, src_attrs, &out_stream_req);
2642 if (ret < 0)
2643 return ret;
2644
2645 ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 1, out_stream_req->get_out_cb());
/rgw/rgw_rados.cc: 2643 ( leaked_storage)
2640
2641 int ret = rest_master_conn->put_obj_init(user_id, dest_obj, astate->size, src_attrs, &out_stream_req);
2642 if (ret < 0)
>>> CID 1057291: Resource leak (RESOURCE_LEAK)
>>> Variable "out_stream_req" going out of scope leaks the storage it points to.
2643 return ret;
2644
2645 ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 1, out_stream_req->get_out_cb());
2646 if (ret < 0)
2647 return ret;
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: sage@newdream.net
Cc:
Subject: New Defects reported by Coverity Scan for ceph
Date: Thu, 25 Jul 2013 13:22:09 -0700
Message-ID: <E1V2S37-0000Aw-Ac@build-l3.scan.coverity.com>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
** CID 1057291: Resource leak (RESOURCE_LEAK)
/rgw/rgw_rados.cc: 2643
________________________________________________________________________
CID 1057291: Resource leak (RESOURCE_LEAK)
/rgw/rgw_rados.cc: 2641 ( alloc_arg)
2638
2639 RGWRESTStreamWriteRequest *out_stream_req;
2640
>>> "RGWRESTConn::put_obj_init(std::string const &, rgw_obj &, uint64_t, std::map<std::basic_string<char, std::char_traits<char>, std::allocator<char> >, ceph::buffer::list, std::less<std::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::basic_string<char, std::char_traits<char>, std::allocator<char> > const, ceph::buffer::list> > > &, RGWRESTStreamWriteRequest **)" allocates memory that is stored into "out_stream_req".
2641 int ret = rest_master_conn->put_obj_init(user_id, dest_obj, astate->size, src_attrs, &out_stream_req);
2642 if (ret < 0)
2643 return ret;
2644
2645 ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 1, out_stream_req->get_out_cb());
/rgw/rgw_rados.cc: 2643 ( leaked_storage)
2640
2641 int ret = rest_master_conn->put_obj_init(user_id, dest_obj, astate->size, src_attrs, &out_stream_req);
2642 if (ret < 0)
>>> CID 1057291: Resource leak (RESOURCE_LEAK)
>>> Variable "out_stream_req" going out of scope leaks the storage it points to.
2643 return ret;
2644
2645 ret = get_obj_iterate(ctx, &handle, src_obj, 0, astate->size - 1, out_stream_req->get_out_cb());
2646 if (ret < 0)
2647 return ret;
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread
* New Defects reported by Coverity Scan for ceph (fwd)
@ 2013-07-19 18:04 Sage Weil
0 siblings, 0 replies; 33+ messages in thread
From: Sage Weil @ 2013-07-19 18:04 UTC (permalink / raw)
To: yehuda; +Cc: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 47 bytes --]
Several new rgw issues from the recent merge...
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 8819 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 057778004F
for <sage@cobra.newdream.net>; Fri, 19 Jul 2013 11:03:18 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id C94FC12089F; Fri, 19 Jul 2013 11:05:46 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from alc-junkmail-backend3.dreamhost.com (mailbigip.dreamhost.com
[208.97.132.5])
by destro.newdream.net (Postfix) with ESMTP id C7B0112023C
for <sage@newdream.net>; Fri, 19 Jul 2013 11:05:46 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by alc-junkmail-backend3.dreamhost.com (Postfix) with ESMTP id
EFCC3161613F
for <sage@newdream.net>; Fri, 19 Jul 2013 11:03:17 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at alc-junkmail-backend3.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
Received: from terminator.dreamhost.com ([208.97.132.145])
by localhost (alc-junkmail-backend3.dreamhost.com [208.97.132.104])
(amavisd-new, port 10024)
with ESMTP id HkYSZqDocSB9 for <sage@newdream.net>;
Fri, 19 Jul 2013 11:03:17 -0700 (PDT)
Received: from build-l3.scan.coverity.com (unknown [208.69.177.216])
by terminator.dreamhost.com (Postfix) with ESMTP id 95BE22884065
for <sage@newdream.net>; Fri, 19 Jul 2013 11:03:17 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=build-l3.scan.coverity.com)
by build-l3.scan.coverity.com with esmtp (Exim 4.69)
(envelope-from <scan-admin@coverity.com>)
id 1V0F1Q-00022u-Fe; Fri, 19 Jul 2013 11:03:17 -0700
From: scan-admin@coverity.com
To: sage@newdream.net
CC:
Subject: New Defects reported by Coverity Scan for ceph
Message-Id: <E1V0F1Q-00022u-Fe@build-l3.scan.coverity.com>
Date: Fri, 19 Jul 2013 11:03:16 -0700
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
Showing 7 of 61 defects
** CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 79
** CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 59
** CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 39
** CID 1049249: Missing varargs init or cleanup (VARARGS)
/test/librbd/test_librbd.cc: 315
** CID 1049248: Use after free (USE_AFTER_FREE)
/test/test_rgw_admin_log.cc: 782
** CID 1049247: Use after free (USE_AFTER_FREE)
/test/cls_version/test_cls_version.cc: 79
** CID 1049246: Use after free (USE_AFTER_FREE)
/rgw/rgw_rest_s3.cc: 415
________________________________________________________________________
CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 79 ( escape)
76 string s = "replica";
77 s.append(obj_type);
78 s.append("_deletebound");
>>> CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits scope.
79 return s.c_str();
80 }
81 };
82
83 class RGWOp_BILog_GetBounds : public RGWRESTOp {
________________________________________________________________________
CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 59 ( escape)
56 string s = "replica";
57 s.append(obj_type);
58 s.append("_updatebounds");
>>> CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits scope.
59 return s.c_str();
60 }
61 };
62
63 class RGWOp_OBJLog_DeleteBounds : public RGWRESTOp {
________________________________________________________________________
CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 39 ( escape)
36 string s = "replica";
37 s.append(obj_type);
38 s.append("_getbounds");
>>> CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits scope.
39 return s.c_str();
40 }
41 };
42
43 class RGWOp_OBJLog_SetBounds : public RGWRESTOp {
________________________________________________________________________
CID 1049249: Missing varargs init or cleanup (VARARGS)
/test/librbd/test_librbd.cc: 305 ( va_init)
302 cout << "image: " << names[i] << endl;
303 }
304
>>> Initializing va_list "ap".
305 va_start(ap, num_expected);
306 for (i = num_expected; i > 0; i--) {
307 char *expected = va_arg(ap, char *);
308 cout << "expected = " << expected << endl;
309 vector<string>::iterator listed_name = find(names.begin(), names.end(), string(expected));
/test/librbd/test_librbd.cc: 315 ( missing_va_end)
312 }
313 assert(names.empty());
314
>>> CID 1049249: Missing varargs init or cleanup (VARARGS)
>>> va_end was not called for "ap".
315 return num;
316 }
317
318 TEST(LibRBD, TestCreateLsDeletePP)
319 {
________________________________________________________________________
CID 1049248: Use after free (USE_AFTER_FREE)
/test/test_rgw_admin_log.cc: 750 ( freed_arg)
747 char *bucket_obj = (char *)malloc(TEST_BUCKET_OBJECT_SIZE);
748 ASSERT_TRUE(bucket_obj != NULL);
749 EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, TEST_BUCKET_OBJECT_SIZE), 0);
>>> "free(void *)" frees "bucket_obj".
750 free(bucket_obj);
751 sleep(1);
752 ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << start_time;
753 rest_req = ss.str();
754 g_test->send_request(string("GET"), rest_req);
/test/test_rgw_admin_log.cc: 782 ( pass_freed_arg)
779 }
780
781 sleep(1);
>>> CID 1049248: Use after free (USE_AFTER_FREE)
>>> Passing freed pointer "bucket_obj" as an argument to function "put_bucket_obj(char const *, char *, unsigned int)".
782 EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, TEST_BUCKET_OBJECT_SIZE), 0);
783 sleep(20);
784 ss.str("");
785 ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << start_time;
786 rest_req = ss.str();
________________________________________________________________________
CID 1049247: Use after free (USE_AFTER_FREE)
/test/cls_version/test_cls_version.cc: 68 ( freed_arg)
65 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
66 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
67
>>> "operator delete(void *)" frees "op".
68 delete op;
69
70 obj_version ver3;
71
72 librados::ObjectReadOperation *rop = new_rop();
/test/cls_version/test_cls_version.cc: 79 ( deref_arg)
76 ASSERT_EQ(ver2.ver, ver3.ver);
77 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
78
>>> CID 1049247: Use after free (USE_AFTER_FREE)
>>> Calling "librados::ObjectWriteOperation::~ObjectWriteOperation()" dereferences freed pointer "op". (The dereference happens because this is a virtual function call.)
79 delete op;
80 }
81
82
83 TEST(cls_rgw, test_version_set)
________________________________________________________________________
CID 1049246: Use after free (USE_AFTER_FREE)
/rgw/rgw_rest_s3.cc: 412 ( freed_arg)
409
410 bool success = parser.parse(data, len, 1);
411 ldout(s->cct, 20) << "create bucket input data=" << data << dendl;
>>> "free(void *)" frees "data".
412 free(data);
413
414 if (!success) {
415 ldout(s->cct, 0) << "failed to parse input: " << data << dendl;
416 return -EINVAL;
/rgw/rgw_rest_s3.cc: 415 ( deref_arg)
412 free(data);
413
414 if (!success) {
>>> CID 1049246: Use after free (USE_AFTER_FREE)
>>> Calling "std::operator << <std::char_traits<char> >(std::basic_ostream<char, std::char_traits<char> > &, char const *)" dereferences freed pointer "data".
415 ldout(s->cct, 0) << "failed to parse input: " << data << dendl;
416 return -EINVAL;
417 }
418
419 if (!parser.get_location_constraint(location_constraint)) {
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: sage@newdream.net
Cc:
Subject: New Defects reported by Coverity Scan for ceph
Date: Fri, 19 Jul 2013 11:03:16 -0700
Message-ID: <E1V0F1Q-00022u-Fe@build-l3.scan.coverity.com>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
Showing 7 of 61 defects
** CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 79
** CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 59
** CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 39
** CID 1049249: Missing varargs init or cleanup (VARARGS)
/test/librbd/test_librbd.cc: 315
** CID 1049248: Use after free (USE_AFTER_FREE)
/test/test_rgw_admin_log.cc: 782
** CID 1049247: Use after free (USE_AFTER_FREE)
/test/cls_version/test_cls_version.cc: 79
** CID 1049246: Use after free (USE_AFTER_FREE)
/rgw/rgw_rest_s3.cc: 415
________________________________________________________________________
CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 79 ( escape)
76 string s = "replica";
77 s.append(obj_type);
78 s.append("_deletebound");
>>> CID 1049252: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits scope.
79 return s.c_str();
80 }
81 };
82
83 class RGWOp_BILog_GetBounds : public RGWRESTOp {
________________________________________________________________________
CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 59 ( escape)
56 string s = "replica";
57 s.append(obj_type);
58 s.append("_updatebounds");
>>> CID 1049251: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits scope.
59 return s.c_str();
60 }
61 };
62
63 class RGWOp_OBJLog_DeleteBounds : public RGWRESTOp {
________________________________________________________________________
CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
/rgw/rgw_rest_replica_log.h: 39 ( escape)
36 string s = "replica";
37 s.append(obj_type);
38 s.append("_getbounds");
>>> CID 1049250: Wrapper object use after free (WRAPPER_ESCAPE)
>>> The internal representation of "s" escapes, but is destroyed when it exits scope.
39 return s.c_str();
40 }
41 };
42
43 class RGWOp_OBJLog_SetBounds : public RGWRESTOp {
________________________________________________________________________
CID 1049249: Missing varargs init or cleanup (VARARGS)
/test/librbd/test_librbd.cc: 305 ( va_init)
302 cout << "image: " << names[i] << endl;
303 }
304
>>> Initializing va_list "ap".
305 va_start(ap, num_expected);
306 for (i = num_expected; i > 0; i--) {
307 char *expected = va_arg(ap, char *);
308 cout << "expected = " << expected << endl;
309 vector<string>::iterator listed_name = find(names.begin(), names.end(), string(expected));
/test/librbd/test_librbd.cc: 315 ( missing_va_end)
312 }
313 assert(names.empty());
314
>>> CID 1049249: Missing varargs init or cleanup (VARARGS)
>>> va_end was not called for "ap".
315 return num;
316 }
317
318 TEST(LibRBD, TestCreateLsDeletePP)
319 {
________________________________________________________________________
CID 1049248: Use after free (USE_AFTER_FREE)
/test/test_rgw_admin_log.cc: 750 ( freed_arg)
747 char *bucket_obj = (char *)malloc(TEST_BUCKET_OBJECT_SIZE);
748 ASSERT_TRUE(bucket_obj != NULL);
749 EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, TEST_BUCKET_OBJECT_SIZE), 0);
>>> "free(void *)" frees "bucket_obj".
750 free(bucket_obj);
751 sleep(1);
752 ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << start_time;
753 rest_req = ss.str();
754 g_test->send_request(string("GET"), rest_req);
/test/test_rgw_admin_log.cc: 782 ( pass_freed_arg)
779 }
780
781 sleep(1);
>>> CID 1049248: Use after free (USE_AFTER_FREE)
>>> Passing freed pointer "bucket_obj" as an argument to function "put_bucket_obj(char const *, char *, unsigned int)".
782 EXPECT_EQ(put_bucket_obj(TEST_BUCKET_OBJECT, bucket_obj, TEST_BUCKET_OBJECT_SIZE), 0);
783 sleep(20);
784 ss.str("");
785 ss << "/admin/log?type=data&id=" << shard_id << "&start-time=" << start_time;
786 rest_req = ss.str();
________________________________________________________________________
CID 1049247: Use after free (USE_AFTER_FREE)
/test/cls_version/test_cls_version.cc: 68 ( freed_arg)
65 ASSERT_GT((long long)ver2.ver, (long long)ver.ver);
66 ASSERT_EQ(0, (int)ver2.tag.compare(ver.tag));
67
>>> "operator delete(void *)" frees "op".
68 delete op;
69
70 obj_version ver3;
71
72 librados::ObjectReadOperation *rop = new_rop();
/test/cls_version/test_cls_version.cc: 79 ( deref_arg)
76 ASSERT_EQ(ver2.ver, ver3.ver);
77 ASSERT_EQ(1, (long long)ver2.compare(&ver3));
78
>>> CID 1049247: Use after free (USE_AFTER_FREE)
>>> Calling "librados::ObjectWriteOperation::~ObjectWriteOperation()" dereferences freed pointer "op". (The dereference happens because this is a virtual function call.)
79 delete op;
80 }
81
82
83 TEST(cls_rgw, test_version_set)
________________________________________________________________________
CID 1049246: Use after free (USE_AFTER_FREE)
/rgw/rgw_rest_s3.cc: 412 ( freed_arg)
409
410 bool success = parser.parse(data, len, 1);
411 ldout(s->cct, 20) << "create bucket input data=" << data << dendl;
>>> "free(void *)" frees "data".
412 free(data);
413
414 if (!success) {
415 ldout(s->cct, 0) << "failed to parse input: " << data << dendl;
416 return -EINVAL;
/rgw/rgw_rest_s3.cc: 415 ( deref_arg)
412 free(data);
413
414 if (!success) {
>>> CID 1049246: Use after free (USE_AFTER_FREE)
>>> Calling "std::operator << <std::char_traits<char> >(std::basic_ostream<char, std::char_traits<char> > &, char const *)" dereferences freed pointer "data".
415 ldout(s->cct, 0) << "failed to parse input: " << data << dendl;
416 return -EINVAL;
417 }
418
419 if (!parser.get_location_constraint(location_constraint)) {
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread* New Defects reported by Coverity Scan for ceph (fwd)
@ 2013-06-19 19:36 Sage Weil
2013-06-19 21:03 ` Loic Dachary
0 siblings, 1 reply; 33+ messages in thread
From: Sage Weil @ 2013-06-19 19:36 UTC (permalink / raw)
To: loic; +Cc: ceph-devel
[-- Attachment #1: Type: TEXT/PLAIN, Size: 89 bytes --]
Hi Loic,
Do you mind looking at the PGLog.cc iterator issue coverity picked up on?
sage
[-- Attachment #2: Forwarded Message --]
[-- Type: MESSAGE/RFC822, Size: 7423 bytes --]
Return-Path: <scan-admin@coverity.com>
X-Original-To: sage@cobra.newdream.net
Delivered-To: sage@cobra.newdream.net
Received: from destro.newdream.net (destro.newdream.net [66.33.216.68])
by cobra.newdream.net (Postfix) with ESMTP id 46F12803BB
for <sage@cobra.newdream.net>; Wed, 19 Jun 2013 12:32:04 -0700 (PDT)
Received: by destro.newdream.net (Postfix)
id 44DA66C10E; Wed, 19 Jun 2013 12:32:04 -0700 (PDT)
Delivered-To: sage@destro.newdream.net
Received: from diehard.dreamhost.com (caiajhbdccah.dreamhost.com
[208.97.132.207])
by destro.newdream.net (Postfix) with ESMTP id 417366C0E5
for <sage@newdream.net>; Wed, 19 Jun 2013 12:32:04 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
by diehard.dreamhost.com (Postfix) with ESMTP id 3B65017BD611
for <sage@newdream.net>; Wed, 19 Jun 2013 12:32:04 -0700 (PDT)
X-DH-Virus-Scanned: Debian amavisd-new at diehard.dreamhost.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=999 WHITELISTED tests=[]
autolearn=unavailable
Received: from connor.dreamhost.com ([208.97.132.177])
by localhost (diehard.dreamhost.com [208.97.132.157]) (amavisd-new,
port 10024) with ESMTP id rz+cayuGfEGP for <sage@newdream.net>;
Wed, 19 Jun 2013 12:32:04 -0700 (PDT)
Received: from build-l3.scan.coverity.com (unknown [208.69.177.216])
by connor.dreamhost.com (Postfix) with ESMTP id 03E942C98EF8
for <sage@newdream.net>; Wed, 19 Jun 2013 12:22:36 -0700 (PDT)
Received: from localhost ([127.0.0.1] helo=build-l3.scan.coverity.com)
by build-l3.scan.coverity.com with esmtp (Exim 4.69)
(envelope-from <scan-admin@coverity.com>)
id 1UpNxh-0008B9-Nl; Wed, 19 Jun 2013 12:22:33 -0700
From: scan-admin@coverity.com
To: sage@newdream.net
CC:
Subject: New Defects reported by Coverity Scan for ceph
Message-Id: <E1UpNxh-0008B9-Nl@build-l3.scan.coverity.com>
Date: Wed, 19 Jun 2013 12:22:33 -0700
X-Spambayes-Classification: ham; 0.00
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
** CID 1035577: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 67
** CID 1035576: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 32
** CID 1035575: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 27
** CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)
/osd/PGLog.cc: 369
________________________________________________________________________
CID 1035577: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 67 ( alloc_arg)
64
65 TEST(LibCephFS, MulticlientHoleEOF) {
66 struct ceph_mount_info *ca, *cb;
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is stored into "ca".
67 ASSERT_EQ(ceph_create(&ca, NULL), 0);
68 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
69 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
70 ASSERT_EQ(ceph_mount(ca, NULL), 0);
71
/test/libcephfs/multiclient.cc: 67 ( leaked_storage)
64
65 TEST(LibCephFS, MulticlientHoleEOF) {
66 struct ceph_mount_info *ca, *cb;
>>> CID 1035577: Resource leak (RESOURCE_LEAK)
>>> Variable "ca" going out of scope leaks the storage it points to.
67 ASSERT_EQ(ceph_create(&ca, NULL), 0);
68 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
69 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
70 ASSERT_EQ(ceph_mount(ca, NULL), 0);
71
________________________________________________________________________
CID 1035576: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 32 ( alloc_arg)
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is stored into "cb".
32 ASSERT_EQ(ceph_create(&cb, NULL), 0);
33 ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL));
34 ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0);
35 ASSERT_EQ(ceph_mount(cb, NULL), 0);
36
/test/libcephfs/multiclient.cc: 32 ( leaked_storage)
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
>>> CID 1035576: Resource leak (RESOURCE_LEAK)
>>> Variable "cb" going out of scope leaks the storage it points to.
32 ASSERT_EQ(ceph_create(&cb, NULL), 0);
33 ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL));
34 ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0);
35 ASSERT_EQ(ceph_mount(cb, NULL), 0);
36
________________________________________________________________________
CID 1035575: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 27 ( alloc_arg)
24
25 TEST(LibCephFS, MulticlientSimple) {
26 struct ceph_mount_info *ca, *cb;
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is stored into "ca".
27 ASSERT_EQ(ceph_create(&ca, NULL), 0);
28 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
/test/libcephfs/multiclient.cc: 27 ( leaked_storage)
24
25 TEST(LibCephFS, MulticlientSimple) {
26 struct ceph_mount_info *ca, *cb;
>>> CID 1035575: Resource leak (RESOURCE_LEAK)
>>> Variable "ca" going out of scope leaks the storage it points to.
27 ASSERT_EQ(ceph_create(&ca, NULL), 0);
28 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
________________________________________________________________________
CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)
/osd/PGLog.cc: 361 ( past_the_end)
358 dout(10) << "rewind_divergent_log truncate divergent future " << newhead << dendl;
359 assert(newhead > log.tail);
360
>>> Function "end" creates an iterator.
361 list<pg_log_entry_t>::iterator p = log.log.end();
362 list<pg_log_entry_t> divergent;
363 while (true) {
364 if (p == log.log.begin()) {
365 // yikes, the whole thing is divergent!
/osd/PGLog.cc: 361 ( assign_var)
358 dout(10) << "rewind_divergent_log truncate divergent future " << newhead << dendl;
359 assert(newhead > log.tail);
360
>>> Assigning: "p" = "this->log.log.end()".
361 list<pg_log_entry_t>::iterator p = log.log.end();
362 list<pg_log_entry_t> divergent;
363 while (true) {
364 if (p == log.log.begin()) {
365 // yikes, the whole thing is divergent!
/osd/PGLog.cc: 369 ( deref_iterator)
366 divergent.swap(log.log);
367 break;
368 }
>>> CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
369 mark_dirty_from(p->version);
370 --p;
371 if (p->version == newhead) {
372 ++p;
373 divergent.splice(divergent.begin(), log.log, p, log.log.end());
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
From: scan-admin@coverity.com
To: sage@newdream.net
Cc:
Subject: New Defects reported by Coverity Scan for ceph
Date: Wed, 19 Jun 2013 12:22:33 -0700
Message-ID: <E1UpNxh-0008B9-Nl@build-l3.scan.coverity.com>
Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan
Defect(s) Reported-by: Coverity Scan
** CID 1035577: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 67
** CID 1035576: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 32
** CID 1035575: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 27
** CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)
/osd/PGLog.cc: 369
________________________________________________________________________
CID 1035577: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 67 ( alloc_arg)
64
65 TEST(LibCephFS, MulticlientHoleEOF) {
66 struct ceph_mount_info *ca, *cb;
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is stored into "ca".
67 ASSERT_EQ(ceph_create(&ca, NULL), 0);
68 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
69 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
70 ASSERT_EQ(ceph_mount(ca, NULL), 0);
71
/test/libcephfs/multiclient.cc: 67 ( leaked_storage)
64
65 TEST(LibCephFS, MulticlientHoleEOF) {
66 struct ceph_mount_info *ca, *cb;
>>> CID 1035577: Resource leak (RESOURCE_LEAK)
>>> Variable "ca" going out of scope leaks the storage it points to.
67 ASSERT_EQ(ceph_create(&ca, NULL), 0);
68 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
69 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
70 ASSERT_EQ(ceph_mount(ca, NULL), 0);
71
________________________________________________________________________
CID 1035576: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 32 ( alloc_arg)
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is stored into "cb".
32 ASSERT_EQ(ceph_create(&cb, NULL), 0);
33 ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL));
34 ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0);
35 ASSERT_EQ(ceph_mount(cb, NULL), 0);
36
/test/libcephfs/multiclient.cc: 32 ( leaked_storage)
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
>>> CID 1035576: Resource leak (RESOURCE_LEAK)
>>> Variable "cb" going out of scope leaks the storage it points to.
32 ASSERT_EQ(ceph_create(&cb, NULL), 0);
33 ASSERT_EQ(0, ceph_conf_parse_env(cb, NULL));
34 ASSERT_EQ(ceph_conf_read_file(cb, NULL), 0);
35 ASSERT_EQ(ceph_mount(cb, NULL), 0);
36
________________________________________________________________________
CID 1035575: Resource leak (RESOURCE_LEAK)
/test/libcephfs/multiclient.cc: 27 ( alloc_arg)
24
25 TEST(LibCephFS, MulticlientSimple) {
26 struct ceph_mount_info *ca, *cb;
>>> "ceph_create(ceph_mount_info **, char const *)" allocates memory that is stored into "ca".
27 ASSERT_EQ(ceph_create(&ca, NULL), 0);
28 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
/test/libcephfs/multiclient.cc: 27 ( leaked_storage)
24
25 TEST(LibCephFS, MulticlientSimple) {
26 struct ceph_mount_info *ca, *cb;
>>> CID 1035575: Resource leak (RESOURCE_LEAK)
>>> Variable "ca" going out of scope leaks the storage it points to.
27 ASSERT_EQ(ceph_create(&ca, NULL), 0);
28 ASSERT_EQ(0, ceph_conf_parse_env(ca, NULL));
29 ASSERT_EQ(ceph_conf_read_file(ca, NULL), 0);
30 ASSERT_EQ(ceph_mount(ca, NULL), 0);
31
________________________________________________________________________
CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)
/osd/PGLog.cc: 361 ( past_the_end)
358 dout(10) << "rewind_divergent_log truncate divergent future " << newhead << dendl;
359 assert(newhead > log.tail);
360
>>> Function "end" creates an iterator.
361 list<pg_log_entry_t>::iterator p = log.log.end();
362 list<pg_log_entry_t> divergent;
363 while (true) {
364 if (p == log.log.begin()) {
365 // yikes, the whole thing is divergent!
/osd/PGLog.cc: 361 ( assign_var)
358 dout(10) << "rewind_divergent_log truncate divergent future " << newhead << dendl;
359 assert(newhead > log.tail);
360
>>> Assigning: "p" = "this->log.log.end()".
361 list<pg_log_entry_t>::iterator p = log.log.end();
362 list<pg_log_entry_t> divergent;
363 while (true) {
364 if (p == log.log.begin()) {
365 // yikes, the whole thing is divergent!
/osd/PGLog.cc: 369 ( deref_iterator)
366 divergent.swap(log.log);
367 break;
368 }
>>> CID 1035574: Using invalid iterator (INVALIDATE_ITERATOR)
>>> Dereferencing iterator "p" though it is already past the end of its container.
369 mark_dirty_from(p->version);
370 --p;
371 if (p->version == newhead) {
372 ++p;
373 divergent.splice(divergent.begin(), log.log, p, log.log.end());
________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
^ permalink raw reply [flat|nested] 33+ messages in thread
end of thread, other threads:[~2014-10-08 14:59 UTC | newest]
Thread overview: 33+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-04-12 4:06 New Defects reported by Coverity Scan for ceph (fwd) Sage Weil
2014-04-12 8:26 ` Loic Dachary
-- strict thread matches above, loose matches on Subject: below --
2014-10-08 14:59 Sage Weil
2014-09-30 13:59 Sage Weil
2014-09-30 17:26 ` Loic Dachary
2014-09-30 17:36 ` Gregory Farnum
2014-09-30 17:38 ` Sage Weil
2014-09-30 17:41 ` Ric Wheeler
2014-09-25 15:02 Sage Weil
2014-09-25 15:27 ` John Spray
2014-09-16 21:44 Sage Weil
2014-08-23 16:04 Sage Weil
2014-07-11 3:39 Sage Weil
2014-06-20 14:46 Sage Weil
2014-06-07 16:12 Sage Weil
2014-06-08 8:38 ` Sebastien Ponce
2014-06-18 7:37 ` Sebastien Ponce
2014-06-06 15:54 Sage Weil
2014-05-30 13:54 Sage Weil
2014-05-20 16:16 Sage Weil
2014-05-10 16:03 Sage Weil
2014-04-22 15:26 Sage Weil
2014-03-03 22:23 Sage Weil
2014-03-03 22:53 ` John Spray
2014-03-04 0:53 ` Li Wang
2013-12-17 17:10 Sage Weil
2013-12-16 16:07 Sage Weil
2013-12-17 9:01 ` Ilya Dryomov
2013-08-21 4:09 Sage Weil
2013-07-25 20:31 Sage Weil
2013-07-19 18:04 Sage Weil
2013-06-19 19:36 Sage Weil
2013-06-19 21:03 ` Loic Dachary
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox