[Gluster-devel] Fwd: New Defects reported by Coverity Scan

Lalatendu Mohanty lmohanty at redhat.com
Mon Apr 14 07:40:10 UTC 2014


Hi All,

Most of the issues got introduced with the recent Snapshot code merge to 
master. Some of them e.g. "Null pointer dereference" are pretty serious 
issues. We should fix them asap. If you are new to fixing Coverity 
issues for GlusterFS , please check [1].

[1] 
http://www.gluster.org/community/documentation/index.php/Fixing_Issues_Reported_By_Tools_For_Static_Code_Analysis#Coverity

Thanks,
Lala
-------- Original Message --------
Subject: 	New Defects reported by Coverity Scan for GlusterFS
Date: 	Mon, 14 Apr 2014 00:13:18 -0700
From: 	scan-admin at coverity.com



Hi,


Please find the latest report on new defect(s) introduced to GlusterFS found with Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 20 of 33 defect(s)


** CID 1202376:  Unchecked return value  (CHECKED_RETURN)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 3123 in glusterd_do_volume_quorum_action()

** CID 1202384:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 1095 in glusterd_lvm_snapshot_remove()

** CID 1202383:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 3578 in glusterd_snapshot_remove_commit()

** CID 1202382:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4222 in glusterd_get_brick_lvm_details()

** CID 1202381:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 5720 in glusterd_add_brick_mount_details()

** CID 1202379:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 5758 in glusterd_get_brick_mount_details()

** CID 1202380:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-mgmt.c: 435 in glusterd_mgmt_v3_initiate_lockdown()

** CID 1202378:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 2343 in glusterd_handle_snapshot_status()

** CID 1202377:  Logically dead code  (DEADCODE)
/cli/src/cli-cmd-snapshot.c: 43 in cli_cmd_snapshot_cbk()

** CID 1202389:  Null pointer dereference  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 194 in glusterd_handle_mgmt_v3_lock_fn()
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 194 in glusterd_handle_mgmt_v3_lock_fn()

** CID 1202388:  Null pointer dereference  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 865 in glusterd_handle_mgmt_v3_unlock_fn()
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 865 in glusterd_handle_mgmt_v3_unlock_fn()

** CID 1202387:  Dereference after null check  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c: 1469 in glusterd_mgmt_v3_lock_peers()

** CID 1202386:  Dereference after null check  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c: 1536 in glusterd_mgmt_v3_unlock_peers()

** CID 1202385:  Dereference after null check  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-mgmt.c: 521 in gd_mgmt_v3_pre_validate_cbk_fn()

** CID 1202390:  Data race condition  (MISSING_LOCK)
/xlators/protocol/server/src/server.c: 991 in init()

** CID 1202391:  Negative array index write  (NEGATIVE_RETURNS)
/xlators/mgmt/glusterd/src/glusterd-mgmt.c: 101 in gd_mgmt_v3_collate_errors()

** CID 1202393:  Unsigned compared against 0  (NO_EFFECT)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 314 in snap_max_hard_limits_validate()

** CID 1202392:  Unsigned compared against 0  (NO_EFFECT)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 395 in glusterd_snapshot_config_prevalidate()

** CID 1202395:  Resource leak  (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-store.c: 2532 in glusterd_store_update_volinfo()
/xlators/mgmt/glusterd/src/glusterd-store.c: 2532 in glusterd_store_update_volinfo()

** CID 1202394:  Resource leak  (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-store.c: 2902 in glusterd_store_update_snap()
/xlators/mgmt/glusterd/src/glusterd-store.c: 2902 in glusterd_store_update_snap()


________________________________________________________________________________________________________
*** CID 1202376:  Unchecked return value  (CHECKED_RETURN)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 3123 in glusterd_do_volume_quorum_action()
3117             list_for_each_entry (brickinfo, &volinfo->bricks, brick_list) {
3118                     if (!glusterd_is_local_brick (this, volinfo, brickinfo))
3119                             continue;
3120                     if (meets_quorum)
3121                             glusterd_brick_start (volinfo, brickinfo, _gf_false);
3122                     else
>>>     CID 1202376:  Unchecked return value  (CHECKED_RETURN)
>>>     No check of the return value of "glusterd_brick_stop(volinfo, brickinfo, _gf_false)".
3123                             glusterd_brick_stop (volinfo, brickinfo, _gf_false);
3124             }
3125     out:
3126             return;
3127     }
3128

________________________________________________________________________________________________________
*** CID 1202384:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 1095 in glusterd_lvm_snapshot_remove()
1089                             goto out;
1090                     }
1091                     ret = glusterd_do_lvm_snapshot_remove (snap_vol, brickinfo,
1092                                                            mnt_pt,
1093                                                            entry->mnt_fsname);
1094                     if (mtab)
>>>     CID 1202384:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "endmntent(mtab);".
1095                             endmntent (mtab);
1096                     if (ret) {
1097                             gf_log (this->name, GF_LOG_ERROR, "failed to "
1098                                     "remove the snapshot %s (%s)",
1099                                     brickinfo->path, entry->mnt_fsname);
1100                             goto out;

________________________________________________________________________________________________________
*** CID 1202383:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 3578 in glusterd_snapshot_remove_commit()
3572                      */
3573                     snap_volinfo = list_entry (snap->volumes.next,
3574                                                glusterd_volinfo_t,
3575                                                vol_list);
3576                     if (!snap_volinfo) {
3577                             gf_log (this->name, GF_LOG_ERROR,
>>>     CID 1202383:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "do  {
   do  {
     if (0)
   ...".
3578                                     "Unable to fetch snap_volinfo");
3579                             ret = -1;
3580                             goto out;
3581                     }
3582
3583                     /* From origin glusterd check if      *

________________________________________________________________________________________________________
*** CID 1202382:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 4222 in glusterd_get_brick_lvm_details()
4216                             break;
4217                     token = strtok (buf, ":");
4218                     if (token != NULL) {
4219                             while (token && token[0] == ' ')
4220                                     token++;
4221                             if (!token) {
>>>     CID 1202382:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "ret = -1;".
4222                                     ret = -1;
4223                                     gf_log (this->name, GF_LOG_ERROR,
4224                                             "Invalid vg entry");
4225                                     goto end;
4226                             }
4227                             value = gf_strdup (token);

________________________________________________________________________________________________________
*** CID 1202381:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 5720 in glusterd_add_brick_mount_details()
5714             mnt_options = gf_strdup (entry->mnt_opts);
5715             ret = dict_set_dynstr (dict, key, mnt_options);
5716
5717      out:
5718             GF_FREE (mnt_pt);
5719             if (mtab)
>>>     CID 1202381:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "endmntent(mtab);".
5720                     endmntent (mtab);
5721
5722             return ret;
5723     }
5724
5725     char*

________________________________________________________________________________________________________
*** CID 1202379:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 5758 in glusterd_get_brick_mount_details()
5752
5753             /* get the fs_name/device */
5754             device = gf_strdup (entry->mnt_fsname);
5755
5756     out:
5757             if (NULL != mtab) {
>>>     CID 1202379:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "endmntent(mtab);".
5758                     endmntent (mtab);
5759             }
5760
5761             return device;
5762     }
5763     #endif

________________________________________________________________________________________________________
*** CID 1202380:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-mgmt.c: 435 in glusterd_mgmt_v3_initiate_lockdown()
429             if (ret) {
430                     if (*op_errstr)
431                             gf_log (this->name, GF_LOG_ERROR, "%s",
432                                     *op_errstr);
433
434                     if (volname)
>>>     CID 1202380:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "ret = gf_asprintf(op_errstr...".
435                             ret = gf_asprintf (op_errstr,
436                                                "Another transaction is in progress "
437                                                "for %s. Please try again after "
438                                                "sometime.", volname);
439                     else
440                             ret = gf_asprintf (op_errstr,

________________________________________________________________________________________________________
*** CID 1202378:  Logically dead code  (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 2343 in glusterd_handle_snapshot_status()
2337             }
2338
2339             ret = 0;
2340
2341     out:
2342             if (voldict) {
>>>     CID 1202378:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "dict_unref(voldict);".
2343                     dict_unref (voldict);
2344             }
2345             return ret;
2346     }
2347
2348

________________________________________________________________________________________________________
*** CID 1202377:  Logically dead code  (DEADCODE)
/cli/src/cli-cmd-snapshot.c: 43 in cli_cmd_snapshot_cbk()
37             rpc_clnt_procedure_t    *proc      = NULL;
38             call_frame_t            *frame     = NULL;
39             cli_local_t             *local     = NULL;
40
41             proc = &cli_rpc_prog->proctable [GLUSTER_CLI_SNAP];
42             if (proc == NULL) {
>>>     CID 1202377:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "ret = -1;".
43                    ret = -1;
44                     goto out;
45             }
46
47             frame = create_frame (THIS, THIS->ctx->pool);
48             if (frame == NULL) {

________________________________________________________________________________________________________
*** CID 1202389:  Null pointer dereference  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 194 in glusterd_handle_mgmt_v3_lock_fn()
188                                                                   ctx);
189             }
190
191     out:
192
193             if (ret || free_ctx) {
>>>     CID 1202389:  Null pointer dereference  (FORWARD_NULL)
>>>     Dereferencing null pointer "ctx".
194                     if (ctx->dict)
195                             dict_unref (ctx->dict);
196                     if (ctx)
197                             GF_FREE (ctx);
198             }
199
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 194 in glusterd_handle_mgmt_v3_lock_fn()
188                                                                   ctx);
189             }
190
191     out:
192
193             if (ret || free_ctx) {
>>>     CID 1202389:  Null pointer dereference  (FORWARD_NULL)
>>>     Dereferencing null pointer "ctx".
194                     if (ctx->dict)
195                             dict_unref (ctx->dict);
196                     if (ctx)
197                             GF_FREE (ctx);
198             }
199

________________________________________________________________________________________________________
*** CID 1202388:  Null pointer dereference  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 865 in glusterd_handle_mgmt_v3_unlock_fn()
859                                                                     ctx);
860             }
861
862     out:
863
864             if (ret || free_ctx) {
>>>     CID 1202388:  Null pointer dereference  (FORWARD_NULL)
>>>     Dereferencing null pointer "ctx".
865                     if (ctx->dict)
866                             dict_unref (ctx->dict);
867                     if (ctx)
868                             GF_FREE (ctx);
869             }
870
/xlators/mgmt/glusterd/src/glusterd-mgmt-handler.c: 865 in glusterd_handle_mgmt_v3_unlock_fn()
859                                                                     ctx);
860             }
861
862     out:
863
864             if (ret || free_ctx) {
>>>     CID 1202388:  Null pointer dereference  (FORWARD_NULL)
>>>     Dereferencing null pointer "ctx".
865                     if (ctx->dict)
866                             dict_unref (ctx->dict);
867                     if (ctx)
868                             GF_FREE (ctx);
869             }
870

________________________________________________________________________________________________________
*** CID 1202387:  Dereference after null check  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c: 1469 in glusterd_mgmt_v3_lock_peers()
1463             ret = glusterd_submit_request (peerinfo->rpc, &req, dummy_frame,
1464                                            peerinfo->mgmt_v3,
1465                                            GLUSTERD_MGMT_V3_LOCK, NULL,
1466                                            this, glusterd_mgmt_v3_lock_peers_cbk,
1467                                            (xdrproc_t)xdr_gd1_mgmt_v3_lock_req);
1468     out:
>>>     CID 1202387:  Dereference after null check  (FORWARD_NULL)
>>>     Dereferencing null pointer "this".
1469             gf_log (this->name, GF_LOG_DEBUG, "Returning %d", ret);
1470             return ret;
1471     }
1472
1473     int32_t
1474     glusterd_mgmt_v3_unlock_peers (call_frame_t *frame, xlator_t *this,

________________________________________________________________________________________________________
*** CID 1202386:  Dereference after null check  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-rpc-ops.c: 1536 in glusterd_mgmt_v3_unlock_peers()
1530                                            peerinfo->mgmt_v3,
1531                                            GLUSTERD_MGMT_V3_UNLOCK, NULL,
1532                                            this, glusterd_mgmt_v3_unlock_peers_cbk,
1533                                            (xdrproc_t)
1534                                            xdr_gd1_mgmt_v3_unlock_req);
1535     out:
>>>     CID 1202386:  Dereference after null check  (FORWARD_NULL)
>>>     Dereferencing null pointer "this".
1536             gf_log (this->name, GF_LOG_DEBUG, "Returning %d", ret);
1537             return ret;
1538     }
1539
1540     int32_t
1541     glusterd_cluster_unlock (call_frame_t *frame, xlator_t *this,

________________________________________________________________________________________________________
*** CID 1202385:  Dereference after null check  (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-mgmt.c: 521 in gd_mgmt_v3_pre_validate_cbk_fn()
515
516             if (!iov) {
517                     gf_log (this->name, GF_LOG_ERROR, "iov is NULL");
518                     op_errno = EINVAL;
519             }
520
>>>     CID 1202385:  Dereference after null check  (FORWARD_NULL)
>>>     Dereferencing null pointer "iov".
521             ret = xdr_to_generic (*iov, &rsp,
522                                   (xdrproc_t)xdr_gd1_mgmt_v3_pre_val_rsp);
523             if (ret < 0)
524                     goto out;
525
526             if (rsp.dict.dict_len) {

________________________________________________________________________________________________________
*** CID 1202390:  Data race condition  (MISSING_LOCK)
/xlators/protocol/server/src/server.c: 991 in init()
985                     ret = -1;
986                     goto out;
987             }
988
989             LOCK_INIT (&barrier->lock);
990             INIT_LIST_HEAD (&barrier->queue);
>>>     CID 1202390:  Data race condition  (MISSING_LOCK)
>>>     Accessing "barrier->on" without holding lock "_gf_barrier.lock". Elsewhere, "barrier->on" is accessed with "_gf_barrier.lock" held 4 out of 5 times.
991             barrier->on = _gf_false;
992
993             GF_OPTION_INIT ("barrier-queue-length", barrier->max_size,
994                             int64, out);
995             GF_OPTION_INIT ("barrier-timeout", barrier->time_out,
996                             uint64, out);

________________________________________________________________________________________________________
*** CID 1202391:  Negative array index write  (NEGATIVE_RETURNS)
/xlators/mgmt/glusterd/src/glusterd-mgmt.c: 101 in gd_mgmt_v3_collate_errors()
95                                     len = snprintf (op_err, sizeof(op_err) - 1,
96                                                     "Unlocking failed "
97                                                     "on %s. %s", peer_str, err_str);
98                                     break;
99                             }
100                     }
>>>     CID 1202391:  Negative array index write  (NEGATIVE_RETURNS)
>>>     Using variable "len" as an index to array "op_err".
101                     op_err[len] = '\0';
102
103                     if (args->errstr) {
104                             len = snprintf (err_str, sizeof(err_str) - 1,
105                                             "%s\n%s", args->errstr,
106                                             op_err);

________________________________________________________________________________________________________
*** CID 1202393:  Unsigned compared against 0  (NO_EFFECT)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 314 in snap_max_hard_limits_validate()
308                             max_limit = conf->snap_max_hard_limit;
309                     } else {
310                             max_limit = GLUSTERD_SNAPS_MAX_HARD_LIMIT;
311                     }
312             }
313
>>>     CID 1202393:  Unsigned compared against 0  (NO_EFFECT)
>>>     This less-than-zero comparison of an unsigned value is never true. "value < 0UL".
314             if ((value < 0) || (value > max_limit)) {
315                     ret = -1;
316                     snprintf (err_str, PATH_MAX, "Invalid snap-max-hard-limit"
317                               "%"PRIu64 ". Expected range 0 - %"PRIu64,
318                               value, max_limit);
319                     goto out;

________________________________________________________________________________________________________
*** CID 1202392:  Unsigned compared against 0  (NO_EFFECT)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 395 in glusterd_snapshot_config_prevalidate()
389                                     goto out;
390                             }
391                     }
392
393                     if (soft_limit) {
394                             max_limit = GLUSTERD_SNAPS_MAX_SOFT_LIMIT_PERCENT;
>>>     CID 1202392:  Unsigned compared against 0  (NO_EFFECT)
>>>     This less-than-zero comparison of an unsigned value is never true. "soft_limit < 0UL".
395                             if ((soft_limit < 0) || (soft_limit > max_limit)) {
396                                     ret = -1;
397                                     snprintf (err_str, PATH_MAX, "Invalid "
398                                              "snap-max-soft-limit ""%"
399                                              PRIu64 ". Expected range 0 - %"PRIu64,
400                                              value, max_limit);

________________________________________________________________________________________________________
*** CID 1202395:  Resource leak  (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-store.c: 2532 in glusterd_store_update_volinfo()
2526                             "iter");
2527                     goto out;
2528             }
2529
2530             ret = 0;
2531     out:
>>>     CID 1202395:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "iter" going out of scope leaks the storage it points to.
2532             return ret;
2533     }
2534
2535     glusterd_volinfo_t*
2536     glusterd_store_retrieve_volume (char *volname, glusterd_snap_t *snap)
2537     {
/xlators/mgmt/glusterd/src/glusterd-store.c: 2532 in glusterd_store_update_volinfo()
2526                             "iter");
2527                     goto out;
2528             }
2529
2530             ret = 0;
2531     out:
>>>     CID 1202395:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "iter" going out of scope leaks the storage it points to.
2532             return ret;
2533     }
2534
2535     glusterd_volinfo_t*
2536     glusterd_store_retrieve_volume (char *volname, glusterd_snap_t *snap)
2537     {

________________________________________________________________________________________________________
*** CID 1202394:  Resource leak  (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-store.c: 2902 in glusterd_store_update_snap()
2896             if (ret) {
2897                     gf_log (this->name, GF_LOG_ERROR, "Failed to destroy store "
2898                             "iter");
2899             }
2900
2901     out:
>>>     CID 1202394:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "iter" going out of scope leaks the storage it points to.
2902             return ret;
2903     }
2904
2905     int32_t
2906     glusterd_store_retrieve_snap (char *snapname)
2907     {
/xlators/mgmt/glusterd/src/glusterd-store.c: 2902 in glusterd_store_update_snap()
2896             if (ret) {
2897                     gf_log (this->name, GF_LOG_ERROR, "Failed to destroy store "
2898                             "iter");
2899             }
2900
2901     out:
>>>     CID 1202394:  Resource leak  (RESOURCE_LEAK)
>>>     Variable "iter" going out of scope leaks the storage it points to.
2902             return ret;
2903     }
2904
2905     int32_t
2906     glusterd_store_retrieve_snap (char *snapname)
2907     {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/987?tab=Overview

To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20140414/74ae4521/attachment-0001.html>


More information about the Gluster-devel mailing list