[Gluster-devel] Fwd: New Defects reported by Coverity Scan for GlusterFS

Lalatendu Mohanty lmohanty at redhat.com
Wed Jan 29 18:17:15 UTC 2014




-------- Original Message --------
Subject: 	New Defects reported by Coverity Scan for GlusterFS
Date: 	Wed, 29 Jan 2014 08:27:03 -0800
From: 	scan-admin at coverity.com



Hi,


Please find the latest report on new defect(s) introduced to GlusterFS found with Coverity Scan.

Defect(s) Reported-by: Coverity Scan
Showing 16 of 16 defect(s)


** CID 1165414:  Data race condition  (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3991 in quota_fallocate()

** CID 1165413:  Data race condition  (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3990 in quota_fallocate()

** CID 1165412:  Data race condition  (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 2018 in quota_rename_get_size_cbk()

** CID 1165410:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1102 in ga_getxattr()

** CID 1165409:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1053 in ga_link()

** CID 1165408:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1050 in ga_link()

** CID 1165407:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1156 in ga_removexattr()

** CID 1165406:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1016 in ga_rename()

** CID 1165405:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1013 in ga_rename()

** CID 1165404:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 953 in ga_rmdir()

** CID 1165403:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1138 in ga_setattr()

** CID 1165402:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 582 in ga_setxattr()

** CID 1165401:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1119 in ga_stat()

** CID 1165400:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 980 in ga_unlink()

** CID 1165411:  Dereference after null check  (FORWARD_NULL)
/xlators/features/quota/src/quota.c: 630 in quota_build_ancestry()

** CID 1165415:  Dereference before null check  (REVERSE_INULL)
/xlators/features/quota/src/quota.c: 637 in quota_build_ancestry()


________________________________________________________________________________________________________
*** CID 1165414:  Data race condition  (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3991 in quota_fallocate()
3985     	 * Note that by using len as the delta we're assuming the range from
3986     	 * offset to offset+len has not already been allocated. This can result
3987     	 * in ENOSPC errors attempting to allocate an already allocated range.
3988     	 */
3989             local->delta = len;
3990             local->stub = stub;
>>>     CID 1165414:  Data race condition  (MISSING_LOCK)
>>>     Accessing "local->link_count" without holding lock "quota_local.lock". Elsewhere, "local->link_count" is accessed with "quota_local.lock" held 10 out of 13 times.
3991             local->link_count = parents;
3992
3993             if (parents == 0) {
3994                     local->link_count = 1;
3995                     quota_check_limit (frame, fd->inode, this, NULL, NULL);
3996             } else {

________________________________________________________________________________________________________
*** CID 1165413:  Data race condition  (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3990 in quota_fallocate()
3984     	/*
3985     	 * Note that by using len as the delta we're assuming the range from
3986     	 * offset to offset+len has not already been allocated. This can result
3987     	 * in ENOSPC errors attempting to allocate an already allocated range.
3988     	 */
3989             local->delta = len;
>>>     CID 1165413:  Data race condition  (MISSING_LOCK)
>>>     Accessing "local->stub" without holding lock "quota_local.lock". Elsewhere, "local->stub" is accessed with "quota_local.lock" held 9 out of 10 times.
3990             local->stub = stub;
3991             local->link_count = parents;
3992
3993             if (parents == 0) {
3994                     local->link_count = 1;
3995                     quota_check_limit (frame, fd->inode, this, NULL, NULL);

________________________________________________________________________________________________________
*** CID 1165412:  Data race condition  (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 2018 in quota_rename_get_size_cbk()
2012             GF_VALIDATE_OR_GOTO_WITH_ERROR ("quota", this, out, op_errno,
2013                                             EINVAL);
2014             GF_VALIDATE_OR_GOTO_WITH_ERROR (this->name, xdata, out, op_errno,
2015                                             EINVAL);
2016             local = frame->local;
2017             GF_ASSERT (local);
>>>     CID 1165412:  Data race condition  (MISSING_LOCK)
>>>     Accessing "local->link_count" without holding lock "quota_local.lock". Elsewhere, "local->link_count" is accessed with "quota_local.lock" held 10 out of 13 times.
2018             local->link_count = 1;
2019
2020             if (op_ret < 0)
2021                     goto out;
2022
2023

________________________________________________________________________________________________________
*** CID 1165410:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1102 in ga_getxattr()
1096
1097     wind:
1098             STACK_WIND (frame, default_getxattr_cbk, FIRST_CHILD(this),
1099                         FIRST_CHILD(this)->fops->getxattr, loc, name, xdata);
1100
1101             if (unref)
>>>     CID 1165410:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(unref);".
1102                     inode_unref (unref);
1103
1104             return 0;
1105     }
1106
1107     int32_t

________________________________________________________________________________________________________
*** CID 1165409:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1053 in ga_link()
1047                         oldloc, newloc, xdata);
1048
1049             if (oldloc_unref)
1050                     inode_unref (oldloc_unref);
1051
1052             if (newloc_unref)
>>>     CID 1165409:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(newloc_unref);".
1053                     inode_unref (newloc_unref);
1054
1055             return 0;
1056     err:
1057             STACK_UNWIND_STRICT (link, frame, -1, op_errno, NULL,
1058                                  NULL, NULL, NULL, xdata);

________________________________________________________________________________________________________
*** CID 1165408:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1050 in ga_link()
1044     wind:
1045             STACK_WIND (frame, default_link_cbk,
1046                         FIRST_CHILD(this), FIRST_CHILD(this)->fops->link,
1047                         oldloc, newloc, xdata);
1048
1049             if (oldloc_unref)
>>>     CID 1165408:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(oldloc_unref);".
1050                     inode_unref (oldloc_unref);
1051
1052             if (newloc_unref)
1053                     inode_unref (newloc_unref);
1054
1055             return 0;

________________________________________________________________________________________________________
*** CID 1165407:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1156 in ga_removexattr()
1150
1151     wind:
1152             STACK_WIND (frame, default_removexattr_cbk, FIRST_CHILD(this),
1153                         FIRST_CHILD(this)->fops->removexattr, loc, name,
1154                         xdata);
1155             if (unref)
>>>     CID 1165407:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(unref);".
1156                     inode_unref (unref);
1157
1158             return 0;
1159     }
1160
1161

________________________________________________________________________________________________________
*** CID 1165406:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1016 in ga_rename()
1010                         oldloc, newloc, xdata);
1011
1012             if (oldloc_unref)
1013                     inode_unref (oldloc_unref);
1014
1015             if (newloc_unref)
>>>     CID 1165406:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(newloc_unref);".
1016                     inode_unref (newloc_unref);
1017
1018             return 0;
1019     err:
1020             STACK_UNWIND_STRICT (rename, frame, -1, op_errno, NULL,
1021                                  NULL, NULL, NULL, NULL, xdata);

________________________________________________________________________________________________________
*** CID 1165405:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1013 in ga_rename()
1007     wind:
1008             STACK_WIND (frame, default_rename_cbk,
1009                         FIRST_CHILD(this), FIRST_CHILD(this)->fops->rename,
1010                         oldloc, newloc, xdata);
1011
1012             if (oldloc_unref)
>>>     CID 1165405:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(oldloc_unref);".
1013                     inode_unref (oldloc_unref);
1014
1015             if (newloc_unref)
1016                     inode_unref (newloc_unref);
1017
1018             return 0;

________________________________________________________________________________________________________
*** CID 1165404:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 953 in ga_rmdir()
947
948     wind:
949             STACK_WIND (frame, default_rmdir_cbk,
950                         FIRST_CHILD(this), FIRST_CHILD(this)->fops->rmdir,
951                         loc, flag, xdata);
952             if (unref)
>>>     CID 1165404:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(unref);".
953                     inode_unref (unref);
954
955             return 0;
956     err:
957             STACK_UNWIND_STRICT (rmdir, frame, -1, op_errno, NULL,
958                                  NULL, xdata);

________________________________________________________________________________________________________
*** CID 1165403:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1138 in ga_setattr()
1132
1133     wind:
1134             STACK_WIND (frame, default_setattr_cbk, FIRST_CHILD (this),
1135                         FIRST_CHILD (this)->fops->setattr, loc, stbuf, valid,
1136                         xdata);
1137             if (unref)
>>>     CID 1165403:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(unref);".
1138                     inode_unref (unref);
1139
1140             return 0;
1141     }
1142
1143     int32_t

________________________________________________________________________________________________________
*** CID 1165402:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 582 in ga_setxattr()
576
577     wind:
578             STACK_WIND (frame, ga_setxattr_cbk, FIRST_CHILD(this),
579                         FIRST_CHILD(this)->fops->setxattr, loc, dict, flags,
580                         xdata);
581             if (unref)
>>>     CID 1165402:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(unref);".
582                     inode_unref (unref);
583
584             return 0;
585     err:
586             STACK_UNWIND_STRICT (setxattr, frame, -1, op_errno, xdata);
587             return 0;

________________________________________________________________________________________________________
*** CID 1165401:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1119 in ga_stat()
1113             GFID_ACCESS_GET_VALID_DIR_INODE (this, loc, unref, wind);
1114
1115     wind:
1116             STACK_WIND (frame, default_stat_cbk, FIRST_CHILD(this),
1117                         FIRST_CHILD(this)->fops->stat, loc, xdata);
1118             if (unref)
>>>     CID 1165401:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(unref);".
1119                     inode_unref (unref);
1120
1121             return 0;
1122     }
1123
1124     int32_t

________________________________________________________________________________________________________
*** CID 1165400:  Logically dead code  (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 980 in ga_unlink()
974     wind:
975             STACK_WIND (frame, default_unlink_cbk,
976                         FIRST_CHILD(this), FIRST_CHILD(this)->fops->unlink,
977                         loc, xflag, xdata);
978
979             if (unref)
>>>     CID 1165400:  Logically dead code  (DEADCODE)
>>>     Execution cannot reach this statement "inode_unref(unref);".
980                     inode_unref (unref);
981
982             return 0;
983     err:
984             STACK_UNWIND_STRICT (unlink, frame, -1, op_errno, NULL,
985                                  NULL, xdata);

________________________________________________________________________________________________________
*** CID 1165411:  Dereference after null check  (FORWARD_NULL)
/xlators/features/quota/src/quota.c: 630 in quota_build_ancestry()
624
625     err:
626             ancestry_cbk (NULL, NULL, -1, op_errno, data);
627
628             fd_unref (fd);
629
>>>     CID 1165411:  Dereference after null check  (FORWARD_NULL)
>>>     Dereferencing null pointer "new_frame".
630             local = new_frame->local;
631             new_frame->local = NULL;
632
633             if (local != NULL) {
634                     quota_local_cleanup (this, local);
635             }

________________________________________________________________________________________________________
*** CID 1165415:  Dereference before null check  (REVERSE_INULL)
/xlators/features/quota/src/quota.c: 637 in quota_build_ancestry()
631             new_frame->local = NULL;
632
633             if (local != NULL) {
634                     quota_local_cleanup (this, local);
635             }
636
>>>     CID 1165415:  Dereference before null check  (REVERSE_INULL)
>>>     Null-checking "new_frame" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
637             if (new_frame != NULL) {
638                     STACK_DESTROY (new_frame->root);
639             }
640
641             loc_wipe (&loc);
642             return 0;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/987?tab=Overview

To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20140129/a7317e9a/attachment-0001.html>


More information about the Gluster-devel mailing list