[Gluster-devel] Fwd: New Defects reported by Coverity Scan for GlusterFS
Lalatendu Mohanty
lmohanty at redhat.com
Tue Jul 15 18:58:13 UTC 2014
To fix these Coverity issues , please check the below link for guidelines:
http://www.gluster.org/community/documentation/index.php/Fixing_Issues_Reported_By_Tools_For_Static_Code_Analysis#Coverity
Thanks,
Lala
-------- Original Message --------
Subject: New Defects reported by Coverity Scan for GlusterFS
Date: Mon, 14 Jul 2014 23:47:00 -0700
From: scan-admin at coverity.com
Hi,
Please find the latest report on new defect(s) introduced to GlusterFS found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 23 defect(s)
** CID 1226162: Logically dead code (DEADCODE)
/xlators/cluster/ec/src/ec-method.c: 119 in ec_method_decode()
** CID 1226164: Division or modulo by zero (DIVIDE_BY_ZERO)
/xlators/cluster/dht/src/dht-selfheal.c: 1068 in dht_selfheal_layout_new_directory()
** CID 1226163: Division or modulo by zero (DIVIDE_BY_ZERO)
/xlators/cluster/dht/src/dht-selfheal.c: 1062 in dht_selfheal_layout_new_directory()
** CID 1226165: Null pointer dereference (FORWARD_NULL)
/libglusterfs/src/client_t.c: 294 in gf_client_get()
/libglusterfs/src/client_t.c: 294 in gf_client_get()
** CID 1226177: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-dir-write.c: 181 in ec_manager_create()
** CID 1226176: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-generic.c: 911 in ec_manager_lookup()
** CID 1226175: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-read.c: 671 in ec_manager_open()
** CID 1226174: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-write.c: 1366 in ec_manager_truncate()
** CID 1226173: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-write.c: 2022 in ec_manager_writev()
** CID 1226172: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-locks.c: 218 in ec_manager_entrylk()
** CID 1226171: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-locks.c: 649 in ec_manager_inodelk()
** CID 1226170: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-locks.c: 1134 in ec_manager_lk()
** CID 1226169: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-read.c: 1239 in ec_manager_readv()
** CID 1226168: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-dir-read.c: 366 in ec_manager_readdir()
** CID 1226167: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-heal.c: 1164 in ec_manager_heal()
** CID 1226166: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-heal.c: 1224 in ec_manager_heal()
** CID 1226180: Data race condition (MISSING_LOCK)
/xlators/cluster/ec/src/ec-heal.c: 945 in ec_heal_needs_data_rebuild()
** CID 1226179: Data race condition (MISSING_LOCK)
/xlators/cluster/ec/src/ec-heal.c: 94 in ec_heal_lookup_resume()
** CID 1226178: Data race condition (MISSING_LOCK)
/xlators/cluster/ec/src/ec-heal.c: 93 in ec_heal_lookup_resume()
** CID 1226181: Thread deadlock (ORDER_REVERSAL)
/xlators/cluster/ec/src/ec-heal.c: 458 in ec_heal_init()
________________________________________________________________________________________________________
*** CID 1226162: Logically dead code (DEADCODE)
/xlators/cluster/ec/src/ec-method.c: 119 in ec_method_decode()
113 }
114 k = 0;
115 for (i = 0; i < columns; i++)
116 {
117 while ((mask & 1) != 0)
118 {
>>> CID 1226162: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "k++;".
119 k++;
120 mask >>= 1;
121 }
122 mtx[k][columns - 1] = 1;
123 for (j = columns - 1; j > 0; j--)
124 {
________________________________________________________________________________________________________
*** CID 1226164: Division or modulo by zero (DIVIDE_BY_ZERO)
/xlators/cluster/dht/src/dht-selfheal.c: 1068 in dht_selfheal_layout_new_directory()
1062 chunk = ((unsigned long) 0xffffffff) / total_size;
1063 gf_log (this->name, GF_LOG_INFO,
1064 "chunk size = 0xffffffff / %u = 0x%x",
1065 total_size, chunk);
1066 }
1067 else {
>>> CID 1226164: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "4294967295UL / bricks_used", division by expression "bricks_used" which may be zero has undefined behavior.
1068 chunk = ((unsigned long) 0xffffffff) / bricks_used;
1069 }
1070
1071 start_subvol = dht_selfheal_layout_alloc_start (this, loc, layout);
1072
1073 /* clear out the range, as we are re-computing here */
________________________________________________________________________________________________________
*** CID 1226163: Division or modulo by zero (DIVIDE_BY_ZERO)
/xlators/cluster/dht/src/dht-selfheal.c: 1062 in dht_selfheal_layout_new_directory()
1056 break;
1057 }
1058 }
1059
1060 if (weight_by_size) {
1061 /* We know total_size is not zero. */
>>> CID 1226163: Division or modulo by zero (DIVIDE_BY_ZERO)
>>> In expression "4294967295UL / total_size", division by expression "total_size" which may be zero has undefined behavior.
1062 chunk = ((unsigned long) 0xffffffff) / total_size;
1063 gf_log (this->name, GF_LOG_INFO,
1064 "chunk size = 0xffffffff / %u = 0x%x",
1065 total_size, chunk);
1066 }
1067 else {
________________________________________________________________________________________________________
*** CID 1226165: Null pointer dereference (FORWARD_NULL)
/libglusterfs/src/client_t.c: 294 in gf_client_get()
288 clienttable->first_free = cliententry->next_free;
289 cliententry->next_free = GF_CLIENTENTRY_ALLOCATED;
290 }
291 unlock:
292 UNLOCK (&clienttable->lock);
293
>>> CID 1226165: Null pointer dereference (FORWARD_NULL)
>>> Dereferencing null pointer "client".
294 gf_log_callingfn ("client_t", GF_LOG_DEBUG, "%s: bind_ref: %d, ref: %d",
295 client->client_uid, client->ref.bind,
296 client->ref.count);
297 return client;
298 }
299
/libglusterfs/src/client_t.c: 294 in gf_client_get()
288 clienttable->first_free = cliententry->next_free;
289 cliententry->next_free = GF_CLIENTENTRY_ALLOCATED;
290 }
291 unlock:
292 UNLOCK (&clienttable->lock);
293
>>> CID 1226165: Null pointer dereference (FORWARD_NULL)
>>> Dereferencing null pointer "client".
294 gf_log_callingfn ("client_t", GF_LOG_DEBUG, "%s: bind_ref: %d, ref: %d",
295 client->client_uid, client->ref.bind,
296 client->ref.count);
297 return client;
298 }
299
________________________________________________________________________________________________________
*** CID 1226177: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-dir-write.c: 181 in ec_manager_create()
175
176 UNLOCK(&fop->fd->lock);
177
178 fop->int32 &= ~O_ACCMODE;
179 fop->int32 |= O_RDWR;
180
>>> CID 1226177: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
181 case EC_STATE_LOCK:
182 ec_lock_entry(fop, &fop->loc[0]);
183
184 return EC_STATE_DISPATCH;
185
186 case EC_STATE_DISPATCH:
________________________________________________________________________________________________________
*** CID 1226176: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-generic.c: 911 in ec_manager_lookup()
905
906 fop->error = EIO;
907
908 return EC_STATE_REPORT;
909 }
910
>>> CID 1226176: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
911 case EC_STATE_DISPATCH:
912 ec_dispatch_all(fop);
913
914 return EC_STATE_PREPARE_ANSWER;
915
916 case EC_STATE_PREPARE_ANSWER:
________________________________________________________________________________________________________
*** CID 1226175: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-read.c: 671 in ec_manager_open()
665 if ((fop->int32 & O_ACCMODE) == O_WRONLY)
666 {
667 fop->int32 &= ~O_ACCMODE;
668 fop->int32 |= O_RDWR;
669 }
670
>>> CID 1226175: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
671 case EC_STATE_DISPATCH:
672 ec_dispatch_all(fop);
673
674 return EC_STATE_PREPARE_ANSWER;
675
676 case EC_STATE_PREPARE_ANSWER:
________________________________________________________________________________________________________
*** CID 1226174: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-write.c: 1366 in ec_manager_truncate()
1360 switch (state)
1361 {
1362 case EC_STATE_INIT:
1363 fop->user_size = fop->offset;
1364 fop->offset = ec_adjust_size(fop->xl->private, fop->offset, 1);
1365
>>> CID 1226174: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
1366 case EC_STATE_LOCK:
1367 ec_lock_inode(fop, &fop->loc[0]);
1368
1369 return EC_STATE_GET_SIZE_AND_VERSION;
1370
1371 case EC_STATE_GET_SIZE_AND_VERSION:
________________________________________________________________________________________________________
*** CID 1226173: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-write.c: 2022 in ec_manager_writev()
2016 fop->error = ec_writev_init(fop);
2017 if (fop->error != 0)
2018 {
2019 return EC_STATE_REPORT;
2020 }
2021
>>> CID 1226173: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
2022 case EC_STATE_LOCK:
2023 ec_lock_fd(fop, fop->fd);
2024
2025 return EC_STATE_GET_SIZE_AND_VERSION;
2026
2027 case EC_STATE_GET_SIZE_AND_VERSION:
________________________________________________________________________________________________________
*** CID 1226172: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-locks.c: 218 in ec_manager_entrylk()
212 if (fop->entrylk_cmd == ENTRYLK_LOCK)
213 {
214 fop->uint32 = EC_LOCK_MODE_ALL;
215 fop->entrylk_cmd = ENTRYLK_LOCK_NB;
216 }
217
>>> CID 1226172: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
218 case EC_STATE_DISPATCH:
219 ec_dispatch_all(fop);
220
221 return EC_STATE_PREPARE_ANSWER;
222
223 case EC_STATE_PREPARE_ANSWER:
________________________________________________________________________________________________________
*** CID 1226171: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-locks.c: 649 in ec_manager_inodelk()
643 if ((fop->int32 == F_SETLKW) && (fop->flock.l_type != F_UNLCK))
644 {
645 fop->uint32 = EC_LOCK_MODE_ALL;
646 fop->int32 = F_SETLK;
647 }
648
>>> CID 1226171: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
649 case EC_STATE_DISPATCH:
650 ec_dispatch_all(fop);
651
652 return EC_STATE_PREPARE_ANSWER;
653
654 case EC_STATE_PREPARE_ANSWER:
________________________________________________________________________________________________________
*** CID 1226170: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-locks.c: 1134 in ec_manager_lk()
1128 if ((fop->int32 == F_SETLKW) && (fop->flock.l_type != F_UNLCK))
1129 {
1130 fop->uint32 = EC_LOCK_MODE_ALL;
1131 fop->int32 = F_SETLK;
1132 }
1133
>>> CID 1226170: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
1134 case EC_STATE_DISPATCH:
1135 ec_dispatch_all(fop);
1136
1137 return EC_STATE_PREPARE_ANSWER;
1138
1139 case EC_STATE_PREPARE_ANSWER:
________________________________________________________________________________________________________
*** CID 1226169: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-inode-read.c: 1239 in ec_manager_readv()
1233 case EC_STATE_INIT:
1234 fop->user_size = fop->size;
1235 fop->head = ec_adjust_offset(fop->xl->private, &fop->offset, 1);
1236 fop->size = ec_adjust_size(fop->xl->private, fop->size + fop->head,
1237 1);
1238
>>> CID 1226169: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
1239 case EC_STATE_LOCK:
1240 ec_lock_fd(fop, fop->fd);
1241
1242 return EC_STATE_GET_SIZE_AND_VERSION;
1243
1244 case EC_STATE_GET_SIZE_AND_VERSION:
________________________________________________________________________________________________________
*** CID 1226168: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-dir-read.c: 366 in ec_manager_readdir()
360
361 fop->offset = ec_deitransform(fop->xl->private, &idx,
362 fop->offset);
363 fop->mask &= 1ULL << idx;
364 }
365
>>> CID 1226168: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
366 case EC_STATE_DISPATCH:
367 ec_dispatch_one(fop);
368
369 return EC_STATE_REPORT;
370
371 case -EC_STATE_REPORT:
________________________________________________________________________________________________________
*** CID 1226167: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-heal.c: 1164 in ec_manager_heal()
1158 fop->error = ec_heal_init(fop);
1159 if (fop->error != 0)
1160 {
1161 return EC_STATE_REPORT;
1162 }
1163
>>> CID 1226167: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
1164 case EC_STATE_DISPATCH:
1165 ec_heal_entrylk(fop->data, ENTRYLK_LOCK);
1166
1167 return EC_STATE_HEAL_ENTRY_LOOKUP;
1168
1169 case EC_STATE_HEAL_ENTRY_LOOKUP:
________________________________________________________________________________________________________
*** CID 1226166: Missing break in switch (MISSING_BREAK)
/xlators/cluster/ec/src/ec-heal.c: 1224 in ec_manager_heal()
1218 case -EC_STATE_HEAL_OPEN:
1219 case -EC_STATE_HEAL_REOPEN_FD:
1220 case -EC_STATE_HEAL_UNLOCK:
1221 case EC_STATE_HEAL_UNLOCK:
1222 ec_heal_inodelk(heal, F_UNLCK, 0, 0, 0);
1223
>>> CID 1226166: Missing break in switch (MISSING_BREAK)
>>> The above case falls through to this one.
1224 case -EC_STATE_HEAL_ENTRY_PREPARE:
1225 case -EC_STATE_HEAL_PRE_INODELK_LOCK:
1226 case -EC_STATE_HEAL_PRE_INODE_LOOKUP:
1227 ec_heal_entrylk(heal, ENTRYLK_UNLOCK);
1228
1229 if (ec_heal_needs_data_rebuild(heal))
________________________________________________________________________________________________________
*** CID 1226180: Data race condition (MISSING_LOCK)
/xlators/cluster/ec/src/ec-heal.c: 945 in ec_heal_needs_data_rebuild()
939 ((cbk->size != heal->raw_size) || (cbk->version != heal->version)))
940 {
941 bad |= cbk->mask;
942 }
943 }
944
>>> CID 1226180: Data race condition (MISSING_LOCK)
>>> Accessing "heal->bad" without holding lock "_ec_heal.lock". Elsewhere, "heal->bad" is accessed with "_ec_heal.lock" held 4 out of 4 times.
945 heal->bad = bad;
946
947 return (bad != 0);
948 }
949
950 void ec_heal_open(ec_heal_t * heal)
________________________________________________________________________________________________________
*** CID 1226179: Data race condition (MISSING_LOCK)
/xlators/cluster/ec/src/ec-heal.c: 94 in ec_heal_lookup_resume()
88 {
89 bad |= cbk->mask;
90 }
91 }
92
93 heal->good = good;
>>> CID 1226179: Data race condition (MISSING_LOCK)
>>> Accessing "heal->bad" without holding lock "_ec_heal.lock". Elsewhere, "heal->bad" is accessed with "_ec_heal.lock" held 4 out of 4 times.
94 heal->bad = bad;
95
96 heal->lookup = fop;
97
98 ec_resume_parent(fop, fop->answer != NULL ? 0 : fop->error);
99 }
________________________________________________________________________________________________________
*** CID 1226178: Data race condition (MISSING_LOCK)
/xlators/cluster/ec/src/ec-heal.c: 93 in ec_heal_lookup_resume()
87 else
88 {
89 bad |= cbk->mask;
90 }
91 }
92
>>> CID 1226178: Data race condition (MISSING_LOCK)
>>> Accessing "heal->good" without holding lock "_ec_heal.lock". Elsewhere, "heal->good" is accessed with "_ec_heal.lock" held 2 out of 2 times.
93 heal->good = good;
94 heal->bad = bad;
95
96 heal->lookup = fop;
97
98 ec_resume_parent(fop, fop->answer != NULL ? 0 : fop->error);
________________________________________________________________________________________________________
*** CID 1226181: Thread deadlock (ORDER_REVERSAL)
/xlators/cluster/ec/src/ec-heal.c: 458 in ec_heal_init()
452 "because there is not enough "
453 "information");
454
455 return ENODATA;
456 }
457
>>> CID 1226181: Thread deadlock (ORDER_REVERSAL)
>>> Calling function "pthread_spin_lock(pthread_spinlock_t *)" acquires lock "_inode.lock".
458 LOCK(&inode->lock);
459
460 ctx = __ec_inode_get(inode, fop->xl);
461 if (ctx == NULL)
462 {
463 error = EIO;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/987?tab=overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20140716/fb039c50/attachment-0001.html>
More information about the Gluster-devel
mailing list