[Gluster-devel] Fwd: New Defects reported by Coverity Scan for GlusterFS
Lalatendu Mohanty
lmohanty at redhat.com
Fri May 2 07:41:58 UTC 2014
FYI,
Guideline for fixing Coverity issues :
http://www.gluster.org/community/documentation/index.php/Fixing_Issues_Reported_By_Tools_For_Static_Code_Analysis#Coverity
Thanks,
Lala
-------- Original Message --------
Subject: New Defects reported by Coverity Scan for GlusterFS
Date: Thu, 01 May 2014 23:43:17 -0700
From: scan-admin at coverity.com
Hi,
Please find the latest report on new defect(s) introduced to GlusterFS found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 20 of 24 defect(s)
** CID 1210972: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/libglusterfs/src/dict.c: 2218 in dict_set_static_bin()
** CID 1210971: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/libglusterfs/src/dict.c: 2188 in dict_set_bin()
** CID 1210970: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/xlators/protocol/server/src/server-helpers.c: 748 in serialize_rsp_direntp()
** CID 1210969: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/xlators/protocol/server/src/server-handshake.c: 649 in server_setvolume()
** CID 1210977: Logically dead code (DEADCODE)
/cli/src/cli-rpc-ops.c: 8693 in gf_cli_barrier_volume_cbk()
** CID 1210976: Logically dead code (DEADCODE)
/xlators/features/changelog/src/changelog.c: 1753 in changelog_pthread_init()
** CID 1210975: Logically dead code (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-store.c: 2916 in glusterd_mount_brick_paths()
** CID 1210974: Logically dead code (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 5049 in glusterd_import_friend_snap()
** CID 1210973: Logically dead code (DEADCODE)
/rpc/rpc-lib/src/rpc-clnt-ping.c: 186 in rpc_clnt_ping()
** CID 1210978: Explicit null dereferenced (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 4220 in glusterd_delete_stale_volume()
** CID 1210979: Overflowed return value (INTEGER_OVERFLOW)
/xlators/mgmt/glusterd/src/glusterd-geo-rep.c: 2661 in stop_gsync()
** CID 1210981: Missing unlock (LOCK)
/xlators/features/changelog/src/changelog-helpers.c: 973 in changelog_dec_fop_cnt()
/xlators/features/changelog/src/changelog-helpers.c: 973 in changelog_dec_fop_cnt()
** CID 1210980: Missing unlock (LOCK)
/xlators/features/changelog/src/changelog-helpers.c: 212 in changelog_rollover_changelog()
** CID 1210982: Unsigned compared against 0 (NO_EFFECT)
/glusterfsd/src/glusterfsd.c: 1121 in parse_opts()
** CID 1210988: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 285 in snap_max_limits_display_commit()
** CID 1210987: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11987 in glusterd_restore_geo_rep_files()
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11987 in glusterd_restore_geo_rep_files()
** CID 1210986: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
** CID 1210985: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
** CID 1210984: Resource leak (RESOURCE_LEAK)
/xlators/features/mac-compat/src/mac-compat.c: 134 in maccomp_getxattr()
** CID 1210983: Resource leak (RESOURCE_LEAK)
/xlators/features/marker/src/marker-quota.c: 397 in mq_update_size_xattr()
________________________________________________________________________________________________________
*** CID 1210972: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/libglusterfs/src/dict.c: 2218 in dict_set_static_bin()
2212 int
2213 dict_set_static_bin (dict_t *this, char *key, void *ptr, size_t size)
2214 {
2215 data_t * data = NULL;
2216 int ret = 0;
2217
>>> CID 1210972: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
>>> "size > 18446744073709551615UL /* 9223372036854775807L * 2UL + 1UL */" is always false regardless of the values of its operands. This occurs as the logical second operand of '||'.
2218 if (!ptr || (size > ULONG_MAX)) {
2219 ret = -EINVAL;
2220 goto err;
2221 }
2222
2223 data = bin_to_data (ptr, size);
________________________________________________________________________________________________________
*** CID 1210971: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/libglusterfs/src/dict.c: 2188 in dict_set_bin()
2182 int
2183 dict_set_bin (dict_t *this, char *key, void *ptr, size_t size)
2184 {
2185 data_t * data = NULL;
2186 int ret = 0;
2187
>>> CID 1210971: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
>>> "size > 18446744073709551615UL /* 9223372036854775807L * 2UL + 1UL */" is always false regardless of the values of its operands. This occurs as the logical second operand of '||'.
2188 if (!ptr || (size > ULONG_MAX)) {
2189 ret = -EINVAL;
2190 goto err;
2191 }
2192
2193 data = bin_to_data (ptr, size);
________________________________________________________________________________________________________
*** CID 1210970: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/xlators/protocol/server/src/server-helpers.c: 748 in serialize_rsp_direntp()
742
743 gf_stat_from_iatt (&trav->stat, &entry->d_stat);
744
745 /* if 'dict' is present, pack it */
746 if (entry->dict) {
747 trav->dict.dict_len = dict_serialized_length (entry->dict);
>>> CID 1210970: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
>>> "trav->dict.dict_len > 4294967295U /* 2147483647 * 2U + 1U */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
748 if (trav->dict.dict_len > UINT_MAX) {
749 gf_log (THIS->name, GF_LOG_ERROR,
750 "failed to get serialized length "
751 "of reply dict");
752 errno = EINVAL;
753 trav->dict.dict_len = 0;
________________________________________________________________________________________________________
*** CID 1210969: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
/xlators/protocol/server/src/server-handshake.c: 649 in server_setvolume()
643 if (ret)
644 gf_log (this->name, GF_LOG_DEBUG,
645 "failed to set 'transport-ptr'");
646
647 fail:
648 rsp.dict.dict_len = dict_serialized_length (reply);
>>> CID 1210969: Operands don't affect result (CONSTANT_EXPRESSION_RESULT)
>>> "rsp.dict.dict_len > 4294967295U /* 2147483647 * 2U + 1U */" is always false regardless of the values of its operands. This occurs as the logical operand of if.
649 if (rsp.dict.dict_len > UINT_MAX) {
650 gf_log ("server-handshake", GF_LOG_DEBUG,
651 "failed to get serialized length of reply dict");
652 op_ret = -1;
653 op_errno = EINVAL;
654 rsp.dict.dict_len = 0;
________________________________________________________________________________________________________
*** CID 1210977: Logically dead code (DEADCODE)
/cli/src/cli-rpc-ops.c: 8693 in gf_cli_barrier_volume_cbk()
8687 cli_out ("volume barrier: command successful");
8688 }
8689 ret = rsp.op_ret;
8690
8691 out:
8692 if (dict)
>>> CID 1210977: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "dict_unref(dict);".
8693 dict_unref (dict);
8694 free (rsp.op_errstr);
8695 free (rsp.dict.dict_val);
8696 cli_cmd_broadcast_response (ret);
8697 return ret;
8698 }
________________________________________________________________________________________________________
*** CID 1210976: Logically dead code (DEADCODE)
/xlators/features/changelog/src/changelog.c: 1753 in changelog_pthread_init()
1747 pthread_mutex_destroy(&priv->dm.drain_black_mutex);
1748 if (dm_cond_black_init)
1749 pthread_cond_destroy (&priv->dm.drain_black_cond);
1750 if (dm_mutex_white_init)
1751 pthread_mutex_destroy(&priv->dm.drain_white_mutex);
1752 if (dm_cond_white_init)
>>> CID 1210976: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "pthread_cond_destroy(&priv-...".
1753 pthread_cond_destroy (&priv->dm.drain_white_cond);
1754 }
1755 return ret;
1756 }
1757
1758 /* Destroy all pthread condition variables and locks in changelog */
________________________________________________________________________________________________________
*** CID 1210975: Logically dead code (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-store.c: 2916 in glusterd_mount_brick_paths()
2910 "Failed to mount lvm snapshot.");
2911 goto out;
2912 }
2913
2914 out:
2915 if (mtab)
>>> CID 1210975: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "endmntent(mtab);".
2916 endmntent (mtab);
2917 gf_log (this->name, GF_LOG_TRACE, "Returning with %d", ret);
2918 return ret;
2919 }
2920
2921 static int32_t
________________________________________________________________________________________________________
*** CID 1210974: Logically dead code (DEADCODE)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 5049 in glusterd_import_friend_snap()
5043 out:
5044 if (ret)
5045 glusterd_snap_remove (dict, snap,
5046 _gf_true, _gf_true);
5047
5048 if (dict)
>>> CID 1210974: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "dict_unref(dict);".
5049 dict_unref (dict);
5050
5051 gf_log (this->name, GF_LOG_TRACE, "Returning %d", ret);
5052 return ret;
5053 }
5054
________________________________________________________________________________________________________
*** CID 1210973: Logically dead code (DEADCODE)
/rpc/rpc-lib/src/rpc-clnt-ping.c: 186 in rpc_clnt_ping()
180 }
181
182 return ret;
183
184 fail:
185 if (frame) {
>>> CID 1210973: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "STACK_DESTROY(frame->root);".
186 STACK_DESTROY (frame->root);
187 }
188
189 return ret;
190
191 }
________________________________________________________________________________________________________
*** CID 1210978: Explicit null dereferenced (FORWARD_NULL)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 4220 in glusterd_delete_stale_volume()
4214
4215 if ((!uuid_is_null (stale_volinfo->restored_from_snap)) &&
4216 (uuid_compare (stale_volinfo->restored_from_snap,
4217 valid_volinfo->restored_from_snap))) {
4218 ret = glusterd_lvm_snapshot_remove (NULL, stale_volinfo);
4219 if (ret) {
>>> CID 1210978: Explicit null dereferenced (FORWARD_NULL)
>>> Dereferencing null pointer "this".
4220 gf_log(this->name, GF_LOG_WARNING,
4221 "Failed to remove lvm snapshot for "
4222 "restored volume %s", stale_volinfo->volname);
4223 }
4224 }
4225
________________________________________________________________________________________________________
*** CID 1210979: Overflowed return value (INTEGER_OVERFLOW)
/xlators/mgmt/glusterd/src/glusterd-geo-rep.c: 2661 in stop_gsync()
2655 }
2656 ret = 0;
2657
2658 out:
2659 sys_close (pfd);
2660
>>> CID 1210979: Overflowed return value (INTEGER_OVERFLOW)
>>> Overflowed or truncated value (or a value computed from an overflowed or truncated value) "ret" used as return value.
2661 return ret;
2662 }
2663
2664 /*
2665 * glusterd_gsync_op_already_set:
2666 * This funcion checks whether the op_value is same as in the
________________________________________________________________________________________________________
*** CID 1210981: Missing unlock (LOCK)
/xlators/features/changelog/src/changelog-helpers.c: 973 in changelog_dec_fop_cnt()
967 }
968 ret = pthread_mutex_unlock(&priv->dm.drain_white_mutex);
969 CHANGELOG_PTHREAD_ERROR_HANDLE_0 (ret, out);
970 }
971 }
972 out:
>>> CID 1210981: Missing unlock (LOCK)
>>> Returning without unlocking "priv->dm.drain_black_mutex".
973 return;
974 }
975
976 /* Write to a pipe setup between changelog main thread and changelog
977 * rollover thread to initiate explicit rollover of changelog journal.
978 */
/xlators/features/changelog/src/changelog-helpers.c: 973 in changelog_dec_fop_cnt()
967 }
968 ret = pthread_mutex_unlock(&priv->dm.drain_white_mutex);
969 CHANGELOG_PTHREAD_ERROR_HANDLE_0 (ret, out);
970 }
971 }
972 out:
>>> CID 1210981: Missing unlock (LOCK)
>>> Returning without unlocking "priv->dm.drain_white_mutex".
973 return;
974 }
975
976 /* Write to a pipe setup between changelog main thread and changelog
977 * rollover thread to initiate explicit rollover of changelog journal.
978 */
________________________________________________________________________________________________________
*** CID 1210980: Missing unlock (LOCK)
/xlators/features/changelog/src/changelog-helpers.c: 212 in changelog_rollover_changelog()
206 CHANGELOG_PTHREAD_ERROR_HANDLE_0 (ret, out);
207 }
208 }
209 }
210
211 out:
>>> CID 1210980: Missing unlock (LOCK)
>>> Returning without unlocking "priv->bn.bnotify_mutex".
212 return ret;
213 }
214
215 int
216 changelog_open (xlator_t *this,
217 changelog_priv_t *priv)
________________________________________________________________________________________________________
*** CID 1210982: Unsigned compared against 0 (NO_EFFECT)
/glusterfsd/src/glusterfsd.c: 1121 in parse_opts()
1115 break;
1116
1117 case ARGP_LOG_BUF_SIZE:
1118 if (gf_string2uint32 (arg, &cmd_args->log_buf_size)) {
1119 argp_failure (state, -1, 0,
1120 "unknown log buf size option %s", arg);
>>> CID 1210982: Unsigned compared against 0 (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "cmd_args->log_buf_size < 0U".
1121 } else if ((cmd_args->log_buf_size < GF_LOG_LRU_BUFSIZE_MIN) ||
1122 (cmd_args->log_buf_size > GF_LOG_LRU_BUFSIZE_MAX)) {
1123 argp_failure (state, -1, 0,
1124 "Invalid log buf size %s. "
1125 "Valid range: ["
1126 GF_LOG_LRU_BUFSIZE_MIN_STR","
________________________________________________________________________________________________________
*** CID 1210988: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-snapshot.c: 285 in snap_max_limits_display_commit()
279 ret = 0;
280 out:
281 if (ret) {
282 op_errstr = gf_strdup (err_str);
283 gf_log (this->name, GF_LOG_ERROR, "%s", err_str);
284 }
>>> CID 1210988: Resource leak (RESOURCE_LEAK)
>>> Returning without freeing "op_errstr" leaks the storage that it points to.
285 return ret;
286 }
287
288
289 /* Third argument of scandir(used in glusterd_copy_geo_rep_session_files)
290 * is filter function. As we dont want "." and ".." files present in the
________________________________________________________________________________________________________
*** CID 1210987: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11987 in glusterd_restore_geo_rep_files()
11981 }
11982 }
11983 out:
11984 if (origin_volname)
11985 GF_ASSERT (origin_volname);
11986
>>> CID 1210987: Resource leak (RESOURCE_LEAK)
>>> Variable "origin_volname" going out of scope leaks the storage it points to.
11987 return ret;
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11987 in glusterd_restore_geo_rep_files()
11981 }
11982 }
11983 out:
11984 if (origin_volname)
11985 GF_ASSERT (origin_volname);
11986
>>> CID 1210987: Resource leak (RESOURCE_LEAK)
>>> Variable "origin_volname" going out of scope leaks the storage it points to.
11987 return ret;
________________________________________________________________________________________________________
*** CID 1210986: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
11673 out :
11674 if (src_fd > 0)
11675 close (src_fd);
11676
11677 if (dest_fd > 0)
11678 close (dest_fd);
>>> CID 1210986: Resource leak (RESOURCE_LEAK)
>>> Handle variable "src_fd" going out of scope leaks the handle.
11679 return ret;
11680 }
11681
11682 int32_t
11683 glusterd_copy_folder (const char *source, const char *destination)
11684 {
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
11673 out :
11674 if (src_fd > 0)
11675 close (src_fd);
11676
11677 if (dest_fd > 0)
11678 close (dest_fd);
>>> CID 1210986: Resource leak (RESOURCE_LEAK)
>>> Handle variable "src_fd" going out of scope leaks the handle.
11679 return ret;
11680 }
11681
11682 int32_t
11683 glusterd_copy_folder (const char *source, const char *destination)
11684 {
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
11673 out :
11674 if (src_fd > 0)
11675 close (src_fd);
11676
11677 if (dest_fd > 0)
11678 close (dest_fd);
>>> CID 1210986: Resource leak (RESOURCE_LEAK)
>>> Handle variable "src_fd" going out of scope leaks the handle.
11679 return ret;
11680 }
11681
11682 int32_t
11683 glusterd_copy_folder (const char *source, const char *destination)
11684 {
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
11673 out :
11674 if (src_fd > 0)
11675 close (src_fd);
11676
11677 if (dest_fd > 0)
11678 close (dest_fd);
>>> CID 1210986: Resource leak (RESOURCE_LEAK)
>>> Handle variable "src_fd" going out of scope leaks the handle.
11679 return ret;
11680 }
11681
11682 int32_t
11683 glusterd_copy_folder (const char *source, const char *destination)
11684 {
________________________________________________________________________________________________________
*** CID 1210985: Resource leak (RESOURCE_LEAK)
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
11673 out :
11674 if (src_fd > 0)
11675 close (src_fd);
11676
11677 if (dest_fd > 0)
11678 close (dest_fd);
>>> CID 1210985: Resource leak (RESOURCE_LEAK)
>>> Handle variable "dest_fd" going out of scope leaks the handle.
11679 return ret;
11680 }
11681
11682 int32_t
11683 glusterd_copy_folder (const char *source, const char *destination)
11684 {
/xlators/mgmt/glusterd/src/glusterd-utils.c: 11679 in glusterd_copy_file()
11673 out :
11674 if (src_fd > 0)
11675 close (src_fd);
11676
11677 if (dest_fd > 0)
11678 close (dest_fd);
>>> CID 1210985: Resource leak (RESOURCE_LEAK)
>>> Handle variable "dest_fd" going out of scope leaks the handle.
11679 return ret;
11680 }
11681
11682 int32_t
11683 glusterd_copy_folder (const char *source, const char *destination)
11684 {
________________________________________________________________________________________________________
*** CID 1210984: Resource leak (RESOURCE_LEAK)
/xlators/features/mac-compat/src/mac-compat.c: 134 in maccomp_getxattr()
128 "getxattr: name %s private: %p xdata %p ", name,
129 this->private, xdata);
130 STACK_WIND (frame, maccomp_getxattr_cbk,
131 FIRST_CHILD(this),
132 FIRST_CHILD(this)->fops->getxattr,
133 loc, newkey, xdata);
>>> CID 1210984: Resource leak (RESOURCE_LEAK)
>>> Variable "newkey" going out of scope leaks the storage it points to.
134 return 0;
135 }
136
137
138 int32_t
139 maccomp_fgetxattr (call_frame_t *frame, xlator_t *this, fd_t *fd,
________________________________________________________________________________________________________
*** CID 1210983: Resource leak (RESOURCE_LEAK)
/xlators/features/marker/src/marker-quota.c: 397 in mq_update_size_xattr()
391 mq_release_lock_on_dirty_inode (frame, NULL, this, 0, 0, NULL);
392 }
393
394 if (new_dict)
395 dict_unref (new_dict);
396
>>> CID 1210983: Resource leak (RESOURCE_LEAK)
>>> Variable "delta" going out of scope leaks the storage it points to.
397 return 0;
398 }
399
400 int32_t
401 mq_test_and_set_local_err(quota_local_t *local,
402 int32_t *val)
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/987?tab=Overview
To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://supercolony.gluster.org/pipermail/gluster-devel/attachments/20140502/80d534dc/attachment-0003.html>
More information about the Gluster-devel
mailing list