Hi,
Please find the latest report on new defect(s) introduced to ceph found with Coverity Scan.
293 new defect(s) introduced to ceph found with Coverity Scan.
2803 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 293 defect(s)
** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
________________________________________________________________________________________________________
*** CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1041 in ProtocolV2::handle_hello(ceph::buffer::v15_2_0::list &)()
1035 a.set_type(entity_addr_t::TYPE_MSGR2); // anything but NONE; learned_addr ignores this
1036 a.set_port(0);
1037 connection->lock.unlock();
1038 messenger->learned_addr(a);
1039 if (cct->_conf->ms_inject_internal_delays &&
1040 cct->_conf->ms_inject_socket_failures) {
>>> CID 1509769: Security best practices violations (DC.WEAK_CRYPTO)
>>> "rand" should not be used for security-related applications, because linear congruential algorithms are too easy to break.
1041 if (rand() % cct->_conf->ms_inject_socket_failures == 0) {
1042 ldout(cct, 10) << __func__ << " sleep for "
1043 << cct->_conf->ms_inject_internal_delays << dendl;
1044 utime_t t;
1045 t.set_from_double(cct->_conf->ms_inject_internal_delays);
1046 t.sleep();
** CID 1509768: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
________________________________________________________________________________________________________
*** CID 1509768: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 30844 in __pyx_pf_3rbd_3RBD_96group_list()
30838 * if name]
30839 * finally:
30840 * free(c_names) # <<<<<<<<<<<<<<
30841 *
30842 * def group_rename(self, ioctx, src, dest):
30843 */
>>> CID 1509768: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
__pyx_L4_error:
;
{...".
30844 /*finally:*/ {
30845 __pyx_L4_error:;
30846 /*exception exit:*/{
30847 __Pyx_PyThreadState_declare
30848 __Pyx_PyThreadState_assign
30849 __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0; __pyx_t_20 = 0;
** CID 1509767: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
________________________________________________________________________________________________________
*** CID 1509767: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 547 in SimpleRADOSStriper::lock_keeper_main()()
541 /* Do lock renewal in a separate thread: while it's unlikely sqlite chews on
542 * something for multiple seconds without calling into the VFS (where we could
543 * initiate a lock renewal), it's not impossible with complex queries. Also, we
544 * want to allow "PRAGMA locking_mode = exclusive" where the application may
545 * not use the sqlite3 database connection for an indeterminate amount of time.
546 */
>>> CID 1509767: (UNCAUGHT_EXCEPT)
>>> In function "SimpleRADOSStriper::lock_keeper_main()" an exception of type "boost::container::length_error" is thrown and never caught.
547 void SimpleRADOSStriper::lock_keeper_main(void)
548 {
549 d(20) << dendl;
550 const auto ext = get_first_extent();
551 while (!shutdown) {
552 d(20) << "tick" << dendl;
** CID 1509766: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
________________________________________________________________________________________________________
*** CID 1509766: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSSnapUpdate.h: 32 in MMDSSnapUpdate::MMDSSnapUpdate()()
26 inodeno_t get_ino() const { return ino; }
27 int get_snap_op() const { return snap_op; }
28
29 ceph::buffer::list snap_blob;
30
31 protected:
>>> CID 1509766: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "snap_op" is not initialized in this constructor nor in any functions that it calls.
32 MMDSSnapUpdate() : MMDSOp{MSG_MDS_SNAPUPDATE} {}
33 MMDSSnapUpdate(inodeno_t i, version_t tid, int op) :
34 MMDSOp{MSG_MDS_SNAPUPDATE}, ino(i), snap_op(op) {
35 set_tid(tid);
36 }
37 ~MMDSSnapUpdate() final {}
** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
/home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
________________________________________________________________________________________________________
*** CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
/home/kkeithle/src/github/ceph/src/common/ceph_json.cc: 934 in JSONFormattable::encode_json(const char *, ceph::Formatter *) const()
928 break;
929 case JSONFormattable::FMT_ARRAY:
930 ::encode_json(name, arr, f);
931 break;
932 case JSONFormattable::FMT_OBJ:
933 f->open_object_section(name);
>>> CID 1509765: Performance inefficiencies (AUTO_CAUSES_COPY)
>>> Using the "auto" keyword without an "&" causes the copy of an object of type pair.
934 for (auto iter : obj) {
935 ::encode_json(iter.first.c_str(), iter.second, f);
936 }
937 f->close_section();
938 break;
939 case JSONFormattable::FMT_NONE:
** CID 1509764: Concurrent data access violations (MISSING_LOCK)
/home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
________________________________________________________________________________________________________
*** CID 1509764: Concurrent data access violations (MISSING_LOCK)
/home/kkeithle/src/github/ceph/src/common/Finisher.cc: 93 in Finisher::finisher_thread_entry()()
87 }
88 // If we are exiting, we signal the thread waiting in stop(),
89 // otherwise it would never unblock
90 finisher_empty_cond.notify_all();
91
92 ldout(cct, 10) << "finisher_thread stop" << dendl;
>>> CID 1509764: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->finisher_stop" without holding lock "ceph::mutex_debug_detail::mutex_debug_impl<false>.m". Elsewhere, "Finisher.finisher_stop" is accessed with "mutex_debug_impl.m" held 1 out of 2 times (1 of these accesses strongly imply that it is necessary).
93 finisher_stop = false;
94 return 0;
** CID 1509763: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
________________________________________________________________________________________________________
*** CID 1509763: (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
1249 delete cq;
1250 return NULL;
1251 }
1252 return cq;
1253 }
1254
>>> CID 1509763: (UNCAUGHT_EXCEPT)
>>> An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
1255 Infiniband::QueuePair::~QueuePair()
1256 {
1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
1258 if (qp) {
1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
1260 ceph_assert(!ibv_destroy_qp(qp));
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
1249 delete cq;
1250 return NULL;
1251 }
1252 return cq;
1253 }
1254
>>> CID 1509763: (UNCAUGHT_EXCEPT)
>>> An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
1255 Infiniband::QueuePair::~QueuePair()
1256 {
1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
1258 if (qp) {
1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
1260 ceph_assert(!ibv_destroy_qp(qp));
** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
________________________________________________________________________________________________________
*** CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/msg/async/rdma/Infiniband.cc: 1255 in Infiniband::QueuePair::~QueuePair()()
1249 delete cq;
1250 return NULL;
1251 }
1252 return cq;
1253 }
1254
>>> CID 1509762: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
1255 Infiniband::QueuePair::~QueuePair()
1256 {
1257 ldout(cct, 20) << __func__ << " destroy Queue Pair, qp number: " << qp->qp_num << " left SQ WR " << recv_queue.size() << dendl;
1258 if (qp) {
1259 ldout(cct, 20) << __func__ << " destroy qp=" << qp << dendl;
1260 ceph_assert(!ibv_destroy_qp(qp));
** CID 1509761: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
________________________________________________________________________________________________________
*** CID 1509761: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 56264 in __pyx_pw_5rados_5Ioctx_87watch()
56258 __Pyx_RaiseArgtupleInvalid("watch", 0, 2, 4, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3314, __pyx_L3_error)
56259 __pyx_L3_error:;
56260 __Pyx_AddTraceback("rados.Ioctx.watch", __pyx_clineno, __pyx_lineno, __pyx_filename);
56261 __Pyx_RefNannyFinishContext();
56262 return NULL;
56263 __pyx_L4_argument_unpacking_done:;
>>> CID 1509761: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
56264 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_obj), (&PyUnicode_Type), 1, "obj", 1))) __PYX_ERR(0, 3314, __pyx_L1_error)
56265 __pyx_r = __pyx_pf_5rados_5Ioctx_86watch(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_obj, __pyx_v_callback, __pyx_v_error_callback, __pyx_v_timeout);
56266
56267 /* "rados.pyx":3314
56268 * return completion
56269 *
** CID 1509760: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
________________________________________________________________________________________________________
*** CID 1509760: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47064 in __pyx_pw_5rados_5Ioctx_37aio_remove()
47058 __Pyx_RaiseArgtupleInvalid("aio_remove", 0, 1, 3, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 2640, __pyx_L3_error)
47059 __pyx_L3_error:;
47060 __Pyx_AddTraceback("rados.Ioctx.aio_remove", __pyx_clineno, __pyx_lineno, __pyx_filename);
47061 __Pyx_RefNannyFinishContext();
47062 return NULL;
47063 __pyx_L4_argument_unpacking_done:;
>>> CID 1509760: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
47064 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_object_name), (&PyUnicode_Type), 1, "object_name", 1))) __PYX_ERR(0, 2640, __pyx_L1_error)
47065 __pyx_r = __pyx_pf_5rados_5Ioctx_36aio_remove(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_object_name, __pyx_v_oncomplete, __pyx_v_onsafe);
47066
47067 /* "rados.pyx":2640
47068 * return completion
47069 *
** CID 1509759: Program hangs (SLEEP)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
________________________________________________________________________________________________________
*** CID 1509759: Program hangs (SLEEP)
/home/kkeithle/src/github/ceph/src/SimpleRADOSStriper.cc: 703 in SimpleRADOSStriper::lock(unsigned long)()
697 } else if (rc == -EBUSY) {
698 if ((slept % 500000) == 0) {
699 d(-1) << "waiting for locks: ";
700 print_lockers(*_dout);
701 *_dout << dendl;
702 }
>>> CID 1509759: Program hangs (SLEEP)
>>> Call to "usleep" might sleep while holding lock "lock._M_device".
703 usleep(5000);
704 slept += 5000;
705 continue;
706 } else if (rc == -ECANCELED) {
707 /* CMPXATTR failed, a locker didn't cleanup. Try to recover! */
708 if (rc = recover_lock(); rc < 0) {
** CID 1509758: Error handling issues (CHECKED_RETURN)
/src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
________________________________________________________________________________________________________
*** CID 1509758: Error handling issues (CHECKED_RETURN)
/src/pybind/rbd/rbd.c: 81568 in __pyx_pw_3rbd_17GroupSnapIterator_1__init__()
81562 __Pyx_RaiseArgtupleInvalid("__init__", 1, 1, 1, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 5773, __pyx_L3_error)
81563 __pyx_L3_error:;
81564 __Pyx_AddTraceback("rbd.GroupSnapIterator.__init__", __pyx_clineno, __pyx_lineno, __pyx_filename);
81565 __Pyx_RefNannyFinishContext();
81566 return -1;
81567 __pyx_L4_argument_unpacking_done:;
>>> CID 1509758: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 8 out of 8 times).
81568 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_group), __pyx_ptype_3rbd_Group, 1, "group", 0))) __PYX_ERR(0, 5773, __pyx_L1_error)
81569 __pyx_r = __pyx_pf_3rbd_17GroupSnapIterator___init__(((struct __pyx_obj_3rbd_GroupSnapIterator *)__pyx_v_self), __pyx_v_group);
81570
81571 /* function exit code */
81572 goto __pyx_L0;
81573 __pyx_L1_error:;
** CID 1509757: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
________________________________________________________________________________________________________
*** CID 1509757: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 47527 in __pyx_pw_5rados_5Ioctx_41set_locator_key()
47521 int __pyx_lineno = 0;
47522 const char *__pyx_filename = NULL;
47523 int __pyx_clineno = 0;
47524 PyObject *__pyx_r = 0;
47525 __Pyx_RefNannyDeclarations
47526 __Pyx_RefNannySetupContext("set_locator_key (wrapper)", 0);
>>> CID 1509757: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 132 out of 132 times).
47527 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_loc_key), (&PyUnicode_Type), 1, "loc_key", 1))) __PYX_ERR(0, 2680, __pyx_L1_error)
47528 __pyx_r = __pyx_pf_5rados_5Ioctx_40set_locator_key(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), ((PyObject*)__pyx_v_loc_key));
47529
47530 /* function exit code */
47531 goto __pyx_L0;
47532 __pyx_L1_error:;
** CID 1509756: (CHECKED_RETURN)
/src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
/src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
/src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
/src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
________________________________________________________________________________________________________
*** CID 1509756: (CHECKED_RETURN)
/src/pybind/rgw/rgw.c: 29532 in __Pyx_PyUnicode_Join()
29526 char_pos = 0;
29527 for (i=0; i < value_count; i++) {
29528 int ukind;
29529 Py_ssize_t ulength;
29530 void *udata;
29531 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
29532 if (unlikely(__Pyx_PyUnicode_READY(uval)))
29533 goto bad;
29534 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
29535 if (unlikely(!ulength))
29536 continue;
29537 if (unlikely(char_pos + ulength < 0))
/src/pybind/cephfs/cephfs.c: 44814 in __Pyx_PyUnicode_Join()
44808 char_pos = 0;
44809 for (i=0; i < value_count; i++) {
44810 int ukind;
44811 Py_ssize_t ulength;
44812 void *udata;
44813 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
44814 if (unlikely(__Pyx_PyUnicode_READY(uval)))
44815 goto bad;
44816 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
44817 if (unlikely(!ulength))
44818 continue;
44819 if (unlikely(char_pos + ulength < 0))
/src/pybind/rbd/rbd.c: 99756 in __Pyx_PyUnicode_Join()
99750 char_pos = 0;
99751 for (i=0; i < value_count; i++) {
99752 int ukind;
99753 Py_ssize_t ulength;
99754 void *udata;
99755 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
99756 if (unlikely(__Pyx_PyUnicode_READY(uval)))
99757 goto bad;
99758 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
99759 if (unlikely(!ulength))
99760 continue;
99761 if (unlikely(char_pos + ulength < 0))
/src/pybind/rados/rados.c: 89361 in __Pyx_PyUnicode_Join()
89355 char_pos = 0;
89356 for (i=0; i < value_count; i++) {
89357 int ukind;
89358 Py_ssize_t ulength;
89359 void *udata;
89360 PyObject *uval = PyTuple_GET_ITEM(value_tuple, i);
>>> CID 1509756: (CHECKED_RETURN)
>>> Calling "_PyUnicode_Ready" without checking return value (as is done elsewhere 8 out of 8 times).
89361 if (unlikely(__Pyx_PyUnicode_READY(uval)))
89362 goto bad;
89363 ulength = __Pyx_PyUnicode_GET_LENGTH(uval);
89364 if (unlikely(!ulength))
89365 continue;
89366 if (unlikely(char_pos + ulength < 0))
** CID 1509755: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
________________________________________________________________________________________________________
*** CID 1509755: Control flow issues (UNREACHABLE)
/src/pybind/rbd/rbd.c: 72245 in __pyx_pf_3rbd_5Image_210snap_get_trash_namespace()
72239 * }
72240 * finally:
72241 * free(_name) # <<<<<<<<<<<<<<
72242 *
72243 * @requires_not_closed
72244 */
>>> CID 1509755: Control flow issues (UNREACHABLE)
>>> This code cannot be reached: "{
__pyx_L4_error:
;
{...".
72245 /*finally:*/ {
72246 __pyx_L4_error:;
72247 /*exception exit:*/{
72248 __Pyx_PyThreadState_declare
72249 __Pyx_PyThreadState_assign
72250 __pyx_t_14 = 0; __pyx_t_15 = 0; __pyx_t_16 = 0; __pyx_t_17 = 0; __pyx_t_18 = 0; __pyx_t_19 = 0;
** CID 1509754: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
________________________________________________________________________________________________________
*** CID 1509754: Uninitialized members (UNINIT_CTOR)
/home/kkeithle/src/github/ceph/src/messages/MMDSPing.h: 19 in MMDSPing::MMDSPing()()
13 static constexpr int COMPAT_VERSION = 1;
14 public:
15 version_t seq;
16
17 protected:
18 MMDSPing() : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION) {
>>> CID 1509754: Uninitialized members (UNINIT_CTOR)
>>> Non-static class member "seq" is not initialized in this constructor nor in any functions that it calls.
19 }
20 MMDSPing(version_t seq)
21 : MMDSOp(MSG_MDS_PING, HEAD_VERSION, COMPAT_VERSION), seq(seq) {
22 }
23 ~MMDSPing() final {}
24
** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
________________________________________________________________________________________________________
*** CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/osdc/Objecter.cc: 5005 in Objecter::~Objecter()()
4999 Dispatcher(cct), messenger(m), monc(mc), service(service)
5000 {
5001 mon_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_mon_op_timeout");
5002 osd_timeout = cct->_conf.get_val<std::chrono::seconds>("rados_osd_op_timeout");
5003 }
5004
>>> CID 1509753: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "boost::container::length_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
5005 Objecter::~Objecter()
5006 {
5007 ceph_assert(homeless_session->get_nref() == 1);
5008 ceph_assert(num_homeless_ops == 0);
5009 homeless_session->put();
5010
** CID 1509752: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
________________________________________________________________________________________________________
*** CID 1509752: Error handling issues (CHECKED_RETURN)
/src/pybind/rados/rados.c: 63069 in __pyx_pw_5rados_5Ioctx_139remove_omap_keys()
63063 __Pyx_RaiseArgtupleInvalid("remove_omap_keys", 1, 2, 2, PyTuple_GET_SIZE(__pyx_args)); __PYX_ERR(0, 3821, __pyx_L3_error)
63064 __pyx_L3_error:;
63065 __Pyx_AddTraceback("rados.Ioctx.remove_omap_keys", __pyx_clineno, __pyx_lineno, __pyx_filename);
63066 __Pyx_RefNannyFinishContext();
63067 return NULL;
63068 __pyx_L4_argument_unpacking_done:;
>>> CID 1509752: Error handling issues (CHECKED_RETURN)
>>> Calling "__Pyx__ArgTypeTest" without checking return value (as is done elsewhere 19 out of 19 times).
63069 if (unlikely(!__Pyx_ArgTypeTest(((PyObject *)__pyx_v_write_op), __pyx_ptype_5rados_WriteOp, 1, "write_op", 0))) __PYX_ERR(0, 3821, __pyx_L1_error)
63070 __pyx_r = __pyx_pf_5rados_5Ioctx_138remove_omap_keys(((struct __pyx_obj_5rados_Ioctx *)__pyx_v_self), __pyx_v_write_op, __pyx_v_keys);
63071
63072 /* function exit code */
63073 goto __pyx_L0;
63074 __pyx_L1_error:;
** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
________________________________________________________________________________________________________
*** CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
/home/kkeithle/src/github/ceph/src/msg/async/ProtocolV2.cc: 1399 in ProtocolV2::handle_message()()
1393 ldout(cct, 1) << __func__ << " decode message failed " << dendl;
1394 return _fault();
1395 } else {
1396 state = READ_MESSAGE_COMPLETE;
1397 }
1398
>>> CID 1509751: Memory - illegal accesses (USE_AFTER_FREE)
>>> Using freed pointer "this->connection".
1399 INTERCEPT(17);
1400
1401 message->set_byte_throttler(connection->policy.throttler_bytes);
1402 message->set_message_throttler(connection->policy.throttler_messages);
1403
1404 // store reservation size in message, so we don't get confused
** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
________________________________________________________________________________________________________
*** CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
/home/kkeithle/src/github/ceph/src/common/perf_counters_collection.cc: 55 in ceph::common::PerfCountersDeleter::operator ()(ceph::common::PerfCounters *)()
49 }
50 void PerfCountersCollection::with_counters(std::function<void(const PerfCountersCollectionImpl::CounterMap &)> fn) const
51 {
52 std::lock_guard lck(m_lock);
53 perf_impl.with_counters(fn);
54 }
>>> CID 1509750: Error handling issues (UNCAUGHT_EXCEPT)
>>> An exception of type "std::system_error" is thrown but the exception specification "noexcept" doesn't allow it to be thrown. This will result in a call to terminate().
55 void PerfCountersDeleter::operator()(PerfCounters* p) noexcept
56 {
57 if (cct)
58 cct->get_perfcounters_collection()->remove(p);
59 delete p;
60 }
61
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yojIR8ODHcGVd1JcCGjvdH5QZ17VgLZQT3XYfB8Bhzp4w-3D-3Dapsi_yvgqM0IBcPiStiVTuWpgYFnMA4H-2BJYqMHWw4jQPoaoo-2BtqsVYKtfl9A0JRaS-2FbbUsKzdvQMj2WBidmXXDYpXO5qx9Y4cnFn0p-2FQkZWWe5JHh8ejaBgEwaUzBM3x-2FyM-2FOpvKqhT-2BCzg-2FNUNemZtHf5voIH7BYbWLrdioyp5fcmOVIoUi-2FywPSoY8zfzN1w6jANMlnLaDKN7b-2BOFQMLI5WK5wsImAoh9oNG6AqvJrylMM-3D
