If you are interested to fix
these Coverity issues , check the below link for guidelines:
http://www.gluster.org/community/documentation/index.php/Fixing_Issues_Reported_By_Tools_For_Static_Code_Analysis#Coverity Thanks, Lala -------- Original Message --------
Hi, Please find the latest report on new defect(s) introduced to GlusterFS found with Coverity Scan. Defect(s) Reported-by: Coverity Scan Showing 14 of 14 defect(s) ** CID 1220068: Missing parentheses (CONSTANT_EXPRESSION_RESULT) /xlators/features/snapview-server/src/snapview-server.c: 1265 in svs_fgetxattr() ** CID 1220067: Missing parentheses (CONSTANT_EXPRESSION_RESULT) /xlators/features/snapview-server/src/snapview-server.c: 1158 in svs_getxattr() ** CID 1220066: Logically dead code (DEADCODE) /xlators/features/snapview-server/src/snapview-server.c: 1268 in svs_fgetxattr() ** CID 1220065: Logically dead code (DEADCODE) /xlators/features/snapview-server/src/snapview-server.c: 1160 in svs_getxattr() ** CID 1220064: Logically dead code (DEADCODE) /xlators/features/snapview-server/src/snapview-server.c: 594 in svs_lookup_entry_point() ** CID 1220060: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-server/src/snapview-server.c: 1500 in svs_get_snapshot_list() ** CID 1220059: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-server/src/snapview-server.c: 1500 in svs_get_snapshot_list() ** CID 1220058: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-client/src/snapview-client.c: 1315 in svc_readdirp() ** CID 1220057: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-server/src/snapview-server.c: 860 in svs_lookup_entry() ** CID 1220063: Improper use of negative value (NEGATIVE_RETURNS) /xlators/features/snapview-server/src/snapview-server.c: 1264 in svs_fgetxattr() ** CID 1220062: Improper use of negative value (NEGATIVE_RETURNS) /xlators/features/snapview-server/src/snapview-server.c: 1157 in svs_getxattr() ** CID 1220061: Array compared against 0 (NO_EFFECT) /xlators/features/snapview-server/src/snapview-server.c: 693 in svs_lookup_gfid() ** CID 1220056: Unused pointer value (UNUSED_VALUE) /xlators/features/snapview-server/src/snapview-server.c: 999 in svs_lookup() ** CID 1220055: Use after free (USE_AFTER_FREE) /xlators/features/snapview-server/src/snapview-server.c: 1319 in svs_fgetxattr() /xlators/features/snapview-server/src/snapview-server.c: 1319 in svs_fgetxattr() ________________________________________________________________________________________________________ *** CID 1220068: Missing parentheses (CONSTANT_EXPRESSION_RESULT) /xlators/features/snapview-server/src/snapview-server.c: 1265 in svs_fgetxattr() 1259 op_errno = EINVAL; 1260 goto out; 1261 } 1262 1263 if (inode_ctx->type == SNAP_VIEW_VIRTUAL_INODE) { 1264 size = glfs_fgetxattr (glfd, name, NULL, 0); >>> CID 1220068: Missing parentheses (CONSTANT_EXPRESSION_RESULT) >>> "!size == -1" is always false regardless of the values of its operands. Did you intend to either negate the entire comparison _expression_, in which case parentheses would be required around the entire comparison _expression_ to force that interpretation, or negate the sense of the comparison (that is, use '!=' rather than '==')? This occurs as the logical operand of if. 1265 if (!size == -1) { 1266 gf_log (this->name, GF_LOG_ERROR, "getxattr on %s " 1267 "failed (key: %s)", uuid_utoa (fd->inode->gfid), 1268 name); 1269 op_ret = -1; 1270 op_errno = errno; ________________________________________________________________________________________________________ *** CID 1220067: Missing parentheses (CONSTANT_EXPRESSION_RESULT) /xlators/features/snapview-server/src/snapview-server.c: 1158 in svs_getxattr() 1152 op_errno = EINVAL; 1153 goto out; 1154 } else if (inode_ctx->type == SNAP_VIEW_VIRTUAL_INODE) { 1155 fs = inode_ctx->fs; 1156 object = inode_ctx->object; 1157 size = glfs_h_getxattrs (fs, object, name, NULL, 0); >>> CID 1220067: Missing parentheses (CONSTANT_EXPRESSION_RESULT) >>> "!size == -1" is always false regardless of the values of its operands. Did you intend to either negate the entire comparison _expression_, in which case parentheses would be required around the entire comparison _expression_ to force that interpretation, or negate the sense of the comparison (that is, use '!=' rather than '==')? This occurs as the logical operand of if. 1158 if (!size == -1) { 1159 gf_log (this->name, GF_LOG_ERROR, "getxattr on %s " 1160 "failed (key: %s)", loc->name, name); 1161 op_ret = -1; 1162 op_errno = errno; 1163 goto out; ________________________________________________________________________________________________________ *** CID 1220066: Logically dead code (DEADCODE) /xlators/features/snapview-server/src/snapview-server.c: 1268 in svs_fgetxattr() 1262 1263 if (inode_ctx->type == SNAP_VIEW_VIRTUAL_INODE) { 1264 size = glfs_fgetxattr (glfd, name, NULL, 0); 1265 if (!size == -1) { 1266 gf_log (this->name, GF_LOG_ERROR, "getxattr on %s " 1267 "failed (key: %s)", uuid_utoa (fd->inode->gfid), >>> CID 1220066: Logically dead code (DEADCODE) >>> Execution cannot reach this statement "do { do { if (0) ...". 1268 name); 1269 op_ret = -1; 1270 op_errno = errno; 1271 goto out; 1272 } 1273 value = GF_CALLOC (size + 1, sizeof (char), gf_common_mt_char); ________________________________________________________________________________________________________ *** CID 1220065: Logically dead code (DEADCODE) /xlators/features/snapview-server/src/snapview-server.c: 1160 in svs_getxattr() 1154 } else if (inode_ctx->type == SNAP_VIEW_VIRTUAL_INODE) { 1155 fs = inode_ctx->fs; 1156 object = inode_ctx->object; 1157 size = glfs_h_getxattrs (fs, object, name, NULL, 0); 1158 if (!size == -1) { 1159 gf_log (this->name, GF_LOG_ERROR, "getxattr on %s " >>> CID 1220065: Logically dead code (DEADCODE) >>> Execution cannot reach this statement "do { do { if (0) ...". 1160 "failed (key: %s)", loc->name, name); 1161 op_ret = -1; 1162 op_errno = errno; 1163 goto out; 1164 } 1165 value = GF_CALLOC (size + 1, sizeof (char), gf_common_mt_char); ________________________________________________________________________________________________________ *** CID 1220064: Logically dead code (DEADCODE) /xlators/features/snapview-server/src/snapview-server.c: 594 in svs_lookup_entry_point() 588 } 589 uuid_copy (inode_ctx->pargfid, loc->pargfid); 590 memcpy (&inode_ctx->buf, buf, sizeof (*buf)); 591 inode_ctx->type = SNAP_VIEW_ENTRY_POINT_INODE; 592 } else { 593 if (inode_ctx) { >>> CID 1220064: Logically dead code (DEADCODE) >>> Execution cannot reach this statement "memcpy(buf, &inode_ctx->buf...". 594 memcpy (buf, &inode_ctx->buf, sizeof (*buf)); 595 svs_iatt_fill (inode_ctx->pargfid, postparent); 596 } else { 597 svs_iatt_fill (loc->inode->gfid, buf); 598 if (parent) 599 svs_iatt_fill (parent->gfid, ________________________________________________________________________________________________________ *** CID 1220060: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-server/src/snapview-server.c: 1500 in svs_get_snapshot_list() 1494 fclose (fpn); 1495 fclose (fpu); 1496 1497 ret = 0; 1498 1499 out: >>> CID 1220060: Resource leak (RESOURCE_LEAK) >>> Variable "fpu" going out of scope leaks the storage it points to. 1500 return ret; 1501 } 1502 1503 int 1504 svs_fill_readdir (xlator_t *this, gf_dirent_t *entries, size_t size, off_t off) 1505 { ________________________________________________________________________________________________________ *** CID 1220059: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-server/src/snapview-server.c: 1500 in svs_get_snapshot_list() 1494 fclose (fpn); 1495 fclose (fpu); 1496 1497 ret = 0; 1498 1499 out: >>> CID 1220059: Resource leak (RESOURCE_LEAK) >>> Variable "fpn" going out of scope leaks the storage it points to. 1500 return ret; 1501 } 1502 1503 int 1504 svs_fill_readdir (xlator_t *this, gf_dirent_t *entries, size_t size, off_t off) 1505 { ________________________________________________________________________________________________________ *** CID 1220058: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-client/src/snapview-client.c: 1315 in svc_readdirp() 1309 wind = _gf_true; 1310 1311 out: 1312 if (!wind) 1313 SVC_STACK_UNWIND (readdirp, frame, op_ret, op_errno, NULL, NULL); 1314 >>> CID 1220058: Resource leak (RESOURCE_LEAK) >>> Variable "local" going out of scope leaks the storage it points to. 1315 return 0; 1316 } 1317 1318 /* Renaming the entries from or to snapshots is not allowed as the snapshots 1319 are read-only. 1320 */ ________________________________________________________________________________________________________ *** CID 1220057: Resource leak (RESOURCE_LEAK) /xlators/features/snapview-server/src/snapview-server.c: 860 in svs_lookup_entry() 854 memcpy (&inode_ctx->buf, buf, sizeof (*buf)); 855 svs_iatt_fill (parent->gfid, postparent); 856 857 op_ret = 0; 858 859 out: >>> CID 1220057: Resource leak (RESOURCE_LEAK) >>> Variable "object" going out of scope leaks the storage it points to. 860 return op_ret; 861 } 862 863 /* inode context is there means lookup has come on an object which was 864 built either as part of lookup or as part of readdirp. But in readdirp 865 we would not have got the handle to access the object in the gfapi ________________________________________________________________________________________________________ *** CID 1220063: Improper use of negative value (NEGATIVE_RETURNS) /xlators/features/snapview-server/src/snapview-server.c: 1264 in svs_fgetxattr() 1258 op_ret = -1; 1259 op_errno = EINVAL; 1260 goto out; 1261 } 1262 1263 if (inode_ctx->type == SNAP_VIEW_VIRTUAL_INODE) { >>> CID 1220063: Improper use of negative value (NEGATIVE_RETURNS) >>> Assigning: signed variable "size" = "glfs_fgetxattr(struct glfs_fd *, char const *, void *, size_t)". 1264 size = glfs_fgetxattr (glfd, name, NULL, 0); 1265 if (!size == -1) { 1266 gf_log (this->name, GF_LOG_ERROR, "getxattr on %s " 1267 "failed (key: %s)", uuid_utoa (fd->inode->gfid), 1268 name); 1269 op_ret = -1; ________________________________________________________________________________________________________ *** CID 1220062: Improper use of negative value (NEGATIVE_RETURNS) /xlators/features/snapview-server/src/snapview-server.c: 1157 in svs_getxattr() 1151 op_ret = -1; 1152 op_errno = EINVAL; 1153 goto out; 1154 } else if (inode_ctx->type == SNAP_VIEW_VIRTUAL_INODE) { 1155 fs = inode_ctx->fs; 1156 object = inode_ctx->object; >>> CID 1220062: Improper use of negative value (NEGATIVE_RETURNS) >>> Assigning: signed variable "size" = "glfs_h_getxattrs(struct glfs *, struct glfs_object *, char const *, void *, size_t)". 1157 size = glfs_h_getxattrs (fs, object, name, NULL, 0); 1158 if (!size == -1) { 1159 gf_log (this->name, GF_LOG_ERROR, "getxattr on %s " 1160 "failed (key: %s)", loc->name, name); 1161 op_ret = -1; 1162 op_errno = errno; ________________________________________________________________________________________________________ *** CID 1220061: Array compared against 0 (NO_EFFECT) /xlators/features/snapview-server/src/snapview-server.c: 693 in svs_lookup_gfid() 687 op_ret = -1; 688 *op_errno = ENOMEM; 689 goto out; 690 } 691 692 iatt_from_stat (buf, &statbuf); >>> CID 1220061: Array compared against 0 (NO_EFFECT) >>> Comparing an array to null is not useful: "loc->gfid". 693 if (loc->gfid) 694 uuid_copy (buf->ia_gfid, loc->gfid); 695 else 696 uuid_copy (buf->ia_gfid, loc->inode->gfid); 697 698 inode_ctx->type = SNAP_VIEW_VIRTUAL_INODE; ________________________________________________________________________________________________________ *** CID 1220056: Unused pointer value (UNUSED_VALUE) /xlators/features/snapview-server/src/snapview-server.c: 999 in svs_lookup() 993 994 inode_ctx = svs_inode_ctx_get (this, loc->inode); 995 996 /* Initialize latest snapshot, which is used for nameless lookups */ 997 dirent = svs_get_latest_snap_entry (this); 998 if (!dirent->fs) >>> CID 1220056: Unused pointer value (UNUSED_VALUE) >>> Pointer "fs" returned by "svs_initialise_snapshot_volume(this, dirent->name)" is never used. 999 fs = svs_initialise_snapshot_volume (this, dirent->name); 1000 1001 /* lookup is on the entry point to the snapshot world */ 1002 if (entry_point) { 1003 op_ret = svs_lookup_entry_point (this, loc, parent, &buf, 1004 &postparent, &op_errno); ________________________________________________________________________________________________________ *** CID 1220055: Use after free (USE_AFTER_FREE) /xlators/features/snapview-server/src/snapview-server.c: 1319 in svs_fgetxattr() 1313 op_ret = 0; 1314 op_errno = 0; 1315 } 1316 1317 out: 1318 if (op_ret) >>> CID 1220055: Use after free (USE_AFTER_FREE) >>> Calling "__gf_free(void *)" frees pointer "value" which has already been freed. 1319 GF_FREE (value); 1320 1321 STACK_UNWIND_STRICT (fgetxattr, frame, op_ret, op_errno, dict, NULL); 1322 1323 return 0; 1324 } /xlators/features/snapview-server/src/snapview-server.c: 1319 in svs_fgetxattr() 1313 op_ret = 0; 1314 op_errno = 0; 1315 } 1316 1317 out: 1318 if (op_ret) >>> CID 1220055: Use after free (USE_AFTER_FREE) >>> Passing freed pointer "value" as an argument to function "__gf_free(void *)". 1319 GF_FREE (value); 1320 1321 STACK_UNWIND_STRICT (fgetxattr, frame, op_ret, op_errno, dict, NULL); 1322 1323 return 0; 1324 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, http://scan.coverity.com/projects/987?tab=overview To unsubscribe from the email notification for new defects, http://scan5.coverity.com/cgi-bin/unsubscribe.py |
_______________________________________________ Gluster-devel mailing list Gluster-devel@xxxxxxxxxxx http://supercolony.gluster.org/mailman/listinfo/gluster-devel