Hi,
Please find the latest report on new defect(s) introduced to LibreOffice found with Coverity Scan.
9 new defect(s) introduced to LibreOffice found with Coverity Scan.
53 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 9 of 9 defect(s)
** CID 1616050: Memory - corruptions (MISMATCHED_ITERATOR)
/usr/include/c++/12/bits/erase_if.h: 61 in std::__detail::__erase_nodes_if<std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, ScGridWindow::LaunchDataSelectMenu(short, int)::[lambda(const ScTypedStrData &) (instance 1)]>(T1&, T2 &, T3)()
________________________________________________________________________________________________________
*** CID 1616050: Memory - corruptions (MISMATCHED_ITERATOR)
/usr/include/c++/12/bits/erase_if.h: 61 in std::__detail::__erase_nodes_if<std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, ScGridWindow::LaunchDataSelectMenu(short, int)::[lambda(const ScTypedStrData &) (instance 1)]>(T1&, T2 &, T3)()
55 typename _Container::size_type __num = 0;
56 for (auto __iter = __ucont.begin(), __last = __ucont.end();
57 __iter != __last;)
58 {
59 if (__pred(*__iter))
60 {
>>> CID 1616050: Memory - corruptions (MISMATCHED_ITERATOR)
>>> Using iterator "__iter" from "__ucont" with "__cont".
61 __iter = __cont.erase(__iter);
62 ++__num;
63 }
64 else
65 ++__iter;
66 }
** CID 1616049: Performance inefficiencies (AUTO_CAUSES_COPY)
/sw/source/core/doc/docbm.cxx: 1514 in sw::mark::MarkManager::getInnerFieldmarkFor(const SwPosition &) const()
________________________________________________________________________________________________________
*** CID 1616049: Performance inefficiencies (AUTO_CAUSES_COPY)
/sw/source/core/doc/docbm.cxx: 1514 in sw::mark::MarkManager::getInnerFieldmarkFor(const SwPosition &) const()
1508 {
1509 if((*itCurrent)->GetMarkStart() < aMarkStart)
1510 // any following mark (in reverse order) will have an earlier
1511 // start and thus can not be more 'inner' than our previous
1512 // match, so we are done.
1513 break;
>>> CID 1616049: Performance inefficiencies (AUTO_CAUSES_COPY)
>>> Using the "auto" keyword without an "&" causes the copy of an object of type "SwPosition".
1514 auto aCurrentMarkEnd = (*itCurrent)->GetMarkEnd();
1515 if(rPos < aCurrentMarkEnd && aCurrentMarkEnd <= aMarkEnd)
1516 {
1517 // both covering the position and more inner/smaller => use this one instead
1518 pMark = *itCurrent;
1519 aMarkEnd = aCurrentMarkEnd;
** CID 1616048: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/cachedcontentresultset.cxx: 681 in CachedContentResultSet::applyPositionToOrigin(std::unique_lock<std::mutex> &, int)()
________________________________________________________________________________________________________
*** CID 1616048: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/cachedcontentresultset.cxx: 681 in CachedContentResultSet::applyPositionToOrigin(std::unique_lock<std::mutex> &, int)()
675 return false;
676 }
677 // OSL_ENSURE( nRow <= m_nKnownCount, "don't step into regions you don't know with this method" );
678
679 sal_Int32 nLastAppliedPos = m_nLastAppliedPos;
680 bool bAfterLastApplied = m_bAfterLastApplied;
>>> CID 1616048: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->m_bAfterLast" without holding lock "ContentResultSetWrapper.m_aMutex". Elsewhere, "CachedContentResultSet.m_bAfterLast" is written to with "ContentResultSetWrapper.m_aMutex" held 24 out of 24 times.
681 bool bAfterLast = m_bAfterLast;
682 sal_Int32 nForwardOnly = m_nForwardOnly;
683
684 rGuard.unlock();
685
686 if( bAfterLastApplied || nLastAppliedPos != nRow )
** CID 1616047: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/contentresultsetwrapper.cxx: 125 in ContentResultSetWrapper::impl_notifyPropertyChangeListeners(std::unique_lock<std::mutex> &, const com::sun::star::beans::PropertyChangeEvent &)()
________________________________________________________________________________________________________
*** CID 1616047: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/contentresultsetwrapper.cxx: 125 in ContentResultSetWrapper::impl_notifyPropertyChangeListeners(std::unique_lock<std::mutex> &, const com::sun::star::beans::PropertyChangeEvent &)()
119 throw DisposedException();
120 }
121
122 void ContentResultSetWrapper::impl_notifyPropertyChangeListeners( std::unique_lock<std::mutex>& rGuard, const PropertyChangeEvent& rEvt )
123 {
124 // Notify listeners interested especially in the changed property.
>>> CID 1616047: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->m_aPropertyChangeListeners" without holding lock "ContentResultSetWrapper.m_aMutex". Elsewhere, "ContentResultSetWrapper.m_aPropertyChangeListeners" is written to with "ContentResultSetWrapper.m_aMutex" held 1 out of 1 times.
125 OInterfaceContainerHelper4<XPropertyChangeListener>* pContainer =
126 m_aPropertyChangeListeners.getContainer( rGuard, rEvt.PropertyName );
127 if( pContainer )
128 {
129 pContainer->notifyEach( rGuard, &XPropertyChangeListener::propertyChange, rEvt );
130 }
** CID 1616046: Control flow issues (MISMATCHED_ITERATOR)
/usr/include/c++/12/bits/erase_if.h: 56 in std::__detail::__erase_nodes_if<std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, ScGridWindow::LaunchDataSelectMenu(short, int)::[lambda(const ScTypedStrData &) (instance 1)]>(T1&, T2 &, T3)()
________________________________________________________________________________________________________
*** CID 1616046: Control flow issues (MISMATCHED_ITERATOR)
/usr/include/c++/12/bits/erase_if.h: 56 in std::__detail::__erase_nodes_if<std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, std::set<ScTypedStrData, ScTypedStrData::LessCaseSensitive, std::allocator<ScTypedStrData>>, ScGridWindow::LaunchDataSelectMenu(short, int)::[lambda(const ScTypedStrData &) (instance 1)]>(T1&, T2 &, T3)()
50 typename _Predicate>
51 typename _Container::size_type
52 __erase_nodes_if(_Container& __cont, _UnsafeContainer& __ucont,
53 _Predicate __pred)
54 {
55 typename _Container::size_type __num = 0;
>>> CID 1616046: Control flow issues (MISMATCHED_ITERATOR)
>>> Comparing "__iter" from "__cont" to "__last" from "__ucont".
56 for (auto __iter = __ucont.begin(), __last = __ucont.end();
57 __iter != __last;)
58 {
59 if (__pred(*__iter))
60 {
61 __iter = __cont.erase(__iter);
** CID 1616045: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/cachedcontentresultset.cxx: 1229 in CachedContentResultSet::queryContentIdentifierImpl(std::unique_lock<std::mutex> &)()
________________________________________________________________________________________________________
*** CID 1616045: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/cachedcontentresultset.cxx: 1229 in CachedContentResultSet::queryContentIdentifierImpl(std::unique_lock<std::mutex> &)()
1223 }
1224
1225 // virtual
1226 Reference<XContentIdentifier> CachedContentResultSet
1227 ::queryContentIdentifierImpl(std::unique_lock<std::mutex>& rGuard)
1228 {
>>> CID 1616045: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->m_nRow" without holding lock "ContentResultSetWrapper.m_aMutex". Elsewhere, "CachedContentResultSet.m_nRow" is written to with "ContentResultSetWrapper.m_aMutex" held 25 out of 25 times.
1229 XCONTENTACCESS_queryXXX( queryContentIdentifier, ContentIdentifier, Reference< XContentIdentifier > )
1230 }
1231
1232 // virtual
1233 Reference<XContent> CachedContentResultSet
1234 ::queryContentImpl(std::unique_lock<std::mutex>& rGuard)
** CID 1616044: Performance inefficiencies (AUTO_CAUSES_COPY)
/sw/source/core/doc/docbm.cxx: 1504 in sw::mark::MarkManager::getInnerFieldmarkFor(const SwPosition &) const()
________________________________________________________________________________________________________
*** CID 1616044: Performance inefficiencies (AUTO_CAUSES_COPY)
/sw/source/core/doc/docbm.cxx: 1504 in sw::mark::MarkManager::getInnerFieldmarkFor(const SwPosition &) const()
1498 [&rPos](const sw::mark::MarkBase* const pMark) { return rPos < pMark->GetMarkEnd(); });
1499 // if we reached the end (in reverse order) there is no match
1500 if(itCurrent == itEnd)
1501 return nullptr;
1502 // we found our first candidate covering the position ...
1503 auto pMark = *itCurrent;
>>> CID 1616044: Performance inefficiencies (AUTO_CAUSES_COPY)
>>> Using the "auto" keyword without an "&" causes the copy of an object of type "SwPosition".
1504 const auto aMarkStart = pMark->GetMarkStart();
1505 auto aMarkEnd = pMark->GetMarkEnd();
1506 // ... however we still need to check if there is a smaller/'more inner' one with the same start position
1507 for(++itCurrent; itCurrent != itEnd; ++itCurrent)
1508 {
1509 if((*itCurrent)->GetMarkStart() < aMarkStart)
** CID 1616043: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/sw/source/core/doc/docbm.cxx: 1519 in sw::mark::MarkManager::getInnerFieldmarkFor(const SwPosition &) const()
________________________________________________________________________________________________________
*** CID 1616043: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
/sw/source/core/doc/docbm.cxx: 1519 in sw::mark::MarkManager::getInnerFieldmarkFor(const SwPosition &) const()
1513 break;
1514 auto aCurrentMarkEnd = (*itCurrent)->GetMarkEnd();
1515 if(rPos < aCurrentMarkEnd && aCurrentMarkEnd <= aMarkEnd)
1516 {
1517 // both covering the position and more inner/smaller => use this one instead
1518 pMark = *itCurrent;
>>> CID 1616043: Performance inefficiencies (COPY_INSTEAD_OF_MOVE)
>>> "aCurrentMarkEnd" is copied in a call to copy assignment "operator =", when it could be moved instead.
1519 aMarkEnd = aCurrentMarkEnd;
1520 }
1521 }
1522 return dynamic_cast<IFieldmark*>(pMark);
1523 }
1524
** CID 1616042: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/cachedcontentresultset.cxx: 1236 in CachedContentResultSet::queryContentImpl(std::unique_lock<std::mutex> &)()
________________________________________________________________________________________________________
*** CID 1616042: Concurrent data access violations (MISSING_LOCK)
/ucb/source/cacher/cachedcontentresultset.cxx: 1236 in CachedContentResultSet::queryContentImpl(std::unique_lock<std::mutex> &)()
1230 }
1231
1232 // virtual
1233 Reference<XContent> CachedContentResultSet
1234 ::queryContentImpl(std::unique_lock<std::mutex>& rGuard)
1235 {
>>> CID 1616042: Concurrent data access violations (MISSING_LOCK)
>>> Accessing "this->m_nRow" without holding lock "ContentResultSetWrapper.m_aMutex". Elsewhere, "CachedContentResultSet.m_nRow" is written to with "ContentResultSetWrapper.m_aMutex" held 25 out of 25 times.
1236 XCONTENTACCESS_queryXXX( queryContent, Content, Reference< XContent > )
1237 }
1238
1239 // XResultSet methods. ( inherited )
1240
1241 //virtual
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2BKADyCpvUKOL6EWmZljiu6VvXBlQRUbS683tC8265rGNPXqJ1ffcoLZCnTuJFQbNcTEkb4XaEQkzovKhJ5DB3c-3Dn2Yu_A9M4dSy7guk8NP6DcfgslOyvJRzavztVIKj6nRqYjYpWom7SJFyX0y710bz0kUGtyprzs820E1xgj38SEECBGwTVG3uzW8h73mokYo-2FSfb1cgNmyr5IZwy8e3Dx650IkJc-2BOuy4q2sln5lBTHxGh1Yij6-2FnPQJZZRIsmv6wMkP7ggjVe0qBhOEM7IhFwNc6oqFkrvPXzUpjADGPxDwjdDd87jvQK-2BTfYaf4EJ2G4HOU-3D
New Defects reported by Coverity Scan for LibreOffice
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: New Defects reported by Coverity Scan for LibreOffice
- From: scan-admin@xxxxxxxxxxxx
- Date: Sun, 04 Aug 2024 23:18:38 +0000 (UTC)
- Prev by Date: Crash test update
- Next by Date: Help with adding HIDs to UI components
- Previous by thread: New Defects reported by Coverity Scan for LibreOffice
- Next by thread: New Defects reported by Coverity Scan for LibreOffice
- Index(es):
 |