Update NewStore.cc by xiaoxichen · Pull Request #1 · liewegas/ceph

xiaoxichen · 2015-03-17T06:57:35Z

The read length need to be changed after filling with zero

liewegas · 2015-03-17T16:25:36Z

thanks!

Update NewStore.cc

Fix for: CID 1264460 (#1 of 1): Structurally dead code (UNREACHABLE) unreachable: This code cannot be reached: sync(); Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1251462 (#1 of 1): Use after free (USE_AFTER_FREE) 1. alias: Assigning: cur_name = names. Now both point to the same storage. 3. freed_arg: free frees names. 6. pass_freed_arg: Passing freed pointer cur_name as an argument to printf. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1247719 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression stripe_count * object_size with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1247720 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression stripe_count * stripe_unit with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Call push_back() for the generated entry object. Fix for: CID 1274297 (#1 of 1): Resource leak (RESOURCE_LEAK) 3. leaked_storage: Variable entry going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1254374 (#1 of 1): Argument cannot be negative (NEGATIVE_RETURNS) 1. negative_return_fn: Function socket(2, SOCK_STREAM, 0) returns a negative number. 2. var_assign: Assigning: signed variable connect_sd = socket. 3. negative_returns: connect_sd is passed to a parameter that cannot be negative. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1258439 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) 2. fixed_size_dest: You might overrun the 4096 byte fixed-size string devname by copying dev + 5 without checking the length. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 1274295 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression usec * 1000 with type int (32 bits, signed) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Use memset to fill integer VLAs. Fix for: CID 1219649 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value primary_count[primary] CID 1219648 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value first_count[osds[0UL]] CID 1219647 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value count[osds[i]] Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1254380 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use_in_call: Using uninitialized value sa. Field sa.sin_zero is uninitialized when calling connect Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1295405 (#1 of 1): Resource leak (RESOURCE_LEAK) leaked_storage: Variable req_comp going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Silence coverity: ls.empty() check should already imply that ls.size() != 0. CID 1295402 (#1 of 1): Division or modulo by zero (DIVIDE_BY_ZERO) divide_by_zero: In expression rand() % ls.size(), modulo by expression ls.size() which may be zero has undefined behavior. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 1274290 (#1 of 1): Logically dead code (DEADCODE) dead_error_line: Execution cannot reach this statement return r;. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for coverity issue caused by 8811df3 (introduced a similar check some lines earlier in the code causing the check to return earlier). at_least: At condition r < 0, the value of r must be at least 0. dead_error_condition: The condition r < 0 cannot be true. CID 1274289 (#1 of 1): Logically dead code (DEADCODE) dead_error_begin: Execution cannot reach this statement Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Suppress coverity issue: CID 1193085 (#1 of 1): Missing break in switch (MISSING_BREAK) unterminated_case: This case (value -114) is not terminated by a 'break' statement. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 717133 (#1 of 1): Not restoring ostream format (STREAM_FORMAT_STATE) 95. format_changed: fill changes the format state of std::cout for category fill. 100. end_of_path: Changing format state of stream std::cout for category fill without later restoring it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 717134 (#1 of 1): Not restoring ostream format (STREAM_FORMAT_STATE) 4. format_changed: precision changes the format state of std::cout for category precision. 26. end_of_path: Changing format state of stream std::cout for category precision without later restoring it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 717135 (#1 of 1): Not restoring ostream format (STREAM_FORMAT_STATE) 1. format_changed: precision changes the format state of std::cout for category precision. 4. end_of_path: Changing format state of stream std::cout for category precision without later restoring it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 1296375 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING) buffer_size_warning: Calling strncpy with a maximum size argument of 1024 bytes on destination array logfile of size 1024 bytes might leave the destination string unterminated. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 1058792 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) fixed_size_dest: You might overrun the 4097 byte fixed-size string cname by copying &pde->d_name[8UL] - 1 without checking the length. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

The error handling wasn't correct. In error case call break from within the for loop doesn't break out of the switch handling as expected. Fix for: CID 1297888 (#1 of 2): Unused value (UNUSED_VALUE) assigned_value: Assigning value -22 to result here, but that stored value is overwritten before it can be used. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297854 (#1 of 1): Missing break in switch (MISSING_BREAK) unterminated_case: The case for value ECBackend::RecoveryOp::COMPLETE is not terminated by a 'break' statement. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

In case do_submit from libaio fails and returns -EAGAIN the called continue breaks completely out of the loop since the loop statement is always false. In this case there is no second attempt as the code tries. Set the loop condition to true to fix it. Fix for: CID 1297886 (#1 of 1): Structurally dead code (UNREACHABLE) continue_in_do_while_false: A continue statement within a do-while loop only continues execution of the loop body if the loop continuation condition is still true. Since the condition will never be true in a "do ... while (false);" loop the continue statement has the same effect as a break statement. Did you intend execution to continue at the top of the loop? do_while_false_condition: This loop will never continue since the condition false is never true. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Inode::cap_is_valid() never returns false in case the evaluation fails. Fix for: CID 1297828 (#1 of 1): Identical code for different branches (IDENTICAL_BRANCHES) identical_branches: The same code is executed when the condition cap->session->cap_gen <= cap->gen && ceph_clock_now(this->cct) < cap->session->cap_ttl is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed? implicit_else: The code from the above if-then branch is identical to the code after the if statement. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297863 (#1 of 1): Out-of-bounds access (OVERRUN) overrun-buffer-arg: Overrunning array secret_key_buf of 41 bytes by passing it to a function which accesses it at byte offset 41 using argument key_buf_size (which evaluates to 41). CID 1297865 (#1 of 1): Out-of-bounds access (OVERRUN) overrun-buffer-arg: Overrunning array secret_key_buf of 41 bytes by passing it to a function which accesses it at byte offset 41 using argument 41. gen_rand_base64(): index_parm: Pointer dest is directly accessed by indexing it with size. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1160851 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member flushed_version is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1188164 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member bits is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1238901 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member ret1 is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member ret2 is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member ret3 is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1262114 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member map_epoch is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member acks_wanted is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1262115 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member map_epoch is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member ack_type is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member result is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297875 (#1 of 1): Arguments in wrong order (SWAPPED_ARGUMENTS) swapped_arguments: The positions of arguments in the call to do_lock_remove do not match the ordering of the parameters: lock_cookie is passed to client lock_client is passed to cookie Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297874 (#1 of 1): Arguments in wrong order (SWAPPED_ARGUMENTS) swapped_arguments: The positions of arguments in the constructor for CompatSet do not match the ordering of the parameters: feature_incompat_base is passed to _ro_compat feature_ro_compat_base is passed to _incompat Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 717354 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member id is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member type is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member off is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member len is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member lg is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member completion is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1054871 (#1 of 2): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member curl_inst is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member resp_code is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1019635 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member curl_inst is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member resp_code is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1054872 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member curl_inst is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member resp_code is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1188182 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member rcompletion is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1232607 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member m_dump_perf_counters is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_rbd is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_ioctx is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_latency_multiplier is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_readonly is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1274321 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member perr is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1274323 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member perr is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297861 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression this->layout.fl_stripe_count.operator __u32() * this->layout.fl_object_size.operator __u32() with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297885 (#1 of 2): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions g_conf->mon_pool_quota_warn_threshold and 100, and then converting the integer quotient to type float. Any remainder, or fractional part of the quotient, is ignored. CID 1297885 (#2 of 2): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions g_conf->mon_pool_quota_crit_threshold and 100, and then converting the integer quotient to type float. Any remainder, or fractional part of the quotient, is ignored. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Add assert to MonSessionMap::new_session(). Fix for: CID 1128408 (#1 of 1): Dereference before null check (REVERSE_INULL) check_after_deref: Null-checking s suggests that it may be null, but it has already been dereferenced on all paths leading to the check. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 1322828 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 28. use_after_free: Using invalidated internal representation of local it. CID 1322827 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 25. use_after_free: Using invalidated internal representation of local it. CID 1322826 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 31. use_after_free: Using invalidated internal representation of local it. CID 1322825 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 31. use_after_free: Using invalidated internal representation of local it. Signed-off-by: Sage Weil <sage@redhat.com>

CID 1322784 (#1 of 1): Uninitialized scalar variable (UNINIT) 2. uninit_use_in_call: Using uninitialized value coll.removal_seq when calling coll_t. [show details] Signed-off-by: Sage Weil <sage@redhat.com>

CID 1322778 (#1 of 1): Pointer to local outside scope (RETURN_LOCAL) 1. escape_local_addr: Returning, through this->reqid, the address of stack variable _reqid. 2. return: Returning here. Signed-off-by: Sage Weil <sage@redhat.com>

Delete mdsmap in descructor. Remove not needed checks for mds_rank and objecter before call delete since the C++ standard allows the deletion of pointer with NULL-value. The check is redundant. Fix for: CID 1316224 (#1 of 1): Resource leak in object (CTOR_DTOR_LEAK) 1. alloc_new: Allocating memory by calling new MDSMap. 2. var_assign: Assigning: this->mdsmap = new MDSMap. 3. ctor_dtor_leak: The constructor allocates field mdsmap of MDSDaemon but the destructor and whatever functions it calls do not free it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1316232 (#1 of 1): Unchecked dynamic_cast (FORWARD_NULL) dynamic_cast: Dynamic cast to pointer dynamic_cast <ReplicatedPG *>(this->get_parent()) can return NULL. var_deref_model: Passing null pointer dynamic_cast <ReplicatedPG *>(this->get_parent()) to is_undersized, which dereferences it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297882 (#1 of 1): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions ns and 1000000000UL, and then converting the integer quotient to type float. Any remainder, or fractional part of the quotient, is ignored. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297883 (#1 of 1): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions this->cct->_conf->osd_heartbeat_grace and 2, and then converting the integer quotient to type double. Any remainder, or fractional part of the quotient, is ignored. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1322813 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member seq is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Remove unused variable 'CephContext *cct'. Fix for: CID 1322818 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member cct is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1296382 (#1 of 1): Resource leak (RESOURCE_LEAK) leaked_storage: Variable ckh going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297867 (#1 of 1): Resource leak (RESOURCE_LEAK) alloc_arg: put_obj_init allocates memory that is stored into out_stream_req. leaked_storage: Variable out_stream_req going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

The allocated 'Formatter' passed to the function should be freed by the caller to avoid missusage. If handle_asok_command() free's the pointer to 'Formatter' to pass an indication of an error back to the caller, it should have at least set the pointer to NULL to work anyway. Fix for: CID 1316253 (#1 of 1): Use after free (USE_AFTER_FREE) deref_arg: Calling flush dereferences freed pointer f. (The dereference happens because this is a virtual function call.) Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Update NewStore.cc

5232663

The read length need to be changed after filling with zero

liewegas added a commit that referenced this pull request Mar 17, 2015

Merge pull request #1 from xiaoxichen/patch-1

42e0565

Update NewStore.cc

liewegas merged commit 42e0565 into liewegas:wip-newstore Mar 17, 2015

xiaoxichen deleted the patch-1 branch March 20, 2015 01:48

liewegas pushed a commit that referenced this pull request Jun 3, 2015

rgw/rgw_rados.cc: remove dead code

258b7b9

CID 1274290 (#1 of 1): Logically dead code (DEADCODE) dead_error_line: Execution cannot reach this statement return r;. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update NewStore.cc#1

Update NewStore.cc#1
liewegas merged 1 commit intoliewegas:wip-newstorefrom
xiaoxichen:patch-1

xiaoxichen commented Mar 17, 2015

Uh oh!

liewegas commented Mar 17, 2015

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

xiaoxichen commented Mar 17, 2015

Uh oh!

liewegas commented Mar 17, 2015

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants