<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<div class="moz-forward-container"><br>
<br>
-------- Original Message --------
<table class="moz-email-headers-table" border="0" cellpadding="0"
cellspacing="0">
<tbody>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Subject:
</th>
<td>New Defects reported by Coverity Scan for GlusterFS</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Date: </th>
<td>Wed, 29 Jan 2014 08:27:03 -0800</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">From: </th>
<td><a class="moz-txt-link-abbreviated" href="mailto:scan-admin@coverity.com">scan-admin@coverity.com</a></td>
</tr>
</tbody>
</table>
<br>
<br>
<pre>Hi,
Please find the latest report on new defect(s) introduced to GlusterFS found with Coverity Scan.
Defect(s) Reported-by: Coverity Scan
Showing 16 of 16 defect(s)
** CID 1165414: Data race condition (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3991 in quota_fallocate()
** CID 1165413: Data race condition (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3990 in quota_fallocate()
** CID 1165412: Data race condition (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 2018 in quota_rename_get_size_cbk()
** CID 1165410: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1102 in ga_getxattr()
** CID 1165409: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1053 in ga_link()
** CID 1165408: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1050 in ga_link()
** CID 1165407: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1156 in ga_removexattr()
** CID 1165406: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1016 in ga_rename()
** CID 1165405: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1013 in ga_rename()
** CID 1165404: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 953 in ga_rmdir()
** CID 1165403: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1138 in ga_setattr()
** CID 1165402: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 582 in ga_setxattr()
** CID 1165401: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1119 in ga_stat()
** CID 1165400: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 980 in ga_unlink()
** CID 1165411: Dereference after null check (FORWARD_NULL)
/xlators/features/quota/src/quota.c: 630 in quota_build_ancestry()
** CID 1165415: Dereference before null check (REVERSE_INULL)
/xlators/features/quota/src/quota.c: 637 in quota_build_ancestry()
________________________________________________________________________________________________________
*** CID 1165414: Data race condition (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3991 in quota_fallocate()
3985 * Note that by using len as the delta we're assuming the range from
3986 * offset to offset+len has not already been allocated. This can result
3987 * in ENOSPC errors attempting to allocate an already allocated range.
3988 */
3989 local->delta = len;
3990 local->stub = stub;
>>> CID 1165414: Data race condition (MISSING_LOCK)
>>> Accessing "local->link_count" without holding lock "quota_local.lock". Elsewhere, "local->link_count" is accessed with "quota_local.lock" held 10 out of 13 times.
3991 local->link_count = parents;
3992
3993 if (parents == 0) {
3994 local->link_count = 1;
3995 quota_check_limit (frame, fd->inode, this, NULL, NULL);
3996 } else {
________________________________________________________________________________________________________
*** CID 1165413: Data race condition (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 3990 in quota_fallocate()
3984 /*
3985 * Note that by using len as the delta we're assuming the range from
3986 * offset to offset+len has not already been allocated. This can result
3987 * in ENOSPC errors attempting to allocate an already allocated range.
3988 */
3989 local->delta = len;
>>> CID 1165413: Data race condition (MISSING_LOCK)
>>> Accessing "local->stub" without holding lock "quota_local.lock". Elsewhere, "local->stub" is accessed with "quota_local.lock" held 9 out of 10 times.
3990 local->stub = stub;
3991 local->link_count = parents;
3992
3993 if (parents == 0) {
3994 local->link_count = 1;
3995 quota_check_limit (frame, fd->inode, this, NULL, NULL);
________________________________________________________________________________________________________
*** CID 1165412: Data race condition (MISSING_LOCK)
/xlators/features/quota/src/quota.c: 2018 in quota_rename_get_size_cbk()
2012 GF_VALIDATE_OR_GOTO_WITH_ERROR ("quota", this, out, op_errno,
2013 EINVAL);
2014 GF_VALIDATE_OR_GOTO_WITH_ERROR (this->name, xdata, out, op_errno,
2015 EINVAL);
2016 local = frame->local;
2017 GF_ASSERT (local);
>>> CID 1165412: Data race condition (MISSING_LOCK)
>>> Accessing "local->link_count" without holding lock "quota_local.lock". Elsewhere, "local->link_count" is accessed with "quota_local.lock" held 10 out of 13 times.
2018 local->link_count = 1;
2019
2020 if (op_ret < 0)
2021 goto out;
2022
2023
________________________________________________________________________________________________________
*** CID 1165410: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1102 in ga_getxattr()
1096
1097 wind:
1098 STACK_WIND (frame, default_getxattr_cbk, FIRST_CHILD(this),
1099 FIRST_CHILD(this)->fops->getxattr, loc, name, xdata);
1100
1101 if (unref)
>>> CID 1165410: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(unref);".
1102 inode_unref (unref);
1103
1104 return 0;
1105 }
1106
1107 int32_t
________________________________________________________________________________________________________
*** CID 1165409: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1053 in ga_link()
1047 oldloc, newloc, xdata);
1048
1049 if (oldloc_unref)
1050 inode_unref (oldloc_unref);
1051
1052 if (newloc_unref)
>>> CID 1165409: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(newloc_unref);".
1053 inode_unref (newloc_unref);
1054
1055 return 0;
1056 err:
1057 STACK_UNWIND_STRICT (link, frame, -1, op_errno, NULL,
1058 NULL, NULL, NULL, xdata);
________________________________________________________________________________________________________
*** CID 1165408: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1050 in ga_link()
1044 wind:
1045 STACK_WIND (frame, default_link_cbk,
1046 FIRST_CHILD(this), FIRST_CHILD(this)->fops->link,
1047 oldloc, newloc, xdata);
1048
1049 if (oldloc_unref)
>>> CID 1165408: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(oldloc_unref);".
1050 inode_unref (oldloc_unref);
1051
1052 if (newloc_unref)
1053 inode_unref (newloc_unref);
1054
1055 return 0;
________________________________________________________________________________________________________
*** CID 1165407: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1156 in ga_removexattr()
1150
1151 wind:
1152 STACK_WIND (frame, default_removexattr_cbk, FIRST_CHILD(this),
1153 FIRST_CHILD(this)->fops->removexattr, loc, name,
1154 xdata);
1155 if (unref)
>>> CID 1165407: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(unref);".
1156 inode_unref (unref);
1157
1158 return 0;
1159 }
1160
1161
________________________________________________________________________________________________________
*** CID 1165406: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1016 in ga_rename()
1010 oldloc, newloc, xdata);
1011
1012 if (oldloc_unref)
1013 inode_unref (oldloc_unref);
1014
1015 if (newloc_unref)
>>> CID 1165406: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(newloc_unref);".
1016 inode_unref (newloc_unref);
1017
1018 return 0;
1019 err:
1020 STACK_UNWIND_STRICT (rename, frame, -1, op_errno, NULL,
1021 NULL, NULL, NULL, NULL, xdata);
________________________________________________________________________________________________________
*** CID 1165405: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1013 in ga_rename()
1007 wind:
1008 STACK_WIND (frame, default_rename_cbk,
1009 FIRST_CHILD(this), FIRST_CHILD(this)->fops->rename,
1010 oldloc, newloc, xdata);
1011
1012 if (oldloc_unref)
>>> CID 1165405: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(oldloc_unref);".
1013 inode_unref (oldloc_unref);
1014
1015 if (newloc_unref)
1016 inode_unref (newloc_unref);
1017
1018 return 0;
________________________________________________________________________________________________________
*** CID 1165404: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 953 in ga_rmdir()
947
948 wind:
949 STACK_WIND (frame, default_rmdir_cbk,
950 FIRST_CHILD(this), FIRST_CHILD(this)->fops->rmdir,
951 loc, flag, xdata);
952 if (unref)
>>> CID 1165404: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(unref);".
953 inode_unref (unref);
954
955 return 0;
956 err:
957 STACK_UNWIND_STRICT (rmdir, frame, -1, op_errno, NULL,
958 NULL, xdata);
________________________________________________________________________________________________________
*** CID 1165403: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1138 in ga_setattr()
1132
1133 wind:
1134 STACK_WIND (frame, default_setattr_cbk, FIRST_CHILD (this),
1135 FIRST_CHILD (this)->fops->setattr, loc, stbuf, valid,
1136 xdata);
1137 if (unref)
>>> CID 1165403: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(unref);".
1138 inode_unref (unref);
1139
1140 return 0;
1141 }
1142
1143 int32_t
________________________________________________________________________________________________________
*** CID 1165402: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 582 in ga_setxattr()
576
577 wind:
578 STACK_WIND (frame, ga_setxattr_cbk, FIRST_CHILD(this),
579 FIRST_CHILD(this)->fops->setxattr, loc, dict, flags,
580 xdata);
581 if (unref)
>>> CID 1165402: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(unref);".
582 inode_unref (unref);
583
584 return 0;
585 err:
586 STACK_UNWIND_STRICT (setxattr, frame, -1, op_errno, xdata);
587 return 0;
________________________________________________________________________________________________________
*** CID 1165401: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 1119 in ga_stat()
1113 GFID_ACCESS_GET_VALID_DIR_INODE (this, loc, unref, wind);
1114
1115 wind:
1116 STACK_WIND (frame, default_stat_cbk, FIRST_CHILD(this),
1117 FIRST_CHILD(this)->fops->stat, loc, xdata);
1118 if (unref)
>>> CID 1165401: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(unref);".
1119 inode_unref (unref);
1120
1121 return 0;
1122 }
1123
1124 int32_t
________________________________________________________________________________________________________
*** CID 1165400: Logically dead code (DEADCODE)
/xlators/features/gfid-access/src/gfid-access.c: 980 in ga_unlink()
974 wind:
975 STACK_WIND (frame, default_unlink_cbk,
976 FIRST_CHILD(this), FIRST_CHILD(this)->fops->unlink,
977 loc, xflag, xdata);
978
979 if (unref)
>>> CID 1165400: Logically dead code (DEADCODE)
>>> Execution cannot reach this statement "inode_unref(unref);".
980 inode_unref (unref);
981
982 return 0;
983 err:
984 STACK_UNWIND_STRICT (unlink, frame, -1, op_errno, NULL,
985 NULL, xdata);
________________________________________________________________________________________________________
*** CID 1165411: Dereference after null check (FORWARD_NULL)
/xlators/features/quota/src/quota.c: 630 in quota_build_ancestry()
624
625 err:
626 ancestry_cbk (NULL, NULL, -1, op_errno, data);
627
628 fd_unref (fd);
629
>>> CID 1165411: Dereference after null check (FORWARD_NULL)
>>> Dereferencing null pointer "new_frame".
630 local = new_frame->local;
631 new_frame->local = NULL;
632
633 if (local != NULL) {
634 quota_local_cleanup (this, local);
635 }
________________________________________________________________________________________________________
*** CID 1165415: Dereference before null check (REVERSE_INULL)
/xlators/features/quota/src/quota.c: 637 in quota_build_ancestry()
631 new_frame->local = NULL;
632
633 if (local != NULL) {
634 quota_local_cleanup (this, local);
635 }
636
>>> CID 1165415: Dereference before null check (REVERSE_INULL)
>>> Null-checking "new_frame" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
637 if (new_frame != NULL) {
638 STACK_DESTROY (new_frame->root);
639 }
640
641 loc_wipe (&loc);
642 return 0;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, <a class="moz-txt-link-freetext" href="http://scan.coverity.com/projects/987?tab=Overview">http://scan.coverity.com/projects/987?tab=Overview</a>
To unsubscribe from the email notification for new defects, <a class="moz-txt-link-freetext" href="http://scan5.coverity.com/cgi-bin/unsubscribe.py">http://scan5.coverity.com/cgi-bin/unsubscribe.py</a>
</pre>
<br>
</div>
<br>
</body>
</html>