Wip xio by mattbenjamin · Pull Request #1 · linuxbox2/ceph

mattbenjamin · 2014-12-19T23:04:38Z

This is a pre-pull request, designed to give folks a chance to review the current XioMessenger integration for Hammer.

mattbenjamin · 2014-12-23T23:08:49Z

This branch has a known bug (being fixed), but it attempts rebasing per feedback.

CID 1242020 (#1 of 1): Resource leak (RESOURCE_LEAK) leaked_storage: Variable my_completion going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for issues introduced with cba4ed4: CID 1256099 (#1 of 1): Uninitialized pointer read (UNINIT) uninit_use: Using uninitialized value this->impl. CID 1256100 (#1 of 1): Uninitialized pointer read (UNINIT) uninit_use: Using uninitialized value this->impl. Don't delete a pointer in the constructor if the pointer isn't initialized before. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for Coverity issue: CID 1238902 (#1 of 1): Uninitialized pointer read (UNINIT) uninit_use: Using uninitialized value this->mdlog. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Make sure concurrentios is always >= 0 to fix these coverity issues and to prevent bad_alloc/negative array sizes: CID 1128404 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value index[slot]. CID 1128405 (#1 of 1): Uninitialized pointer read (UNINIT) uninit_use: Using uninitialized value contents[slot]. CID 1219644 (#1 of 1): Uninitialized pointer read (UNINIT) uninit_use: Using uninitialized value contents[slot]. CID 1219645 (#1 of 1): Uninitialized pointer read (UNINIT) uninit_use: Using uninitialized value contents[slot]. CID 1219646 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value index[slot]. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1219471 (#1 of 1): Division or modulo by zero (DIVIDE_BY_ZERO) divide_by_zero: In function call crush_make_uniform_bucket, division by expression item_weight which may be zero has undefined behavior. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

There is no security advantage to check if the class file exists before opening it but the file could be removed or exchanged between the stat and open. Instead directly open it and fail. Check if the file was missing afterwards for debug messages and error codes. Make sure cls->status is set if the class open call fails. To solve Coverity issue: CID 743419 (#1 of 1): Time of check time of use (TOCTOU) fs_check_call: Calling function stat to perform check on fname. 743419 Time of check time of use An attacker could change the filename's file association or other attributes between the check and use. In ClassHandler::_load_class(ClassHandler::ClassData *): A check occurs on a file's attributes before the file is used in a privileged operation, but things may have changed (CWE-367) Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1221525 (#1 of 1): Resource leak (RESOURCE_LEAK) leaked_storage: Failing to save or free storage allocated by this->getObjName(soid, 0UL) leaks it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1264460 (#1 of 1): Structurally dead code (UNREACHABLE) unreachable: This code cannot be reached: sync(); Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1251462 (#1 of 1): Use after free (USE_AFTER_FREE) 1. alias: Assigning: cur_name = names. Now both point to the same storage. 3. freed_arg: free frees names. 6. pass_freed_arg: Passing freed pointer cur_name as an argument to printf. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1247719 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression stripe_count * object_size with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1247720 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression stripe_count * stripe_unit with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Call push_back() for the generated entry object. Fix for: CID 1274297 (#1 of 1): Resource leak (RESOURCE_LEAK) 3. leaked_storage: Variable entry going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1254374 (#1 of 1): Argument cannot be negative (NEGATIVE_RETURNS) 1. negative_return_fn: Function socket(2, SOCK_STREAM, 0) returns a negative number. 2. var_assign: Assigning: signed variable connect_sd = socket. 3. negative_returns: connect_sd is passed to a parameter that cannot be negative. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1258439 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW) 2. fixed_size_dest: You might overrun the 4096 byte fixed-size string devname by copying dev + 5 without checking the length. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

CID 1274295 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression usec * 1000 with type int (32 bits, signed) is evaluated using 32-bit arithmetic before being used in a context which expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Use memset to fill integer VLAs. Fix for: CID 1219649 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value primary_count[primary] CID 1219648 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value first_count[osds[0UL]] CID 1219647 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use: Using uninitialized value count[osds[i]] Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1254380 (#1 of 1): Uninitialized scalar variable (UNINIT) uninit_use_in_call: Using uninitialized value sa. Field sa.sin_zero is uninitialized when calling connect Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

I broke this by taking the state from the old mdsmap instead of the new one. Signed-off-by: John Spray <john.spray@redhat.com>

Still got xlist not empty asserts on deletion of MDSRank, so reinstate the condition that we only delete on is_stopped(). Additionally, allow deletion in the case that we never had a rank to begin with. Signed-off-by: John Spray <john.spray@redhat.com>

AsyncConnection: Exit process loop if entering fault

Signed-off-by: Kefu Chai <kchai@redhat.com>

@vuhuong

@vuhuong sorry for the latency, could you please rebase & repush , to poke the built bot again? once the build completes, will get it merged. thanks,

Signed-off-by: x11507 <xu.donghai@h3c.com>

Wip compressor Reviewed-by: Sage Weil <sage@redhat.com>

Fix for: CID 1262114 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member map_epoch is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member acks_wanted is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1262115 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member map_epoch is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member ack_type is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member result is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297875 (#1 of 1): Arguments in wrong order (SWAPPED_ARGUMENTS) swapped_arguments: The positions of arguments in the call to do_lock_remove do not match the ordering of the parameters: lock_cookie is passed to client lock_client is passed to cookie Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297874 (#1 of 1): Arguments in wrong order (SWAPPED_ARGUMENTS) swapped_arguments: The positions of arguments in the constructor for CompatSet do not match the ordering of the parameters: feature_incompat_base is passed to _ro_compat feature_ro_compat_base is passed to _incompat Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 717354 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member id is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member type is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member off is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member len is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member lg is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member completion is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1054871 (#1 of 2): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member curl_inst is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member resp_code is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1019635 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member curl_inst is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member resp_code is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1054872 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member curl_inst is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member resp_code is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1188182 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member rcompletion is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1232607 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member m_dump_perf_counters is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_rbd is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_ioctx is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_latency_multiplier is not initialized in this constructor nor in any functions that it calls. uninit_member: Non-static class member m_readonly is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1274321 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member perr is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1274323 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member perr is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297861 (#1 of 1): Unintentional integer overflow (OVERFLOW_BEFORE_WIDEN) overflow_before_widen: Potentially overflowing expression this->layout.fl_stripe_count.operator __u32() * this->layout.fl_object_size.operator __u32() with type unsigned int (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type uint64_t (64 bits, unsigned). Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297885 (#1 of 2): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions g_conf->mon_pool_quota_warn_threshold and 100, and then converting the integer quotient to type float. Any remainder, or fractional part of the quotient, is ignored. CID 1297885 (ceph#2 of 2): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions g_conf->mon_pool_quota_crit_threshold and 100, and then converting the integer quotient to type float. Any remainder, or fractional part of the quotient, is ignored. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Add assert to MonSessionMap::new_session(). Fix for: CID 1128408 (#1 of 1): Dereference before null check (REVERSE_INULL) check_after_deref: Null-checking s suggests that it may be null, but it has already been dereferenced on all paths leading to the check. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix incomplete move of late header computation from XioPortal send, to _send_message_impl. Fix an initialization ordering warning, various signedness and one narrowing mismatch. Fix spacing around Accelio mempool parameters initialization. Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>

CID 1322828 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 28. use_after_free: Using invalidated internal representation of local it. CID 1322827 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 25. use_after_free: Using invalidated internal representation of local it. CID 1322826 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 31. use_after_free: Using invalidated internal representation of local it. CID 1322825 (#1 of 1): Wrapper object use after free (WRAPPER_ESCAPE) 31. use_after_free: Using invalidated internal representation of local it. Signed-off-by: Sage Weil <sage@redhat.com>

CID 1322784 (#1 of 1): Uninitialized scalar variable (UNINIT) 2. uninit_use_in_call: Using uninitialized value coll.removal_seq when calling coll_t. [show details] Signed-off-by: Sage Weil <sage@redhat.com>

CID 1322778 (#1 of 1): Pointer to local outside scope (RETURN_LOCAL) 1. escape_local_addr: Returning, through this->reqid, the address of stack variable _reqid. 2. return: Returning here. Signed-off-by: Sage Weil <sage@redhat.com>

Delete mdsmap in descructor. Remove not needed checks for mds_rank and objecter before call delete since the C++ standard allows the deletion of pointer with NULL-value. The check is redundant. Fix for: CID 1316224 (#1 of 1): Resource leak in object (CTOR_DTOR_LEAK) 1. alloc_new: Allocating memory by calling new MDSMap. 2. var_assign: Assigning: this->mdsmap = new MDSMap. 3. ctor_dtor_leak: The constructor allocates field mdsmap of MDSDaemon but the destructor and whatever functions it calls do not free it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1316232 (#1 of 1): Unchecked dynamic_cast (FORWARD_NULL) dynamic_cast: Dynamic cast to pointer dynamic_cast <ReplicatedPG *>(this->get_parent()) can return NULL. var_deref_model: Passing null pointer dynamic_cast <ReplicatedPG *>(this->get_parent()) to is_undersized, which dereferences it. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297882 (#1 of 1): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions ns and 1000000000UL, and then converting the integer quotient to type float. Any remainder, or fractional part of the quotient, is ignored. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297883 (#1 of 1): Result is not floating-point (UNINTENDED_INTEGER_DIVISION) integer_division: Dividing integer expressions this->cct->_conf->osd_heartbeat_grace and 2, and then converting the integer quotient to type double. Any remainder, or fractional part of the quotient, is ignored. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1322813 (#1 of 1): Uninitialized scalar field (UNINIT_CTOR) uninit_member: Non-static class member seq is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Remove unused variable 'CephContext *cct'. Fix for: CID 1322818 (#1 of 1): Uninitialized pointer field (UNINIT_CTOR) uninit_member: Non-static class member cct is not initialized in this constructor nor in any functions that it calls. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1296382 (#1 of 1): Resource leak (RESOURCE_LEAK) leaked_storage: Variable ckh going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1297867 (#1 of 1): Resource leak (RESOURCE_LEAK) alloc_arg: put_obj_init allocates memory that is stored into out_stream_req. leaked_storage: Variable out_stream_req going out of scope leaks the storage it points to. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

The allocated 'Formatter' passed to the function should be freed by the caller to avoid missusage. If handle_asok_command() free's the pointer to 'Formatter' to pass an indication of an error back to the caller, it should have at least set the pointer to NULL to work anyway. Fix for: CID 1316253 (#1 of 1): Use after free (USE_AFTER_FREE) deref_arg: Calling flush dereferences freed pointer f. (The dereference happens because this is a virtual function call.) Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

Fix for: CID 1265562 (#1 of 1): Resource leak (RESOURCE_LEAK) leaked_handle: Handle variable sd going out of scope leaks the handle. Signed-off-by: Danny Al-Gaaf <danny.al-gaaf@bisect.de>

…er instance the caller needs to check the nullity of the parameter before calling PK11_FreeSymKey or PK11_FreeSlot, otherwise if CryptoAESKeyHandler::init failed, we will hit a segfault as follows: #0 0x00007f76844f5a95 in PK11_FreeSymKey () from /lib64/libnss3.so #1 0x00007f76586b6e49 in CryptoAESKeyHandler::~CryptoAESKeyHandler() () from /lib64/librados.so.2 ceph#2 0x00007f76586b5eea in CryptoAES::get_key_handler(ceph::buffer::ptr const&, std::string&) () from /lib64/librados.so.2 ceph#3 0x00007f76586b4b9c in CryptoKey::_set_secret(int, ceph::buffer::ptr const&) () from /lib64/librados.so.2 ceph#4 0x00007f76586b4e95 in CryptoKey::decode(ceph::buffer::list::iterator&) () from /lib64/librados.so.2 ceph#5 0x00007f76586b7ee6 in KeyRing::set_modifier(char const*, char const*, EntityName&, std::map<std::string, ceph::buffer::list, std::less<std::string>, std::allocator<std::pair<std::string const, ceph::buffer::list> > >&) () from /lib64/librados.so.2 ceph#6 0x00007f76586b8882 in KeyRing::decode_plaintext(ceph::buffer::list::iterator&) () from /lib64/librados.so.2 ceph#7 0x00007f76586b9803 in KeyRing::decode(ceph::buffer::list::iterator&) () from /lib64/librados.so.2 ceph#8 0x00007f76586b9a1f in KeyRing::load(CephContext*, std::string const&) () from /lib64/librados.so.2 ceph#9 0x00007f76586ba04b in KeyRing::from_ceph_context(CephContext*) () from /lib64/librados.so.2 ceph#10 0x00007f765852d0cd in MonClient::init() () from /lib64/librados.so.2 ceph#11 0x00007f76583c15f5 in librados::RadosClient::connect() () from /lib64/librados.so.2 ceph#12 0x00007f765838cb1c in rados_connect () from /lib64/librados.so.2 ... Signed-off-by: runsisi <runsisi@zte.com.cn>

mattbenjamin force-pushed the wip-xio branch from 6a5515a to bfccfa5 Compare December 23, 2014 23:03

mattbenjamin force-pushed the wip-xio branch 3 times, most recently from 7365705 to 487789d Compare January 6, 2015 23:31

mattbenjamin force-pushed the wip-xio branch from 8980713 to 45e9cd5 Compare January 14, 2015 21:45

John Spray and others added 7 commits July 28, 2015 09:05

mds: fix standby handling in map

37370c7

I broke this by taking the state from the old mdsmap instead of the new one. Signed-off-by: John Spray <john.spray@redhat.com>

Merge pull request ceph#5349 from yuyuyu101/wip-async-fix-21

ef824a3

AsyncConnection: Exit process loop if entering fault

osd/ReplicatedPG: claim the read buffer instead of copying it

91ecba1

Signed-off-by: Kefu Chai <kchai@redhat.com>

Merge pull request ceph#5254 from vuhuong/wip-xio

11e313e

@vuhuong sorry for the latency, could you please rebase & repush , to poke the built bot again? once the build completes, will get it merged. thanks,

modified librados-intro.rst

d8395cf

Signed-off-by: x11507 <xu.donghai@h3c.com>

Merge pull request ceph#5116 from yuyuyu101/wip-compressor

14542e7

Wip compressor Reviewed-by: Sage Weil <sage@redhat.com>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Wip xio#1

Wip xio#1
mattbenjamin wants to merge 6008 commits intomasterfrom
wip-xio

mattbenjamin commented Dec 19, 2014

Uh oh!

mattbenjamin commented Dec 23, 2014

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants

Conversation

mattbenjamin commented Dec 19, 2014

Uh oh!

mattbenjamin commented Dec 23, 2014

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

20 participants