Project

General

Profile

Actions
Copy link

Bug #8083

closed

erasure-code: fix static code analysis errors found in gf-complete

Added by Loïc Dachary about 10 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Loïc Dachary
Category:
OSD
Target version:
-
% Done:

100%

Source:
other
Tags:
Backport:
Regression:
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

** CID 1201380:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 291 in gf_error_check()

** CID 1201381:  Logically dead code  (DEADCODE)
/erasure-code/jerasure/gf-complete/src/gf.c: 376 in gf_error_check()
/erasure-code/jerasure/gf-complete/src/gf.c: 377 in gf_error_check()

** CID 1201391:  Out-of-bounds write  (OVERRUN_STATIC)
/erasure-code/jerasure/gf-complete/src/gf_w8.c: 1267 in gf_w8_table_init()
Actions
Copy link
 #1

Updated by Loïc Dachary about 10 years ago

  • Subject changed from erasure-code: remove deadcode from gf-complete to erasure-code: fix static code analysis errors found in gf-complete
  • Description updated (diff)
Actions
Copy link
 #2

Updated by Loïc Dachary about 10 years ago

The reason for the deadcode (and lines 376 + 377 also ) is conditional compilation:

#ifdef INTEL_SSE2
  sse2 = 1;
#endif

coverity should define
INTEL_SSE
INTEL_SSE2
INTEL_SSE3
INTEL_SSSE3
INTEL_SSE4_PCLMUL
INTEL_SSE4

Actions
Copy link
 #3

Updated by Loïc Dachary about 10 years ago

static overrun

    Overrunning static array "dd->low[a]", with 16 elements, at position 255 with index variable "b".

The variable b loops 
for (b = 1; b < GF_FIELD_SIZE; b++) {

and
#define GF_FIELD_WIDTH (8)
#define GF_FIELD_SIZE       (1 << GF_FIELD_WIDTH)

therefore in the range [0..255]. However, the line in question
          if ((b & 0xf) == b) { dd->low[a][b] = prod; }

will only set dd->low[a][b] if b < 16. Could it be a false positive ?

Actions
Copy link
 #4

Updated by Loïc Dachary about 10 years ago

  • Status changed from In Progress to Need More Info
Actions
Copy link
 #5

Updated by Loïc Dachary almost 10 years ago

  • Status changed from Need More Info to In Progress
Actions
Copy link
 #6

Updated by Loïc Dachary over 9 years ago

  • Status changed from In Progress to 12
  • Assignee deleted (Loïc Dachary)
Actions
Copy link
 #7

Updated by Loïc Dachary over 9 years ago

  • Status changed from 12 to In Progress
  • Assignee set to Loïc Dachary
  • % Done changed from 0 to 80

A number of fixes already are in gf-complete master and added two

The next release of gf-complete (including neon optimizations) is close and it is worth waiting it instead of backporting the fixes to the v1 branch currently used by ceph.

Actions
Copy link
 #8

Updated by Loïc Dachary over 9 years ago

  • Status changed from In Progress to Resolved
  • % Done changed from 80 to 100
Actions
Copy link
 #9

Updated by Loïc Dachary over 9 years ago

For the record these are minor fixes and I expect to see them used when NEON is merged upstream and we update the jerasure/gf-complete

Actions
Copy link

Also available in: Atom PDF