Hi,
Please find the latest report on new defect(s) introduced to Pike-experiment found with Coverity Scan.
7 new defect(s) introduced to Pike-experiment found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 7 of 7 defect(s)
** CID 742750: (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 1060 in mapping_get_item_ptr() /home/covscan/pike/pike-git/src/mapping.c: 1080 in mapping_get_item_ptr()
________________________________________________________________________________________________________ *** CID 742750: (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 1060 in mapping_get_item_ptr() 1054 if(d_flag) 1055 check_mapping(m); 1056 #endif 1057 free_mapping_data(md); 1058 if(TYPEOF(k->val) == t) 1059 {
CID 742750: (USE_AFTER_FREE) Dereferencing freed pointer "md".
1060 PREPARE_FOR_DATA_CHANGE2(); 1061 PROPAGATE(); /* prepare then propagate */ 1062 1063 return & ( k->val.u ); 1064 } 1065 /home/covscan/pike/pike-git/src/mapping.c: 1080 in mapping_get_item_ptr() 1074 #endif 1075 free_mapping_data(md); 1076 1077 if(t != T_INT) return 0; 1078 1079 /* no need to call PREPARE_* because we re-hash instead */
CID 742750: (USE_AFTER_FREE) Dereferencing freed pointer "md".
1080 if( 1081 #ifndef PIKE_MAPPING_KEYPAIR_LOOP 1082 !(md->free_list) || 1083 #else /* PIKE_MAPPING_KEYPAIR_LOOP */ 1084 (md->size >= md->num_keypairs) || 1085 #endif /* !PIKE_MAPPING_KEYPAIR_LOOP */
** CID 742749: Memory - illegal accesses (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 1167 in map_delete_no_free()
________________________________________________________________________________________________________ *** CID 742749: Memory - illegal accesses (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 1167 in map_delete_no_free() 1161 if(m->data != md) 1162 Pike_fatal("Wrong dataset in mapping_delete!\n"); 1163 if(d_flag>1) check_mapping(m); 1164 debug_malloc_touch(m); 1165 #endif 1166 free_mapping_data(md);
CID 742749: Memory - illegal accesses (USE_AFTER_FREE) Dereferencing freed pointer "md".
1167 PREPARE_FOR_INDEX_CHANGE2(); 1168 /* No need to propagate */ 1169 *prev=k->next; 1170 free_svalue(& k->ind); 1171 if(to) 1172 move_svalue (to, &k->val);
** CID 742748: Memory - illegal accesses (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 1294 in low_mapping_lookup()
________________________________________________________________________________________________________ *** CID 742748: Memory - illegal accesses (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 1294 in low_mapping_lookup() 1288 #ifdef PIKE_DEBUG 1289 if(d_flag > 1) check_mapping_type_fields(m); 1290 #endif 1291 FIND(); 1292 if(k) 1293 {
CID 742748: Memory - illegal accesses (USE_AFTER_FREE) Dereferencing freed pointer "md".
1294 PROPAGATE(); 1295 return &k->val; 1296 } 1297 return 0; 1298 } 1299
** CID 742747: (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 935 in low_mapping_insert() /home/covscan/pike/pike-git/src/mapping.c: 956 in low_mapping_insert()
________________________________________________________________________________________________________ *** CID 742747: (USE_AFTER_FREE) /home/covscan/pike/pike-git/src/mapping.c: 935 in low_mapping_insert() 929 if(m->data != md) 930 Pike_fatal("Wrong dataset in mapping_insert!\n"); 931 if(d_flag>1) check_mapping(m); 932 #endif 933 free_mapping_data(md); 934 if(!overwrite) return;
CID 742747: (USE_AFTER_FREE) Dereferencing freed pointer "md".
935 PREPARE_FOR_DATA_CHANGE2(); 936 PROPAGATE(); /* propagate after preparing */ 937 md->val_types |= 1 << TYPEOF(*val); 938 if (overwrite == 2 && TYPEOF(*key) == T_OBJECT) 939 /* Should replace the index too. It's only for objects that it's 940 * possible to tell the difference. */ /home/covscan/pike/pike-git/src/mapping.c: 956 in low_mapping_insert() 950 if(m->data != md) 951 Pike_fatal("Wrong dataset in mapping_insert!\n"); 952 if(d_flag>1) check_mapping(m); 953 #endif 954 free_mapping_data(md); 955 /* We do a re-hash here instead of copying the mapping. */
CID 742747: (USE_AFTER_FREE) Dereferencing freed pointer "md".
956 if( 957 #ifndef PIKE_MAPPING_KEYPAIR_LOOP 958 (!md->free_list) || 959 #else /* PIKE_MAPPING_KEYPAIR_LOOP */ 960 (md->size >= md->num_keypairs) || 961 #endif /* !PIKE_MAPPING_KEYPAIR_LOOP */
** CID 742665: Concurrent data access violations (MISSING_LOCK) /home/covscan/pike/pike-git/src/modules/HTTPLoop/accept_and_parse.c: 467 in low_accept_loop()
________________________________________________________________________________________________________ *** CID 742665: Concurrent data access violations (MISSING_LOCK) /home/covscan/pike/pike-git/src/modules/HTTPLoop/accept_and_parse.c: 467 in low_accept_loop() 461 } 462 } 463 while(arg->log->log_head) 464 { 465 struct log_entry *l = arg->log->log_head->next; 466 free(arg->log->log_head);
CID 742665: Concurrent data access violations (MISSING_LOCK) Accessing "arg->log->log_head" without holding lock "log.log_lock". Elsewhere, "log.log_head" is accessed with "log.log_lock" held 4 out of 5 times.
467 arg->log->log_head = l; 468 } 469 470 c = first_cache; 471 while(c && c != arg->cache) {p=c;c = c->next;} 472 if(c)
** CID 742539: Null pointer dereferences (FORWARD_NULL) /home/covscan/pike/pike-git/src/object.c: 176 in low_clone()
________________________________________________________________________________________________________ *** CID 742539: Null pointer dereferences (FORWARD_NULL) /home/covscan/pike/pike-git/src/object.c: 176 in low_clone() 170 #endif 171 172 add_ref( o->prog=p ); 173 174 if(p->flags & PROGRAM_USES_PARENT) 175 {
CID 742539: Null pointer dereferences (FORWARD_NULL) Dereferencing null pointer "o->storage".
176 LOW_PARENT_INFO(o,p)->parent=0; 177 LOW_PARENT_INFO(o,p)->parent_identifier=0; 178 } 179 180 DOUBLELINK(first_object,o); 181
** CID 20290: Control flow issues (MISSING_BREAK) /y.tab.c: 3729 in yytnamerr()
________________________________________________________________________________________________________ *** CID 20290: Control flow issues (MISSING_BREAK) /y.tab.c: 3729 in yytnamerr() 3723 3724 3725 3726 3727 3728
CID 20290: Control flow issues (MISSING_BREAK) The above case falls through to this one.
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/pike-experiment?tab=overview
To manage Coverity Scan email notifications for "pike-automation@lists.lysator.liu.se", click https://scan.coverity.com/subscriptions/edit?email=pike-automation%40lists.l...
pike-automation@lists.lysator.liu.se