You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by Ken Giusti <kg...@redhat.com> on 2013/07/01 19:16:43 UTC
Re: New Defects reported by Coverity Scan for Apache-Qpid
Unless I'm missing something subtle, this appears to be a false positive.
Coverity marked a few uses of ScopedLock with this error, but not all, which seems curious.
-K
----- Forwarded Message -----
> From: scan-admin@coverity.com
> To: dev@qpid.apache.org
> Sent: Sunday, June 30, 2013 5:39:43 PM
> Subject: New Defects reported by Coverity Scan for Apache-Qpid
>
>
> ________________________________________________________________________
> CID 1040637: Missing unlock (LOCK)
>
> /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp: 379 (
> lock)
> 376
> 377 void Connection::doIoCallbacks() {
> 378 if (!isOpen()) return; // Don't process IO callbacks until we
> are open.
> >>> "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mutex &)"
> >>> locks "this->ioCallbackLock.mutex".
> 379 ScopedLock<Mutex> l(ioCallbackLock);
> 380 while (!ioCallbacks.empty()) {
> 381 boost::function0<void> cb = ioCallbacks.front();
> 382 ioCallbacks.pop();
> 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
>
>
> /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp: 386 (
> missing_unlock)
> 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> 384 cb(); // Lend the IO thread for management processing
> 385 }
> >>> CID 1040637: Missing unlock (LOCK)
> >>> Returning without unlocking "this->ioCallbackLock.mutex".
> 386 }
> 387
> 388 bool Connection::doOutput() {
> 389 try {
> 390 doIoCallbacks();
>
> ________________________________________________________________________
> To view the defects in Coverity Scan visit, http://scan.coverity.com
>
> To unsubscribe from the email notification for new defects,
> http://scan5.coverity.com/cgi-bin/unsubscribe.py
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Ted Ross <tr...@redhat.com>.
That particular ScopedLock had a ScopedUnlock inside its scope. I
wonder if that is leading Coverity astray.
-Ted
On 07/01/2013 01:16 PM, Ken Giusti wrote:
> Unless I'm missing something subtle, this appears to be a false positive.
>
> Coverity marked a few uses of ScopedLock with this error, but not all, which seems curious.
>
> -K
>
>
> ----- Forwarded Message -----
>> From: scan-admin@coverity.com
>> To: dev@qpid.apache.org
>> Sent: Sunday, June 30, 2013 5:39:43 PM
>> Subject: New Defects reported by Coverity Scan for Apache-Qpid
>>
>>
>
>> ________________________________________________________________________
>> CID 1040637: Missing unlock (LOCK)
>>
>> /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp: 379 (
>> lock)
>> 376
>> 377 void Connection::doIoCallbacks() {
>> 378 if (!isOpen()) return; // Don't process IO callbacks until we
>> are open.
>>>>> "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mutex &)"
>>>>> locks "this->ioCallbackLock.mutex".
>> 379 ScopedLock<Mutex> l(ioCallbackLock);
>> 380 while (!ioCallbacks.empty()) {
>> 381 boost::function0<void> cb = ioCallbacks.front();
>> 382 ioCallbacks.pop();
>> 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
>>
>>
>> /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp: 386 (
>> missing_unlock)
>> 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
>> 384 cb(); // Lend the IO thread for management processing
>> 385 }
>>>>> CID 1040637: Missing unlock (LOCK)
>>>>> Returning without unlocking "this->ioCallbackLock.mutex".
>> 386 }
>> 387
>> 388 bool Connection::doOutput() {
>> 389 try {
>> 390 doIoCallbacks();
>>
>> ________________________________________________________________________
>> To view the defects in Coverity Scan visit, http://scan.coverity.com
>>
>> To unsubscribe from the email notification for new defects,
>> http://scan5.coverity.com/cgi-bin/unsubscribe.py
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> For additional commands, e-mail: dev-help@qpid.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Steve Huston <sh...@riverace.com>.
Thanks, Ken! It's running now - we'll see how it looks tomorrow.
On 7/2/13 10:16 AM, "Ken Giusti" <kg...@redhat.com> wrote:
>Hi Steve,
>
>I've made a minor code change that seems to eliminate those locking false
>positives:
>
>http://svn.apache.org/viewvc?view=revision&revision=1498926
>
>I've tried it against a local installation of Coverity. When you have a
>chance, can you kick off a coverity scan of upstream and see if we get
>the same results? If it eliminates the false positives, I'd consider
>Coverity's behavior buggy and would like to report it.
>
>BTW, I had no luck coming up with a model that would fix the issue. The
>tools don't give any (obvious) feedback as to how it's interpreting the
>model - or any way that I could find that would enable debugging of the
>model to find out what it was actually doing.
>
>-K
>
>
>----- Original Message -----
>> From: "Ken Giusti" <kg...@redhat.com>
>> To: dev@qpid.apache.org
>> Cc: shuston@riverace.com
>> Sent: Monday, July 1, 2013 6:46:55 PM
>> Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>>
>> Ok - I'll give it a go, stay tuned.
>>
>> -K
>>
>> ----- Original Message -----
>> > From: "Steve Huston" <sh...@riverace.com>
>> > To: dev@qpid.apache.org
>> > Sent: Monday, July 1, 2013 2:32:14 PM
>> > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
>> >
>> > Yes, there is a way - I can do it, probably because I'm the admin for
>>the
>> > project. If you create one, I'll set it up.
>> >
>> > > -----Original Message-----
>> > > From: Ken Giusti [mailto:kgiusti@redhat.com]
>> > > Sent: Monday, July 01, 2013 2:11 PM
>> > > To: dev@qpid.apache.org
>> > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>> > >
>> > > Hi Steve,
>> > >
>> > > I've marked that particular error as "false positive" in Coverity
>> > > Connect,
>> > > but
>> > > from what I can tell, the "right" way to fix such lock wrapper
>>classes is
>> > > to
>> > > create a "model" for those wrapper classes. There's some
>>documentation
>> > > here:
>> > >
>> > >
>>http://scan5.coverity.com:8080/docs/en/cov_checker_ref.html#static_c_ch
>> > > ecker_LOCK
>> > >
>> > >
>> > > Is there a way to configure a model file for the coverity checker?
>>A
>> > > quick
>> > > look
>> > > at our project page on the coverity web site didn't seem to allow
>>that.
>> > >
>> > >
>> > > ----- Original Message -----
>> > > > From: "Steve Huston" <sh...@riverace.com>
>> > > > To: dev@qpid.apache.org
>> > > > Sent: Monday, July 1, 2013 1:18:58 PM
>> > > > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
>> > > >
>> > > > I agree, Ken. If anyone knows how to make Coverity stop this,
>>please
>> > > > let me know. Else I'll check into it. I know there are a few ways
>>to
>> > > > mark things as false positive.
>> > > >
>> > > > > -----Original Message-----
>> > > > > From: Ken Giusti [mailto:kgiusti@redhat.com]
>> > > > > Sent: Monday, July 01, 2013 1:17 PM
>> > > > > To: Qpid Dev
>> > > > > Subject: Re: New Defects reported by Coverity Scan for
>>Apache-Qpid
>> > > > >
>> > > > > Unless I'm missing something subtle, this appears to be a false
>> > > > > positive.
>> > > > >
>> > > > > Coverity marked a few uses of ScopedLock with this error, but
>>not
>> > > > > all, which seems curious.
>> > > > >
>> > > > > -K
>> > > > >
>> > > > >
>> > > > > ----- Forwarded Message -----
>> > > > > > From: scan-admin@coverity.com
>> > > > > > To: dev@qpid.apache.org
>> > > > > > Sent: Sunday, June 30, 2013 5:39:43 PM
>> > > > > > Subject: New Defects reported by Coverity Scan for Apache-Qpid
>> > > > > >
>> > > > > >
>> > > > >
>> > > > >
>> > > > > >
>> > > > >
>> > > __________________________________________________________
>> > > > > ____________
>> > > > > > __
>> > > > > > CID 1040637: Missing unlock (LOCK)
>> > > > > >
>> > > > > >
>> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
>> > > > > > 379 (
>> > > > > > lock)
>> > > > > > 376
>> > > > > > 377 void Connection::doIoCallbacks() {
>> > > > > > 378 if (!isOpen()) return; // Don't process IO
>>callbacks
>> > > > > > until
>> > > > > > we
>> > > > > > are open.
>> > > > > > >>>
>> > > > >
>>"qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mute
>> > > > > x
>> > > > > &)"
>> > > > > > >>> locks "this->ioCallbackLock.mutex".
>> > > > > > 379 ScopedLock<Mutex> l(ioCallbackLock);
>> > > > > > 380 while (!ioCallbacks.empty()) {
>> > > > > > 381 boost::function0<void> cb =
>>ioCallbacks.front();
>> > > > > > 382 ioCallbacks.pop();
>> > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
>> > > > > >
>> > > > > >
>> > > > > >
>> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
>> > > > > > 386 (
>> > > > > > missing_unlock)
>> > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
>> > > > > > 384 cb(); // Lend the IO thread for management
>> > > > > > processing
>> > > > > > 385 }
>> > > > > > >>> CID 1040637: Missing unlock (LOCK) Returning without
>>unlocking
>> > > > > > >>> "this->ioCallbackLock.mutex".
>> > > > > > 386 }
>> > > > > > 387
>> > > > > > 388 bool Connection::doOutput() {
>> > > > > > 389 try {
>> > > > > > 390 doIoCallbacks();
>> > > > > >
>> > > > > >
>> > > > >
>> > > __________________________________________________________
>> > > > > ____________
>> > > > > > __ To view the defects in Coverity Scan visit,
>> > > > > > http://scan.coverity.com
>> > > > > >
>> > > > > > To unsubscribe from the email notification for new defects,
>> > > > > > http://scan5.coverity.com/cgi-bin/unsubscribe.py
>> > > > > >
>> > > > >
>> > > > >
>> > > > >
>>--------------------------------------------------------------------
>> > > > > - To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
>> > > > > additional commands, e-mail: dev-help@qpid.apache.org
>> > > >
>> > > >
>> > > >
>>---------------------------------------------------------------------
>> > > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
>>additional
>> > > > commands, e-mail: dev-help@qpid.apache.org
>> > > >
>> > >
>> > > --
>> > > -K
>> > >
>> > >
>>---------------------------------------------------------------------
>> > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
>>additional
>> > > commands, e-mail: dev-help@qpid.apache.org
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
>> > For additional commands, e-mail: dev-help@qpid.apache.org
>> >
>>
>> --
>> -K
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
>> For additional commands, e-mail: dev-help@qpid.apache.org
>>
>>
>
>--
>-K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Phil Harvey <ph...@philharveyonline.com>.
I've been looking at the Qpid-Java Coverity project and can't see a way to
modify its FindBugs configuration, e.g. uploading a FindBugs filter.xml
file. The closest I can do is to upload a "Model File" to override how
Coverity treats specific third-party method calls, but I don't think that
would achieve the same thing.
Does anyone else have experience with this?
Phil
On 17 July 2013 13:53, Phil Harvey <ph...@philharveyonline.com> wrote:
> I'm in the process of getting this set up.
>
> In a wider context, I would like to work towards a situation where
> developers can run a scan against local (ie not yet committed) code. The
> rationale is to get feedback about potential issues as early as possible.
>
> For Java code this should be possible by running FindBugs locally (either
> from Ant, Maven or using an IDE plugin), using the same rules that we've
> set up on Coverity. I think this means we'd check in the rule config
> somewhere in svn.
>
> I must confess I don't know what the C/C++ equivalent would be.
>
> Phil
> On 16 Jul 2013 15:24, "Steve Huston" <sh...@riverace.com> wrote:
>
>> This would be great, Phil! We currently are not scanning the Java code,
>> but it would be great if you can set up the Java scan. If you'd like some
>> help from Coverity please let me know - the mgr I worked with to get the
>> C++ scan going was eager to get Java projects in as well - but they
>> couldn't scan Java at that time.
>>
>> > -----Original Message-----
>> > From: philharveyonline@googlemail.com
>> > [mailto:philharveyonline@googlemail.com] On Behalf Of Phil Harvey
>> > Sent: Tuesday, July 16, 2013 8:09 AM
>> > To: dev@qpid.apache.org
>> > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>> >
>> > Hi Steve,
>> >
>> > I'd be happy to help make sense of the Java results.
>> >
>> > I'll set up a Coverity account now.
>> >
>> > Thanks
>> > Phil
>> >
>> >
>> > On 2 July 2013 15:43, Steve Huston <sh...@riverace.com> wrote:
>> >
>> > > Yes, I noticed that too - and Coverity was fairly eager to get a scan
>> > > of the Qpid Java code back when we started, but they weren't ready to
>> > > scan Java quite yet.
>> > >
>> > > If anyone would like to tackle the Java scans, and is not yet signed
>> > > up at coverity.com, please let me know and I'll help get you going.
>> > >
>> > > From: Rob Godfrey [mailto:rob.j.godfrey@gmail.com]
>> > > Sent: Tuesday, July 02, 2013 10:41 AM
>> > > To: qpid
>> > > Cc: Steve Huston
>> > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>> > >
>> > > As an aside, I notice that they seem to have enabled scanning of Java
>> > > projects as well as C++ now... we should maybe look to see what a
>> > > coverity scan of the Java code looks like
>> > >
>> > > -- Rob
>> > >
>> > > <snip>
>> > >
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
>> For additional commands, e-mail: dev-help@qpid.apache.org
>>
>>
RE: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Phil Harvey <ph...@philharveyonline.com>.
I'm in the process of getting this set up.
In a wider context, I would like to work towards a situation where
developers can run a scan against local (ie not yet committed) code. The
rationale is to get feedback about potential issues as early as possible.
For Java code this should be possible by running FindBugs locally (either
from Ant, Maven or using an IDE plugin), using the same rules that we've
set up on Coverity. I think this means we'd check in the rule config
somewhere in svn.
I must confess I don't know what the C/C++ equivalent would be.
Phil
On 16 Jul 2013 15:24, "Steve Huston" <sh...@riverace.com> wrote:
> This would be great, Phil! We currently are not scanning the Java code,
> but it would be great if you can set up the Java scan. If you'd like some
> help from Coverity please let me know - the mgr I worked with to get the
> C++ scan going was eager to get Java projects in as well - but they
> couldn't scan Java at that time.
>
> > -----Original Message-----
> > From: philharveyonline@googlemail.com
> > [mailto:philharveyonline@googlemail.com] On Behalf Of Phil Harvey
> > Sent: Tuesday, July 16, 2013 8:09 AM
> > To: dev@qpid.apache.org
> > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > Hi Steve,
> >
> > I'd be happy to help make sense of the Java results.
> >
> > I'll set up a Coverity account now.
> >
> > Thanks
> > Phil
> >
> >
> > On 2 July 2013 15:43, Steve Huston <sh...@riverace.com> wrote:
> >
> > > Yes, I noticed that too - and Coverity was fairly eager to get a scan
> > > of the Qpid Java code back when we started, but they weren't ready to
> > > scan Java quite yet.
> > >
> > > If anyone would like to tackle the Java scans, and is not yet signed
> > > up at coverity.com, please let me know and I'll help get you going.
> > >
> > > From: Rob Godfrey [mailto:rob.j.godfrey@gmail.com]
> > > Sent: Tuesday, July 02, 2013 10:41 AM
> > > To: qpid
> > > Cc: Steve Huston
> > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > >
> > > As an aside, I notice that they seem to have enabled scanning of Java
> > > projects as well as C++ now... we should maybe look to see what a
> > > coverity scan of the Java code looks like
> > >
> > > -- Rob
> > >
> > > <snip>
> > >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> For additional commands, e-mail: dev-help@qpid.apache.org
>
>
RE: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Steve Huston <sh...@riverace.com>.
This would be great, Phil! We currently are not scanning the Java code, but it would be great if you can set up the Java scan. If you'd like some help from Coverity please let me know - the mgr I worked with to get the C++ scan going was eager to get Java projects in as well - but they couldn't scan Java at that time.
> -----Original Message-----
> From: philharveyonline@googlemail.com
> [mailto:philharveyonline@googlemail.com] On Behalf Of Phil Harvey
> Sent: Tuesday, July 16, 2013 8:09 AM
> To: dev@qpid.apache.org
> Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>
> Hi Steve,
>
> I'd be happy to help make sense of the Java results.
>
> I'll set up a Coverity account now.
>
> Thanks
> Phil
>
>
> On 2 July 2013 15:43, Steve Huston <sh...@riverace.com> wrote:
>
> > Yes, I noticed that too - and Coverity was fairly eager to get a scan
> > of the Qpid Java code back when we started, but they weren't ready to
> > scan Java quite yet.
> >
> > If anyone would like to tackle the Java scans, and is not yet signed
> > up at coverity.com, please let me know and I'll help get you going.
> >
> > From: Rob Godfrey [mailto:rob.j.godfrey@gmail.com]
> > Sent: Tuesday, July 02, 2013 10:41 AM
> > To: qpid
> > Cc: Steve Huston
> > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > As an aside, I notice that they seem to have enabled scanning of Java
> > projects as well as C++ now... we should maybe look to see what a
> > coverity scan of the Java code looks like
> >
> > -- Rob
> >
> > <snip>
> >
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Phil Harvey <ph...@philharveyonline.com>.
Hi Steve,
I'd be happy to help make sense of the Java results.
I'll set up a Coverity account now.
Thanks
Phil
On 2 July 2013 15:43, Steve Huston <sh...@riverace.com> wrote:
> Yes, I noticed that too - and Coverity was fairly eager to get a scan of
> the Qpid Java code back when we started, but they weren't ready to scan
> Java quite yet.
>
> If anyone would like to tackle the Java scans, and is not yet signed up at
> coverity.com, please let me know and I'll help get you going.
>
> From: Rob Godfrey [mailto:rob.j.godfrey@gmail.com]
> Sent: Tuesday, July 02, 2013 10:41 AM
> To: qpid
> Cc: Steve Huston
> Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>
> As an aside, I notice that they seem to have enabled scanning of Java
> projects as well as C++ now... we should maybe look to see what a coverity
> scan of the Java code looks like
>
> -- Rob
>
> <snip>
>
RE: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Steve Huston <sh...@riverace.com>.
Yes, I noticed that too - and Coverity was fairly eager to get a scan of the Qpid Java code back when we started, but they weren't ready to scan Java quite yet.
If anyone would like to tackle the Java scans, and is not yet signed up at coverity.com, please let me know and I'll help get you going.
From: Rob Godfrey [mailto:rob.j.godfrey@gmail.com]
Sent: Tuesday, July 02, 2013 10:41 AM
To: qpid
Cc: Steve Huston
Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
As an aside, I notice that they seem to have enabled scanning of Java projects as well as C++ now... we should maybe look to see what a coverity scan of the Java code looks like
-- Rob
On 2 July 2013 16:16, Ken Giusti <kg...@redhat.com>> wrote:
Hi Steve,
I've made a minor code change that seems to eliminate those locking false positives:
http://svn.apache.org/viewvc?view=revision&revision=1498926
I've tried it against a local installation of Coverity. When you have a chance, can you kick off a coverity scan of upstream and see if we get the same results? If it eliminates the false positives, I'd consider Coverity's behavior buggy and would like to report it.
BTW, I had no luck coming up with a model that would fix the issue. The tools don't give any (obvious) feedback as to how it's interpreting the model - or any way that I could find that would enable debugging of the model to find out what it was actually doing.
-K
----- Original Message -----
> From: "Ken Giusti" <kg...@redhat.com>>
> To: dev@qpid.apache.org<ma...@qpid.apache.org>
> Cc: shuston@riverace.com<ma...@riverace.com>
> Sent: Monday, July 1, 2013 6:46:55 PM
> Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>
> Ok - I'll give it a go, stay tuned.
>
> -K
>
> ----- Original Message -----
> > From: "Steve Huston" <sh...@riverace.com>>
> > To: dev@qpid.apache.org<ma...@qpid.apache.org>
> > Sent: Monday, July 1, 2013 2:32:14 PM
> > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > Yes, there is a way - I can do it, probably because I'm the admin for the
> > project. If you create one, I'll set it up.
> >
> > > -----Original Message-----
> > > From: Ken Giusti [mailto:kgiusti@redhat.com<ma...@redhat.com>]
> > > Sent: Monday, July 01, 2013 2:11 PM
> > > To: dev@qpid.apache.org<ma...@qpid.apache.org>
> > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > >
> > > Hi Steve,
> > >
> > > I've marked that particular error as "false positive" in Coverity
> > > Connect,
> > > but
> > > from what I can tell, the "right" way to fix such lock wrapper classes is
> > > to
> > > create a "model" for those wrapper classes. There's some documentation
> > > here:
> > >
> > > http://scan5.coverity.com:8080/docs/en/cov_checker_ref.html#static_c_ch
> > > ecker_LOCK
> > >
> > >
> > > Is there a way to configure a model file for the coverity checker? A
> > > quick
> > > look
> > > at our project page on the coverity web site didn't seem to allow that.
> > >
> > >
> > > ----- Original Message -----
> > > > From: "Steve Huston" <sh...@riverace.com>>
> > > > To: dev@qpid.apache.org<ma...@qpid.apache.org>
> > > > Sent: Monday, July 1, 2013 1:18:58 PM
> > > > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> > > >
> > > > I agree, Ken. If anyone knows how to make Coverity stop this, please
> > > > let me know. Else I'll check into it. I know there are a few ways to
> > > > mark things as false positive.
> > > >
> > > > > -----Original Message-----
> > > > > From: Ken Giusti [mailto:kgiusti@redhat.com<ma...@redhat.com>]
> > > > > Sent: Monday, July 01, 2013 1:17 PM
> > > > > To: Qpid Dev
> > > > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > > > >
> > > > > Unless I'm missing something subtle, this appears to be a false
> > > > > positive.
> > > > >
> > > > > Coverity marked a few uses of ScopedLock with this error, but not
> > > > > all, which seems curious.
> > > > >
> > > > > -K
> > > > >
> > > > >
> > > > > ----- Forwarded Message -----
> > > > > > From: scan-admin@coverity.com<ma...@coverity.com>
> > > > > > To: dev@qpid.apache.org<ma...@qpid.apache.org>
> > > > > > Sent: Sunday, June 30, 2013 5:39:43 PM
> > > > > > Subject: New Defects reported by Coverity Scan for Apache-Qpid
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > >
> > > > >
> > > __________________________________________________________
> > > > > ____________
> > > > > > __
> > > > > > CID 1040637: Missing unlock (LOCK)
> > > > > >
> > > > > >
> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > > 379 (
> > > > > > lock)
> > > > > > 376
> > > > > > 377 void Connection::doIoCallbacks() {
> > > > > > 378 if (!isOpen()) return; // Don't process IO callbacks
> > > > > > until
> > > > > > we
> > > > > > are open.
> > > > > > >>>
> > > > > "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mute
> > > > > x
> > > > > &)"
> > > > > > >>> locks "this->ioCallbackLock.mutex".
> > > > > > 379 ScopedLock<Mutex> l(ioCallbackLock);
> > > > > > 380 while (!ioCallbacks.empty()) {
> > > > > > 381 boost::function0<void> cb = ioCallbacks.front();
> > > > > > 382 ioCallbacks.pop();
> > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > > >
> > > > > >
> > > > > >
> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > > 386 (
> > > > > > missing_unlock)
> > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > > > 384 cb(); // Lend the IO thread for management
> > > > > > processing
> > > > > > 385 }
> > > > > > >>> CID 1040637: Missing unlock (LOCK) Returning without unlocking
> > > > > > >>> "this->ioCallbackLock.mutex".
> > > > > > 386 }
> > > > > > 387
> > > > > > 388 bool Connection::doOutput() {
> > > > > > 389 try {
> > > > > > 390 doIoCallbacks();
> > > > > >
> > > > > >
> > > > >
> > > __________________________________________________________
> > > > > ____________
> > > > > > __ To view the defects in Coverity Scan visit,
> > > > > > http://scan.coverity.com
> > > > > >
> > > > > > To unsubscribe from the email notification for new defects,
> > > > > > http://scan5.coverity.com/cgi-bin/unsubscribe.py
> > > > > >
> > > > >
> > > > >
> > > > > --------------------------------------------------------------------
> > > > > - To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org<ma...@qpid.apache.org> For
> > > > > additional commands, e-mail: dev-help@qpid.apache.org<ma...@qpid.apache.org>
> > > >
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org<ma...@qpid.apache.org> For additional
> > > > commands, e-mail: dev-help@qpid.apache.org<ma...@qpid.apache.org>
> > > >
> > >
> > > --
> > > -K
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org<ma...@qpid.apache.org> For additional
> > > commands, e-mail: dev-help@qpid.apache.org<ma...@qpid.apache.org>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org<ma...@qpid.apache.org>
> > For additional commands, e-mail: dev-help@qpid.apache.org<ma...@qpid.apache.org>
> >
>
> --
> -K
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org<ma...@qpid.apache.org>
> For additional commands, e-mail: dev-help@qpid.apache.org<ma...@qpid.apache.org>
>
>
--
-K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org<ma...@qpid.apache.org>
For additional commands, e-mail: dev-help@qpid.apache.org<ma...@qpid.apache.org>
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Rob Godfrey <ro...@gmail.com>.
As an aside, I notice that they seem to have enabled scanning of Java
projects as well as C++ now... we should maybe look to see what a coverity
scan of the Java code looks like
-- Rob
On 2 July 2013 16:16, Ken Giusti <kg...@redhat.com> wrote:
> Hi Steve,
>
> I've made a minor code change that seems to eliminate those locking false
> positives:
>
> http://svn.apache.org/viewvc?view=revision&revision=1498926
>
> I've tried it against a local installation of Coverity. When you have a
> chance, can you kick off a coverity scan of upstream and see if we get the
> same results? If it eliminates the false positives, I'd consider
> Coverity's behavior buggy and would like to report it.
>
> BTW, I had no luck coming up with a model that would fix the issue. The
> tools don't give any (obvious) feedback as to how it's interpreting the
> model - or any way that I could find that would enable debugging of the
> model to find out what it was actually doing.
>
> -K
>
>
> ----- Original Message -----
> > From: "Ken Giusti" <kg...@redhat.com>
> > To: dev@qpid.apache.org
> > Cc: shuston@riverace.com
> > Sent: Monday, July 1, 2013 6:46:55 PM
> > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > Ok - I'll give it a go, stay tuned.
> >
> > -K
> >
> > ----- Original Message -----
> > > From: "Steve Huston" <sh...@riverace.com>
> > > To: dev@qpid.apache.org
> > > Sent: Monday, July 1, 2013 2:32:14 PM
> > > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> > >
> > > Yes, there is a way - I can do it, probably because I'm the admin for
> the
> > > project. If you create one, I'll set it up.
> > >
> > > > -----Original Message-----
> > > > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > > > Sent: Monday, July 01, 2013 2:11 PM
> > > > To: dev@qpid.apache.org
> > > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > > >
> > > > Hi Steve,
> > > >
> > > > I've marked that particular error as "false positive" in Coverity
> > > > Connect,
> > > > but
> > > > from what I can tell, the "right" way to fix such lock wrapper
> classes is
> > > > to
> > > > create a "model" for those wrapper classes. There's some
> documentation
> > > > here:
> > > >
> > > >
> http://scan5.coverity.com:8080/docs/en/cov_checker_ref.html#static_c_ch
> > > > ecker_LOCK
> > > >
> > > >
> > > > Is there a way to configure a model file for the coverity checker? A
> > > > quick
> > > > look
> > > > at our project page on the coverity web site didn't seem to allow
> that.
> > > >
> > > >
> > > > ----- Original Message -----
> > > > > From: "Steve Huston" <sh...@riverace.com>
> > > > > To: dev@qpid.apache.org
> > > > > Sent: Monday, July 1, 2013 1:18:58 PM
> > > > > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> > > > >
> > > > > I agree, Ken. If anyone knows how to make Coverity stop this,
> please
> > > > > let me know. Else I'll check into it. I know there are a few ways
> to
> > > > > mark things as false positive.
> > > > >
> > > > > > -----Original Message-----
> > > > > > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > > > > > Sent: Monday, July 01, 2013 1:17 PM
> > > > > > To: Qpid Dev
> > > > > > Subject: Re: New Defects reported by Coverity Scan for
> Apache-Qpid
> > > > > >
> > > > > > Unless I'm missing something subtle, this appears to be a false
> > > > > > positive.
> > > > > >
> > > > > > Coverity marked a few uses of ScopedLock with this error, but not
> > > > > > all, which seems curious.
> > > > > >
> > > > > > -K
> > > > > >
> > > > > >
> > > > > > ----- Forwarded Message -----
> > > > > > > From: scan-admin@coverity.com
> > > > > > > To: dev@qpid.apache.org
> > > > > > > Sent: Sunday, June 30, 2013 5:39:43 PM
> > > > > > > Subject: New Defects reported by Coverity Scan for Apache-Qpid
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > > >
> > > > > >
> > > > __________________________________________________________
> > > > > > ____________
> > > > > > > __
> > > > > > > CID 1040637: Missing unlock (LOCK)
> > > > > > >
> > > > > > >
> > > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > > > 379 (
> > > > > > > lock)
> > > > > > > 376
> > > > > > > 377 void Connection::doIoCallbacks() {
> > > > > > > 378 if (!isOpen()) return; // Don't process IO
> callbacks
> > > > > > > until
> > > > > > > we
> > > > > > > are open.
> > > > > > > >>>
> > > > > >
> "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mute
> > > > > > x
> > > > > > &)"
> > > > > > > >>> locks "this->ioCallbackLock.mutex".
> > > > > > > 379 ScopedLock<Mutex> l(ioCallbackLock);
> > > > > > > 380 while (!ioCallbacks.empty()) {
> > > > > > > 381 boost::function0<void> cb =
> ioCallbacks.front();
> > > > > > > 382 ioCallbacks.pop();
> > > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > > > >
> > > > > > >
> > > > > > >
> > > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > > > 386 (
> > > > > > > missing_unlock)
> > > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > > > > 384 cb(); // Lend the IO thread for management
> > > > > > > processing
> > > > > > > 385 }
> > > > > > > >>> CID 1040637: Missing unlock (LOCK) Returning without
> unlocking
> > > > > > > >>> "this->ioCallbackLock.mutex".
> > > > > > > 386 }
> > > > > > > 387
> > > > > > > 388 bool Connection::doOutput() {
> > > > > > > 389 try {
> > > > > > > 390 doIoCallbacks();
> > > > > > >
> > > > > > >
> > > > > >
> > > > __________________________________________________________
> > > > > > ____________
> > > > > > > __ To view the defects in Coverity Scan visit,
> > > > > > > http://scan.coverity.com
> > > > > > >
> > > > > > > To unsubscribe from the email notification for new defects,
> > > > > > > http://scan5.coverity.com/cgi-bin/unsubscribe.py
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> --------------------------------------------------------------------
> > > > > > - To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
> > > > > > additional commands, e-mail: dev-help@qpid.apache.org
> > > > >
> > > > >
> > > > >
> ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
> additional
> > > > > commands, e-mail: dev-help@qpid.apache.org
> > > > >
> > > >
> > > > --
> > > > -K
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
> additional
> > > > commands, e-mail: dev-help@qpid.apache.org
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> > > For additional commands, e-mail: dev-help@qpid.apache.org
> > >
> >
> > --
> > -K
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> > For additional commands, e-mail: dev-help@qpid.apache.org
> >
> >
>
> --
> -K
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> For additional commands, e-mail: dev-help@qpid.apache.org
>
>
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Ken Giusti <kg...@redhat.com>.
Hi Steve,
I've made a minor code change that seems to eliminate those locking false positives:
http://svn.apache.org/viewvc?view=revision&revision=1498926
I've tried it against a local installation of Coverity. When you have a chance, can you kick off a coverity scan of upstream and see if we get the same results? If it eliminates the false positives, I'd consider Coverity's behavior buggy and would like to report it.
BTW, I had no luck coming up with a model that would fix the issue. The tools don't give any (obvious) feedback as to how it's interpreting the model - or any way that I could find that would enable debugging of the model to find out what it was actually doing.
-K
----- Original Message -----
> From: "Ken Giusti" <kg...@redhat.com>
> To: dev@qpid.apache.org
> Cc: shuston@riverace.com
> Sent: Monday, July 1, 2013 6:46:55 PM
> Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>
> Ok - I'll give it a go, stay tuned.
>
> -K
>
> ----- Original Message -----
> > From: "Steve Huston" <sh...@riverace.com>
> > To: dev@qpid.apache.org
> > Sent: Monday, July 1, 2013 2:32:14 PM
> > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > Yes, there is a way - I can do it, probably because I'm the admin for the
> > project. If you create one, I'll set it up.
> >
> > > -----Original Message-----
> > > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > > Sent: Monday, July 01, 2013 2:11 PM
> > > To: dev@qpid.apache.org
> > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > >
> > > Hi Steve,
> > >
> > > I've marked that particular error as "false positive" in Coverity
> > > Connect,
> > > but
> > > from what I can tell, the "right" way to fix such lock wrapper classes is
> > > to
> > > create a "model" for those wrapper classes. There's some documentation
> > > here:
> > >
> > > http://scan5.coverity.com:8080/docs/en/cov_checker_ref.html#static_c_ch
> > > ecker_LOCK
> > >
> > >
> > > Is there a way to configure a model file for the coverity checker? A
> > > quick
> > > look
> > > at our project page on the coverity web site didn't seem to allow that.
> > >
> > >
> > > ----- Original Message -----
> > > > From: "Steve Huston" <sh...@riverace.com>
> > > > To: dev@qpid.apache.org
> > > > Sent: Monday, July 1, 2013 1:18:58 PM
> > > > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> > > >
> > > > I agree, Ken. If anyone knows how to make Coverity stop this, please
> > > > let me know. Else I'll check into it. I know there are a few ways to
> > > > mark things as false positive.
> > > >
> > > > > -----Original Message-----
> > > > > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > > > > Sent: Monday, July 01, 2013 1:17 PM
> > > > > To: Qpid Dev
> > > > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > > > >
> > > > > Unless I'm missing something subtle, this appears to be a false
> > > > > positive.
> > > > >
> > > > > Coverity marked a few uses of ScopedLock with this error, but not
> > > > > all, which seems curious.
> > > > >
> > > > > -K
> > > > >
> > > > >
> > > > > ----- Forwarded Message -----
> > > > > > From: scan-admin@coverity.com
> > > > > > To: dev@qpid.apache.org
> > > > > > Sent: Sunday, June 30, 2013 5:39:43 PM
> > > > > > Subject: New Defects reported by Coverity Scan for Apache-Qpid
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > > >
> > > > >
> > > __________________________________________________________
> > > > > ____________
> > > > > > __
> > > > > > CID 1040637: Missing unlock (LOCK)
> > > > > >
> > > > > >
> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > > 379 (
> > > > > > lock)
> > > > > > 376
> > > > > > 377 void Connection::doIoCallbacks() {
> > > > > > 378 if (!isOpen()) return; // Don't process IO callbacks
> > > > > > until
> > > > > > we
> > > > > > are open.
> > > > > > >>>
> > > > > "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mute
> > > > > x
> > > > > &)"
> > > > > > >>> locks "this->ioCallbackLock.mutex".
> > > > > > 379 ScopedLock<Mutex> l(ioCallbackLock);
> > > > > > 380 while (!ioCallbacks.empty()) {
> > > > > > 381 boost::function0<void> cb = ioCallbacks.front();
> > > > > > 382 ioCallbacks.pop();
> > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > > >
> > > > > >
> > > > > >
> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > > 386 (
> > > > > > missing_unlock)
> > > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > > > 384 cb(); // Lend the IO thread for management
> > > > > > processing
> > > > > > 385 }
> > > > > > >>> CID 1040637: Missing unlock (LOCK) Returning without unlocking
> > > > > > >>> "this->ioCallbackLock.mutex".
> > > > > > 386 }
> > > > > > 387
> > > > > > 388 bool Connection::doOutput() {
> > > > > > 389 try {
> > > > > > 390 doIoCallbacks();
> > > > > >
> > > > > >
> > > > >
> > > __________________________________________________________
> > > > > ____________
> > > > > > __ To view the defects in Coverity Scan visit,
> > > > > > http://scan.coverity.com
> > > > > >
> > > > > > To unsubscribe from the email notification for new defects,
> > > > > > http://scan5.coverity.com/cgi-bin/unsubscribe.py
> > > > > >
> > > > >
> > > > >
> > > > > --------------------------------------------------------------------
> > > > > - To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
> > > > > additional commands, e-mail: dev-help@qpid.apache.org
> > > >
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> > > > commands, e-mail: dev-help@qpid.apache.org
> > > >
> > >
> > > --
> > > -K
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> > > commands, e-mail: dev-help@qpid.apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> > For additional commands, e-mail: dev-help@qpid.apache.org
> >
>
> --
> -K
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> For additional commands, e-mail: dev-help@qpid.apache.org
>
>
--
-K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Ken Giusti <kg...@redhat.com>.
Ok - I'll give it a go, stay tuned.
-K
----- Original Message -----
> From: "Steve Huston" <sh...@riverace.com>
> To: dev@qpid.apache.org
> Sent: Monday, July 1, 2013 2:32:14 PM
> Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
>
> Yes, there is a way - I can do it, probably because I'm the admin for the
> project. If you create one, I'll set it up.
>
> > -----Original Message-----
> > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > Sent: Monday, July 01, 2013 2:11 PM
> > To: dev@qpid.apache.org
> > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > Hi Steve,
> >
> > I've marked that particular error as "false positive" in Coverity Connect,
> > but
> > from what I can tell, the "right" way to fix such lock wrapper classes is
> > to
> > create a "model" for those wrapper classes. There's some documentation
> > here:
> >
> > http://scan5.coverity.com:8080/docs/en/cov_checker_ref.html#static_c_ch
> > ecker_LOCK
> >
> >
> > Is there a way to configure a model file for the coverity checker? A quick
> > look
> > at our project page on the coverity web site didn't seem to allow that.
> >
> >
> > ----- Original Message -----
> > > From: "Steve Huston" <sh...@riverace.com>
> > > To: dev@qpid.apache.org
> > > Sent: Monday, July 1, 2013 1:18:58 PM
> > > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> > >
> > > I agree, Ken. If anyone knows how to make Coverity stop this, please
> > > let me know. Else I'll check into it. I know there are a few ways to
> > > mark things as false positive.
> > >
> > > > -----Original Message-----
> > > > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > > > Sent: Monday, July 01, 2013 1:17 PM
> > > > To: Qpid Dev
> > > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > > >
> > > > Unless I'm missing something subtle, this appears to be a false
> > > > positive.
> > > >
> > > > Coverity marked a few uses of ScopedLock with this error, but not
> > > > all, which seems curious.
> > > >
> > > > -K
> > > >
> > > >
> > > > ----- Forwarded Message -----
> > > > > From: scan-admin@coverity.com
> > > > > To: dev@qpid.apache.org
> > > > > Sent: Sunday, June 30, 2013 5:39:43 PM
> > > > > Subject: New Defects reported by Coverity Scan for Apache-Qpid
> > > > >
> > > > >
> > > >
> > > >
> > > > >
> > > >
> > __________________________________________________________
> > > > ____________
> > > > > __
> > > > > CID 1040637: Missing unlock (LOCK)
> > > > >
> > > > >
> > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > 379 (
> > > > > lock)
> > > > > 376
> > > > > 377 void Connection::doIoCallbacks() {
> > > > > 378 if (!isOpen()) return; // Don't process IO callbacks
> > > > > until
> > > > > we
> > > > > are open.
> > > > > >>>
> > > > "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mute
> > > > x
> > > > &)"
> > > > > >>> locks "this->ioCallbackLock.mutex".
> > > > > 379 ScopedLock<Mutex> l(ioCallbackLock);
> > > > > 380 while (!ioCallbacks.empty()) {
> > > > > 381 boost::function0<void> cb = ioCallbacks.front();
> > > > > 382 ioCallbacks.pop();
> > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > >
> > > > >
> > > > >
> > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > > 386 (
> > > > > missing_unlock)
> > > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > > 384 cb(); // Lend the IO thread for management
> > > > > processing
> > > > > 385 }
> > > > > >>> CID 1040637: Missing unlock (LOCK) Returning without unlocking
> > > > > >>> "this->ioCallbackLock.mutex".
> > > > > 386 }
> > > > > 387
> > > > > 388 bool Connection::doOutput() {
> > > > > 389 try {
> > > > > 390 doIoCallbacks();
> > > > >
> > > > >
> > > >
> > __________________________________________________________
> > > > ____________
> > > > > __ To view the defects in Coverity Scan visit,
> > > > > http://scan.coverity.com
> > > > >
> > > > > To unsubscribe from the email notification for new defects,
> > > > > http://scan5.coverity.com/cgi-bin/unsubscribe.py
> > > > >
> > > >
> > > >
> > > > --------------------------------------------------------------------
> > > > - To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
> > > > additional commands, e-mail: dev-help@qpid.apache.org
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> > > commands, e-mail: dev-help@qpid.apache.org
> > >
> >
> > --
> > -K
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> > commands, e-mail: dev-help@qpid.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> For additional commands, e-mail: dev-help@qpid.apache.org
>
--
-K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
RE: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Steve Huston <sh...@riverace.com>.
Yes, there is a way - I can do it, probably because I'm the admin for the project. If you create one, I'll set it up.
> -----Original Message-----
> From: Ken Giusti [mailto:kgiusti@redhat.com]
> Sent: Monday, July 01, 2013 2:11 PM
> To: dev@qpid.apache.org
> Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>
> Hi Steve,
>
> I've marked that particular error as "false positive" in Coverity Connect, but
> from what I can tell, the "right" way to fix such lock wrapper classes is to
> create a "model" for those wrapper classes. There's some documentation
> here:
>
> http://scan5.coverity.com:8080/docs/en/cov_checker_ref.html#static_c_ch
> ecker_LOCK
>
>
> Is there a way to configure a model file for the coverity checker? A quick look
> at our project page on the coverity web site didn't seem to allow that.
>
>
> ----- Original Message -----
> > From: "Steve Huston" <sh...@riverace.com>
> > To: dev@qpid.apache.org
> > Sent: Monday, July 1, 2013 1:18:58 PM
> > Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > I agree, Ken. If anyone knows how to make Coverity stop this, please
> > let me know. Else I'll check into it. I know there are a few ways to
> > mark things as false positive.
> >
> > > -----Original Message-----
> > > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > > Sent: Monday, July 01, 2013 1:17 PM
> > > To: Qpid Dev
> > > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> > >
> > > Unless I'm missing something subtle, this appears to be a false positive.
> > >
> > > Coverity marked a few uses of ScopedLock with this error, but not
> > > all, which seems curious.
> > >
> > > -K
> > >
> > >
> > > ----- Forwarded Message -----
> > > > From: scan-admin@coverity.com
> > > > To: dev@qpid.apache.org
> > > > Sent: Sunday, June 30, 2013 5:39:43 PM
> > > > Subject: New Defects reported by Coverity Scan for Apache-Qpid
> > > >
> > > >
> > >
> > >
> > > >
> > >
> __________________________________________________________
> > > ____________
> > > > __
> > > > CID 1040637: Missing unlock (LOCK)
> > > >
> > > >
> /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > 379 (
> > > > lock)
> > > > 376
> > > > 377 void Connection::doIoCallbacks() {
> > > > 378 if (!isOpen()) return; // Don't process IO callbacks until
> > > > we
> > > > are open.
> > > > >>>
> > > "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mute
> > > x
> > > &)"
> > > > >>> locks "this->ioCallbackLock.mutex".
> > > > 379 ScopedLock<Mutex> l(ioCallbackLock);
> > > > 380 while (!ioCallbacks.empty()) {
> > > > 381 boost::function0<void> cb = ioCallbacks.front();
> > > > 382 ioCallbacks.pop();
> > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > >
> > > >
> > > >
> /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > > 386 (
> > > > missing_unlock)
> > > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > > 384 cb(); // Lend the IO thread for management processing
> > > > 385 }
> > > > >>> CID 1040637: Missing unlock (LOCK) Returning without unlocking
> > > > >>> "this->ioCallbackLock.mutex".
> > > > 386 }
> > > > 387
> > > > 388 bool Connection::doOutput() {
> > > > 389 try {
> > > > 390 doIoCallbacks();
> > > >
> > > >
> > >
> __________________________________________________________
> > > ____________
> > > > __ To view the defects in Coverity Scan visit,
> > > > http://scan.coverity.com
> > > >
> > > > To unsubscribe from the email notification for new defects,
> > > > http://scan5.coverity.com/cgi-bin/unsubscribe.py
> > > >
> > >
> > >
> > > --------------------------------------------------------------------
> > > - To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For
> > > additional commands, e-mail: dev-help@qpid.apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> > commands, e-mail: dev-help@qpid.apache.org
> >
>
> --
> -K
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> commands, e-mail: dev-help@qpid.apache.org
Re: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Ken Giusti <kg...@redhat.com>.
Hi Steve,
I've marked that particular error as "false positive" in Coverity Connect, but from what I can tell, the "right" way to fix such lock wrapper classes is to create a "model" for those wrapper classes. There's some documentation here:
http://scan5.coverity.com:8080/docs/en/cov_checker_ref.html#static_c_checker_LOCK
Is there a way to configure a model file for the coverity checker? A quick look at our project page on the coverity web site didn't seem to allow that.
----- Original Message -----
> From: "Steve Huston" <sh...@riverace.com>
> To: dev@qpid.apache.org
> Sent: Monday, July 1, 2013 1:18:58 PM
> Subject: RE: New Defects reported by Coverity Scan for Apache-Qpid
>
> I agree, Ken. If anyone knows how to make Coverity stop this, please let me
> know. Else I'll check into it. I know there are a few ways to mark things as
> false positive.
>
> > -----Original Message-----
> > From: Ken Giusti [mailto:kgiusti@redhat.com]
> > Sent: Monday, July 01, 2013 1:17 PM
> > To: Qpid Dev
> > Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
> >
> > Unless I'm missing something subtle, this appears to be a false positive.
> >
> > Coverity marked a few uses of ScopedLock with this error, but not all,
> > which
> > seems curious.
> >
> > -K
> >
> >
> > ----- Forwarded Message -----
> > > From: scan-admin@coverity.com
> > > To: dev@qpid.apache.org
> > > Sent: Sunday, June 30, 2013 5:39:43 PM
> > > Subject: New Defects reported by Coverity Scan for Apache-Qpid
> > >
> > >
> >
> >
> > >
> > __________________________________________________________
> > ____________
> > > __
> > > CID 1040637: Missing unlock (LOCK)
> > >
> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > 379 (
> > > lock)
> > > 376
> > > 377 void Connection::doIoCallbacks() {
> > > 378 if (!isOpen()) return; // Don't process IO callbacks until
> > > we
> > > are open.
> > > >>>
> > "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mutex
> > &)"
> > > >>> locks "this->ioCallbackLock.mutex".
> > > 379 ScopedLock<Mutex> l(ioCallbackLock);
> > > 380 while (!ioCallbacks.empty()) {
> > > 381 boost::function0<void> cb = ioCallbacks.front();
> > > 382 ioCallbacks.pop();
> > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > >
> > >
> > > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > > 386 (
> > > missing_unlock)
> > > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > > 384 cb(); // Lend the IO thread for management processing
> > > 385 }
> > > >>> CID 1040637: Missing unlock (LOCK) Returning without unlocking
> > > >>> "this->ioCallbackLock.mutex".
> > > 386 }
> > > 387
> > > 388 bool Connection::doOutput() {
> > > 389 try {
> > > 390 doIoCallbacks();
> > >
> > >
> > __________________________________________________________
> > ____________
> > > __ To view the defects in Coverity Scan visit,
> > > http://scan.coverity.com
> > >
> > > To unsubscribe from the email notification for new defects,
> > > http://scan5.coverity.com/cgi-bin/unsubscribe.py
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> > commands, e-mail: dev-help@qpid.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> For additional commands, e-mail: dev-help@qpid.apache.org
>
--
-K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org
RE: New Defects reported by Coverity Scan for Apache-Qpid
Posted by Steve Huston <sh...@riverace.com>.
I agree, Ken. If anyone knows how to make Coverity stop this, please let me know. Else I'll check into it. I know there are a few ways to mark things as false positive.
> -----Original Message-----
> From: Ken Giusti [mailto:kgiusti@redhat.com]
> Sent: Monday, July 01, 2013 1:17 PM
> To: Qpid Dev
> Subject: Re: New Defects reported by Coverity Scan for Apache-Qpid
>
> Unless I'm missing something subtle, this appears to be a false positive.
>
> Coverity marked a few uses of ScopedLock with this error, but not all, which
> seems curious.
>
> -K
>
>
> ----- Forwarded Message -----
> > From: scan-admin@coverity.com
> > To: dev@qpid.apache.org
> > Sent: Sunday, June 30, 2013 5:39:43 PM
> > Subject: New Defects reported by Coverity Scan for Apache-Qpid
> >
> >
>
>
> >
> __________________________________________________________
> ____________
> > __
> > CID 1040637: Missing unlock (LOCK)
> >
> > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > 379 (
> > lock)
> > 376
> > 377 void Connection::doIoCallbacks() {
> > 378 if (!isOpen()) return; // Don't process IO callbacks until we
> > are open.
> > >>>
> "qpid::sys::ScopedLock<qpid::sys::Mutex>::ScopedLock(qpid::sys::Mutex
> &)"
> > >>> locks "this->ioCallbackLock.mutex".
> > 379 ScopedLock<Mutex> l(ioCallbackLock);
> > 380 while (!ioCallbacks.empty()) {
> > 381 boost::function0<void> cb = ioCallbacks.front();
> > 382 ioCallbacks.pop();
> > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> >
> >
> > /qpidbuilds/trunk/qpid/cpp/src/qpid/broker/amqp_0_10/Connection.cpp:
> > 386 (
> > missing_unlock)
> > 383 ScopedUnlock<Mutex> ul(ioCallbackLock);
> > 384 cb(); // Lend the IO thread for management processing
> > 385 }
> > >>> CID 1040637: Missing unlock (LOCK) Returning without unlocking
> > >>> "this->ioCallbackLock.mutex".
> > 386 }
> > 387
> > 388 bool Connection::doOutput() {
> > 389 try {
> > 390 doIoCallbacks();
> >
> >
> __________________________________________________________
> ____________
> > __ To view the defects in Coverity Scan visit,
> > http://scan.coverity.com
> >
> > To unsubscribe from the email notification for new defects,
> > http://scan5.coverity.com/cgi-bin/unsubscribe.py
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org For additional
> commands, e-mail: dev-help@qpid.apache.org