Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Having issue to compile criu 1.2 on Ubuntu #1

Closed
bugrax opened this issue Apr 22, 2014 · 9 comments
Closed

Having issue to compile criu 1.2 on Ubuntu #1

bugrax opened this issue Apr 22, 2014 · 9 comments

Comments

@bugrax
Copy link

bugrax commented Apr 22, 2014

Hi Guys,
I tried to install criu on precise and trusty,I went through the installation process of protobuf,protobuf-c and stuck on criu. I am getting this error when I do make && make config && make install:
pie/restorer.c: In function ‘restore_mapping’:
pie/restorer.c:355:21: error: expected ‘)’ before ‘PRIx64’
pr_debug("\tmmap(%"PRIx64" -> %"PRIx64", %x %x %d)\n",

Thanks

@avagin
Copy link
Member

avagin commented Apr 22, 2014

Could you try to define __STDC_FORMAT_MACROS?
make V=1 USERCFLAGS="-D__STDC_FORMAT_MACROS"

@bugrax
Copy link
Author

bugrax commented Apr 24, 2014

Hi Avagin, this is the output
bash -c "echo 'OUTPUT_ARCH(i386:x86-64)' > pie/pie.lds.S"
bash -c "cat pie/pie.lds.S.in >> pie/pie.lds.S"
ld -T pie/pie.lds.S -o pie/parasite.built-in.bin.o pie/parasite.built-in.o
objcopy -O binary pie/parasite.built-in.bin.o pie/parasite.built-in.bin
bash pie/../scripts/gen-offsets.sh pie/parasite parasite > pie/parasite-blob.h
gcc -c -D__STDC_FORMAT_MACROS -O2 -Wall -Werror -DCONFIG_X86_64 -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -iquote include -iquote pie -iquote . -iquote arch/x86 -iquote arch/x86/include -fno-strict-aliasing -DCR_NOGLIBC -fpie -Wa,--noexecstack -fno-stack-protector pie/restorer.c -o pie/restorer.o
pie/restorer.c: In function ‘restore_mapping’:
pie/restorer.c:355:2: error: expected ‘)’ before ‘PRIx64’
pie/restorer.c:355:2: error: spurious trailing ‘%’ in format [-Werror=format]
pie/restorer.c: In function ‘__export_restore_task’:
pie/restorer.c:706:4: error: expected ‘)’ before ‘PRIx64’
pie/restorer.c:706:4: error: format ‘%s’ expects a matching ‘char ’ argument [-Werror=format]
pie/restorer.c:706:4: error: format ‘%d’ expects a matching ‘int’ argument [-Werror=format]
pie/restorer.c:706:4: error: spurious trailing ‘%’ in format [-Werror=format]
pie/restorer.c:755:6: error: expected ‘)’ before ‘PRIx64’
pie/restorer.c:755:6: error: format ‘%s’ expects a matching ‘char *’ argument [-Werror=format]
pie/restorer.c:755:6: error: format ‘%d’ expects a matching ‘int’ argument [-Werror=format]
pie/restorer.c:755:6: error: spurious trailing ‘%’ in format [-Werror=format]
cc1: all warnings being treated as errors
make[1]: *
* [pie/restorer.o] Error 1
make[1]: Leaving directory `/root/criu'

@cyrillos
Copy link
Member

could you please add

#include <inttypes.h>

somewhere at top of pie/restorer.c (ie near other #include there) and check if it help?

@cyrillos
Copy link
Member

#include <inttypes.h> I mean

@cyrillos
Copy link
Member

Or you can grab patch from https://bugzilla.openvz.org/show_bug.cgi?id=2949 and test if it fixes the problem (download it then do git am "patch filename" and compile the criu)

@bugrax
Copy link
Author

bugrax commented Apr 24, 2014

@cyrillos patch works! I tested. Thanks

@cyrillos
Copy link
Member

Thanks! I'll send it upstream.

@cyrillos
Copy link
Member

Could you very please test an updated version of the patch? https://bugzilla.openvz.org/show_bug.cgi?id=2949

@xemul
Copy link
Member

xemul commented Apr 25, 2014

xemul@0c89d77

@xemul xemul closed this as completed Apr 25, 2014
xemul pushed a commit that referenced this issue Aug 7, 2014
CID 1168169 (#1 of 1): Dereference after null check (FORWARD_NULL)
7. var_deref_model: Passing "mi" to function "do_bind_mount(struct
   mount_info *)", which dereferences null "mi->bind"

Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
xemul pushed a commit that referenced this issue Aug 7, 2014
CID 1230179 (#1 of 1): Resource leak (RESOURCE_LEAK)
15. leaked_storage: Variable "ncd" going out of scope leaks the storage
it points to.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
xemul pushed a commit that referenced this issue Sep 4, 2014
It is called from prepare_cgroup_sfd() and cr_restore_tasks().

+ criu restore --file-locks --tcp-established --evasive-devices --link-remap --root /var/lib/vz/root/101 --restore-detached --action-script /usr/local/libexec/vzctl/scripts/vps-rst-env -D /vz/dump/Dump.101 -o restore.log -vvvv --pidfile /var/lib/vzctl/vepid/101
*** Error in `criu': double free or corruption (fasttop): 0x00000000006bcd40 ***

Program terminated with signal 6, Aborted.
Missing separate debuginfos, use: debuginfo-install glibc-2.17-20.fc19.x86_64 libgcc-4.8.3-1.fc19.x86_64 protobuf-c-0.15-7.fc19.x86_64
(gdb) bt
 #0  0x00007ffff72179e9 in raise () from /lib64/libc.so.6
 #1  0x00007ffff72190f8 in abort () from /lib64/libc.so.6
 #2  0x00007ffff7257d17 in __libc_message () from /lib64/libc.so.6
 #3  0x00007ffff725f0b8 in _int_free () from /lib64/libc.so.6
 #4  0x0000000000426971 in cr_restore_tasks () at cr-restore.c:1833
 #5  0x0000000000418426 in main (argc=<optimized out>, argv=0x7fffffffeb38, envp=<optimized out>) at crtools.c:479

Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73379 (#1 of 1): Use after free (USE_AFTER_FREE)
31. deref_arg: Calling fclose dereferences freed pointer fp.
avagin referenced this issue in avagin/criu Oct 31, 2014
This function doesn't allocate memory, so it should not release it.

CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE)
14. deref_arg: Calling munmap dereferences freed pointer addr.
avagin referenced this issue in avagin/criu Oct 31, 2014
list_for_each_entry_safe() should be used, you we are going to delete
something from a list.

CID 73383 (#1 of 1): Read from pointer after free (USE_AFTER_FREE)
4. deref_after_free: Dereferencing freed pointer prop.

Cc: Tycho Andersen <tycho.andersen@canonical.com>
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73354 (#1 of 1): Resource leak (RESOURCE_LEAK)
9. leaked_handle: Handle variable sock going out of scope leaks the handle
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73355 (#1 of 1): Out-of-bounds write (OVERRUN)
6. overrun-local: Overrunning array loc_buf of 4096 bytes at byte offset 4096 using index ret (which evaluates to 4096).
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73345 (#1 of 1): String not null terminated (STRING_NULL)
2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.]

Cc: Tycho Andersen <tycho.andersen@canonical.com>
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73379 (#1 of 1): Use after free (USE_AFTER_FREE)
31. deref_arg: Calling fclose dereferences freed pointer fp.
avagin referenced this issue in avagin/criu Oct 31, 2014
This function doesn't allocate memory, so it should not release it.

CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE)
14. deref_arg: Calling munmap dereferences freed pointer addr.
avagin referenced this issue in avagin/criu Oct 31, 2014
list_for_each_entry_safe() should be used, you we are going to delete
something from a list.

CID 73383 (#1 of 1): Read from pointer after free (USE_AFTER_FREE)
4. deref_after_free: Dereferencing freed pointer prop.

Cc: Tycho Andersen <tycho.andersen@canonical.com>
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73354 (#1 of 1): Resource leak (RESOURCE_LEAK)
9. leaked_handle: Handle variable sock going out of scope leaks the handle
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73355 (#1 of 1): Out-of-bounds write (OVERRUN)
6. overrun-local: Overrunning array loc_buf of 4096 bytes at byte offset 4096 using index ret (which evaluates to 4096).
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73345 (#1 of 1): String not null terminated (STRING_NULL)
2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.]

Cc: Tycho Andersen <tycho.andersen@canonical.com>
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73345 (#1 of 1): String not null terminated (STRING_NULL)
2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.]

Cc: Tycho Andersen <tycho.andersen@canonical.com>
avagin referenced this issue in avagin/criu Oct 31, 2014
I think this version of code is a bit more readable.
It doesn't do memcpy and doesn't allocate FILE.
Everyone knows arguments for read(), but only a few of
us know arguments for fread().

CID 73345 (#1 of 1): String not null terminated (STRING_NULL)
2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.]

Cc: Tycho Andersen <tycho.andersen@canonical.com>
avagin referenced this issue in avagin/criu Oct 31, 2014
CID 73379 (#1 of 1): Use after free (USE_AFTER_FREE)
31. deref_arg: Calling fclose dereferences freed pointer fp.
avagin referenced this issue in avagin/criu Oct 31, 2014
This function doesn't allocate memory, so it should not release it.

CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE)
14. deref_arg: Calling munmap dereferences freed pointer addr.
avagin referenced this issue in avagin/criu Oct 31, 2014
list_for_each_entry_safe() should be used, you we are going to delete
something from a list.

CID 73383 (#1 of 1): Read from pointer after free (USE_AFTER_FREE)
4. deref_after_free: Dereferencing freed pointer prop.

Cc: Tycho Andersen <tycho.andersen@canonical.com>
adrianreber pushed a commit that referenced this issue Mar 14, 2022
coverity CID 389187:

3193int veth_pair_add(char *in, char *out)
3194{
3195        char *e_str;
3196
    1. alloc_fn: Storage is returned from allocation function malloc.
    2. var_assign: Assigning: ___p = storage returned from malloc(200UL).
    3. Condition !___p, taking false branch.
    4. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
    5. var_assign: Assigning: e_str = ({...; ___p;}).
3197        e_str = xmalloc(200); /* For 3 IFNAMSIZ + 8 service characters */
    6. Condition !e_str, taking false branch.
3198        if (!e_str)
3199                return -1;
    7. noescape: Resource e_str is not freed or pointed-to in snprintf.
3200        snprintf(e_str, 200, "veth[%s]:%s", in, out);
    8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details]
    CID 389187 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to.
3201        return add_external(e_str);
3202}

We should free e_str string after we finish it's use in veth_pair_add,
easiest way to do it is to use cleanup_free attribute.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Mar 14, 2022
coverity CID 389190:

1538int inherit_fd_add(int fd, char *key)
1539{
1540        struct inherit_fd *inh;
...
    2. alloc_fn: Storage is returned from allocation function malloc.
    3. var_assign: Assigning: ___p = storage returned from malloc(32UL).
    4. Condition !___p, taking false branch.
    5. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
    6. var_assign: Assigning: inh = ({...; ___p;}).
1548        inh = xmalloc(sizeof *inh);
    7. Condition inh == NULL, taking false branch.
1549        if (inh == NULL)
1550                return -1;
1551
...
    9. Condition !___p, taking true branch.
1555        inh->inh_id = xstrdup(key);
    10. Condition inh->inh_id == NULL, taking true branch.
1556        if (inh->inh_id == NULL)
    CID 389190 (#1 of 1): Resource leak (RESOURCE_LEAK)11. leaked_storage: Variable inh going out of scope leaks the storage it points to.
1557                return -1;

We should free inh on inh_id allocation error path in inherit_fd_add.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Mar 14, 2022
coverity CID 389191:

int unix_sk_id_add(unsigned int ino)
2327{
2328        char *e_str;
2329
    1. alloc_fn: Storage is returned from allocation function malloc.
    2. var_assign: Assigning: ___p = storage returned from malloc(20UL).
    3. Condition !___p, taking false branch.
    4. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
    5. var_assign: Assigning: e_str = ({...; ___p;}).
2330        e_str = xmalloc(20);
    6. Condition !e_str, taking false branch.
2331        if (!e_str)
2332                return -1;
    7. noescape: Resource e_str is not freed or pointed-to in snprintf.
2333        snprintf(e_str, 20, "unix[%u]", ino);
    8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details]
    CID 389191 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to.
2334        return add_external(e_str);
2335}

We should free e_str string after we finish it's use in unix_sk_id_add,
easiest way to do it is to use cleanup_free attribute.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Mar 15, 2022
coverity CID 389197:

CID 389197 (#1 of 1): Invalid printf format string (PRINTF_ARGS)
format_error: Length modifier L not applicable to conversion specifier in %Lu. [show details]
284 pr_err("Incompatible uffd API: expected %Lu, got %Lu\n", UFFD_API, uffdio_api.api);

Looking on C11 standard it seems that "%Lu" is undefined, we better not
use this, see:

"L Specifies that a following a, A, e, E, f, F, g, or G conversion
specifier applies to a long double argument."
http://port70.net/~nsz/c/c11/n1570.html#7.21.6.1p7

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389202:
54int ext_mount_add(char *key, char *val)
 55{
 56        char *e_str;
 57
   1. alloc_fn: Storage is returned from allocation function malloc.
   2. var_assign: Assigning: ___p = storage returned from malloc(strlen(key) + strlen(val) + 8UL).
   3. Condition !___p, taking false branch.
   4. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
   5. var_assign: Assigning: e_str = ({...; ___p;}).
 58        e_str = xmalloc(strlen(key) + strlen(val) + 8);
   6. Condition !e_str, taking false branch.
 59        if (!e_str)
 60                return -1;
...
   7. noescape: Resource e_str is not freed or pointed-to in sprintf.
 73        sprintf(e_str, "mnt[%s]:%s", key, val);
   8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details]
   CID 389202 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to.
 74        return add_external(e_str);
 75}

We need to free e_str after add_external used it.

v2: use cleanup_free attribute (@adrianreber)

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389194:

1238static int dump_one_task(struct pstree_item *item, InventoryEntry *parent_ie)
1239{
...
1245        struct cr_imgset *cr_imgset = NULL;
...
    11. alloc_fn: Storage is returned from allocation function cr_task_imgset_open. [show details]
    12. var_assign: Assigning: cr_imgset = storage returned from cr_task_imgset_open(vpid(item), 577).
1355        cr_imgset = cr_task_imgset_open(vpid(item), O_DUMP);
    13. Condition !cr_imgset, taking false branch.
1356        if (!cr_imgset)
1357                goto err_cure;
1358
...
    25. Condition opts.lazy_pages, taking false branch.
1427        if (opts.lazy_pages)
1428                ret = compel_cure_remote(parasite_ctl);
1429        else
1430                ret = compel_cure(parasite_ctl);
    26. Condition ret, taking true branch.
1431        if (ret) {
1432                pr_err("Can't cure (pid: %d) from parasite\n", pid);
    27. Jumping to label err.
1433                goto err;
1434        }
...
1448        close_cr_imgset(&cr_imgset);
1449        exit_code = 0;
1450err:
1451        close_pid_proc();
1452        free_mappings(&vmas);
1453        xfree(dfds);
    CID 389194 (#1 of 1): Resource leak (RESOURCE_LEAK)28. leaked_storage: Variable cr_imgset going out of scope leaks the storage it points to.
1454        return exit_code;
1455
1456err_cure:
1457        close_cr_imgset(&cr_imgset);
1458err_cure_imgset:
1459        ret = compel_cure(parasite_ctl);
1460        if (ret)
1461                pr_err("Can't cure (pid: %d) from parasite\n", pid);
1462        goto err;
1463}

On compel_cure() error path we do not do close_cr_imgset() thich leads
to leaked cr_imgset, let's move corresponding close_cr_imgset below err
label. Also now we can merge remove close_cr_imgset() in err_cure label
as it goes to err label later anyway. Separate err_cure_imgset label is
not needed as close_cr_imgset() is ready for cr_imgset == NULL.

v2: remove excess close_cr_imgset() in label err_cure (@adrianreber)

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389205:

452int dump_tun_link(NetDeviceEntry *nde, struct cr_imgset *fds, struct nlattr **info)
453{
...
458        struct tun_link *tl;
...
   2. alloc_fn: Storage is returned from allocation function get_tun_link_fd. [show details]
   3. var_assign: Assigning: tl = storage returned from get_tun_link_fd(nde->name, nde->peer_nsid, tle.flags).
475        tl = get_tun_link_fd(nde->name, nde->peer_nsid, tle.flags);
   4. Condition !tl, taking false branch.
476        if (!tl)
477                return ret;
478
479        tle.vnethdr = tl->dmp.vnethdr;
480        tle.sndbuf = tl->dmp.sndbuf;
481
482        nde->tun = &tle;
   CID 389205 (#1 of 1): Resource leak (RESOURCE_LEAK)5. leaked_storage: Variable tl going out of scope leaks the storage it points to.
483        return write_netdev_img(nde, fds, info);
484}

Function get_tun_link_fd() can both return tun_link entry from tun_links
list and a newly allocated one. So we should not free entry if it is
from list and should free it when it is a new one to fix leak.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389193:
CID 389193 (#1 of 1): Printf format string issue (PW.BAD_PRINTF_FORMAT_STRING)
1. bad_printf_format_string: invalid format string conversion
598 pr_warn("Can't stat socket %#x(%s), skipping: %m (err %d)\n", id, rpath, errno);

Specifier "%#x" is wrong for id as it is of type uint32_t, let's change
it to "%#" PRIx32 "" to fix the problem.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389192:

550static int parse_join_ns(const char *ptr)
551{
...
553        char *ns;
554
   1. alloc_fn: Storage is returned from allocation function strdup.
   2. var_assign: Assigning: ___p = storage returned from strdup(ptr).
   3. Condition !___p, taking false branch.
   4. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
   5. var_assign: Assigning: ns = ({...; ___p;}).
555        ns = xstrdup(ptr);
   6. Condition ns == NULL, taking false branch.
556        if (ns == NULL)
557                return -1;
558
   7. noescape: Resource ns is not freed or pointed-to in strchr.
559        aux = strchr(ns, ':');
   8. Condition aux == NULL, taking true branch.
560        if (aux == NULL)
   CID 389192 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable ns going out of scope leaks the storage it points to.
561                return -1;

We should free ns string after we finish it's use in parse_join_ns,
easiest way to do it is to use cleanup_free attribute.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389187:

3193int veth_pair_add(char *in, char *out)
3194{
3195        char *e_str;
3196
    1. alloc_fn: Storage is returned from allocation function malloc.
    2. var_assign: Assigning: ___p = storage returned from malloc(200UL).
    3. Condition !___p, taking false branch.
    4. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
    5. var_assign: Assigning: e_str = ({...; ___p;}).
3197        e_str = xmalloc(200); /* For 3 IFNAMSIZ + 8 service characters */
    6. Condition !e_str, taking false branch.
3198        if (!e_str)
3199                return -1;
    7. noescape: Resource e_str is not freed or pointed-to in snprintf.
3200        snprintf(e_str, 200, "veth[%s]:%s", in, out);
    8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details]
    CID 389187 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to.
3201        return add_external(e_str);
3202}

We should free e_str string after we finish it's use in veth_pair_add,
easiest way to do it is to use cleanup_free attribute.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389190:

1538int inherit_fd_add(int fd, char *key)
1539{
1540        struct inherit_fd *inh;
...
    2. alloc_fn: Storage is returned from allocation function malloc.
    3. var_assign: Assigning: ___p = storage returned from malloc(32UL).
    4. Condition !___p, taking false branch.
    5. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
    6. var_assign: Assigning: inh = ({...; ___p;}).
1548        inh = xmalloc(sizeof *inh);
    7. Condition inh == NULL, taking false branch.
1549        if (inh == NULL)
1550                return -1;
1551
...
    9. Condition !___p, taking true branch.
1555        inh->inh_id = xstrdup(key);
    10. Condition inh->inh_id == NULL, taking true branch.
1556        if (inh->inh_id == NULL)
    CID 389190 (#1 of 1): Resource leak (RESOURCE_LEAK)11. leaked_storage: Variable inh going out of scope leaks the storage it points to.
1557                return -1;

We should free inh on inh_id allocation error path in inherit_fd_add.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389191:

int unix_sk_id_add(unsigned int ino)
2327{
2328        char *e_str;
2329
    1. alloc_fn: Storage is returned from allocation function malloc.
    2. var_assign: Assigning: ___p = storage returned from malloc(20UL).
    3. Condition !___p, taking false branch.
    4. leaked_storage: Variable ___p going out of scope leaks the storage it points to.
    5. var_assign: Assigning: e_str = ({...; ___p;}).
2330        e_str = xmalloc(20);
    6. Condition !e_str, taking false branch.
2331        if (!e_str)
2332                return -1;
    7. noescape: Resource e_str is not freed or pointed-to in snprintf.
2333        snprintf(e_str, 20, "unix[%u]", ino);
    8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details]
    CID 389191 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to.
2334        return add_external(e_str);
2335}

We should free e_str string after we finish it's use in unix_sk_id_add,
easiest way to do it is to use cleanup_free attribute.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue Apr 29, 2022
coverity CID 389197:

CID 389197 (#1 of 1): Invalid printf format string (PRINTF_ARGS)
format_error: Length modifier L not applicable to conversion specifier in %Lu. [show details]
284 pr_err("Incompatible uffd API: expected %Lu, got %Lu\n", UFFD_API, uffdio_api.api);

Looking on C11 standard it seems that "%Lu" is undefined, we better not
use this, see:

"L Specifies that a following a, A, e, E, f, F, g, or G conversion
specifier applies to a long double argument."
http://port70.net/~nsz/c/c11/n1570.html#7.21.6.1p7

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
avagin pushed a commit that referenced this issue May 13, 2022
CID 302713 (#1 of 1): Missing varargs init or cleanup (VARARGS)
 va_end was not called for argptr.

Signed-off-by: Adrian Reber <areber@redhat.com>
avagin pushed a commit that referenced this issue Jun 12, 2023
CID 302713 (#1 of 1): Missing varargs init or cleanup (VARARGS)
 va_end was not called for argptr.

Signed-off-by: Adrian Reber <areber@redhat.com>
felicitia pushed a commit to usc-isi/criu that referenced this issue Oct 26, 2023
CID 302713 (checkpoint-restore#1 of 1): Missing varargs init or cleanup (VARARGS)
 va_end was not called for argptr.

Signed-off-by: Adrian Reber <areber@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants