-
Notifications
You must be signed in to change notification settings - Fork 605
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Having issue to compile criu 1.2 on Ubuntu #1
Comments
Could you try to define __STDC_FORMAT_MACROS? |
Hi Avagin, this is the output |
could you please add #include <inttypes.h> somewhere at top of pie/restorer.c (ie near other #include there) and check if it help? |
#include <inttypes.h> I mean |
Or you can grab patch from https://bugzilla.openvz.org/show_bug.cgi?id=2949 and test if it fixes the problem (download it then do git am "patch filename" and compile the criu) |
@cyrillos patch works! I tested. Thanks |
Thanks! I'll send it upstream. |
Could you very please test an updated version of the patch? https://bugzilla.openvz.org/show_bug.cgi?id=2949 |
CID 1168169 (#1 of 1): Dereference after null check (FORWARD_NULL) 7. var_deref_model: Passing "mi" to function "do_bind_mount(struct mount_info *)", which dereferences null "mi->bind" Signed-off-by: Andrey Vagin <avagin@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CID 1230179 (#1 of 1): Resource leak (RESOURCE_LEAK) 15. leaked_storage: Variable "ncd" going out of scope leaks the storage it points to. Signed-off-by: Andrey Vagin <avagin@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It is called from prepare_cgroup_sfd() and cr_restore_tasks(). + criu restore --file-locks --tcp-established --evasive-devices --link-remap --root /var/lib/vz/root/101 --restore-detached --action-script /usr/local/libexec/vzctl/scripts/vps-rst-env -D /vz/dump/Dump.101 -o restore.log -vvvv --pidfile /var/lib/vzctl/vepid/101 *** Error in `criu': double free or corruption (fasttop): 0x00000000006bcd40 *** Program terminated with signal 6, Aborted. Missing separate debuginfos, use: debuginfo-install glibc-2.17-20.fc19.x86_64 libgcc-4.8.3-1.fc19.x86_64 protobuf-c-0.15-7.fc19.x86_64 (gdb) bt #0 0x00007ffff72179e9 in raise () from /lib64/libc.so.6 #1 0x00007ffff72190f8 in abort () from /lib64/libc.so.6 #2 0x00007ffff7257d17 in __libc_message () from /lib64/libc.so.6 #3 0x00007ffff725f0b8 in _int_free () from /lib64/libc.so.6 #4 0x0000000000426971 in cr_restore_tasks () at cr-restore.c:1833 #5 0x0000000000418426 in main (argc=<optimized out>, argv=0x7fffffffeb38, envp=<optimized out>) at crtools.c:479 Signed-off-by: Andrey Vagin <avagin@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CID 73379 (#1 of 1): Use after free (USE_AFTER_FREE) 31. deref_arg: Calling fclose dereferences freed pointer fp.
This function doesn't allocate memory, so it should not release it. CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE) 14. deref_arg: Calling munmap dereferences freed pointer addr.
list_for_each_entry_safe() should be used, you we are going to delete something from a list. CID 73383 (#1 of 1): Read from pointer after free (USE_AFTER_FREE) 4. deref_after_free: Dereferencing freed pointer prop. Cc: Tycho Andersen <tycho.andersen@canonical.com>
CID 73354 (#1 of 1): Resource leak (RESOURCE_LEAK) 9. leaked_handle: Handle variable sock going out of scope leaks the handle
CID 73355 (#1 of 1): Out-of-bounds write (OVERRUN) 6. overrun-local: Overrunning array loc_buf of 4096 bytes at byte offset 4096 using index ret (which evaluates to 4096).
CID 73345 (#1 of 1): String not null terminated (STRING_NULL) 2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.] Cc: Tycho Andersen <tycho.andersen@canonical.com>
CID 73379 (#1 of 1): Use after free (USE_AFTER_FREE) 31. deref_arg: Calling fclose dereferences freed pointer fp.
This function doesn't allocate memory, so it should not release it. CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE) 14. deref_arg: Calling munmap dereferences freed pointer addr.
list_for_each_entry_safe() should be used, you we are going to delete something from a list. CID 73383 (#1 of 1): Read from pointer after free (USE_AFTER_FREE) 4. deref_after_free: Dereferencing freed pointer prop. Cc: Tycho Andersen <tycho.andersen@canonical.com>
CID 73354 (#1 of 1): Resource leak (RESOURCE_LEAK) 9. leaked_handle: Handle variable sock going out of scope leaks the handle
CID 73355 (#1 of 1): Out-of-bounds write (OVERRUN) 6. overrun-local: Overrunning array loc_buf of 4096 bytes at byte offset 4096 using index ret (which evaluates to 4096).
CID 73345 (#1 of 1): String not null terminated (STRING_NULL) 2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.] Cc: Tycho Andersen <tycho.andersen@canonical.com>
CID 73345 (#1 of 1): String not null terminated (STRING_NULL) 2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.] Cc: Tycho Andersen <tycho.andersen@canonical.com>
I think this version of code is a bit more readable. It doesn't do memcpy and doesn't allocate FILE. Everyone knows arguments for read(), but only a few of us know arguments for fread(). CID 73345 (#1 of 1): String not null terminated (STRING_NULL) 2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.] Cc: Tycho Andersen <tycho.andersen@canonical.com>
CID 73379 (#1 of 1): Use after free (USE_AFTER_FREE) 31. deref_arg: Calling fclose dereferences freed pointer fp.
This function doesn't allocate memory, so it should not release it. CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE) 14. deref_arg: Calling munmap dereferences freed pointer addr.
list_for_each_entry_safe() should be used, you we are going to delete something from a list. CID 73383 (#1 of 1): Read from pointer after free (USE_AFTER_FREE) 4. deref_after_free: Dereferencing freed pointer prop. Cc: Tycho Andersen <tycho.andersen@canonical.com>
coverity CID 389187: 3193int veth_pair_add(char *in, char *out) 3194{ 3195 char *e_str; 3196 1. alloc_fn: Storage is returned from allocation function malloc. 2. var_assign: Assigning: ___p = storage returned from malloc(200UL). 3. Condition !___p, taking false branch. 4. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 5. var_assign: Assigning: e_str = ({...; ___p;}). 3197 e_str = xmalloc(200); /* For 3 IFNAMSIZ + 8 service characters */ 6. Condition !e_str, taking false branch. 3198 if (!e_str) 3199 return -1; 7. noescape: Resource e_str is not freed or pointed-to in snprintf. 3200 snprintf(e_str, 200, "veth[%s]:%s", in, out); 8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details] CID 389187 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to. 3201 return add_external(e_str); 3202} We should free e_str string after we finish it's use in veth_pair_add, easiest way to do it is to use cleanup_free attribute. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389190: 1538int inherit_fd_add(int fd, char *key) 1539{ 1540 struct inherit_fd *inh; ... 2. alloc_fn: Storage is returned from allocation function malloc. 3. var_assign: Assigning: ___p = storage returned from malloc(32UL). 4. Condition !___p, taking false branch. 5. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 6. var_assign: Assigning: inh = ({...; ___p;}). 1548 inh = xmalloc(sizeof *inh); 7. Condition inh == NULL, taking false branch. 1549 if (inh == NULL) 1550 return -1; 1551 ... 9. Condition !___p, taking true branch. 1555 inh->inh_id = xstrdup(key); 10. Condition inh->inh_id == NULL, taking true branch. 1556 if (inh->inh_id == NULL) CID 389190 (#1 of 1): Resource leak (RESOURCE_LEAK)11. leaked_storage: Variable inh going out of scope leaks the storage it points to. 1557 return -1; We should free inh on inh_id allocation error path in inherit_fd_add. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389191: int unix_sk_id_add(unsigned int ino) 2327{ 2328 char *e_str; 2329 1. alloc_fn: Storage is returned from allocation function malloc. 2. var_assign: Assigning: ___p = storage returned from malloc(20UL). 3. Condition !___p, taking false branch. 4. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 5. var_assign: Assigning: e_str = ({...; ___p;}). 2330 e_str = xmalloc(20); 6. Condition !e_str, taking false branch. 2331 if (!e_str) 2332 return -1; 7. noescape: Resource e_str is not freed or pointed-to in snprintf. 2333 snprintf(e_str, 20, "unix[%u]", ino); 8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details] CID 389191 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to. 2334 return add_external(e_str); 2335} We should free e_str string after we finish it's use in unix_sk_id_add, easiest way to do it is to use cleanup_free attribute. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389197: CID 389197 (#1 of 1): Invalid printf format string (PRINTF_ARGS) format_error: Length modifier L not applicable to conversion specifier in %Lu. [show details] 284 pr_err("Incompatible uffd API: expected %Lu, got %Lu\n", UFFD_API, uffdio_api.api); Looking on C11 standard it seems that "%Lu" is undefined, we better not use this, see: "L Specifies that a following a, A, e, E, f, F, g, or G conversion specifier applies to a long double argument." http://port70.net/~nsz/c/c11/n1570.html#7.21.6.1p7 Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389202: 54int ext_mount_add(char *key, char *val) 55{ 56 char *e_str; 57 1. alloc_fn: Storage is returned from allocation function malloc. 2. var_assign: Assigning: ___p = storage returned from malloc(strlen(key) + strlen(val) + 8UL). 3. Condition !___p, taking false branch. 4. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 5. var_assign: Assigning: e_str = ({...; ___p;}). 58 e_str = xmalloc(strlen(key) + strlen(val) + 8); 6. Condition !e_str, taking false branch. 59 if (!e_str) 60 return -1; ... 7. noescape: Resource e_str is not freed or pointed-to in sprintf. 73 sprintf(e_str, "mnt[%s]:%s", key, val); 8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details] CID 389202 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to. 74 return add_external(e_str); 75} We need to free e_str after add_external used it. v2: use cleanup_free attribute (@adrianreber) Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389194: 1238static int dump_one_task(struct pstree_item *item, InventoryEntry *parent_ie) 1239{ ... 1245 struct cr_imgset *cr_imgset = NULL; ... 11. alloc_fn: Storage is returned from allocation function cr_task_imgset_open. [show details] 12. var_assign: Assigning: cr_imgset = storage returned from cr_task_imgset_open(vpid(item), 577). 1355 cr_imgset = cr_task_imgset_open(vpid(item), O_DUMP); 13. Condition !cr_imgset, taking false branch. 1356 if (!cr_imgset) 1357 goto err_cure; 1358 ... 25. Condition opts.lazy_pages, taking false branch. 1427 if (opts.lazy_pages) 1428 ret = compel_cure_remote(parasite_ctl); 1429 else 1430 ret = compel_cure(parasite_ctl); 26. Condition ret, taking true branch. 1431 if (ret) { 1432 pr_err("Can't cure (pid: %d) from parasite\n", pid); 27. Jumping to label err. 1433 goto err; 1434 } ... 1448 close_cr_imgset(&cr_imgset); 1449 exit_code = 0; 1450err: 1451 close_pid_proc(); 1452 free_mappings(&vmas); 1453 xfree(dfds); CID 389194 (#1 of 1): Resource leak (RESOURCE_LEAK)28. leaked_storage: Variable cr_imgset going out of scope leaks the storage it points to. 1454 return exit_code; 1455 1456err_cure: 1457 close_cr_imgset(&cr_imgset); 1458err_cure_imgset: 1459 ret = compel_cure(parasite_ctl); 1460 if (ret) 1461 pr_err("Can't cure (pid: %d) from parasite\n", pid); 1462 goto err; 1463} On compel_cure() error path we do not do close_cr_imgset() thich leads to leaked cr_imgset, let's move corresponding close_cr_imgset below err label. Also now we can merge remove close_cr_imgset() in err_cure label as it goes to err label later anyway. Separate err_cure_imgset label is not needed as close_cr_imgset() is ready for cr_imgset == NULL. v2: remove excess close_cr_imgset() in label err_cure (@adrianreber) Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389205: 452int dump_tun_link(NetDeviceEntry *nde, struct cr_imgset *fds, struct nlattr **info) 453{ ... 458 struct tun_link *tl; ... 2. alloc_fn: Storage is returned from allocation function get_tun_link_fd. [show details] 3. var_assign: Assigning: tl = storage returned from get_tun_link_fd(nde->name, nde->peer_nsid, tle.flags). 475 tl = get_tun_link_fd(nde->name, nde->peer_nsid, tle.flags); 4. Condition !tl, taking false branch. 476 if (!tl) 477 return ret; 478 479 tle.vnethdr = tl->dmp.vnethdr; 480 tle.sndbuf = tl->dmp.sndbuf; 481 482 nde->tun = &tle; CID 389205 (#1 of 1): Resource leak (RESOURCE_LEAK)5. leaked_storage: Variable tl going out of scope leaks the storage it points to. 483 return write_netdev_img(nde, fds, info); 484} Function get_tun_link_fd() can both return tun_link entry from tun_links list and a newly allocated one. So we should not free entry if it is from list and should free it when it is a new one to fix leak. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389193: CID 389193 (#1 of 1): Printf format string issue (PW.BAD_PRINTF_FORMAT_STRING) 1. bad_printf_format_string: invalid format string conversion 598 pr_warn("Can't stat socket %#x(%s), skipping: %m (err %d)\n", id, rpath, errno); Specifier "%#x" is wrong for id as it is of type uint32_t, let's change it to "%#" PRIx32 "" to fix the problem. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389192: 550static int parse_join_ns(const char *ptr) 551{ ... 553 char *ns; 554 1. alloc_fn: Storage is returned from allocation function strdup. 2. var_assign: Assigning: ___p = storage returned from strdup(ptr). 3. Condition !___p, taking false branch. 4. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 5. var_assign: Assigning: ns = ({...; ___p;}). 555 ns = xstrdup(ptr); 6. Condition ns == NULL, taking false branch. 556 if (ns == NULL) 557 return -1; 558 7. noescape: Resource ns is not freed or pointed-to in strchr. 559 aux = strchr(ns, ':'); 8. Condition aux == NULL, taking true branch. 560 if (aux == NULL) CID 389192 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable ns going out of scope leaks the storage it points to. 561 return -1; We should free ns string after we finish it's use in parse_join_ns, easiest way to do it is to use cleanup_free attribute. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389187: 3193int veth_pair_add(char *in, char *out) 3194{ 3195 char *e_str; 3196 1. alloc_fn: Storage is returned from allocation function malloc. 2. var_assign: Assigning: ___p = storage returned from malloc(200UL). 3. Condition !___p, taking false branch. 4. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 5. var_assign: Assigning: e_str = ({...; ___p;}). 3197 e_str = xmalloc(200); /* For 3 IFNAMSIZ + 8 service characters */ 6. Condition !e_str, taking false branch. 3198 if (!e_str) 3199 return -1; 7. noescape: Resource e_str is not freed or pointed-to in snprintf. 3200 snprintf(e_str, 200, "veth[%s]:%s", in, out); 8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details] CID 389187 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to. 3201 return add_external(e_str); 3202} We should free e_str string after we finish it's use in veth_pair_add, easiest way to do it is to use cleanup_free attribute. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389190: 1538int inherit_fd_add(int fd, char *key) 1539{ 1540 struct inherit_fd *inh; ... 2. alloc_fn: Storage is returned from allocation function malloc. 3. var_assign: Assigning: ___p = storage returned from malloc(32UL). 4. Condition !___p, taking false branch. 5. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 6. var_assign: Assigning: inh = ({...; ___p;}). 1548 inh = xmalloc(sizeof *inh); 7. Condition inh == NULL, taking false branch. 1549 if (inh == NULL) 1550 return -1; 1551 ... 9. Condition !___p, taking true branch. 1555 inh->inh_id = xstrdup(key); 10. Condition inh->inh_id == NULL, taking true branch. 1556 if (inh->inh_id == NULL) CID 389190 (#1 of 1): Resource leak (RESOURCE_LEAK)11. leaked_storage: Variable inh going out of scope leaks the storage it points to. 1557 return -1; We should free inh on inh_id allocation error path in inherit_fd_add. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389191: int unix_sk_id_add(unsigned int ino) 2327{ 2328 char *e_str; 2329 1. alloc_fn: Storage is returned from allocation function malloc. 2. var_assign: Assigning: ___p = storage returned from malloc(20UL). 3. Condition !___p, taking false branch. 4. leaked_storage: Variable ___p going out of scope leaks the storage it points to. 5. var_assign: Assigning: e_str = ({...; ___p;}). 2330 e_str = xmalloc(20); 6. Condition !e_str, taking false branch. 2331 if (!e_str) 2332 return -1; 7. noescape: Resource e_str is not freed or pointed-to in snprintf. 2333 snprintf(e_str, 20, "unix[%u]", ino); 8. noescape: Resource e_str is not freed or pointed-to in add_external. [show details] CID 389191 (#1 of 1): Resource leak (RESOURCE_LEAK)9. leaked_storage: Variable e_str going out of scope leaks the storage it points to. 2334 return add_external(e_str); 2335} We should free e_str string after we finish it's use in unix_sk_id_add, easiest way to do it is to use cleanup_free attribute. Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
coverity CID 389197: CID 389197 (#1 of 1): Invalid printf format string (PRINTF_ARGS) format_error: Length modifier L not applicable to conversion specifier in %Lu. [show details] 284 pr_err("Incompatible uffd API: expected %Lu, got %Lu\n", UFFD_API, uffdio_api.api); Looking on C11 standard it seems that "%Lu" is undefined, we better not use this, see: "L Specifies that a following a, A, e, E, f, F, g, or G conversion specifier applies to a long double argument." http://port70.net/~nsz/c/c11/n1570.html#7.21.6.1p7 Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
CID 302713 (#1 of 1): Missing varargs init or cleanup (VARARGS) va_end was not called for argptr. Signed-off-by: Adrian Reber <areber@redhat.com>
CID 302713 (#1 of 1): Missing varargs init or cleanup (VARARGS) va_end was not called for argptr. Signed-off-by: Adrian Reber <areber@redhat.com>
CID 302713 (checkpoint-restore#1 of 1): Missing varargs init or cleanup (VARARGS) va_end was not called for argptr. Signed-off-by: Adrian Reber <areber@redhat.com>
Hi Guys,
I tried to install criu on precise and trusty,I went through the installation process of protobuf,protobuf-c and stuck on criu. I am getting this error when I do make && make config && make install:
pie/restorer.c: In function ‘restore_mapping’:
pie/restorer.c:355:21: error: expected ‘)’ before ‘PRIx64’
pr_debug("\tmmap(%"PRIx64" -> %"PRIx64", %x %x %d)\n",
Thanks
The text was updated successfully, but these errors were encountered: