*: make coverity scan ignore random() calls

[rzalamena]

Summary

Use the annotation described by the Coverity Scan documentation to ignore all random() calls. Those are used mostly to calculate jitter and we don't need anything fancy.

Code Change Details

• watchfrr has some some macro calls annotated (e.g. SET_WAKEUP_UNRESPONSIVE) because they contain a call to random().

• lib/qobj.c has an example of shared code annotation:

  pthread_rwlock_wrlock(&nodes_lock);
  do {
          /* coverity[dont_call] */
          node->nid = (uint64_t)random();
          node->nid ^= (uint64_t)random() << 32;
  } while (!node->nid || qobj_nodes_find(&nodes, node));

Extra Details

If you have a coverity scan account, then you can read the documentation here:
https://scan.coverity.com/models#c_checker_checkerconfig

Go to section A.1.8. Suppressing false positives with code annotations:

... Code annotations are placed immediately before the line of code where the defect occurs. ...

... When Coverity Analysis analyzes this code, a FORWARD_NULL defect is displayed in Coverity Connect. This defect contains an event with the tag var_deref_op. The message describing the event appears in Coverity Connect in red and is displayed on the line immediately preceding the event....

After a Code Coverity issue is found, we can tag it with a comment containing the event (not the defect which is usually an upper case word) so it will be ignored automatically.

Example: /* coverity[var_deref_op] */

When Coverity Analysis checks the code again, the FORWARD_NULL defect is automatically annotated with the classification Intentional, and the defect commit step automatically reads and annotates the bug in Coverity Connect.
A code annotation always appears at the beginning of a C comment (/* coverity[...]... ) or a C++ comment (// coverity[...]... ) and applies to the first line of code after the comment that is neither empty (white space) nor a comment.

The comment must appear right before the code line we want to ignore.

Code annotations result in defect events being ignored. It is possible that multiple defects share a single event and ignoring the event will suppress more than one defect. Because of this, you should only use code annotations to suppress critical, unshared events or ones you are sure Coverity Analysis has incorrectly identified. You can identify a critical event through its description. For example, the event description [Variable "x" tracked as NULL was dereferenced] indicates a critical event, while the event description [Added "x" due to comparison "x == 0"] is informational and indicates a shareable event. Each defect's documentation lists the critical events you can suppress if a defect is a false positive.

Be careful when annotating code with shared defects.

In Coverity Connect, an ignored defect has an Intentional classification. In addition to Intentional, one other classification is supported using code annotation ”” FALSE.

The code annotation will mark the code as intentional, however it also supports "FALSE".

Example: /* coverity[var_deref_op : FALSE] */

[polychaeta]

Thanks for your contribution to FRR!

Click for style suggestions

To apply these suggestions:

curl -s https://gist.githubusercontent.com/polychaeta/272e9d03c8a99fae2b68edc5318cba77/raw/ebcfaff2d9e341b145bb123319b1983c653fc511/cr_6251_1587132393.diff | git apply

diff --git a/ospfd/ospf_nsm.c b/ospfd/ospf_nsm.c
index 4c84aed32..fc2653884 100644
--- a/ospfd/ospf_nsm.c
+++ b/ospfd/ospf_nsm.c
@@ -723,7 +723,7 @@ static void nsm_change_state(struct ospf_neighbor *nbr, int state)
 	/* Start DD exchange protocol */
 	if (state == NSM_ExStart) {
 		if (nbr->dd_seqnum == 0)
-			 /* coverity[dont_call] */
+			/* coverity[dont_call] */
 			nbr->dd_seqnum = (uint32_t)random();
 		else
 			nbr->dd_seqnum++;

If you are a new contributor to FRR, please see our contributing guidelines.

[LabN-CI]

Outdated results 💚

Basic BGPD CI results: SUCCESS, 0 tests failed

_	_
Result	SUCCESS git merge/6251 3a60695
Date	04/17/2020
Start	10:11:00
Finish	10:36:52
Run-Time	25:52
Total	1815
Pass	1815
Fail	0
Valgrind-Errors	0
Valgrind-Loss	0
Details	vncregress-2020-04-17-10:11:00.txt
Log	autoscript-2020-04-17-10:11:59.log.bz2
Memory	488 476 428

For details, please contact louberger

[NetDEF-CI]

Continuous Integration Result: SUCCESSFUL

Continuous Integration Result: SUCCESSFUL

Congratulations, this patch passed basic tests

Tested-by: NetDEF / OpenSourceRouting.org CI System

CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-11929/

This is a comment from an automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

Warnings Generated during build:

Checkout code: Successful with additional warnings

Report for isis_misc.c | 5 issues
===============================================
< WARNING: strncat() is error-prone; please use strlcat() if possible#489: FILE: /tmp/f1-11490/isis_misc.c:489:
---
> WARNING: strncat() is error-prone; please use strlcat() if possible#488: FILE: /tmp/f2-11490/isis_misc.c:488:
24c24
< #516: FILE: /tmp/f1-11490/isis_misc.c:516:

Warnings Generated during build:

Debian 10 amd64 build: Successful with additional warnings

Debian Package lintian failed for Debian 10 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-11929/artifact/DEB10BUILD/ErrorLog/log_lintian.txt)

W: frr source: pkg-js-tools-test-is-missing
W: frr source: newer-standards-version 4.4.1 (current is 4.3.0)
W: frr source: pkg-js-tools-test-is-missing
W: frr source: newer-standards-version 4.4.1 (current is 4.3.0)
W: frr-rpki-rtrlib: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g3a6069563-0 (missing) -> 7.4-dev-20200417-06-g3a6069563-0~deb10u1
W: frr-doc: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g3a6069563-0 (missing) -> 7.4-dev-20200417-06-g3a6069563-0~deb10u1
W: frr-snmp: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g3a6069563-0 (missing) -> 7.4-dev-20200417-06-g3a6069563-0~deb10u1
W: frr: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g3a6069563-0 (missing) -> 7.4-dev-20200417-06-g3a6069563-0~deb10u1
W: frr-pythontools: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g3a6069563-0 (missing) -> 7.4-dev-20200417-06-g3a6069563-0~deb10u1

[qlyoung]

Thanks, I hate it /s

This is fine but I think we could reduce littering pragma comments by making a wrapper? like frr_unsafe_random or frr_jitter, and then just keep the coverity pragma in that one spot. Plus it becomes very obvious what the random() is used for then.

[polychaeta]

Thanks for your contribution to FRR!

Click for style suggestions

To apply these suggestions:

curl -s https://gist.githubusercontent.com/polychaeta/95b78c3c504bb56468f386e5aece89a6/raw/20abea5366c0d355936ae90a29c5b567a9fbbad3/cr_6251_1587168229.diff | git apply

diff --git a/watchfrr/watchfrr.c b/watchfrr/watchfrr.c
index 2db612adc..0929cb34a 100644
--- a/watchfrr/watchfrr.c
+++ b/watchfrr/watchfrr.c
@@ -44,7 +44,7 @@
 #endif
 
 /* Macros to help randomize timers. */
-#define JITTER(X) ((frr_weak_random() % ((X)+1))-((X)/2))
+#define JITTER(X) ((frr_weak_random() % ((X) + 1)) - ((X) / 2))
 #define FUZZY(X) ((X)+JITTER((X)/20))
 
 #define DEFAULT_PERIOD		5

If you are a new contributor to FRR, please see our contributing guidelines.

[rzalamena]

This is fine but I think we could reduce littering pragma comments by making a wrapper? like frr_unsafe_random or frr_jitter, and then just keep the coverity pragma in that one spot. Plus it becomes very obvious what the random() is used for then.

I like your suggestion. Branch rebased to use that.

[LabN-CI]

💚 Basic BGPD CI results: SUCCESS, 0 tests failed

Results table

_	_
Result	0
Date	0
Start	0
Finish	vncregress-2019-12-01-20:06:05.txt
Run-Time	autoscript-2019-12-01-20:06:54.log.bz2
Total	430 409 360
Pass	Complete
Fail	10/17/2019
Valgrind-Errors	20:06:09
Valgrind-Loss	20:26:22
Details	20:13
Log	1815
Memory	1815
SUCCESS git merge/6251 5920b3e	0
04/17/2020	0
20:06:01	0
20:32:00	autoscript-2019-10-17-20:06:09.txt
25:59	autoscript-2019-10-17-20:06:09.log.bz2
1815	423 411 359
1815	Complete
0	09/30/2019
0	20:06:09
0	20:26:28
vncregress-2020-04-17-20:06:01.txt	20:19
autoscript-2020-04-17-20:07:01.log.bz2	1815
499 488 426	1815
SUCCESS git merge/5447 7e599e7	0
12/01/2019	0
20:06:05	0
20:31:49	autoscript-2019-09-30-20:06:09.txt
25:44	autoscript-2019-09-30-20:06:09.log.bz2
1815	430 432 360
1815

For details, please contact louberger

[NetDEF-CI]

Continuous Integration Result: SUCCESSFUL

Congratulations, this patch passed basic tests

Tested-by: NetDEF / OpenSourceRouting.org CI System

CI System Testrun URL: https://ci1.netdef.org/browse/FRR-FRRPULLREQ-11937/

This is a comment from an automated CI system.
For questions and feedback in regards to this CI system, please feel free to email
Martin Winter - mwinter (at) opensourcerouting.org.

Warnings Generated during build:

Checkout code: Successful with additional warnings

Report for isis_misc.c | 5 issues
===============================================
< WARNING: strncat() is error-prone; please use strlcat() if possible#489: FILE: /tmp/f1-16759/isis_misc.c:489:
---
> WARNING: strncat() is error-prone; please use strlcat() if possible#488: FILE: /tmp/f2-16759/isis_misc.c:488:
24c24
< #516: FILE: /tmp/f1-16759/isis_misc.c:516:

Warnings Generated during build:

Debian 10 amd64 build: Successful with additional warnings

Debian Package lintian failed for Debian 10 amd64 build:
(see full package build log at https://ci1.netdef.org/browse/FRR-FRRPULLREQ-11937/artifact/DEB10BUILD/ErrorLog/log_lintian.txt)

W: frr source: pkg-js-tools-test-is-missing
W: frr source: newer-standards-version 4.4.1 (current is 4.3.0)
W: frr source: pkg-js-tools-test-is-missing
W: frr source: newer-standards-version 4.4.1 (current is 4.3.0)
W: frr-rpki-rtrlib: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g5920b3eb3-0 (missing) -> 7.4-dev-20200417-06-g5920b3eb3-0~deb10u1
W: frr-doc: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g5920b3eb3-0 (missing) -> 7.4-dev-20200417-06-g5920b3eb3-0~deb10u1
W: frr-pythontools: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g5920b3eb3-0 (missing) -> 7.4-dev-20200417-06-g5920b3eb3-0~deb10u1
W: frr-snmp: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g5920b3eb3-0 (missing) -> 7.4-dev-20200417-06-g5920b3eb3-0~deb10u1
W: frr: changelog-file-missing-explicit-entry 6.0-2 -> 7.4-dev-20200417-06-g5920b3eb3-0 (missing) -> 7.4-dev-20200417-06-g5920b3eb3-0~deb10u1

[donaldsharp]

@qlyoung code updated, mind if I push in?