• Suyash Dongre

Introduction

The Ceph project has a huge codebase, and it faces the risk of containing suboptimal code that could jeopardize storage reliability or induce performance bottlenecks or cause resource inefficiencies. Identifying and rectifying such code issues is important to maintain the integrity and efficiency of the Ceph storage system. clang-tidy, a powerful static analysis tool, offers a systematic approach to uncover critical issues within the codebase and generate comprehensive reports highlighting potential vulnerabilities.

Project

This project was completed in two phases.

1. Phase 1: Finding critical issues in the entire Ceph project using clang-tidy and fixing them.
2. Phase 2: Create Jenkins pipeline for analyzing pull requests.

Phase 1

• Finalized the checks for clang-tidy.
• Annotated any false positives found in the codebase to instruct clang-tidy to ignore them during future analyses.
• Create pull requests (PRs) to propose fixes for the identified issues.

bugprone-use-after-move

A total of 78 issues were identified throughout the entire Ceph codebase out of which 3 issues were from OSD and 6 issues were from RGW

Description:

Warns if an object is used after it has been moved, for example:

std::string str = "Hello, world!**\\n**"; std::vector<std::string> messages; messages.emplace_back(std::move(str)); std::cout << str;

The last line will trigger a warning that str is used after it has been moved.

[click the image to view better]