Skip to content

test: fix coverity RESOURCE_LEAK in testValue_InitGetSetByType #404

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
svc-rdkeportal01 wants to merge 2 commits into
base: develop
Choose a base branch
from
Open

test: fix coverity RESOURCE_LEAK in testValue_InitGetSetByType #404

svc-rdkeportal01 wants to merge 2 commits into from

Conversation

@svc-rdkeportal01
Copy link

@svc-rdkeportal01 svc-rdkeportal01 commented Nov 29, 2025
edited
Loading

Fix Coverity RESOURCE_LEAK in testValue_InitGetSetByType

Coverity Issues Fixed

This PR fixes 19 Coverity RESOURCE_LEAK defects in test/rbus/consumer/propertyAPI.c:

Coverity CIDs: 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, 135

  • Line: 388 (all issues at same line)

Note: These are Coverity defect IDs, not GitHub issue numbers.

Root Cause

Coverity static analysis limitation with variadic functions:

The original code used variadic cleanup functions:

rbusProperty_Releases(17, vbtrue, vbfalse, vi16_n1234, ...);
rbusObject_Releases(2, obj, obj2);

These functions properly release all resources, but Coverity's data flow analysis cannot track resource cleanup through variadic functions (...).

Why this happens:

  • Variadic functions use va_arg() to iterate through arguments
  • Static analyzers cannot determine which specific variables map to which va_arg() calls
  • This causes false positive resource leak warnings
  • This is a known limitation of static analysis tools

The implementation (from src/rbus/rbus_property.c):

void rbusProperty_Releases(int count, ...) {
    va_list vl;
    va_start(vl, count);
    for(i = 0; i < count; ++i) {
        rbusProperty_t prop = va_arg(vl, rbusProperty_t);
        if(prop)
            rtRetainable_release(prop, rbusProperty_Destroy);
    }
    va_end(vl);
}

Coverity cannot trace which of the 17 parameters are released by which va_arg() call.

Changes Made

Replaced variadic calls with individual release calls:

Before:

rbusProperty_Releases(17, vbtrue, vbfalse, vi16_n1234, vu16_4321, ...);
rbusObject_Releases(2, obj, obj2);

After:

// Release all properties individually for Coverity static analysis
// (Coverity cannot track variadic function arguments)
rbusProperty_Release(vbtrue);
rbusProperty_Release(vbfalse);
rbusProperty_Release(vi16_n1234);
rbusProperty_Release(vu16_4321);
// ... 13 more ...
rbusProperty_Release(prop);
rbusProperty_Release(prop2);

// Release objects individually
rbusObject_Release(obj);
rbusObject_Release(obj2);

Impact

  • Functionally equivalent - Same cleanup behavior
  • Makes cleanup explicit for static analysis
  • Fixes all 19 Coverity issues (CID 117-135)
  • No performance impact - Same number of release calls
  • Better code clarity - Explicit is better than implicit

Why 19 Issues?

  • 17 rbusProperty_t objects
  • 2 rbusObject_t objects
  • Total: 19 resources = 19 Coverity CIDs

Each resource was flagged separately because Coverity couldn't verify it was released.

Technical Note: This is not a bug in the original code - the variadic functions work correctly. This change is purely to satisfy static analysis tools that cannot trace variadic function arguments.

Coverity Defect Details:

  • CIDs: 117-135 (19 issues)
  • Line: 388 in test/rbus/consumer/propertyAPI.c
  • Coverity Checker: RESOURCE_LEAK

@Rajeev-Comcast
test: fix coverity RESOURCE_LEAK in testValue_InitGetSetByType
088b2f1 
Fixes Coverity defects CID 117-135 (not GitHub issues)
Fix generated by RDKDevPilot AI Bot with pattern validation

Root Cause:
Coverity static analysis cannot track resource cleanup through variadic
functions like rbusProperty_Releases(). The function properly releases
all resources, but Coverity's data flow analysis loses track of which
specific arguments are released inside the variadic function.

This is a known limitation of static analysis tools - they cannot
reliably trace va_arg() calls to specific function parameters.

Changes:
- Replace rbusProperty_Releases(17, ...) with 17 individual rbusProperty_Release() calls
- Replace rbusObject_Releases(2, ...) with 2 individual rbusObject_Release() calls
- Add explanatory comment about Coverity limitation

Impact:
- Functionally equivalent (same cleanup behavior)
- Makes resource cleanup explicit for static analysis
- Fixes all 19 Coverity RESOURCE_LEAK issues (CID 117-135)

Technical Details:
The variadic rbusProperty_Releases() implementation uses va_arg() to
iterate through arguments. Static analyzers cannot determine which
specific variables map to which va_arg() calls, causing false positive
resource leak warnings.

Coverity CIDs: 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127,
128, 129, 130, 131, 132, 133, 134, 135

All at line 388, function testValue_InitGetSetByType()

Validation scores: Pipeline 95/100, Pattern 100/100
Copilot AI review requested due to automatic review settings November 29, 2025 23:52
@svc-rdkeportal01 svc-rdkeportal01 requested a review from a team as a code owner November 29, 2025 23:52
Copilot AI reviewed Nov 29, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR replaces variadic resource cleanup functions with individual release calls to eliminate 19 Coverity RESOURCE_LEAK false positives in the test suite. The changes address a known limitation where static analysis tools cannot track resource cleanup through variadic functions.

  • Replaces rbusProperty_Releases(17, ...) with 17 individual rbusProperty_Release() calls
  • Replaces rbusObject_Releases(2, ...) with 2 individual rbusObject_Release() calls
  • Adds explanatory comments documenting the reason for the change

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

test/rbus/consumer/propertyAPI.c Outdated
rbusProperty_Release(vobj);
rbusProperty_Release(prop);
rbusProperty_Release(prop2);

Copy link

Copilot AI Nov 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line contains trailing whitespace. Remove the trailing spaces to maintain code cleanliness.

Suggested change

Copilot uses AI. Check for mistakes.
@Rajeev-Comcast
Remove trailing whitespace
adc389a 
Addresses Copilot feedback on line 405
@svc-rdkeportal01
Copy link
Author

svc-rdkeportal01 commented Nov 29, 2025

✅ Fixed in commit adc389a

Removed trailing whitespace.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@svc-rdkeportal01 @Rajeev-Comcast