Re: [libvirt] [PATCH v2] test_driver: implement virDomainGetDiskErrors

On Wed, May 15, 2019 at 10:14 AM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: > > On 5/14/19 5:24 PM, Ilias Stamatis wrote: >> On Tue, May 14, 2019 at 5:04 PM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: >>> >>> On 5/14/19 12:50 PM, Ilias Stamatis wrote: >>>> On Tue, May 14, 2019 at 12:40 PM John Ferlan <jferlan(a)redhat.com&gt; wrote: >>>>> >>>>> >>>>> >>>>> On 5/13/19 9:04 AM, Ilias Stamatis wrote: >>>>>> On Mon, May 13, 2019 at 2:38 PM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: >>>>>>> >>>>>>> On 5/13/19 1:26 AM, Ilias Stamatis wrote: >>>>>>>> Return the number of disks present in the configuration of the test >>>>>>>> domain when called with @errors as NULL and @maxerrors as 0. >>>>>>>> >>>>>>>> Otherwise report an error for every second disk, assigning available >>>>>>>> error codes in a cyclic order. >>>>>>>> >>>>>>>> Signed-off-by: Ilias Stamatis <stamatis.iliass(a)gmail.com&gt; >>>>>>>> --- >>>>>>>> src/test/test_driver.c | 42 ++++++++++++++++++++++++++++++++++++++++++ >>>>>>>> 1 file changed, 42 insertions(+) >>>>>>>> >>>>>>>> diff --git a/src/test/test_driver.c b/src/test/test_driver.c >>>>>>>> index a06d1fc402..527c2f5d3b 100644 >>>>>>>> --- a/src/test/test_driver.c >>>>>>>> +++ b/src/test/test_driver.c >>>>>>>> @@ -3046,6 +3046,47 @@ static int testDomainSetAutostart(virDomainPtr domain, >>>>>>>> return 0; >>>>>>>> } >>>>>>>> >>>>>>>> +static int testDomainGetDiskErrors(virDomainPtr dom, >>>>>>>> + virDomainDiskErrorPtr errors, >>>>>>>> + unsigned int maxerrors, >>>>>>>> + unsigned int flags) >>>>>>>> +{ >>>>> >>>>> [...] >>>>> >>>>>>>> + n++; >>>>>>>> + } >>>>>>>> + ret = n; >>>>>>>> + } >>>>>>>> + >>>>>>>> + cleanup: >>>>>>>> + virDomainObjEndAPI(&vm); >>>>>>>> + if (ret < 0) { >>>>>>>> + for (i = 0; i < n; i++) >>>>>>>> + VIR_FREE(errors[i].disk); >>>>>>>> + } >>>>> >>>>> The above got changed to : >>>>> >>>>> + cleanup: >>>>> + virDomainObjEndAPI(&vm); >>>>> + if (ret < 0) { >>>>> + for (i = 0; i < MIN(vm->def->ndisks, maxerrors); i++) >>>>> + VIR_FREE(errors[i].disk); >>>>> + } >>>> >>>> I think this change is incorrect and a bug lies in here. >>>> >>>> If VIR_STRDUP fails above, memory for less than MIN(vm->def->ndisks, >>>> maxerrors) will have been allocated, and then in the cleanup code >>>> we'll call VIR_FREE with pointers that haven't been previously >>>> allocated. >>> >>> That isn't a problem. User has to passed an array that we can touch. If >>> they store some data in it, well, their fault - how are we supposed to >>> return anything if we can't touch the array? >> >> I'm not sure I understand exactly what you mean. >> >> We can touch the array of course. >> >> What I'm saying is that we allocate memory with VIR_STRDUP for each >> errors[i].disk, but if the call fails we free this memory on our own. >> >> However how it is implemented now we might call VIR_FREE on pointers >> for which we have *not* allocated any memory. >> >> Because in the first loop, VIR_STRDUP might fail and send us to >> "cleanup". But then on cleanup we iterate over the whole errors array. >> >> Isn't this incorrect? Do I understand something wrong? > > > Ah, now I get it. If user passes an array that is not zeroed out then we > might end up passing a random pointer to free(). How about this then? > > if (ret < 0) { > while (i > 0) > VIR_FREE(errors[i--].disk); > } > Yes, this would work I think. And then the other changes in the cleanup etc are not needed. Ie it can be again: if (!(vm = testDomObjFromDomain(dom))) goto cleanup; instead of "return -1" which is more consistent with the rest of the code.

However the code now returns errors for all disks. I thought we wanted to report errors only for some of them?