Re: [libvirt] [PATCH v2] test_driver: implement virDomainGetDiskErrors

On Tue, May 14, 2019 at 12:40 PM John Ferlan <jferlan(a)redhat.com&gt; wrote: > > > > On 5/13/19 9:04 AM, Ilias Stamatis wrote: >> On Mon, May 13, 2019 at 2:38 PM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: >>> >>> On 5/13/19 1:26 AM, Ilias Stamatis wrote: >>>> Return the number of disks present in the configuration of the test >>>> domain when called with @errors as NULL and @maxerrors as 0. >>>> >>>> Otherwise report an error for every second disk, assigning available >>>> error codes in a cyclic order. >>>> >>>> Signed-off-by: Ilias Stamatis <stamatis.iliass(a)gmail.com&gt; >>>> --- >>>> src/test/test_driver.c | 42 ++++++++++++++++++++++++++++++++++++++++++ >>>> 1 file changed, 42 insertions(+) >>>> >>>> diff --git a/src/test/test_driver.c b/src/test/test_driver.c >>>> index a06d1fc402..527c2f5d3b 100644 >>>> --- a/src/test/test_driver.c >>>> +++ b/src/test/test_driver.c >>>> @@ -3046,6 +3046,47 @@ static int testDomainSetAutostart(virDomainPtr domain, >>>> return 0; >>>> } >>>> >>>> +static int testDomainGetDiskErrors(virDomainPtr dom, >>>> + virDomainDiskErrorPtr errors, >>>> + unsigned int maxerrors, >>>> + unsigned int flags) >>>> +{ > > [...] > >>>> + n++; >>>> + } >>>> + ret = n; >>>> + } >>>> + >>>> + cleanup: >>>> + virDomainObjEndAPI(&vm); >>>> + if (ret < 0) { >>>> + for (i = 0; i < n; i++) >>>> + VIR_FREE(errors[i].disk); >>>> + } > > The above got changed to : > > + cleanup: > + virDomainObjEndAPI(&vm); > + if (ret < 0) { > + for (i = 0; i < MIN(vm->def->ndisks, maxerrors); i++) > + VIR_FREE(errors[i].disk); > + } I think this change is incorrect and a bug lies in here. If VIR_STRDUP fails above, memory for less than MIN(vm->def->ndisks, maxerrors) will have been allocated, and then in the cleanup code we'll call VIR_FREE with pointers that haven't been previously allocated.

> > and Coverity got a wee bit grumpy for a couple of reasons... > > - The virDomainObjEndAPI will set @vm = NULL which makes the MIN > statement quite unhappy if ret < 0 > - However, just moving that to after the if condition isn't good > enough since the testDomObjFromDomain could causes us to jump to > cleanup: with @vm = NULL (easily solved by return -1 there instead).