Re: [libvirt] [PATCH v2] test_driver: implement virDomainGetDiskErrors

On 5/15/19 11:49 AM, Ilias Stamatis wrote: > On Wed, May 15, 2019 at 10:14 AM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: >> >> On 5/14/19 5:24 PM, Ilias Stamatis wrote: >>> On Tue, May 14, 2019 at 5:04 PM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: >>>> >>>> On 5/14/19 12:50 PM, Ilias Stamatis wrote: >>>>> On Tue, May 14, 2019 at 12:40 PM John Ferlan <jferlan(a)redhat.com&gt; wrote: >>>>>> >>>>>> >>>>>> >>>>>> On 5/13/19 9:04 AM, Ilias Stamatis wrote: >>>>>>> On Mon, May 13, 2019 at 2:38 PM Michal Privoznik <mprivozn(a)redhat.com&gt; wrote: >>>>>>>> >>>>>>>> On 5/13/19 1:26 AM, Ilias Stamatis wrote: >>>>>>>>> Return the number of disks present in the configuration of the test >>>>>>>>> domain when called with @errors as NULL and @maxerrors as 0. >>>>>>>>> >>>>>>>>> Otherwise report an error for every second disk, assigning available >>>>>>>>> error codes in a cyclic order. >>>>>>>>> >>>>>>>>> Signed-off-by: Ilias Stamatis <stamatis.iliass(a)gmail.com&gt; >>>>>>>>> --- >>>>>>>>> src/test/test_driver.c | 42 ++++++++++++++++++++++++++++++++++++++++++ >>>>>>>>> 1 file changed, 42 insertions(+) >>>>>>>>> >>>>>>>>> diff --git a/src/test/test_driver.c b/src/test/test_driver.c >>>>>>>>> index a06d1fc402..527c2f5d3b 100644 >>>>>>>>> --- a/src/test/test_driver.c >>>>>>>>> +++ b/src/test/test_driver.c >>>>>>>>> @@ -3046,6 +3046,47 @@ static int testDomainSetAutostart(virDomainPtr domain, >>>>>>>>> return 0; >>>>>>>>> } >>>>>>>>> >>>>>>>>> +static int testDomainGetDiskErrors(virDomainPtr dom, >>>>>>>>> + virDomainDiskErrorPtr errors, >>>>>>>>> + unsigned int maxerrors, >>>>>>>>> + unsigned int flags) >>>>>>>>> +{ >>>>>> >>>>>> [...] >>>>>> >>>>>>>>> + n++; >>>>>>>>> + } >>>>>>>>> + ret = n; >>>>>>>>> + } >>>>>>>>> + >>>>>>>>> + cleanup: >>>>>>>>> + virDomainObjEndAPI(&vm); >>>>>>>>> + if (ret < 0) { >>>>>>>>> + for (i = 0; i < n; i++) >>>>>>>>> + VIR_FREE(errors[i].disk); >>>>>>>>> + } >>>>>> >>>>>> The above got changed to : >>>>>> >>>>>> + cleanup: >>>>>> + virDomainObjEndAPI(&vm); >>>>>> + if (ret < 0) { >>>>>> + for (i = 0; i < MIN(vm->def->ndisks, maxerrors); i++) >>>>>> + VIR_FREE(errors[i].disk); >>>>>> + } >>>>> >>>>> I think this change is incorrect and a bug lies in here. >>>>> >>>>> If VIR_STRDUP fails above, memory for less than MIN(vm->def->ndisks, >>>>> maxerrors) will have been allocated, and then in the cleanup code >>>>> we'll call VIR_FREE with pointers that haven't been previously >>>>> allocated. >>>> >>>> That isn't a problem. User has to passed an array that we can touch. If >>>> they store some data in it, well, their fault - how are we supposed to >>>> return anything if we can't touch the array? >>> >>> I'm not sure I understand exactly what you mean. >>> >>> We can touch the array of course. >>> >>> What I'm saying is that we allocate memory with VIR_STRDUP for each >>> errors[i].disk, but if the call fails we free this memory on our own. >>> >>> However how it is implemented now we might call VIR_FREE on pointers >>> for which we have *not* allocated any memory. >>> >>> Because in the first loop, VIR_STRDUP might fail and send us to >>> "cleanup". But then on cleanup we iterate over the whole errors array. >>> >>> Isn't this incorrect? Do I understand something wrong? >> >> >> Ah, now I get it. If user passes an array that is not zeroed out then we >> might end up passing a random pointer to free(). How about this then? >> >> if (ret < 0) { >> while (i > 0) >> VIR_FREE(errors[i--].disk); >> } >> > > Yes, this would work I think. And then the other changes in the > cleanup etc are not needed. > > Ie it can be again: > > if (!(vm = testDomObjFromDomain(dom))) > goto cleanup; > > instead of "return -1" which is more consistent with the rest of the code. This is done in 1/2. Or what do you mean?