On Mon, Sep 30, 2019 at 01:35:36PM +0200, Pavel Hrdina wrote:
On Fri, Sep 27, 2019 at 06:17:27PM +0100, Daniel P. Berrangé wrote:
Convert the string duplication APIs to use the g_strdup family of APIs.
Annoyingly our virVasprintf/virAsprintf functions return the character count, even though 90% of our usage doesn't need it. To retain compat with these semantics we have a call to strlen which costs CPU time.
We previously used the 'strdup-posix' gnulib module because mingw does not set errno to ENOMEM on failure
We previously used the 'strndup' gnulib module because this function does not exist on mingw.
We previously used the 'vasprintf' gnulib module because of many GNU supported format specifiers not working on non-Linux platforms. glib's own equivalent standardizes on GNU format specifiers too.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- bootstrap.conf | 3 --- src/util/virstring.c | 19 +++++++------------ 2 files changed, 7 insertions(+), 15 deletions(-)
diff --git a/bootstrap.conf b/bootstrap.conf index 549d18c6d4..b6b75f9301 100644 --- a/bootstrap.conf +++ b/bootstrap.conf @@ -100,8 +100,6 @@ stat-time stdarg stpcpy strchrnul -strdup-posix -strndup strerror strerror_r-posix strptime @@ -117,7 +115,6 @@ uname unsetenv useless-if-before-free usleep -vasprintf verify vc-list-files vsnprintf diff --git a/src/util/virstring.c b/src/util/virstring.c index a4cc7e9c0a..c8c888b2a0 100644 --- a/src/util/virstring.c +++ b/src/util/virstring.c @@ -730,12 +730,9 @@ virVasprintfInternal(char **strp, const char *fmt, va_list list) { - int ret; + *strp = g_strdup_vprintf(fmt, list);
- if ((ret = vasprintf(strp, fmt, list)) == -1) - abort(); - - return ret; + return strlen(*strp);
This will cause a SEGFAULT if strp is NULL as g_strdup_vprintf doesn't abort on failure.
I spent a long time investigating this.... g_strdup_vprintf calls g_vasprintf() which in turn has 3 impls. 2 out of the 3 impls will abort on OOM, but one won't. The one we use on Linux is the one that won't abort. No application code that I can find ever checks the return value of g_strdup_vprintf or the output string of g_vasprintf. I eventually found a bug indicating the lack of abort on OOM is indeed considered a mistake: https://gitlab.gnome.org/GNOME/glib/issues/1622 I've thus sent a patch to force an abort on OOM: https://gitlab.gnome.org/GNOME/glib/merge_requests/1145 Thus I think from libvirt's POV we can assume this aborts on OOM, since every single other application using this does the same. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|