Coverity complains about "USE_AFTER_FREE" due to how virPCIDeviceSetStubDriver "could" return either -1, 0, or 1 from the VIR_STRDUP() and then possibly makes a call to virPCIDeviceDetach(). The only way this could happen is if NULL were passed as the "driver" name and virStrdup() returned 0. Since the calling functions check < 0 on the initial function call, the 0 possibility causes Coverity to complain. To fix this - enforce that the second parameter is not NULL using ATTRIBUTE_NONNULL(2) for the function prototype, then in virPCIDeviceDetach add an sa_assert(dev->stubDriver). This will result in Coverity not complaining any more. Signed-off-by: John Ferlan <jferlan(a)redhat.com&gt; --- NOTE: This replaces Pavel's patch posted yesterday: http://www.redhat.com/archives/libvir-list/2014-February/msg00319.html src/util/virpci.c | 4 +++- src/util/virpci.h | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/src/util/virpci.c b/src/util/virpci.c index c3d211f..00d1064 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -1327,6 +1327,8 @@ virPCIDeviceDetach(virPCIDevicePtr dev, virPCIDeviceList *activeDevs, virPCIDeviceList *inactiveDevs) { + sa_assert(dev->stubDriver); + if (virPCIProbeStubDriver(dev->stubDriver) < 0) return -1; @@ -1657,7 +1659,7 @@ int virPCIDeviceSetStubDriver(virPCIDevicePtr dev, const char *driver) { VIR_FREE(dev->stubDriver); - return driver ? VIR_STRDUP(dev->stubDriver, driver) : 0; + return VIR_STRDUP(dev->stubDriver, driver); } const char * diff --git a/src/util/virpci.h b/src/util/virpci.h index 42c3c95..ac6dae1 100644 --- a/src/util/virpci.h +++ b/src/util/virpci.h @@ -63,7 +63,8 @@ void virPCIDeviceSetManaged(virPCIDevice *dev, bool managed); unsigned int virPCIDeviceGetManaged(virPCIDevice *dev); int virPCIDeviceSetStubDriver(virPCIDevicePtr dev, - const char *driver); + const char *driver) + ATTRIBUTE_NONNULL(2); const char *virPCIDeviceGetStubDriver(virPCIDevicePtr dev); void virPCIDeviceSetUsedBy(virPCIDevice *dev, const char *used_by); -- 1.8.4.2