[libvirt] [PATCH 23/35] conf: Add new helpers to resolve virDomainModificationImpact to domain defs
Peter Krempa
pkrempa at redhat.com
Thu Jun 4 11:18:02 UTC 2015
On Thu, Jun 04, 2015 at 07:02:00 -0400, John Ferlan wrote:
>
>
> On 05/29/2015 09:33 AM, Peter Krempa wrote:
> > virDomainLiveConfigHelperMethod that is used for this job now does
> > modify the flags but still requires the callers to extract the correct
> > definition objects.
> >
> > In addition coverity and other static analyzers are usually unhappy as
> > they don't grasp the fact that @flags are upadted according to the
> > correct def to be present.
> >
> > To work this issue around and simplify the calling chain let's add a new
> > helper that will work only on drivers that always copy the persistent
> > def to a transient at start of a vm. This will allow to drop a few
> > arguments. The new function syntax will also fill two definition
> > pointers rather than modifying the @flags parameter.
> > ---
> > src/conf/domain_conf.c | 113 ++++++++++++++++++++++++++++++++++++++---------
> > src/conf/domain_conf.h | 8 ++++
> > src/libvirt_private.syms | 2 +
> > 3 files changed, 102 insertions(+), 21 deletions(-)
> >
>
> Well Coverity is most unhappy with these changes - causes 14 new issues
> - all related... I didn't get a chance to run your series through my
> checker because not all of the patches made it through even though they
> were in the archive (strange).
>
> > diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
> > index 4a8c1b5..e8bda73 100644
> > --- a/src/conf/domain_conf.c
> > +++ b/src/conf/domain_conf.c
>
> ...
>
> > +
> > +/**
> > + * virDomainObjGetDefs:
> > + *
> > + * @vm: domain object
> > + * @flags: for virDomainModificationImpact
> > + * @liveDef: Set to the pointer to the live definition of @vm.
> > + * @persDef: Set to the pointer to the config definition of @vm.
> > + *
> > + * Helper function to resolve @flags and retrieve correct domain pointer
> > + * objects. This function should be used only when the hypervisor driver always
> > + * creates vm->newDef once the vm is started. (qemu driver does that)
> > + *
> > + * If @liveDef or @persDef are set it implies that @flags request modification
> > + * of thereof.
> > + *
> > + * Returns 0 on success and sets @liveDef and @persDef; -1 if @flags are
> > + * inappropriate.
> > + */
> > +int
> > +virDomainObjGetDefs(virDomainObjPtr vm,
> > + unsigned int flags,
> > + virDomainDefPtr *liveDef,
> > + virDomainDefPtr *persDef)
> > +{
> > + if (liveDef)
> > + *liveDef = NULL;
> > +
> > + if (*persDef)
> > + *persDef = NULL;
>
> You dereference "*persDef" here without checking and furthermore this
> causes Coverity to complain about UNINIT usage in each of the callers
> since non initialized their def to NULL.a
[1]
>
> > +
> > + if (virDomainObjUpdateModificationImpact(vm, &flags) < 0)
> > + return -1;
> > +
> > + if (flags & VIR_DOMAIN_AFFECT_LIVE) {
> > + if (liveDef)
> > + *liveDef = vm->def;
> > +
> > + if (persDef)
> > + *liveDef = vm->newDef;
>
> here you check for persDef, but adjust *liveDef - so if liveDef == NULL,
> then there's going to be a failure...
>
> > + } else {
> > + if (persDef)
> > + *persDef = vm->def;
>
> Also persDef is checked again...
>
> > + }
> > +
> > + return 0;
> > }
> >
> > +
> > /*
> > * The caller must hold a lock on the driver owning 'doms',
> > * and must also have locked 'dom', to ensure no one else
> > diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h
> > index 34b669d..262d267 100644
> > --- a/src/conf/domain_conf.h
> > +++ b/src/conf/domain_conf.h
> > @@ -2545,6 +2545,14 @@ virDomainObjGetPersistentDef(virCapsPtr caps,
> > virDomainXMLOptionPtr xmlopt,
> > virDomainObjPtr domain);
> >
> > +int virDomainObjUpdateModificationImpact(virDomainObjPtr vm,
> > + unsigned int *flags);
> > +
> > +int virDomainObjGetDefs(virDomainObjPtr vm,
> > + unsigned int flags,
> > + virDomainDefPtr *liveDef,
> > + virDomainDefPtr *persDef);
>
> How about a "ATTRIBUTE_NONNULL(4)" here?
Actually, the first check has an extra dereference that should not be
there. The function expects that NULL is passed here.
>
>
> John
>
> I'd paste a diff here that worked for me, except that I know you prefer
> not to have inlined diffs like that in email... So I'll wait to see how
> you fix this...
>
The change is to remove the deref at [1].
Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20150604/4444f157/attachment-0001.sig>
More information about the libvir-list
mailing list