`virThreadPoolNewFull` may call `virThreadPoolExpand` with `prioWorkers` = 0.
This causes `virThreadPoolExpand` to call `VIR_EXPAND_N` on a null pointer
and an increment of zero. The zero increment triggers `virReallocN` to not
actually allocate any memory and leave the pointer NULL, which, eventually,
causes `memset(NULL, 0, 0)` to be called in `virExpandN`.
`memset` is declared `__attribute__ ((__nonnull__ 1))`, which triggers the
following warning when libvirt is compiled with address sanitizing enabled:
src/util/viralloc.c:82:5: runtime error: null pointer passed as
argument 1, which is declared to never be null
Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx>
---
src/util/virthreadpool.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/util/virthreadpool.c b/src/util/virthreadpool.c
index 9ddd86a679..c9d2a17ff4 100644
--- a/src/util/virthreadpool.c
+++ b/src/util/virthreadpool.c
@@ -179,6 +179,9 @@ virThreadPoolExpand(virThreadPool *pool, size_t gain, bool priority)
size_t i = 0;
struct virThreadPoolWorkerData *data = NULL;
+ if (gain == 0)
+ return 0;
+
VIR_EXPAND_N(*workers, *curWorkers, gain);
for (i = 0; i < gain; i++) {
--
2.31.1
