Re: [libvirt PATCH] virThreadPoolExpand: Prevent expanding worker pool by zero

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jul 09, 2021 at 15:43:06 +0200, Tim Wiederhake wrote:
> `virThreadPoolNewFull` may call `virThreadPoolExpand` with `prioWorkers` = 0.

Could you elaborate in which situations this happens?

> This causes `virThreadPoolExpand` to call `VIR_EXPAND_N` on a null pointer
> and an increment of zero. The zero increment triggers `virReallocN` to not
> actually allocate any memory and leave the pointer NULL, which, eventually,
> causes `memset(NULL, 0, 0)` to be called in `virExpandN`.
> 
> `memset` is declared `__attribute__ ((__nonnull__ 1))`, which triggers the
> following warning when libvirt is compiled with address sanitizing enabled:
> 
>     src/util/viralloc.c:82:5: runtime error: null pointer passed as
>     argument 1, which is declared to never be null
> 
> Signed-off-by: Tim Wiederhake <twiederh@xxxxxxxxxx>
> ---
>  src/util/virthreadpool.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/src/util/virthreadpool.c b/src/util/virthreadpool.c
> index 9ddd86a679..c9d2a17ff4 100644
> --- a/src/util/virthreadpool.c
> +++ b/src/util/virthreadpool.c
> @@ -179,6 +179,9 @@ virThreadPoolExpand(virThreadPool *pool, size_t gain, bool priority)
>      size_t i = 0;
>      struct virThreadPoolWorkerData *data = NULL;
>  
> +    if (gain == 0)
> +        return 0;

IMO this is fixing a symptom rather than a root cause unless you justify
it.

> +
>      VIR_EXPAND_N(*workers, *curWorkers, gain);
>  
>      for (i = 0; i < gain; i++) {
> -- 
> 2.31.1
> 




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux