On Tue, Apr 27, 2010 at 07:05:44PM +0200, Jim Meyering wrote: > Some people have expressed an interest in setting up > a libvirt autobuilder using clang. If you do that, be aware that > you'll see an ugly looking NULL-deref problem when using the clang > that comes with F12 or F13, but if you're using a new enough version > (rawhide), it's gone. The offending code is in qemu_monitor.c around > line 377 and involves the CMSG_* macros: > > 365 memset(&msg, 0, sizeof(msg)); > 366 > 367 iov[0].iov_base = (void *)data; > 368 iov[0].iov_len = len; > 369 > 370 msg.msg_iov = iov; > 371 msg.msg_iovlen = 1; > 372 > 373 msg.msg_control = control; > 374 msg.msg_controllen = sizeof(control); > 375 > 376 cmsg = CMSG_FIRSTHDR(&msg)((size_t) (&msg)->msg_controllen >= sizeof (struct cmsghdr > ) ? (struct cmsghdr *) (&msg)->msg_control : (struct cmsghdr *) 0); > > *** 2 Null pointer value stored to 'cmsg' > > 377 cmsg->cmsg_len = CMSG_LEN(sizeof(int))((((sizeof (struct cmsghdr)) + sizeof (size_t) - 1) & (size_t) ~(sizeof (size_t) - 1)) + (sizeof(int))); > > *** 3 Dereference of null pointer > > Presuming this code is actually exercised, it's obviously > not dereferencing NULL, so it would be a false positive. > I looked at a few usage examples and it seems like glibc's > own tests do allocate more storage. If this code is *not* > currently being used, we should model it after the glibc test code. Yes, this code is used for network interface hotplug & works correctly in our testing. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list