On 08/20/2013 05:08 AM, Osier Yang wrote:
> Introduced by commit e0139e30444:
>
> 1777 /* Updating pool metadata */
>
> (40) Event var_deref_op: Dereferencing null pointer "newvol".
> Also see events: [assign_zero]
>
> 1778 pool->def->allocation += newvol->allocation;
> 1779 pool->def->available -= newvol->allocation;
> ---
> src/storage/storage_driver.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/storage/storage_driver.c b/src/storage/storage_driver.c
> index 7908ba6..63a954b 100644
> --- a/src/storage/storage_driver.c
> +++ b/src/storage/storage_driver.c
> @@ -1758,7 +1758,6 @@ storageVolCreateXMLFrom(virStoragePoolPtr obj,
>
> origvol->building = 0;
> newvol->building = 0;
> - newvol = NULL;
> pool->asyncjobs--;
>
> if (origpool) {
...
The next condition is:
if (buildret < 0) {
virStoragePoolObjUnlock(pool);
storageVolDelete(volobj, 0);
pool = NULL;
goto cleanup;
}
Since previously we'd have 'newvol = NULL;' already, there would need to
be one added here too.. Since, prior to this there's code:
pool->volumes.objs[pool->volumes.count++] = newvol;
which saves the pointer...
Perhaps it'd work better to do the following:
unsigned long long allocation = 0x0ULL;
...
allocation = newvol->allocation;
newvol = NULL;
...
pool->def->allocation += allocation;
pool->def->available -= allocation;
> @@ -1781,6 +1780,7 @@ storageVolCreateXMLFrom(virStoragePoolPtr obj,
> VIR_INFO("Creating volume '%s' in storage pool '%s'",
> volobj->name, pool->def->name);
> ret = volobj;
> + newvol = NULL;
and this would become unnecessary
> volobj = NULL;
>
> cleanup:
>
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list