Commit Graph

26 Commits

Author SHA1 Message Date
Jiri Denemark
9eb7e9e817 util: Make virReallocN return void
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2021-03-22 12:44:18 +01:00
Jiri Denemark
52ef4a9af2 util: Make virExpandN return void
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2021-03-22 12:44:18 +01:00
Jiri Denemark
ea5e926bb6 util: Make virResizeN return void
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2021-03-22 12:44:18 +01:00
Peter Krempa
bfdfa64010 viralloc: Remove VIR_ALLOC_VAR
The use case VIR_ALLOC_VAR deals with is very unlikely. We had just 2
legitimate uses, which were reimplemented locally using g_malloc0 and
sizeof instead as they used a static number of members of the trailing
array.

Remove VIR_ALLOC_VAR since in most cases the direct implementation is
shorter and clearer and there are no users of it currently.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-03 16:09:25 +01:00
Peter Krempa
ed97683897 util: alloc: Remove VIR_DISPOSE_STRING
Users were replaced with virSecureEraseString with explicit freeing of
the memory.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-03 13:07:14 +01:00
Peter Krempa
bacf612607 util: viralloc: Remove VIR_DISPOSE(_N)
The macros are unused now and callers who care about clearing the memory
they use should use memset() appropriately.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-03 13:07:13 +01:00
Ján Tomko
79cb397b39 util: delete VIR_ALLOC and VIR_ALLOC_N
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
2020-10-08 19:19:22 +02:00
Peter Krempa
09352cca2a VIR_FREE: Replace internals by g_clear_pointer
Our implementation masks GCC warnings of uninitialized use of the passed
argument. After changing this I got a load of following warnings:

src/conf/virnetworkportdef.c: In function 'virNetworkPortDefSaveStatus':
/usr/include/glib-2.0/glib/gmem.h:136:8: error: 'path' may be used uninitialized in this function [-Werror=maybe-uninitialized]
  136 |     if (_p)                \
      |        ^
src/conf/virnetworkportdef.c:447:11: note: 'path' was declared here
  447 |     char *path;
      |           ^~~~

For the curious, g_clear_pointer is still safe for arguments with
side-effect. Here's the pre-processed output of trying to do a
VIR_FREE(*(test2++)):

 do {
     typedef char _GStaticAssertCompileTimeAssertion_1[(sizeof *(&(*(test2++))) == sizeof (gpointer)) ? 1 : -1] __attribute__((__unused__));
     __typeof__((&(*(test2++)))) _pp = (&(*(test2++)));
     __typeof__(*(&(*(test2++)))) _ptr = *_pp;

     *_pp = ((void *)0);
     if (_ptr)
        (g_free) (_ptr);
 } while (0) ;

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2020-03-05 16:22:27 +01:00
Daniel P. Berrangé
e85e34f3af util: use glib memory allocation functions
Convert the VIR_ALLOC family of APIs with use of the g_malloc family of
APIs. Use of VIR_ALLOC related functions should be incrementally phased
out over time, allowing return value checks to be dropped. Use of
VIR_FREE should be replaced with auto-cleanup whenever possible.

We previously used the 'calloc-posix' gnulib module because mingw does
not set errno to ENOMEM on failure.

Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-10-14 10:54:42 +01:00
Daniel P. Berrangé
52117fa97e util: make allocation functions abort on OOM
The functions are left returning an "int" to avoid an immediate
big-bang cleanup. They'll simply never return anything other
than 0, except for virInsertN which can still return an error
if the requested insertion index is out of range. Interestingly
in that case, the _QUIET function would none the less report
an error.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-13 10:05:17 +01:00
Daniel P. Berrangé
2c52ecd960 util: purge all code for testing OOM handling
The OOM handling requires special build time options which we never
enable in our CI. Even once enabled the tests are incredibly slow and
typically require manual inspection of the results to weed out false
positives.

Since there was previous agreement to switch to abort on OOM in libvirt
code, there's no point continuing to keep the unused OOM testing code.

Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2019-09-13 10:05:17 +01:00
Peter Krempa
a9b3afabcd util: alloc: Add automatic cleanup/disposal of strings
VIR_AUTODISPOSE_STR is similar to VIR_AUTOFREE(char *) but uses
virDispose for clearing of the stored string.

This patch also refactors VIR_DISPOSE to use the new helper which is
used for the new macro.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2019-04-03 11:58:10 +02:00
Yuri Chornoivan
e5c1fbca24 Fix minor typos in messages and docs
Signed-off-by: Yuri Chornoivan <yurchor@ukr.net>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-12-05 10:39:54 +01:00
Erik Skultety
5165ff0971 src: More cleanup of some system headers already contained in internal.h
All of the ones being removed are pulled in by internal.h. The only
exception is sanlock which expects the application to include <stdint.h>
before sanlock's headers, because sanlock prototypes use fixed width
int, but they don't include stdint.h themselves, so we have to leave
that one in place.

Signed-off-by: Erik Skultety <eskultet@redhat.com>
Acked-by: Michal Privoznik <mprivozn@redhat.com>
2018-09-20 10:16:39 +02:00
Daniel P. Berrange
09db97d3cb Use explicit boolean comparison in OOM check
GCC 7 gets upset by

   if (!tmp && (size * count))

warning

  util/viralloc.c: In function 'virReallocN':
  util/viralloc.c:246:23: error: '*' in boolean context, suggest '&&' instead [-Werror=int-in-bool-context]
     if (!tmp && (size * count)) {
                 ~~~~~~^~~~~~~~

Keep it happy by adding != 0 to the right hand expression
so it realizes we really are wanting to treat the result
of the arithmetic expression as a boolean

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-02-23 10:11:16 +00:00
Peter Krempa
eb2116fd9a util: alloc: Introduce freeing helpers that clear the memory before freeing
For a few cases where we handle secret information it's good to clear
the buffers containing sensitive data before freeing them.

Introduce VIR_DISPOSE, VIR_DISPOSE_N and VIR_DISPOSE_STRING that allow
simple clearing fo the buffers holding sensitive information on cleanup
paths.
2016-05-16 12:58:48 +02:00
Eric Blake
39871fce1a maint: avoid static zero init in core files
C guarantees that static variables are zero-initialized.  Some older
compilers (and also gcc -fno-zero-initialized-in-bss) create larger
binaries if you explicitly zero-initialize a static variable.

* src/libvirt.c: Fix initialization.
* src/util/viralloc.c: Likewise.
* src/util/virdbus.c: Likewise.
* src/util/virevent.c: Likewise.
* src/util/virfile.c (safezero): Likewise.
* src/util/virlog.c: Likewise.
* src/util/virnetlink.c: Likewise.
* src/util/virthread.h (VIR_ONCE_GLOBAL_INIT): Likewise.
* src/util/virprocess.c (virProcessGetStartTime): Likewise.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-10-29 09:55:09 -06:00
Eric Blake
d194d6e7e6 maint: use consistent if-else braces in remaining spots
I'm about to add a syntax check that enforces our documented
HACKING style of always using matching {} on if-else statements.

This patch focuses on all remaining problems, where there weren't
enough issues to warrant splitting it further.

* src/remote/remote_driver.c (doRemoteOpen): Correct use of {}.
* src/security/virt-aa-helper.c (vah_add_path, valid_path, main):
Likewise.
* src/rpc/virnetsocket.c (virNetSocketNewConnectLibSSH2):
Likewise.
* src/esx/esx_vi_types.c (esxVI_Type_FromString): Likewise.
* src/uml/uml_driver.c (umlDomainDetachDevice): Likewise.
* src/util/viralloc.c (virShrinkN): Likewise.
* src/util/virbuffer.c (virBufferURIEncodeString): Likewise.
* src/util/virdbus.c (virDBusCall): Likewise.
* src/util/virnetdev.c (virNetDevValidateConfig): Likewise.
* src/util/virnetdevvportprofile.c
(virNetDevVPortProfileGetNthParent): Likewise.
* src/util/virpci.c (virPCIDeviceIterDevices)
(virPCIDeviceWaitForCleanup)
(virPCIDeviceIsBehindSwitchLackingACS): Likewise.
* src/util/virsocketaddr.c (virSocketAddrGetNumNetmaskBits):
Likewise.
* src/util/viruri.c (virURIParseParams): Likewise.
* daemon/stream.c (daemonStreamHandleAbort): Likewise.
* tests/testutils.c (virtTestResult): Likewise.
* tests/cputest.c (cpuTestBaseline): Likewise.
* tools/virsh-domain.c (cmdDomPMSuspend): Likewise.
* tools/virsh-host.c (cmdNodeSuspend): Likewise.
* src/esx/esx_vi_generator.py (Type.generate_typefromstring):
Tweak generated code.

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-09-04 14:34:03 -06:00
Daniel P. Berrange
2835c1e730 Add virLogSource variables to all source files
Any source file which calls the logging APIs now needs
to have a VIR_LOG_INIT("source.name") declaration at
the start of the file. This provides a static variable
of the virLogSource type.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-03-18 14:29:22 +00:00
Daniel P. Berrange
ecd2ba6893 Fix reporting of errors in OOM injection code
When the various viralloc.c functions were changed to use the
normal error reporting code, the OOM injection code paths
were not updated to report errors.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-09-24 10:52:26 +01:00
Michal Privoznik
8290cbbc38 viralloc: Report OOM error on failure
Similarly to VIR_STRDUP, we want the OOM error to be reported in
VIR_ALLOC and friends.
2013-07-10 11:07:31 +02:00
Eric Blake
ddcfc5492a alloc: make VIR_APPEND_ELEMENT safer
VIR_APPEND_ELEMENT(array, size, elem) was not safe if the expression
for 'size' had side effects.  While no one in the current code base
was trying to pass side effects, we might as well be robust and
explicitly document our intentions.

* src/util/viralloc.c (virInsertElementsN): Add special case.
* src/util/viralloc.h (VIR_APPEND_ELEMENT): Use it.
(VIR_ALLOC, VIR_ALLOC_N, VIR_REALLOC_N, VIR_EXPAND_N)
(VIR_RESIZE_N, VIR_SHRINK_N, VIR_INSERT_ELEMENT)
(VIR_DELETE_ELEMENT, VIR_ALLOC_VAR, VIR_FREE): Document
which macros are safe in the presence of side effects.
* docs/hacking.html.in: Document this.
* HACKING: Regenerate.

Signed-off-by: Eric Blake <eblake@redhat.com>
2013-05-07 13:21:31 -06:00
Ján Tomko
b8fec67cb5 util: fix virAllocVar's comment 2013-03-22 13:05:46 +01:00
Michal Privoznik
70bc623b58 viralloc: Export virAllocTest*
If users build with --enable-test-oom configure option,
they get this error saying, virAllocTest* functions are
not defined within tests/testutils.c.
2013-03-22 12:45:14 +01:00
Eric Blake
2e6322a7a5 viralloc: use consistent naming
Commit 0df3e89 only touched the header, but the .c file had the
same shadowing potential.

* src/util/viralloc.c (virDeleteElementsN): s/remove/toremove/ to
match the header.
2013-03-07 07:53:42 -07:00
Daniel P. Berrange
ab9b7ec2f6 Rename memory.{c,h} to viralloc.{c,h} 2012-12-21 11:17:14 +00:00