| Message ID | 1477516718-15439-3-git-send-email-eblake@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Eric Blake <eblake@redhat.com> writes: > Add a test that proves (at least when run under valgrind) that > we are correctly handling allocated memory even when a visit > is aborted in the middle for whatever other reason. > > See commit f24582d "qapi: fix double free in > qmp_output_visitor_cleanup()" for a fix that was lacking > testsuite exposure prior to this patch. > > Signed-off-by: Eric Blake <eblake@redhat.com> > > --- > v2: rebase (and hence retitle), add list & alternate coverage > --- > tests/test-qobject-output-visitor.c | 39 +++++++++++++++++++++++++++++++++++++ > 1 file changed, 39 insertions(+) > > diff --git a/tests/test-qobject-output-visitor.c b/tests/test-qobject-output-visitor.c > index c2e0f43..fdae0d5 100644 > --- a/tests/test-qobject-output-visitor.c > +++ b/tests/test-qobject-output-visitor.c > @@ -254,6 +254,43 @@ static void test_visitor_out_struct_errors(TestOutputVisitorData *data, > } > > > +static void test_visitor_out_partial_visit(TestOutputVisitorData *data, > + const void *unused) > +{ > + /* Various checks that a mid-visit abort doesn't leak or double-free. */ > + const char *str = "hi"; > + Error *err = NULL; > + UserDefAlternate uda = { .type = QTYPE_QDICT, > + .u.udfu = { .integer = 1, > + .string = (char *) "bye", > + .enum1 = -1 } }; > + UserDefAlternate *obj = &uda; > + > + /* Abort within a nested object with no data members */ > + visit_start_struct(data->ov, NULL, NULL, 0, &error_abort); > + visit_start_struct(data->ov, "nested", NULL, 0, &error_abort); > + visitor_reset(data); > + > + /* Abort in the middle of a list of strings */ > + visit_start_list(data->ov, "list", NULL, 0, &error_abort); > + visit_type_str(data->ov, NULL, (char **)&str, &error_abort); > + visit_type_str(data->ov, NULL, (char **)&str, &error_abort); > + visitor_reset(data); > + > + /* Abort in the middle of an alternate. Alternates can't be > + * virtually visited, so we get to inline the first half of > + * visit_type_UserDefAlternate(). */ > + visit_start_alternate(data->ov, NULL, (GenericAlternate **)&obj, > + sizeof(uda), false, &error_abort); > + visit_start_struct(data->ov, NULL, NULL, 0, &error_abort); > + visit_type_UserDefUnionBase_members(data->ov, > + (UserDefUnionBase *)&uda.u.udfu, > + &err); > + error_free_or_abort(&err); Why does this fail? > + visitor_reset(data); > +} > + > + > static void test_visitor_out_list(TestOutputVisitorData *data, > const void *unused) > { > @@ -817,6 +854,8 @@ int main(int argc, char **argv) > &out_visitor_data, test_visitor_out_struct_nested); > output_visitor_test_add("/visitor/output/struct-errors", > &out_visitor_data, test_visitor_out_struct_errors); > + output_visitor_test_add("/visitor/output/partial-visit", > + &out_visitor_data, test_visitor_out_partial_visit); > output_visitor_test_add("/visitor/output/list", > &out_visitor_data, test_visitor_out_list); > output_visitor_test_add("/visitor/output/any",
On 11/03/2016 11:42 AM, Markus Armbruster wrote: > Eric Blake <eblake@redhat.com> writes: > >> Add a test that proves (at least when run under valgrind) that >> we are correctly handling allocated memory even when a visit >> is aborted in the middle for whatever other reason. >> >> See commit f24582d "qapi: fix double free in >> qmp_output_visitor_cleanup()" for a fix that was lacking >> testsuite exposure prior to this patch. >> >> Signed-off-by: Eric Blake <eblake@redhat.com> >> +static void test_visitor_out_partial_visit(TestOutputVisitorData *data, >> + const void *unused) >> +{ >> + /* Various checks that a mid-visit abort doesn't leak or double-free. */ >> + const char *str = "hi"; >> + Error *err = NULL; >> + UserDefAlternate uda = { .type = QTYPE_QDICT, >> + .u.udfu = { .integer = 1, >> + .string = (char *) "bye", >> + .enum1 = -1 } }; ^ Not a valid enum value... >> + >> + /* Abort in the middle of an alternate. Alternates can't be >> + * virtually visited, so we get to inline the first half of >> + * visit_type_UserDefAlternate(). */ >> + visit_start_alternate(data->ov, NULL, (GenericAlternate **)&obj, >> + sizeof(uda), false, &error_abort); >> + visit_start_struct(data->ov, NULL, NULL, 0, &error_abort); >> + visit_type_UserDefUnionBase_members(data->ov, >> + (UserDefUnionBase *)&uda.u.udfu, >> + &err); >> + error_free_or_abort(&err); > > Why does this fail? ...so visiting the UnionBase_members gripes loudly. But I see your point that more comments would be helpful.
Eric Blake <eblake@redhat.com> writes: > On 11/03/2016 11:42 AM, Markus Armbruster wrote: >> Eric Blake <eblake@redhat.com> writes: >> >>> Add a test that proves (at least when run under valgrind) that >>> we are correctly handling allocated memory even when a visit >>> is aborted in the middle for whatever other reason. >>> >>> See commit f24582d "qapi: fix double free in >>> qmp_output_visitor_cleanup()" for a fix that was lacking >>> testsuite exposure prior to this patch. >>> >>> Signed-off-by: Eric Blake <eblake@redhat.com> > >>> +static void test_visitor_out_partial_visit(TestOutputVisitorData *data, >>> + const void *unused) >>> +{ >>> + /* Various checks that a mid-visit abort doesn't leak or double-free. */ >>> + const char *str = "hi"; >>> + Error *err = NULL; >>> + UserDefAlternate uda = { .type = QTYPE_QDICT, >>> + .u.udfu = { .integer = 1, >>> + .string = (char *) "bye", >>> + .enum1 = -1 } }; > > ^ Not a valid enum value... Now I see. >>> + >>> + /* Abort in the middle of an alternate. Alternates can't be >>> + * virtually visited, so we get to inline the first half of >>> + * visit_type_UserDefAlternate(). */ >>> + visit_start_alternate(data->ov, NULL, (GenericAlternate **)&obj, >>> + sizeof(uda), false, &error_abort); >>> + visit_start_struct(data->ov, NULL, NULL, 0, &error_abort); >>> + visit_type_UserDefUnionBase_members(data->ov, >>> + (UserDefUnionBase *)&uda.u.udfu, >>> + &err); >>> + error_free_or_abort(&err); >> >> Why does this fail? > > ...so visiting the UnionBase_members gripes loudly. But I see your > point that more comments would be helpful. Would you like to suggest a fixup for me to squash in on commit?
diff --git a/tests/test-qobject-output-visitor.c b/tests/test-qobject-output-visitor.c index c2e0f43..fdae0d5 100644 --- a/tests/test-qobject-output-visitor.c +++ b/tests/test-qobject-output-visitor.c @@ -254,6 +254,43 @@ static void test_visitor_out_struct_errors(TestOutputVisitorData *data, } +static void test_visitor_out_partial_visit(TestOutputVisitorData *data, + const void *unused) +{ + /* Various checks that a mid-visit abort doesn't leak or double-free. */ + const char *str = "hi"; + Error *err = NULL; + UserDefAlternate uda = { .type = QTYPE_QDICT, + .u.udfu = { .integer = 1, + .string = (char *) "bye", + .enum1 = -1 } }; + UserDefAlternate *obj = &uda; + + /* Abort within a nested object with no data members */ + visit_start_struct(data->ov, NULL, NULL, 0, &error_abort); + visit_start_struct(data->ov, "nested", NULL, 0, &error_abort); + visitor_reset(data); + + /* Abort in the middle of a list of strings */ + visit_start_list(data->ov, "list", NULL, 0, &error_abort); + visit_type_str(data->ov, NULL, (char **)&str, &error_abort); + visit_type_str(data->ov, NULL, (char **)&str, &error_abort); + visitor_reset(data); + + /* Abort in the middle of an alternate. Alternates can't be + * virtually visited, so we get to inline the first half of + * visit_type_UserDefAlternate(). */ + visit_start_alternate(data->ov, NULL, (GenericAlternate **)&obj, + sizeof(uda), false, &error_abort); + visit_start_struct(data->ov, NULL, NULL, 0, &error_abort); + visit_type_UserDefUnionBase_members(data->ov, + (UserDefUnionBase *)&uda.u.udfu, + &err); + error_free_or_abort(&err); + visitor_reset(data); +} + + static void test_visitor_out_list(TestOutputVisitorData *data, const void *unused) { @@ -817,6 +854,8 @@ int main(int argc, char **argv) &out_visitor_data, test_visitor_out_struct_nested); output_visitor_test_add("/visitor/output/struct-errors", &out_visitor_data, test_visitor_out_struct_errors); + output_visitor_test_add("/visitor/output/partial-visit", + &out_visitor_data, test_visitor_out_partial_visit); output_visitor_test_add("/visitor/output/list", &out_visitor_data, test_visitor_out_list); output_visitor_test_add("/visitor/output/any",
Add a test that proves (at least when run under valgrind) that we are correctly handling allocated memory even when a visit is aborted in the middle for whatever other reason. See commit f24582d "qapi: fix double free in qmp_output_visitor_cleanup()" for a fix that was lacking testsuite exposure prior to this patch. Signed-off-by: Eric Blake <eblake@redhat.com> --- v2: rebase (and hence retitle), add list & alternate coverage --- tests/test-qobject-output-visitor.c | 39 +++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+)