On Wed, Oct 01, 2025 at 02:25:55PM -0000, Denis Rastyogin wrote: > Indeed, when virDomainCreate() < 0, virDispatchError() should be invoked, > but since we do not check its return value, there is no absolute guarantee > that the error message will always be set successfully. > > virDispatchError() contains the following code: > > virErrorPtr err = virLastErrorObject(); > > /* Can only happen on OOM. */ > if (!err) > return; > > The comment clearly indicates that virLastErrorObject() may return NULL > in case of OOM.
That's just an outdated comment from before we switched all allocations to g_new0 to eliminate OOM handling. > Moreover, even if the call err = g_new0(virError, 1); succeeds, > this does not guarantee that virThreadLocalSet(&virLastErr, err) < 0 > will always false. > > For example, for large values of l->key, an additional memory allocation > may occur, and if that allocation fails, g_clear_pointer(&err, g_free) > will be executed, causing virLastErrorObject() to return NULL. > > Although this situation is extremely unlikely, it is better to add > an explicit NULL check. No, it really isn't useful to do that. If pthread_setspecific is failing with OOM then there is nothing useful the program can still do. The only sane thing is to assert & dump core. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
