This patch fixes the following issues in the cpu-stats virsh command:

1) Renames label failed_params to no_memory to match coding style
2) Uses proper typed parameter cleanup in error paths to avoid leaks
3) Adds a ret variable and simplifies error labels
4) Changes error message to a slightly more descriptive one and gets rid
   of the newline at the end:

Before:
$ virsh cpu-stats tr
error: Failed to virDomainGetCPUStats()

error: Requested operation is not valid: domain is not running

After:
$ tools/virsh cpu-stats tr
error: Failed to retrieve CPU statistics for domain 'tr'
error: Requested operation is not valid: domain is not running

In the error path, the test buffer is free'd, but due to how the free
routine is written the 'test' buffer pointer does not return to the caller
as NULL and then the free'd buffer address is returned to the caller.

The 'msg' free is handled via virNetMessageFree() already.

It was possible to call VIR_FREE in cleanup prior to initialization

It was possible to call VIR_FREE in cleanup prior to initialization

It was possible to call VIR_FREE in cleanup prior to initialization.

It was possible to call VIR_FREE in error prior to initialization.

It was possible to call VIR_FREE in cleanup prior to initialization

It was possible to call VIR_FREE in cleanup prior to initialization.

It was possible to call VIR_FREE in cleanup prior to initialization

It was possible to call VIR_FREE in cleanup prior to initialization

It was possible to call VIR_FREE in cleanup prior to initialization

It was possible to call VIR_FREE in error prior to initialization

Resolve a couple of instances where variables were not initialized
prior to potential VIR_FREE call in cleanup path.

If there was more than one inotify_event found in the read/while loop,
then only the last event found would have been queued.

The local redefinition of PED_PARTITION_PROTECTED results in the error
but is not a problem especially if the built code doesn't have the latest
definitions.

On error, the 'tapfd' in networkStartNetworkVirtual() is synonymous
with 'macTapIfName' and will be closed in the appropriate error path.

Upon successful return of virNetClientStreamEventAddCallback() the
allocated cbdata field will be freed by virNetClientStreamEventRemoveCallback()
as cbOpaque using the free function remoteStreamCallbackFree().

This avoids "Event negative_returns: A negative constant "-1" is passed as
an argument to a parameter that cannot be negative.".  The called function
uses -1 to determine whether it needs to traverse all the hostdevs.

Coverity misses the nuance of VIR_FREE(privkey) setting privkey = NULL when
if (!(virFileExists(privkey))) is true and thus declares the code dead.

The old cpu bitmap setting algorithm causes a couple of complaints which
have been tagged.

The use of switch statements inside a bounded for loop resulted in some
false positives regarding the "default:" label which cannot be reached
since each of the other case statements use the possible for loop values.
A [dead_error_begin] was added before the default label.

Commit id ebdbe25a adjusted the algorithm and the caller guarantees that
the 'params' will have a '_' in the name being searched. Add the [returned_null]
tag to the two instances.

The use of switch statements inside a bounded for loop resulted in some
false positives regarding the "default:" label which cannot be reached
since each of the other case statements use the possible for loop values.

The various _for_i loops with both u.s.car and u.s.cdr were being reported
as COPY_PASTE errors by Coverity.  This just quiets those messages.

Commit id a994ef2d changed the mechanism to store/update the default
security label from using disk->seclabels[0] to allocating one on the
fly. That change allocated the label, but never saved it.  This patch
will save the label. The new virDomainDiskDefAddSecurityLabelDef() is
a copy of the virDomainDefAddSecurityLabelDef().

The code is not reachable as of commit id: bb85f229. Removed
virKeepAliveStop() and virObjectUnref() because 'ka' cannot be
anything but NULL at the cleanup label.

Forbid the names to match the loading procedure of snapshots.

Currently, whenever somebody calls saferead() on nonblocking FD
(safewrite() is totally interchangeable for purpose of this message)
he might get wrong return value. For instance, in the first iteration
some data is read. The number of bytes read is stored into local
variable 'nread'. However, in next iterations we can get -1 from
read() with errno == EAGAIN, in which case the -1 is returned despite
fact some data has already been read. So the caller gets confused.
Bare read() should be used for nonblocking FD.

Nested conditionals are hard to read if they are not indented.
We can't add arbitrary whitespace to everything in spec files,
but we CAN add spaces before %if and %define.  Use this trick,
plus a fancy sed script that rewrites a spec file into a C
file, so we can use cppi to keep our spec file nice.

For reference, the sed script converts code like:

|# RHEL-5 builds are client-only for s390, ppc
|%if 0%{?rhel} == 5
|    %ifnarch %{ix86} x86_64 ia64
|        %define client_only        1
|    %endif
|%endif

into the following for cppi:

|// # RHEL-5 builds are client-only for s390, ppc
|#if a // 0%{?rhel} == 5
|# if a // %{ix86} x86_64 ia64
|#  define client_only        1
|# endif
|#endif

and errors from 'make syntax-check' look like:
spec_indentation
cppi: mingw-libvirt.spec.in: line 130: not properly indented
maint.mk: incorrect preprocessor indentation

* libvirt.spec.in: Add some indentation to make it easier to follow
various conditionals.
* mingw-libvirt-spec.in: Likewise.
* cfg.mk (sc_spec_indentation): New syntax check to enforce it.

The snapshot name is used to create path to the definition save file.
When the name contains slashes the creation of the file fails. Reject
such names.

When the snapshot definition can't be saved, the
qemuDomainSnapshotCreate function succeeded without filling some of the
fields in the internal definition.

This patch removes the snapshot and returns failure if the XML file
cannot be written.

We are already logging other arguments passed, however, @flags
were missing there.

Added missing entries to makefile and spec.
Signed-off-by: NViktor Mihajlovski <mihajlov@linux.vnet.ibm.com>

When running virDomainDestroy, we need to make sure that no other
background thread cleans up the domain while we're doing our work.
This can happen if we release the domain object while in the
middle of work, because the monitor might detect EOF in this window.
For this reason we have a 'beingDestroyed' flag to stop the monitor
from doing its normal cleanup. Unfortunately this flag was only
being used to protect qemuDomainBeginJob, and not qemuProcessKill

This left open a race condition where either libvirtd could crash,
or alternatively report bogus error messages about the domain already
having been destroyed to the caller
Signed-off-by: NDaniel P. Berrange <berrange@redhat.com>