* [PATCH] libxl: libxl__spawn_qdisk_backend closes fds
@ 2014-03-17 16:32 Ian Jackson
2014-03-18 9:08 ` Roger Pau Monné
0 siblings, 1 reply; 4+ messages in thread
From: Ian Jackson @ 2014-03-17 16:32 UTC (permalink / raw)
To: xen-devel; +Cc: Ian Jackson, Ian Campbell, coverity, Roger Pau Monne
This function needs to close both null and logfile_w on both error and
normal exits. (The child gets its own copy during the fork, and the
parent doesn't need them any more.)
Use the standard initialise-to-unallocated, always-free style; the
label "out" only makes the callback if rc is nonzero.
Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
Coverity-ID: 1130517 and 1130518
Cc: Roger Pau Monne <roger.pau@citrix.com>
Cc: Ian Campbell <ian.campbell@citrix.com>
Cc: coverity@xenproject.org
---
tools/libxl/libxl_dm.c | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c
index 8abed7b..d28ea4d 100644
--- a/tools/libxl/libxl_dm.c
+++ b/tools/libxl/libxl_dm.c
@@ -1392,7 +1392,7 @@ void libxl__spawn_qdisk_backend(libxl__egc *egc, libxl__dm_spawn_state *dmss)
flexarray_t *dm_args;
char **args;
const char *dm;
- int logfile_w, null, rc;
+ int logfile_w = -1, null = -1, rc;
uint32_t domid = dmss->guest_domid;
/* Always use qemu-xen as device model */
@@ -1448,12 +1448,21 @@ void libxl__spawn_qdisk_backend(libxl__egc *egc, libxl__dm_spawn_state *dmss)
libxl__exec(gc, null, logfile_w, logfile_w, dm, args, NULL);
}
+ rc = 0;
+
+ out:
+ if (logfile_w >= 0) close(logfile_w);
+ if (null >= 0) close(null);
+
+ /* rc is nonzero iff we had an error; if we had no error then
+ * spawn succeeded and we will continue in a further callback */
+ if (rc)
+ dmss->callback(egc, dmss, rc);
return;
error:
assert(rc);
- dmss->callback(egc, dmss, rc);
- return;
+ goto out;
}
/* Generic function to signal a Qemu instance to exit */
--
1.7.10.4
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] libxl: libxl__spawn_qdisk_backend closes fds
2014-03-17 16:32 [PATCH] libxl: libxl__spawn_qdisk_backend closes fds Ian Jackson
@ 2014-03-18 9:08 ` Roger Pau Monné
2014-03-18 16:23 ` Ian Jackson
0 siblings, 1 reply; 4+ messages in thread
From: Roger Pau Monné @ 2014-03-18 9:08 UTC (permalink / raw)
To: Ian Jackson, xen-devel; +Cc: Ian Campbell, coverity
On 17/03/14 17:32, Ian Jackson wrote:
> This function needs to close both null and logfile_w on both error and
> normal exits. (The child gets its own copy during the fork, and the
> parent doesn't need them any more.)
>
> Use the standard initialise-to-unallocated, always-free style; the
> label "out" only makes the callback if rc is nonzero.
>
> Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
> Coverity-ID: 1130517 and 1130518
There's a similar patch in
<21134.22006.356685.408733@mariner.uk.xensource.com>.
> Cc: Roger Pau Monne <roger.pau@citrix.com>
> Cc: Ian Campbell <ian.campbell@citrix.com>
> Cc: coverity@xenproject.org
> ---
> tools/libxl/libxl_dm.c | 15 ++++++++++++---
> 1 file changed, 12 insertions(+), 3 deletions(-)
>
> diff --git a/tools/libxl/libxl_dm.c b/tools/libxl/libxl_dm.c
> index 8abed7b..d28ea4d 100644
> --- a/tools/libxl/libxl_dm.c
> +++ b/tools/libxl/libxl_dm.c
> @@ -1392,7 +1392,7 @@ void libxl__spawn_qdisk_backend(libxl__egc *egc, libxl__dm_spawn_state *dmss)
> flexarray_t *dm_args;
> char **args;
> const char *dm;
> - int logfile_w, null, rc;
> + int logfile_w = -1, null = -1, rc;
> uint32_t domid = dmss->guest_domid;
>
> /* Always use qemu-xen as device model */
> @@ -1448,12 +1448,21 @@ void libxl__spawn_qdisk_backend(libxl__egc *egc, libxl__dm_spawn_state *dmss)
> libxl__exec(gc, null, logfile_w, logfile_w, dm, args, NULL);
> }
>
> + rc = 0;
> +
> + out:
> + if (logfile_w >= 0) close(logfile_w);
> + if (null >= 0) close(null);
> +
> + /* rc is nonzero iff we had an error; if we had no error then
> + * spawn succeeded and we will continue in a further callback */
> + if (rc)
> + dmss->callback(egc, dmss, rc);
Using the device_model_spawn_outcome helper instead of directly calling
the callback will print a nice error message in case spawn has failed.
> return;
>
> error:
> assert(rc);
> - dmss->callback(egc, dmss, rc);
> - return;
> + goto out;
This jump backwards is kind of strange IMHO, why not just rename the
error label to out and use it instead for both the error and non-error
exit paths?
Roger.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] libxl: libxl__spawn_qdisk_backend closes fds
2014-03-18 9:08 ` Roger Pau Monné
@ 2014-03-18 16:23 ` Ian Jackson
2014-04-23 10:38 ` Ian Campbell
0 siblings, 1 reply; 4+ messages in thread
From: Ian Jackson @ 2014-03-18 16:23 UTC (permalink / raw)
To: Roger Pau Monné; +Cc: xen-devel, Ian Campbell, coverity
Roger Pau Monné writes ("Re: [PATCH] libxl: libxl__spawn_qdisk_backend closes fds"):
> On 17/03/14 17:32, Ian Jackson wrote:
> > This function needs to close both null and logfile_w on both error and
> > normal exits. (The child gets its own copy during the fork, and the
> > parent doesn't need them any more.)
> >
> > Use the standard initialise-to-unallocated, always-free style; the
> > label "out" only makes the callback if rc is nonzero.
> >
> > Signed-off-by: Ian Jackson <Ian.Jackson@eu.citrix.com>
> > Coverity-ID: 1130517 and 1130518
>
> There's a similar patch in
> <21134.22006.356685.408733@mariner.uk.xensource.com>.
Yes. This posting is an updated version of it.
> > + /* rc is nonzero iff we had an error; if we had no error then
> > + * spawn succeeded and we will continue in a further callback */
> > + if (rc)
> > + dmss->callback(egc, dmss, rc);
>
> Using the device_model_spawn_outcome helper instead of directly calling
> the callback will print a nice error message in case spawn has failed.
Good idea. I will do that as a separate patch.
> > return;
> >
> > error:
> > assert(rc);
> > - dmss->callback(egc, dmss, rc);
> > - return;
> > + goto out;
>
> This jump backwards is kind of strange IMHO, why not just rename the
> error label to out and use it instead for both the error and non-error
> exit paths?
That would be possible, but would lose the assert(rc). An error
handling bug elsewhere in the function, which failed to set rc, would
result in it losing the thread of control. If we don't think the
assert is important I don't mind losing it.
Ian.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] libxl: libxl__spawn_qdisk_backend closes fds
2014-03-18 16:23 ` Ian Jackson
@ 2014-04-23 10:38 ` Ian Campbell
0 siblings, 0 replies; 4+ messages in thread
From: Ian Campbell @ 2014-04-23 10:38 UTC (permalink / raw)
To: Ian Jackson; +Cc: xen-devel, coverity, Roger Pau Monné
On Tue, 2014-03-18 at 16:23 +0000, Ian Jackson wrote:
> > > return;
> > >
> > > error:
> > > assert(rc);
> > > - dmss->callback(egc, dmss, rc);
> > > - return;
> > > + goto out;
> >
> > This jump backwards is kind of strange IMHO, why not just rename the
> > error label to out and use it instead for both the error and non-error
> > exit paths?
>
> That would be possible, but would lose the assert(rc). An error
> handling bug elsewhere in the function, which failed to set rc, would
> result in it losing the thread of control. If we don't think the
> assert is important I don't mind losing it.
The assert is only there to check that we jumped to error on an error,
with a common exit path the assert would be a bit unnecessary I think.
Ian.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2014-04-23 10:38 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-03-17 16:32 [PATCH] libxl: libxl__spawn_qdisk_backend closes fds Ian Jackson
2014-03-18 9:08 ` Roger Pau Monné
2014-03-18 16:23 ` Ian Jackson
2014-04-23 10:38 ` Ian Campbell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.