From: Markus Armbruster <armbru@redhat.com>
To: Fei Li <fli@suse.com>
Cc: qemu-devel@nongnu.org, quintela@redhat.com, dgilbert@redhat.com,
peterx@redhat.com, famz@redhat.com
Subject: Re: [Qemu-devel] [PATCH RFC v5 1/7] Fix segmentation fault when qemu_signal_init fails
Date: Thu, 11 Oct 2018 12:02:42 +0200 [thread overview]
Message-ID: <87in286bst.fsf@dusky.pond.sub.org> (raw)
In-Reply-To: <20181010120841.13214-2-fli@suse.com> (Fei Li's message of "Wed, 10 Oct 2018 20:08:35 +0800")
Fei Li <fli@suse.com> writes:
> Currently, when qemu_signal_init() fails it only returns a non-zero
> value but without propagating any Error. But its callers need a
> non-null err when runs error_report_err(err), or else 0->msg occurs.
The bug is in qemu_init_main_loop():
ret = qemu_signal_init();
if (ret) {
return ret;
}
Fails without setting an error, unlike the other failures. Its callers
crash then.
> To avoid such segmentation fault, add a new Error parameter to make
> the call trace to propagate the err to the final caller.
>
> Signed-off-by: Fei Li <fli@suse.com>
> Reviewed-by: Fam Zheng <famz@redhat.com>
> ---
> include/qemu/osdep.h | 2 +-
> util/compatfd.c | 9 ++++++---
> util/main-loop.c | 9 ++++-----
> 3 files changed, 11 insertions(+), 9 deletions(-)
>
> diff --git a/include/qemu/osdep.h b/include/qemu/osdep.h
> index 4f8559e550..f1f56763a0 100644
> --- a/include/qemu/osdep.h
> +++ b/include/qemu/osdep.h
> @@ -421,7 +421,7 @@ struct qemu_signalfd_siginfo {
> additional fields in the future) */
> };
>
> -int qemu_signalfd(const sigset_t *mask);
> +int qemu_signalfd(const sigset_t *mask, Error **errp);
> void sigaction_invoke(struct sigaction *action,
> struct qemu_signalfd_siginfo *info);
> #endif
> diff --git a/util/compatfd.c b/util/compatfd.c
> index 980bd33e52..d3ed890405 100644
> --- a/util/compatfd.c
> +++ b/util/compatfd.c
> @@ -16,6 +16,7 @@
> #include "qemu/osdep.h"
> #include "qemu-common.h"
> #include "qemu/thread.h"
> +#include "qapi/error.h"
>
> #include <sys/syscall.h>
>
> @@ -65,7 +66,7 @@ static void *sigwait_compat(void *opaque)
> }
> }
>
> -static int qemu_signalfd_compat(const sigset_t *mask)
> +static int qemu_signalfd_compat(const sigset_t *mask, Error **errp)
> {
> struct sigfd_compat_info *info;
> QemuThread thread;
> @@ -73,11 +74,13 @@ static int qemu_signalfd_compat(const sigset_t *mask)
>
> info = malloc(sizeof(*info));
> if (info == NULL) {
> + error_setg(errp, "Failed to allocate signalfd memory");
> errno = ENOMEM;
> return -1;
> }
>
> if (pipe(fds) == -1) {
> + error_setg(errp, "Failed to create signalfd pipe");
> free(info);
> return -1;
> }
> @@ -94,7 +97,7 @@ static int qemu_signalfd_compat(const sigset_t *mask)
> return fds[0];
> }
>
> -int qemu_signalfd(const sigset_t *mask)
> +int qemu_signalfd(const sigset_t *mask, Error **errp)
> {
> #if defined(CONFIG_SIGNALFD)
> int ret;
> @@ -106,5 +109,5 @@ int qemu_signalfd(const sigset_t *mask)
> }
> #endif
>
> - return qemu_signalfd_compat(mask);
> + return qemu_signalfd_compat(mask, errp);
> }
I think this takes the Error conversion too far.
qemu_signalfd() is like the signalfd() system call, only portable, and
setting FD_CLOEXEC. In particular, it reports failure just like a
system call: it sets errno and returns -1. I'd prefer to keep it that
way. Instead...
> diff --git a/util/main-loop.c b/util/main-loop.c
> index affe0403c5..9671b6d226 100644
> --- a/util/main-loop.c
> +++ b/util/main-loop.c
> @@ -71,7 +71,7 @@ static void sigfd_handler(void *opaque)
> }
> }
>
> -static int qemu_signal_init(void)
> +static int qemu_signal_init(Error **errp)
> {
> int sigfd;
> sigset_t set;
> @@ -94,9 +94,8 @@ static int qemu_signal_init(void)
> pthread_sigmask(SIG_BLOCK, &set, NULL);
>
> sigdelset(&set, SIG_IPI);
> - sigfd = qemu_signalfd(&set);
> + sigfd = qemu_signalfd(&set, errp);
> if (sigfd == -1) {
> - fprintf(stderr, "failed to create signalfd\n");
> return -errno;
> }
>
... change this function so:
pthread_sigmask(SIG_BLOCK, &set, NULL);
sigdelset(&set, SIG_IPI);
sigfd = qemu_signalfd(&set);
if (sigfd == -1) {
- fprintf(stderr, "failed to create signalfd\n");
+ error_setg_errno(errp, errno, "failed to create signalfd");
return -errno;
}
Does this make sense?
> @@ -109,7 +108,7 @@ static int qemu_signal_init(void)
>
> #else /* _WIN32 */
>
> -static int qemu_signal_init(void)
> +static int qemu_signal_init(Error **errp)
> {
> return 0;
> }
> @@ -148,7 +147,7 @@ int qemu_init_main_loop(Error **errp)
>
> init_clocks(qemu_timer_notify_cb);
>
> - ret = qemu_signal_init();
> + ret = qemu_signal_init(errp);
> if (ret) {
> return ret;
> }
next prev parent reply other threads:[~2018-10-11 10:02 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-10 12:08 [Qemu-devel] [PATCH RFC v5 0/7] qemu_thread_create: propagate errors to callers to check Fei Li
2018-10-10 12:08 ` [Qemu-devel] [PATCH RFC v5 1/7] Fix segmentation fault when qemu_signal_init fails Fei Li
2018-10-11 10:02 ` Markus Armbruster [this message]
2018-10-12 4:24 ` Fei Li
2018-10-12 7:56 ` Markus Armbruster
2018-10-12 9:42 ` Fei Li
2018-10-12 13:26 ` Markus Armbruster
2018-10-17 8:17 ` Fei Li
2018-10-19 3:14 ` Fei Li
2018-10-10 12:08 ` [Qemu-devel] [PATCH RFC v5 2/7] ui/vnc.c: polish vnc_init_func Fei Li
2018-10-11 13:13 ` Markus Armbruster
2018-10-12 5:40 ` Fei Li
2018-10-12 8:18 ` Markus Armbruster
2018-10-12 10:23 ` Fei Li
2018-10-12 10:50 ` Fei Li
2018-10-10 12:08 ` [Qemu-devel] [PATCH RFC v5 3/7] qemu_init_vcpu: add a new Error parameter to propagate Fei Li
2018-10-11 13:19 ` Markus Armbruster
2018-10-12 5:55 ` Fei Li
2018-10-12 8:24 ` Markus Armbruster
2018-10-12 10:25 ` Fei Li
2018-10-10 12:08 ` [Qemu-devel] [PATCH RFC v5 4/7] qemu_thread_join: fix segmentation fault Fei Li
2018-10-10 12:08 ` [Qemu-devel] [PATCH RFC v5 5/7] migration: fix the multifd code Fei Li
2018-10-11 13:28 ` Markus Armbruster
2018-10-10 12:08 ` [Qemu-devel] [PATCH RFC v5 6/7] migration: fix some error handling Fei Li
2018-10-10 12:08 ` [Qemu-devel] [PATCH RFC v5 7/7] qemu_thread_create: propagate the error to callers to handle Fei Li
2018-10-11 13:45 ` Markus Armbruster
2018-10-12 6:00 ` Fei Li
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87in286bst.fsf@dusky.pond.sub.org \
--to=armbru@redhat.com \
--cc=dgilbert@redhat.com \
--cc=famz@redhat.com \
--cc=fli@suse.com \
--cc=peterx@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=quintela@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.