From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: [Patch 2/2] tools/libxc: Prevent erroneous success from xc_domain_restore Date: Tue, 4 Feb 2014 17:26:52 +0000 Message-ID: <52F122DC.8080407@citrix.com> References: <1390839925-28088-1-git-send-email-andrew.cooper3@citrix.com> <1390839925-28088-3-git-send-email-andrew.cooper3@citrix.com> <52F1208B.6040809@citrix.com> <1391534561.6497.60.camel@kazak.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1391534561.6497.60.camel@kazak.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Ian Campbell Cc: George Dunlap , Ian Jackson , Xen-devel List-Id: xen-devel@lists.xenproject.org On 04/02/14 17:22, Ian Campbell wrote: > On Tue, 2014-02-04 at 17:16 +0000, Andrew Cooper wrote: >>> goto out; >>> } >>> } else { >>> - rc = -1; > Mostly looks good but I'm not sure about this change > > We get here on input error (toolstack data available but no callback > provided) which is neither migration success nor failure, it's a bug in > the caller. So arguably returning a separate failure from > success/unsuccess makes sense. > > I'd have thought it ought to set errno (too EINVAL perhaps) too, but > lets not mess with that now. > > > Ian. > Hilariously, it turns out that xc_domain_restore() is specified to return 0 on success and -1 on failure. From what I can tell, this is the sole action which would cause xc_domain_restore() to return anything other than 0 or 1. I think fixing this should fall into the bucket of "sanitisation of libxc error paths". ~Andrew