Re: [Xen-users] "xl restore" leaks a file descriptor?

xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed

From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Ian Campbell <ian.campbell@citrix.com>, Wei Liu <wei.liu2@citrix.com>
Cc: xen-devel <xen-devel@lists.xen.org>,
	Andrew Armenia <andrew@asquaredlabs.com>,
	Ian Jackson <Ian.Jackson@eu.citrix.com>,
	xen-users@lists.xenproject.org
Subject: Re: [Xen-users] "xl restore" leaks a file descriptor?
Date: Thu, 13 Aug 2015 10:38:06 +0100	[thread overview]
Message-ID: <55CC657E.3040300@citrix.com> (raw)
In-Reply-To: <1439457430.23981.27.camel@citrix.com>

On 13/08/15 10:17, Ian Campbell wrote:
> On Thu, 2015-08-13 at 09:50 +0100, Wei Liu wrote:
>> On Thu, Aug 13, 2015 at 09:39:36AM +0100, Ian Campbell wrote:
>>> On Wed, 2015-08-12 at 18:12 +0100, Wei Liu wrote:
>>>> On Wed, Aug 12, 2015 at 11:04:25AM +0100, Ian Campbell wrote:
>>>> [...]
>>>>>>> As Andy says I think we want restore_fd in the check, I can't 
>>>>>>> see 
>>>>>>> any
>>>>>>> reason we wouldn't want to close the socket too.
>>>>>>>
>>>>>> Do you mean migrate_fd when you say "socket"?
>>>>> In the migrate case we do "restore_fd = migrate_fd;", so yes, 
>>>>> indirectly.
>>>>>
>>>>>
>>>>>>  I tried that, but that led
>>>>>> to failure because toolstack still needs to get controlling 
>>>>>> information
>>>>>> out of it (the "GO" message).
>>>>>>
>>>>>> Maybe I close this too early.
>>>>> Right.
>>>>>
>>>> I look at the code. Even if we should close that socket, it should 
>>>> not
>>>> happen inside create_domain, because the caller (migrate_receive) 
>>>> needs
>>>> that fd.
>>>>
>>>> IMO create_domain should only close restore_fd if that fd is opened 
>>>> by
>>>> itself.
>>> That makes sense, yes. The close should probably have an associated 
>>> comment
>>> since this will be a bit subtle.
>>>
>>> Perhaps rather than trying to repeat the conditions which lead to it 
>>> being
>>> opened we should just do:
>>>     int restore_fd_to_close = -1;
>>>     ...
>>>     restore_fd_to_close = restore_fd = open(restore_file, O_RDONLY);
>>>     ...
>>>     if (restore_fd_to_close >= 0) {
>>>         close(restore_fd_to_close);
>>>         restore_fd_to_close = -1;
>>>     }
>>>
>>> Strictly speaking we ought to check the return of close too I suppose.
>>>
>> What would we do in case close fails?
> Maybe just log?
>
> http://pubs.opengroup.org/onlinepubs/9699919799/functions/close.html says
> we can get:
>
> EBADF, which would be an error in our code.
> EINTR, ...
> EIO, which would be from disk full or a disk dying or something.
>
> We (and most code in general) tends to not worry about close failing too
> much, there's an argument for that too...

The return value really shouldn't be ignored.

Logging loudly is about all which can be done, and that is fine, but the
user really does need to be aware that something bad went wrong.

~Andrew

     prev parent reply	other threads:[~2015-08-13  9:38 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CA+jCKRWVz1UsybJq6w18-x4vDB5D2j=qi2uqdbqWFaVWv9Gu-A@mail.gmail.com>
     [not found] ` <1438592915.30740.101.camel@citrix.com>
     [not found]   ` <CA+jCKRUSxG3nFC=BJCqKy=kABrN27Nde4A67bxBEm5TYD71yPA@mail.gmail.com>
     [not found]     ` <1439283311.9747.193.camel@citrix.com>
     [not found]       ` <CA+jCKRVqL4DOYZK-etugCnVRhOocVKYdhGQWG4XYCqWZUWcmfA@mail.gmail.com>
2015-08-11 15:48         ` [Xen-users] "xl restore" leaks a file descriptor? Ian Campbell
2015-08-11 15:56           ` Andrew Cooper
2015-08-11 17:07           ` Wei Liu
2015-08-11 17:21             ` Andrew Cooper
2015-08-11 20:06               ` Wei Liu
2015-08-12  8:41             ` Ian Campbell
2015-08-12  9:30               ` Ian Campbell
2015-08-12  9:49               ` Wei Liu
2015-08-12 10:04                 ` Ian Campbell
2015-08-12 17:12                   ` Wei Liu
2015-08-13  8:39                     ` Ian Campbell
2015-08-13  8:50                       ` Wei Liu
2015-08-13  9:17                         ` Ian Campbell
2015-08-13  9:38                           ` Andrew Cooper [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55CC657E.3040300@citrix.com \
    --to=andrew.cooper3@citrix.com \
    --cc=Ian.Jackson@eu.citrix.com \
    --cc=andrew@asquaredlabs.com \
    --cc=ian.campbell@citrix.com \
    --cc=wei.liu2@citrix.com \
    --cc=xen-devel@lists.xen.org \
    --cc=xen-users@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).