[dm-devel] [PATCH 6/6] libmultipath: fixup dm_rename to complete cookie on failure
Benjamin Marzinski
bmarzins at redhat.com
Fri May 6 22:45:54 UTC 2016
On Fri, May 06, 2016 at 10:59:01PM +0100, Alasdair G Kergon wrote:
> The library functions and return states are supposed to be well-defined.
>
> If you think you've found a cookie leak on an error path within a library
> function, we can investigate that and fix the library if need be.
In _udev_notify_sem_create(), after dm creates the semaphore and sets
it's value, it calls
semctl(gen_semid, 0, GETVAL) to get the value. I don't know how likely
this call is to ever fail, but if it does, _udev_notify_sem_create()
sets the cookie pointer to 0, so the caller has no access to the
semaphore, and returns an error, leaving the semaphore to just sit
there.
Conversely, if setting the value fails, dm destroys the semaphore before
returning, so that everything is the same as before the call happened.
There's a similar issue in _udev_notify_sem_inc, but in this case the
cookie is returned along with the error. However, from the caller's
perspective, the cookie is still in an indeterminate state.
I'll open a bugzilla for it.
-Ben
>
> Alasdair
More information about the dm-devel
mailing list