[libvirt] [PATCHv2] waitpid: improve safety

Daniel P. Berrange berrange at redhat.com
Mon Oct 24 07:58:06 UTC 2011 

On Fri, Oct 21, 2011 at 02:30:28PM -0600, Eric Blake wrote:
> Based on a report by Coverity.  waitpid() can leak resources if it
> fails with EINTR, so it should never be used without checking return
> status.  But we already have a helper function that does that, so
> use it in more places.
> 
> * src/lxc/lxc_controller.c (lxcPidGone): Check waitpid return
> value.
> (lxcControllerRun): Use simpler virPidAbort.
> * src/lxc/lxc_container.c (lxcContainerAvailable): Use safer
> virWaitPid.
> * daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
> * tests/testutils.c (virtTestCaptureProgramOutput, virtTestMain):
> Likewise.
> * src/libvirt.c (virConnectAuthGainPolkit): Simplify with virCommand.
> ---
> 

> diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
> index c4e7832..5cc7cb9 100644
> --- a/src/lxc/lxc_controller.c
> +++ b/src/lxc/lxc_controller.c
> @@ -59,6 +59,7 @@
>  #include "util.h"
>  #include "virfile.h"
>  #include "virpidfile.h"
> +#include "command.h"
> 
>  #define VIR_FROM_THIS VIR_FROM_LXC
> 
> @@ -515,7 +516,8 @@ ignorable_epoll_accept_errno(int errnum)
>  static bool
>  lxcPidGone(pid_t container)
>  {
> -    waitpid(container, NULL, WNOHANG);
> +    if (waitpid(container, NULL, WNOHANG) < 0)
> +        return false;
> 
>      if (kill(container, 0) < 0 &&
>          errno == ESRCH)
> @@ -1021,14 +1023,8 @@ cleanup:
>          VIR_FORCE_CLOSE(loopDevs[i]);
>      VIR_FREE(loopDevs);
> 
> -    if (container > 1) {
> -        int status;
> -        kill(container, SIGTERM);
> -        if (!(waitpid(container, &status, WNOHANG) == 0 &&
> -            WIFEXITED(status)))
> -            kill(container, SIGKILL);
> -        waitpid(container, NULL, 0);
> -    }
> +    virPidAbort(container);
> +
>      return rc;
>  }
> 

This entire method goes away on my patches here

https://www.redhat.com/archives/libvir-list/2011-October/msg00974.html


ACK to the other chunks

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list