[PATCH 2/2] qemuBuildInterfaceConnect: Initialize @tapfd array
Peter Krempa
pkrempa at redhat.com
Mon Jun 13 14:04:19 UTC 2022
On Mon, Jun 13, 2022 at 15:18:14 +0200, Michal Privoznik wrote:
> When creating a TAP interface we can end up with multiple FDs,
> each representing one queue. However, these FDs must be
> relabelled as they are then passed to QEMU. In case of
> qemuBuildInterfaceConnect() we allocate the array for the FDs and
> then let function corresponding to the <interface/> type to fill
> the array with FDs. When any of the functions meets an error,
> it's also responsible for closing previously opened FDs. However,
> the functions take a shortcut: iterate through each member of the
> array and close it (if it's non-negative). This assumes that the
> array is initialized to negative values, which use to be the case
> before rewrite in v8.4.0-rc1~170 but after it it's no longer the
> case. Subsequently, "random" FDs are closed (okay, not that
> random since the array is allocated via g_new0(), but hey - FD 0
> is still valid FD and might be valuable, actually).
>
> Fixes: 7a38d3946bc1a7ef0206f36dfe3dbf422fb8d578
> Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> ---
> src/qemu/qemu_command.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c
> index be20053c0d..ecfe6020f3 100644
> --- a/src/qemu/qemu_command.c
> +++ b/src/qemu/qemu_command.c
> @@ -8736,6 +8736,8 @@ qemuBuildInterfaceConnect(virDomainObj *vm,
> size_t tapfdSize = net->driver.virtio.queues;
> g_autofree int *tapfd = g_new0(int, tapfdSize + 1);
>
> + memset(tapfd, -1, (tapfdSize + 1) * sizeof(*tapfd));
> +
Reviewed-by: Peter Krempa <pkrempa at redhat.com>
but I'm adding to my todo list to fix the offending functions :)
More information about the libvir-list
mailing list