Re: [libvirt] [PATCHv2] waitpid: improve safety
On Fri, Oct 21, 2011 at 02:30:28PM -0600, Eric Blake wrote:
Based on a report by Coverity. waitpid() can leak resources if it
fails with EINTR, so it should never be used without checking return
status. But we already have a helper function that does that, so
use it in more places.
* src/lxc/lxc_controller.c (lxcPidGone): Check waitpid return
value.
(lxcControllerRun): Use simpler virPidAbort.
* src/lxc/lxc_container.c (lxcContainerAvailable): Use safer
virWaitPid.
* daemon/libvirtd.c (daemonForkIntoBackground): Likewise.
* tests/testutils.c (virtTestCaptureProgramOutput, virtTestMain):
Likewise.
* src/libvirt.c (virConnectAuthGainPolkit): Simplify with virCommand.
---
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c
index c4e7832..5cc7cb9 100644
--- a/src/lxc/lxc_controller.c
+++ b/src/lxc/lxc_controller.c
@@ -59,6 +59,7 @@
#include "util.h"
#include "virfile.h"
#include "virpidfile.h"
+#include "command.h"
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -515,7 +516,8 @@ ignorable_epoll_accept_errno(int errnum)
static bool
lxcPidGone(pid_t container)
{
- waitpid(container, NULL, WNOHANG);
+ if (waitpid(container, NULL, WNOHANG) < 0)
+ return false;
if (kill(container, 0) < 0 &&
errno == ESRCH)
@@ -1021,14 +1023,8 @@ cleanup:
VIR_FORCE_CLOSE(loopDevs[i]);
VIR_FREE(loopDevs);
- if (container > 1) {
- int status;
- kill(container, SIGTERM);
- if (!(waitpid(container, &status, WNOHANG) == 0 &&
- WIFEXITED(status)))
- kill(container, SIGKILL);
- waitpid(container, NULL, 0);
- }
+ virPidAbort(container);
+
return rc;
}
This entire method goes away on my patches here
https://www.redhat.com/archives/libvir-list/2011-October/msg00974.html
ACK to the other chunks
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|