On Fri, Oct 21, 2011 at 02:30:28PM -0600, Eric Blake wrote:
Based on a report by Coverity. waitpid() can leak resources if it fails with EINTR, so it should never be used without checking return status. But we already have a helper function that does that, so use it in more places.
* src/lxc/lxc_controller.c (lxcPidGone): Check waitpid return value. (lxcControllerRun): Use simpler virPidAbort. * src/lxc/lxc_container.c (lxcContainerAvailable): Use safer virWaitPid. * daemon/libvirtd.c (daemonForkIntoBackground): Likewise. * tests/testutils.c (virtTestCaptureProgramOutput, virtTestMain): Likewise. * src/libvirt.c (virConnectAuthGainPolkit): Simplify with virCommand. ---
diff --git a/src/lxc/lxc_controller.c b/src/lxc/lxc_controller.c index c4e7832..5cc7cb9 100644 --- a/src/lxc/lxc_controller.c +++ b/src/lxc/lxc_controller.c @@ -59,6 +59,7 @@ #include "util.h" #include "virfile.h" #include "virpidfile.h" +#include "command.h"
#define VIR_FROM_THIS VIR_FROM_LXC
@@ -515,7 +516,8 @@ ignorable_epoll_accept_errno(int errnum) static bool lxcPidGone(pid_t container) { - waitpid(container, NULL, WNOHANG); + if (waitpid(container, NULL, WNOHANG) < 0) + return false;
if (kill(container, 0) < 0 && errno == ESRCH) @@ -1021,14 +1023,8 @@ cleanup: VIR_FORCE_CLOSE(loopDevs[i]); VIR_FREE(loopDevs);
- if (container > 1) { - int status; - kill(container, SIGTERM); - if (!(waitpid(container, &status, WNOHANG) == 0 && - WIFEXITED(status))) - kill(container, SIGKILL); - waitpid(container, NULL, 0); - } + virPidAbort(container); + return rc; }
This entire method goes away on my patches here https://www.redhat.com/archives/libvir-list/2011-October/msg00974.html ACK to the other chunks Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|