Mark Pizzolato - Info Comm <m...@infocomm.com> writes:
> On Sunday, October 11, 2015 at 11:58 PM. Markus Armbruster wrote:
>> Mark Pizzolato <m...@infocomm.com> writes:
>>
>> > Public bug reported:
>> >
>> > On any host platform where SOCK_CLOEXEC is defined (Linux at least), a
>> > socket is leaked on each call to qemu_socket() AND the socket returned
>> > hasn't been created with the desired SOCK_CLOEXEC attribute. The
>> > qemu_socket routine is:
>> >
>> > Line 272 of util/osdep.c:
>> > /*
>> > * Opens a socket with FD_CLOEXEC set
>> > */
>> > int qemu_socket(int domain, int type, int protocol)
>> > {
>> > int ret;
>> >
>> > #ifdef SOCK_CLOEXEC
>> > ret = socket(domain, type | SOCK_CLOEXEC, protocol);
>> > if (ret != -1 || errno != EINVAL) {
>> > return ret;
>>
>> If socket() succeeded (ret != -1), we return the socket.
>>
>> If socket() failed with anything but EINVAL (ret == -1 && errno !=
>> EINVAL), we return -1 with errno set.
>>
>> > }
>>
>> Here, ret == -1 && errno == EINVAL.
>>
>> > #endif
>> > ret = socket(domain, type, protocol);
>> > if (ret >= 0) {
>> > qemu_set_cloexec(ret);
>> > }
>> >
>> > return ret;
>> > }
>>
>> How can this leak a socket?
>>
>> How can this return a socket with FD_CLOEXEC not set?
>
> All I can say is "OOPS!!" Sorry for bothering you. I misread the
> status check after the first socket() call.
>
> I'm in the process of lifting qemu's slirp code and dropping it into
> another open source project. Since I'm trying to use all the code in
> the slirp directory without modification I'm digging through where it
> now depends on other qemu code. I quickly looked at the qemu_socket()
> routine and read it wrong.
>
> Once again, sorry.
Happens to all of us from time to time :)
