* Peter Xu (pet...@redhat.com) wrote:
> On Thu, Feb 14, 2019 at 06:53:51PM +0000, Dr. David Alan Gilbert (git) wrote:
> > From: "Dr. David Alan Gilbert" <dgilb...@redhat.com>
> >
> > If the migration fails before the channel is open (e.g. a bad
> > address) we end up in the cleanup with rdma->channel==NULL.
> >
> > Spotted by Coverity: CID 1398634
> > Fixes: fbbaacab2758cb3f32a0
> > Signed-off-by: Dr. David Alan Gilbert <dgilb...@redhat.com>
> > ---
> > migration/rdma.c | 4 +++-
> > 1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/migration/rdma.c b/migration/rdma.c
> > index 54a3c11540..9fa3b176eb 100644
> > --- a/migration/rdma.c
> > +++ b/migration/rdma.c
> > @@ -2321,7 +2321,9 @@ static void qemu_rdma_cleanup(RDMAContext *rdma)
> > rdma->connected = false;
> > }
> >
> > - qemu_set_fd_handler(rdma->channel->fd, NULL, NULL, NULL);
> > + if (rdma->channel) {
> > + qemu_set_fd_handler(rdma->channel->fd, NULL, NULL, NULL);
> > + }
>
> IIUC there's no strict ordering constraint on resetting the fd
> handler, then how about simply moving this line into the below "if
> (rdma->channel)" altogether?
The logic around the closing of the return path makes that check later a
bit messy; rdma->channel can get set to Null before the other check.
Dave
> Regards,
>
> --
> Peter Xu
--
Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK
