Re: [Qemu-devel] [Bug 1504513] [NEW] Socket leak on each call to qemu_socket()

[Markus Armbruster]

Mark Pizzolato - Info Comm <address@hidden> writes:

> On Sunday, October 11, 2015 at 11:58 PM. Markus Armbruster wrote:
>> Mark Pizzolato <address@hidden> writes:
>> 
>> > Public bug reported:
>> >
>> > On any host platform where SOCK_CLOEXEC is defined (Linux at least), a
>> > socket is leaked on each call to qemu_socket() AND the socket returned
>> > hasn't been created with the desired SOCK_CLOEXEC attribute.  The
>> > qemu_socket routine is:
>> >
>> > Line 272 of util/osdep.c:
>> > /*
>> >  * Opens a socket with FD_CLOEXEC set
>> >  */
>> > int qemu_socket(int domain, int type, int protocol)
>> > {
>> >     int ret;
>> >
>> > #ifdef SOCK_CLOEXEC
>> >     ret = socket(domain, type | SOCK_CLOEXEC, protocol);
>> >     if (ret != -1 || errno != EINVAL) {
>> >         return ret;
>> 
>> If socket() succeeded (ret != -1), we return the socket.
>> 
>> If socket() failed with anything but EINVAL (ret == -1 && errno !=
>> EINVAL), we return -1 with errno set.
>> 
>> >     }
>> 
>> Here, ret == -1 && errno == EINVAL.
>> 
>> > #endif
>> >     ret = socket(domain, type, protocol);
>> >     if (ret >= 0) {
>> >         qemu_set_cloexec(ret);
>> >     }
>> >
>> >     return ret;
>> > }
>> 
>> How can this leak a socket?
>> 
>> How can this return a socket with FD_CLOEXEC not set?
>
> All I can say is "OOPS!!"  Sorry for bothering you.  I misread the
> status check after the first socket() call.
>
> I'm in the process of lifting qemu's slirp code and dropping it into
> another open source project.  Since I'm trying to use all the code in
> the slirp directory without modification I'm digging through where it
> now depends on other qemu code.  I quickly looked at the qemu_socket()
> routine and read it wrong.
>
> Once again, sorry.

Happens to all of us from time to time :)