[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] slirp: Fix error reported by static code analys
|
From: |
Peter Maydell |
|
Subject: |
Re: [Qemu-devel] [PATCH] slirp: Fix error reported by static code analysis and remove wrong type casts |
|
Date: |
Tue, 4 Sep 2012 08:49:44 +0100 |
On 4 September 2012 08:27, Jan Kiszka <address@hidden> wrote:
> Indeed, this is a "XXX Should never fail" case - according to the code
> that checks tp at the call site. But as no one seriously understands
> slirp details, we are better safe than sorry.
Actually it looks like you can get here with both tp and m NULL:
* we set up a non-blocking connect
* at some point slirp.c:slirp_select_poll() finds the fd is writable
* ...but the send() on slirp.c line 504 fails, so we set SS_NOFDREF
in the so->so_state
* on line 520 we call tcp_input() with m == NULL
* tcp_input checks for m == NULL and immediately goes to cont_conn
* if so->so_state & SS_NOFDREF we call tcp_close, which
frees tp and returns 0
* so we goto dropwithreset with tp NULL and m NULL
* where we call tcp_respond to try to send a RST or RST|ACK
So I think you have to have failed a syscall for this to happen,
and if we haven't got an outbound fd then there's not a lot we
can do, so just returning from tcp_respond() seems like the best
thing.
-- PMM