Patchwork [13/25] vnc: add error propagation to vnc_display_open

login
register
mail settings
Submitter Paolo Bonzini
Date Oct. 10, 2012, 2:02 p.m.
Message ID <1349877786-23514-14-git-send-email-pbonzini@redhat.com>
Download mbox | patch
Permalink /patch/190701/
State New
Headers show

Comments

Paolo Bonzini - Oct. 10, 2012, 2:02 p.m.
Before:

    $ qemu-system-x86_64 -vnc foo.bar:12345
    getaddrinfo(foo.bar,18245): Name or service not known
    Failed to start VNC server on `foo.bar:12345'

    $ qemu-system-x86_64 -vnc localhost:12345,reverse=on
    inet_connect_opts: connect(ipv4,yakj.usersys.redhat.com,127.0.0.1,12345): Connection refused
    Failed to start VNC server on `localhost:12345,reverse=on'

After:

    $ x86_64-softmmu/qemu-system-x86_64 -vnc foo.bar:12345
    Failed to start VNC server on `foo.bar:12345': address resolution failed for foo.bar:18245: Name or service not known

    $ x86_64-softmmu/qemu-system-x86_64 -vnc localhost:12345,reverse=on
    Failed to start VNC server on `localhost:12345,reverse=on': Failed to connect to socket: Connection refused

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
        v1->v2: small cleanup for the if(reverse) case, do not use
        qerror_report_err.

 migration-exec.c | 18 ++++--------------
 console.h |  2 +-
 qmp.c     |  6 ++---
 ui/vnc.c  | 91 +++++++++++++++++++++++++++++----------------------------------
 vl.c      |  9 ++++---
 4 file modificati, 51 inserzioni(+), 57 rimozioni(-)
Markus Armbruster - Oct. 17, 2012, 3:17 p.m.
Paolo Bonzini <pbonzini@redhat.com> writes:

> Before:
>
>     $ qemu-system-x86_64 -vnc foo.bar:12345
>     getaddrinfo(foo.bar,18245): Name or service not known
>     Failed to start VNC server on `foo.bar:12345'
>
>     $ qemu-system-x86_64 -vnc localhost:12345,reverse=on
>     inet_connect_opts: connect(ipv4,yakj.usersys.redhat.com,127.0.0.1,12345): Connection refused
>     Failed to start VNC server on `localhost:12345,reverse=on'
>
> After:
>
>     $ x86_64-softmmu/qemu-system-x86_64 -vnc foo.bar:12345
>     Failed to start VNC server on `foo.bar:12345': address resolution failed for foo.bar:18245: Name or service not known
>
>     $ x86_64-softmmu/qemu-system-x86_64 -vnc localhost:12345,reverse=on
>     Failed to start VNC server on `localhost:12345,reverse=on': Failed to connect to socket: Connection refused
>
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
>         v1->v2: small cleanup for the if(reverse) case, do not use
>         qerror_report_err.
>
>  migration-exec.c | 18 ++++--------------
>  console.h |  2 +-
>  qmp.c     |  6 ++---
>  ui/vnc.c  | 91 +++++++++++++++++++++++++++++----------------------------------
>  vl.c      |  9 ++++---
>  4 file modificati, 51 inserzioni(+), 57 rimozioni(-)
>
> diff --git a/console.h b/console.h
> index f990684..6099d8d 100644
> --- a/console.h
> +++ b/console.h
> @@ -378,7 +378,7 @@ void cocoa_display_init(DisplayState *ds, int full_screen);
>  /* vnc.c */
>  void vnc_display_init(DisplayState *ds);
>  void vnc_display_close(DisplayState *ds);
> -int vnc_display_open(DisplayState *ds, const char *display);
> +void vnc_display_open(DisplayState *ds, const char *display, Error **errp);
>  void vnc_display_add_client(DisplayState *ds, int csock, int skipauth);
>  int vnc_display_disable_login(DisplayState *ds);
>  char *vnc_display_local_addr(DisplayState *ds);
> diff --git a/qmp.c b/qmp.c
> index 36c54c5..31bc3bf 100644
> --- a/qmp.c
> +++ b/qmp.c
> @@ -349,11 +349,9 @@ void qmp_change_vnc_password(const char *password, Error **errp)
>      }
>  }
>  
> -static void qmp_change_vnc_listen(const char *target, Error **err)
> +static void qmp_change_vnc_listen(const char *target, Error **errp)
>  {
> -    if (vnc_display_open(NULL, target) < 0) {
> -        error_set(err, QERR_VNC_SERVER_FAILED, target);
> -    }
> +    vnc_display_open(NULL, target, errp);
>  }
>  
>  static void qmp_change_vnc(const char *target, bool has_arg, const char *arg,
> diff --git a/ui/vnc.c b/ui/vnc.c
> index 235596e..b8e46ca 100644
> --- a/ui/vnc.c
> +++ b/ui/vnc.c
> @@ -2844,7 +2844,7 @@ char *vnc_display_local_addr(DisplayState *ds)
>      return vnc_socket_local_addr("%s:%s", vs->lsock);
>  }
>  
> -int vnc_display_open(DisplayState *ds, const char *display)
> +void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
>  {
>      VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
>      const char *options;
> @@ -2863,13 +2863,12 @@ int vnc_display_open(DisplayState *ds, const char *display)
>      int lock_key_sync = 1;
>  
>      if (!vnc_display)
> -        return -1;
> +        goto fail;

Now executes

    g_free(vs->display);
    vs->display = NULL;

The latter looks innocent enough, but why is the former safe?

>      vnc_display_close(ds);
>      if (strcmp(display, "none") == 0)
> -        return 0;
> +        return;
>  
> -    if (!(vs->display = strdup(display)))
> -        return -1;
> +    vs->display = g_strdup(display);
>      vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
>  
>      options = display;
> @@ -2877,13 +2876,11 @@ int vnc_display_open(DisplayState *ds, const char *display)
>          options++;
>          if (strncmp(options, "password", 8) == 0) {
>              if (fips_get_state()) {
> -                fprintf(stderr,
> -                        "VNC password auth disabled due to FIPS mode, "
> -                        "consider using the VeNCrypt or SASL authentication "
> -                        "methods as an alternative\n");
> -                g_free(vs->display);
> -                vs->display = NULL;
> -                return -1;
> +                error_setg(errp,
> +                           "VNC password auth disabled due to FIPS mode, "
> +                           "consider using the VeNCrypt or SASL authentication "
> +                           "methods as an alternative\n");

Message for error_setg() should not end with '\n'.

> +                goto fail;
>              }
>              password = 1; /* Require password auth */
>          } else if (strncmp(options, "reverse", 7) == 0) {
> @@ -2913,18 +2910,14 @@ int vnc_display_open(DisplayState *ds, const char *display)
>  
>                  VNC_DEBUG("Trying certificate path '%s'\n", path);
>                  if (vnc_tls_set_x509_creds_dir(vs, path) < 0) {
> -                    fprintf(stderr, "Failed to find x509 certificates/keys in %s\n", path);
> +                    error_setg(errp, "Failed to find x509 certificates/keys in %s\n", path);

Likewise.

>                      g_free(path);
> -                    g_free(vs->display);
> -                    vs->display = NULL;
> -                    return -1;
> +                    goto fail;
>                  }
>                  g_free(path);
>              } else {
> -                fprintf(stderr, "No certificate path provided\n");
> -                g_free(vs->display);
> -                vs->display = NULL;
> -                return -1;
> +                error_setg(errp, "No certificate path provided\n");

Likewise.

> +                goto fail;
>              }
>  #endif
>  #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
> @@ -2943,10 +2936,8 @@ int vnc_display_open(DisplayState *ds, const char *display)
>              } else if (strncmp(options+6, "force-shared", 12) == 0) {
>                  vs->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
>              } else {
> -                fprintf(stderr, "unknown vnc share= option\n");
> -                g_free(vs->display);
> -                vs->display = NULL;
> -                return -1;
> +                error_setg(errp, "unknown vnc share= option\n");

Likewise.

> +                goto fail;
>              }
>          }
>      }
> @@ -3047,52 +3038,54 @@ int vnc_display_open(DisplayState *ds, const char *display)
>  
>  #ifdef CONFIG_VNC_SASL
>      if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
> -        fprintf(stderr, "Failed to initialize SASL auth %s",
> -                sasl_errstring(saslErr, NULL, NULL));
> -        g_free(vs->display);
> -        vs->display = NULL;
> -        return -1;
> +        error_setg(errp, "Failed to initialize SASL auth %s",
> +                   sasl_errstring(saslErr, NULL, NULL));
> +        goto fail;
>      }
>  #endif
>      vs->lock_key_sync = lock_key_sync;
>  
>      if (reverse) {
>          /* connect to viewer */
> -        if (strncmp(display, "unix:", 5) == 0)
> -            vs->lsock = unix_connect(display+5, NULL);
> -        else
> -            vs->lsock = inet_connect(display, NULL);
> -        if (-1 == vs->lsock) {
> -            g_free(vs->display);
> -            vs->display = NULL;
> -            return -1;
> +        int csock;
> +        vs->lsock = -1;
> +        if (strncmp(display, "unix:", 5) == 0) {
> +            csock = unix_connect(display+5, errp);
>          } else {
> -            int csock = vs->lsock;
> -            vs->lsock = -1;
> -            vnc_connect(vs, csock, 0);
> +            csock = inet_connect(display, errp);
>          }

The csock / vs->lsock change confused me.  I think it's correct, but I
wish it was a separate cleanup commit.

Same for the goto fail cleanup, by the way.

> -        return 0;
> -
> +        if (-1 == csock) {

csock < 0, please.

> +            goto fail;
> +        }
> +        vnc_connect(vs, csock, 0);
>      } else {
>          /* listen for connects */
>          char *dpy;
>          dpy = g_malloc(256);
>          if (strncmp(display, "unix:", 5) == 0) {
>              pstrcpy(dpy, 256, "unix:");
> -            vs->lsock = unix_listen(display+5, dpy+5, 256-5, NULL);
> +            vs->lsock = unix_listen(display+5, dpy+5, 256-5, errp);
>          } else {
>              vs->lsock = inet_listen(display, dpy, 256,
> -                                    SOCK_STREAM, 5900, NULL);
> +                                    SOCK_STREAM, 5900, errp);
>          }
>          if (-1 == vs->lsock) {
>              g_free(dpy);
> -            return -1;
> -        } else {
> -            g_free(vs->display);
> -            vs->display = dpy;
> +            goto fail;

Now executes

    g_free(vs->display);
    vs->display = NULL;

Silent bug fix?

If yes, it should really be a separate commit!

>          }
> +        g_free(vs->display);
> +        vs->display = dpy;
> +        qemu_set_fd_handler2(vs->lsock, NULL, vnc_listen_read, NULL, vs);
> +    }
> +    return;
> +
> +fail:
> +    if (!error_is_set(errp)) {
> +        error_set(errp, QERR_VNC_SERVER_FAILED, display);

How can we get here with no error set?

1. !vnc_display (first goto fail).

2. unit_connect() or inet_listen() return failure, but don't set error.

3. unix_listen() or inet_listen() return failure, but don't set error.

Can 2. or 3. happen?

If yes, these functions suck.  If no, let's fix up 1. to set a suitable
error, and drop the uninformative generic error here.

>      }
> -    return qemu_set_fd_handler2(vs->lsock, NULL, vnc_listen_read, NULL, vs);
> +    g_free(vs->display);
> +    vs->display = NULL;
> +    return;
>  }
>  
>  void vnc_display_add_client(DisplayState *ds, int csock, int skipauth)
> diff --git a/vl.c b/vl.c
> index 2a072e8..67a624f 100644
> --- a/vl.c
> +++ b/vl.c
> @@ -3706,10 +3706,13 @@ int main(int argc, char **argv, char **envp)
>  #ifdef CONFIG_VNC
>      /* init remote displays */
>      if (vnc_display) {
> +        Error *local_err = NULL;
>          vnc_display_init(ds);
> -        if (vnc_display_open(ds, vnc_display) < 0) {
> -            fprintf(stderr, "Failed to start VNC server on `%s'\n",
> -                    vnc_display);
> +        vnc_display_open(ds, vnc_display, &local_err);
> +        if (local_err != NULL) {
> +            fprintf(stderr, "Failed to start VNC server on `%s': %s\n",
> +                    vnc_display, error_get_pretty(local_err));
> +            error_free(local_err);
>              exit(1);
>          }
Paolo Bonzini - Oct. 17, 2012, 3:48 p.m.
Il 17/10/2012 17:17, Markus Armbruster ha scritto:
>> > +fail:
>> > +    if (!error_is_set(errp)) {
>> > +        error_set(errp, QERR_VNC_SERVER_FAILED, display);
> How can we get here with no error set?
> 
> 1. !vnc_display (first goto fail).

This can be fixed up to give a separate error.

> 2. unit_connect() or inet_listen() return failure, but don't set error.
> 
> 3. unix_listen() or inet_listen() return failure, but don't set error.
> 
> Can 2. or 3. happen?
> 
> If yes, these functions suck.  If no, let's fix up 1. to set a suitable
> error, and drop the uninformative generic error here.
> 

It can at this point in the series, but not at the end.

I tried to split this one into many commits, but I wasn't sure it was
worth to make a mini-series out of one function.  In retrospect
 it was.

Paolo
Markus Armbruster - Oct. 19, 2012, 7:49 a.m.
Paolo Bonzini <pbonzini@redhat.com> writes:

> Il 17/10/2012 17:17, Markus Armbruster ha scritto:
>>> > +fail:
>>> > +    if (!error_is_set(errp)) {
>>> > +        error_set(errp, QERR_VNC_SERVER_FAILED, display);
>> How can we get here with no error set?
>> 
>> 1. !vnc_display (first goto fail).
>
> This can be fixed up to give a separate error.
>
>> 2. unit_connect() or inet_listen() return failure, but don't set error.
>> 
>> 3. unix_listen() or inet_listen() return failure, but don't set error.
>> 
>> Can 2. or 3. happen?
>> 
>> If yes, these functions suck.  If no, let's fix up 1. to set a suitable
>> error, and drop the uninformative generic error here.
>> 
>
> It can at this point in the series, but not at the end.

Feel free to make the fix up at the end then.

> I tried to split this one into many commits, but I wasn't sure it was
> worth to make a mini-series out of one function.  In retrospect
>  it was.

Review of a long series is unrewarding when the patches are all perfect
;)
Paolo Bonzini - Oct. 19, 2012, 8:40 a.m.
> > I tried to split this one into many commits, but I wasn't sure it
> > was worth to make a mini-series out of one function.  In retrospect
> > it was.
> 
> Review of a long series is unrewarding when the patches are all
> perfect ;)

LOL, will split the patch anyway.

Paolo

Patch

diff --git a/console.h b/console.h
index f990684..6099d8d 100644
--- a/console.h
+++ b/console.h
@@ -378,7 +378,7 @@  void cocoa_display_init(DisplayState *ds, int full_screen);
 /* vnc.c */
 void vnc_display_init(DisplayState *ds);
 void vnc_display_close(DisplayState *ds);
-int vnc_display_open(DisplayState *ds, const char *display);
+void vnc_display_open(DisplayState *ds, const char *display, Error **errp);
 void vnc_display_add_client(DisplayState *ds, int csock, int skipauth);
 int vnc_display_disable_login(DisplayState *ds);
 char *vnc_display_local_addr(DisplayState *ds);
diff --git a/qmp.c b/qmp.c
index 36c54c5..31bc3bf 100644
--- a/qmp.c
+++ b/qmp.c
@@ -349,11 +349,9 @@  void qmp_change_vnc_password(const char *password, Error **errp)
     }
 }
 
-static void qmp_change_vnc_listen(const char *target, Error **err)
+static void qmp_change_vnc_listen(const char *target, Error **errp)
 {
-    if (vnc_display_open(NULL, target) < 0) {
-        error_set(err, QERR_VNC_SERVER_FAILED, target);
-    }
+    vnc_display_open(NULL, target, errp);
 }
 
 static void qmp_change_vnc(const char *target, bool has_arg, const char *arg,
diff --git a/ui/vnc.c b/ui/vnc.c
index 235596e..b8e46ca 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2844,7 +2844,7 @@  char *vnc_display_local_addr(DisplayState *ds)
     return vnc_socket_local_addr("%s:%s", vs->lsock);
 }
 
-int vnc_display_open(DisplayState *ds, const char *display)
+void vnc_display_open(DisplayState *ds, const char *display, Error **errp)
 {
     VncDisplay *vs = ds ? (VncDisplay *)ds->opaque : vnc_display;
     const char *options;
@@ -2863,13 +2863,12 @@  int vnc_display_open(DisplayState *ds, const char *display)
     int lock_key_sync = 1;
 
     if (!vnc_display)
-        return -1;
+        goto fail;
     vnc_display_close(ds);
     if (strcmp(display, "none") == 0)
-        return 0;
+        return;
 
-    if (!(vs->display = strdup(display)))
-        return -1;
+    vs->display = g_strdup(display);
     vs->share_policy = VNC_SHARE_POLICY_ALLOW_EXCLUSIVE;
 
     options = display;
@@ -2877,13 +2876,11 @@  int vnc_display_open(DisplayState *ds, const char *display)
         options++;
         if (strncmp(options, "password", 8) == 0) {
             if (fips_get_state()) {
-                fprintf(stderr,
-                        "VNC password auth disabled due to FIPS mode, "
-                        "consider using the VeNCrypt or SASL authentication "
-                        "methods as an alternative\n");
-                g_free(vs->display);
-                vs->display = NULL;
-                return -1;
+                error_setg(errp,
+                           "VNC password auth disabled due to FIPS mode, "
+                           "consider using the VeNCrypt or SASL authentication "
+                           "methods as an alternative\n");
+                goto fail;
             }
             password = 1; /* Require password auth */
         } else if (strncmp(options, "reverse", 7) == 0) {
@@ -2913,18 +2910,14 @@  int vnc_display_open(DisplayState *ds, const char *display)
 
                 VNC_DEBUG("Trying certificate path '%s'\n", path);
                 if (vnc_tls_set_x509_creds_dir(vs, path) < 0) {
-                    fprintf(stderr, "Failed to find x509 certificates/keys in %s\n", path);
+                    error_setg(errp, "Failed to find x509 certificates/keys in %s\n", path);
                     g_free(path);
-                    g_free(vs->display);
-                    vs->display = NULL;
-                    return -1;
+                    goto fail;
                 }
                 g_free(path);
             } else {
-                fprintf(stderr, "No certificate path provided\n");
-                g_free(vs->display);
-                vs->display = NULL;
-                return -1;
+                error_setg(errp, "No certificate path provided\n");
+                goto fail;
             }
 #endif
 #if defined(CONFIG_VNC_TLS) || defined(CONFIG_VNC_SASL)
@@ -2943,10 +2936,8 @@  int vnc_display_open(DisplayState *ds, const char *display)
             } else if (strncmp(options+6, "force-shared", 12) == 0) {
                 vs->share_policy = VNC_SHARE_POLICY_FORCE_SHARED;
             } else {
-                fprintf(stderr, "unknown vnc share= option\n");
-                g_free(vs->display);
-                vs->display = NULL;
-                return -1;
+                error_setg(errp, "unknown vnc share= option\n");
+                goto fail;
             }
         }
     }
@@ -3047,52 +3038,54 @@  int vnc_display_open(DisplayState *ds, const char *display)
 
 #ifdef CONFIG_VNC_SASL
     if ((saslErr = sasl_server_init(NULL, "qemu")) != SASL_OK) {
-        fprintf(stderr, "Failed to initialize SASL auth %s",
-                sasl_errstring(saslErr, NULL, NULL));
-        g_free(vs->display);
-        vs->display = NULL;
-        return -1;
+        error_setg(errp, "Failed to initialize SASL auth %s",
+                   sasl_errstring(saslErr, NULL, NULL));
+        goto fail;
     }
 #endif
     vs->lock_key_sync = lock_key_sync;
 
     if (reverse) {
         /* connect to viewer */
-        if (strncmp(display, "unix:", 5) == 0)
-            vs->lsock = unix_connect(display+5, NULL);
-        else
-            vs->lsock = inet_connect(display, NULL);
-        if (-1 == vs->lsock) {
-            g_free(vs->display);
-            vs->display = NULL;
-            return -1;
+        int csock;
+        vs->lsock = -1;
+        if (strncmp(display, "unix:", 5) == 0) {
+            csock = unix_connect(display+5, errp);
         } else {
-            int csock = vs->lsock;
-            vs->lsock = -1;
-            vnc_connect(vs, csock, 0);
+            csock = inet_connect(display, errp);
         }
-        return 0;
-
+        if (-1 == csock) {
+            goto fail;
+        }
+        vnc_connect(vs, csock, 0);
     } else {
         /* listen for connects */
         char *dpy;
         dpy = g_malloc(256);
         if (strncmp(display, "unix:", 5) == 0) {
             pstrcpy(dpy, 256, "unix:");
-            vs->lsock = unix_listen(display+5, dpy+5, 256-5, NULL);
+            vs->lsock = unix_listen(display+5, dpy+5, 256-5, errp);
         } else {
             vs->lsock = inet_listen(display, dpy, 256,
-                                    SOCK_STREAM, 5900, NULL);
+                                    SOCK_STREAM, 5900, errp);
         }
         if (-1 == vs->lsock) {
             g_free(dpy);
-            return -1;
-        } else {
-            g_free(vs->display);
-            vs->display = dpy;
+            goto fail;
         }
+        g_free(vs->display);
+        vs->display = dpy;
+        qemu_set_fd_handler2(vs->lsock, NULL, vnc_listen_read, NULL, vs);
+    }
+    return;
+
+fail:
+    if (!error_is_set(errp)) {
+        error_set(errp, QERR_VNC_SERVER_FAILED, display);
     }
-    return qemu_set_fd_handler2(vs->lsock, NULL, vnc_listen_read, NULL, vs);
+    g_free(vs->display);
+    vs->display = NULL;
+    return;
 }
 
 void vnc_display_add_client(DisplayState *ds, int csock, int skipauth)
diff --git a/vl.c b/vl.c
index 2a072e8..67a624f 100644
--- a/vl.c
+++ b/vl.c
@@ -3706,10 +3706,13 @@  int main(int argc, char **argv, char **envp)
 #ifdef CONFIG_VNC
     /* init remote displays */
     if (vnc_display) {
+        Error *local_err = NULL;
         vnc_display_init(ds);
-        if (vnc_display_open(ds, vnc_display) < 0) {
-            fprintf(stderr, "Failed to start VNC server on `%s'\n",
-                    vnc_display);
+        vnc_display_open(ds, vnc_display, &local_err);
+        if (local_err != NULL) {
+            fprintf(stderr, "Failed to start VNC server on `%s': %s\n",
+                    vnc_display, error_get_pretty(local_err));
+            error_free(local_err);
             exit(1);
         }