From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: passt.top; dmarc=pass (p=quarantine dis=none) header.from=redhat.com Authentication-Results: passt.top; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=OK0UhZbY; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by passt.top (Postfix) with ESMTPS id 99E2B5A0272 for ; Sun, 31 May 2026 22:13:33 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1780258412; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Uh438ibiZQnPgyL3qrrVo5dK2/QKpW+TrDq3lTrGFSM=; b=OK0UhZbYNsnsuaEvUHiYy/SOAAgHks9HND4vVUlcYqVksddLikaE6fAyVzfFOcvDOm8oM6 rukZNLB/SEA0T37dgyrWV+ErWUqw5R7c1eDjHNxqEl+/bOF72jLjRhMmjutwXSmA6JGoBF hgWu8GTx32aG/RYkNgOqY8g9meBBF4k= Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-451-jdKc7F2OPJaqjx76Q7GDdg-1; Sun, 31 May 2026 16:13:28 -0400 X-MC-Unique: jdKc7F2OPJaqjx76Q7GDdg-1 X-Mimecast-MFC-AGG-ID: jdKc7F2OPJaqjx76Q7GDdg_1780258407 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 398AF19560B2; Sun, 31 May 2026 20:13:27 +0000 (UTC) Received: from jmaloy-thinkpadp16vgen1.rmtcaqc.csb (unknown [10.22.88.48]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id BD4FE300019F; Sun, 31 May 2026 20:13:25 +0000 (UTC) From: Jon Maloy To: sbrivio@redhat.com, david@gibson.dropbear.id.au, jmaloy@redhat.com, passt-dev@passt.top Subject: [PATCH] util, passt: Close daemon-lifetime fds on exit to avoid Coverity warning Date: Sun, 31 May 2026 16:13:24 -0400 Message-ID: <20260531201324.1714921-1-jmaloy@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: 0HxtetmG1g5GEmIT5LiSuOS-kKnxWwARorV7_vHhRiM_1780258407 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit content-type: text/plain; charset="US-ASCII"; x-default=true Message-ID-Hash: 5ZQKWL6ITT52CPXS5DMKB27MOYDVXX7L X-Message-ID-Hash: 5ZQKWL6ITT52CPXS5DMKB27MOYDVXX7L X-MailFrom: jmaloy@redhat.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: Development discussion and patches for passt Archived-At: Archived-At: List-Archive: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: conf_open_files() opens four file descriptors (fd_tap_listen, fd_repair_listen, pidfile_fd, fd_control_listen) that are held for the entire daemon lifetime. Because no close() call exists for them anywhere, Coverity flags each as INCOMPLETE_DEALLOCATOR. This is clearly a false positive, but we still want to get rid of this warning. We now register the execution context so that passt_exit() can use to close these descriptors before calling _exit(). All exit paths (signal handler, die(), die_perror()) funnel through passt_exit(), so this covers all cases. Signed-off-by: Jon Maloy --- log.h | 2 ++ passt.c | 1 + util.c | 22 ++++++++++++++++++++++ 3 files changed, 25 insertions(+) diff --git a/log.h b/log.h index 69cfb507..079f429c 100644 --- a/log.h +++ b/log.h @@ -63,7 +63,9 @@ extern bool debug_flag; /* This would make more sense in util.h, but because we use it in die(), that * would cause awkward circular reference problems. */ +struct ctx; void passt_exit(int status) __attribute__((noreturn)); +void passt_exit_set_ctx(struct ctx *c); #define LOGFILE_SIZE_DEFAULT (1024 * 1024UL) #define LOGFILE_CUT_RATIO 30 /* When full, cut ~30% size */ diff --git a/passt.c b/passt.c index b6fc12d4..ec6aa57a 100644 --- a/passt.c +++ b/passt.c @@ -392,6 +392,7 @@ int main(int argc, char **argv) sock_probe_features(&c); conf(&c, argc, argv); + passt_exit_set_ctx(&c); trace_init(c.trace); pasta_netns_quit_init(&c); diff --git a/util.c b/util.c index b64c29ed..f15b1f9a 100644 --- a/util.c +++ b/util.c @@ -1097,6 +1097,17 @@ void abort_with_msg(const char *fmt, ...) abort(); } +static struct ctx *exit_cleanup_ctx; + +/** + * passt_exit_set_ctx() - Register context for cleanup on exit + * @c: Execution context + */ +void passt_exit_set_ctx(struct ctx *c) +{ + exit_cleanup_ctx = c; +} + /** * passt_exit() - Perform vital cleanup and exit * @@ -1108,6 +1119,17 @@ void abort_with_msg(const char *fmt, ...) */ void passt_exit(int status) { + if (exit_cleanup_ctx) { + if (exit_cleanup_ctx->fd_tap_listen >= 0) + close(exit_cleanup_ctx->fd_tap_listen); + if (exit_cleanup_ctx->fd_repair_listen >= 0) + close(exit_cleanup_ctx->fd_repair_listen); + if (exit_cleanup_ctx->pidfile_fd >= 0) + close(exit_cleanup_ctx->pidfile_fd); + if (exit_cleanup_ctx->fd_control_listen >= 0) + close(exit_cleanup_ctx->fd_control_listen); + } + /* Make sure we don't leave the pcap file truncated */ if (pcap_fd != -1 && fsync(pcap_fd)) warn_perror("Failed to flush pcap file, it might be truncated"); -- 2.52.0