黄亮 | 1 Nov 03:01 2010

Re: [libvirt] Node.GetInfo error

HI,
 
I tried
 
Errors.Error err = Errors.GetLastError();
MessageBox.Show(err.Message);
 
But  IDE shows compilation errors that there is no "Error" defination in "Errors", and "Errors.GetLastError()" returns int.
I made a guess that maybe it was like this:
 
Error err = Errors.SaveLastError();
MessageBox.Show("Get Info error: " + err.Message);
 
It can be compiled but "err.Message" has nothing in it.
 
Did I make a wrong assumption?
 
Regards
 
 
2010-11-01
Lancer 
发件人: arnaud.champion <at> devatom.fr
发送时间: 2010-10-31  16:48:15
收件人: 黄亮
抄送: libvir-list <at> redhat.com
主题: Re: Node.GetInfo error
Ok,
 
at first GetLastError return an Error object. So you should anything like :
 
Errors.Error err = Errors.GetLastError();
MessageBox.Show(err.Message);
 
For the NodeInfo structure, I think the problem is the same that was for DomainInfo, I'll check marshaling. Then respond you with the correct infos.
 
Arnaud
 
PS : can you also put libvirt-list <at> redhat.com in copy of your mails, to keep everyone in the loop ?

From: 黄亮
Sent: Sunday, October 31, 2010 8:20 AM
Subject: Node.GetInfo error

Hi,
 
Sorry for disturbing again. But I get error while using Node.GetInfo.
 
Code:
 
NodeInfo aNodeInfo = new NodeInfo();
if (Node.GetInfo(con, aNodeInfo) < 0)
{
//MessageBox.Show("Node Info Error");
MessageBox.Show(Errors.GetLastError().ToString());
return 0f;
}
 
I'm sure con != IntPtr.Zero. I tried to use Errors.GetLastError(), it returns int. But I don't know what to do with it.
So, any suggestions ? Thanks
 
Regards
2010-10-31
Lancer 


__________ Information from ESET Smart Security, version of virus signature database 5577 (20101030) __________

The message was checked by ESET Smart Security.

http://www.eset.com
<div>
<div>HI,</div>
<div>&nbsp;</div>
<div>I tried </div>
<div>
<div>&nbsp;</div>
<div>Errors.Error err = 
Errors.GetLastError();</div>
<div>MessageBox.Show(err.Message);</div>
<div>&nbsp;</div>
<div>But&nbsp; IDE shows compilation errors that there 
is no "Error" defination in "Errors", and "Errors.GetLastError()" returns 
int.</div>
<div>I made a guess that maybe it was like 
this:</div>
<div>&nbsp;</div>
<div>
<div>Error&nbsp;err&nbsp;=&nbsp;Errors.SaveLastError();</div>
<div>MessageBox.Show("Get&nbsp;Info&nbsp;error:&nbsp;"&nbsp;+&nbsp;err.Message);</div>
</div>
<div>&nbsp;</div>
<div>It can be compiled but "err.Message" has nothing 
in it.</div>
<div>&nbsp;</div>
<div>Did I make a wrong assumption?</div>
<div>&nbsp;</div>
<div>Regards</div>
</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>2010-11-01 </div>

<div>
<span>Lancer</span>&nbsp;</div>
<div>&#21457;&#20214;&#20154;&#65306; arnaud.champion <at> devatom.fr 
</div>
<div>&#21457;&#36865;&#26102;&#38388;&#65306; 2010-10-31&nbsp; 16:48:15 
</div>
<div>&#25910;&#20214;&#20154;&#65306; &#40644;&#20142; </div>
<div>&#25220;&#36865;&#65306; libvir-list <at> redhat.com 
</div>
<div>&#20027;&#39064;&#65306; Re: Node.GetInfo error 
</div>
<div> </div>
<div>
<div>Ok,</div>
<div>&nbsp;</div>
<div>at first GetLastError return an Error object. So 
you should anything like :</div>
<div>&nbsp;</div>
<div>Errors.Error err = 
Errors.GetLastError();</div>
<div>MessageBox.Show(err.Message);</div>
<div>&nbsp;</div>
<div>For the NodeInfo structure, I think the problem 
is the same that was for DomainInfo, I'll check marshaling. Then respond you 
with the correct infos.</div>
<div>&nbsp;</div>
<div>Arnaud</div>
<div>&nbsp;</div>
<div>PS : can you also put <a href="mailto:libvirt-list <at> redhat.com">libvirt-list <at> redhat.com</a> in copy of 
your mails, to keep everyone in the loop ?</div>
<div>
<div><br></div>
<div>
<div>From: <a title="lancerhuang <at> 163.com" href="mailto:lancerhuang <at> 163.com">&#40644;&#20142;</a> </div>
<div>Sent: Sunday, October 31, 2010 8:20 AM</div>
<div>To: <a title="arnaud.champion <at> devatom.fr" href="mailto:arnaud.champion <at> devatom.fr">arnaud.champion</a> </div>
<div>Subject: Node.GetInfo error</div>
</div>
</div>
<div><br></div>
<div>Hi,</div>
<div>&nbsp;</div>
<div>Sorry for disturbing again. But I get error while using Node.GetInfo.</div>
<div>&nbsp;</div>
<div>Code:</div>
<div>&nbsp;</div>
<div>
<div>NodeInfo&nbsp;aNodeInfo&nbsp;=&nbsp;new&nbsp;NodeInfo();</div>
<div>if&nbsp;(Node.GetInfo(con,&nbsp;aNodeInfo)&nbsp;&lt;&nbsp;0)</div>
<div>{</div>
<div>//MessageBox.Show("Node&nbsp;Info&nbsp;Error");</div>
<div>MessageBox.Show(Errors.GetLastError().ToString());</div>
<div>return&nbsp;0f;</div>
<div>}</div>
<div>&nbsp;</div>
<div>I'm sure con != IntPtr.Zero. I tried to use Errors.GetLastError(), it 
returns int. But I don't know what to do with it.</div>
<div>So, any suggestions ? Thanks </div>
<div>&nbsp;</div>
<div>Regards</div>
</div>
<div align="left">2010-10-31 
</div>
<div>Lancer&nbsp;</div>
<br><br>__________ Information from 
ESET Smart Security, version of virus signature database 5577 (20101030) 
__________<br><br>The message was checked by ESET Smart Security.<br><br><a href="http://www.eset.com">http://www.eset.com</a><br>
</div>
</div>
Osier Yang | 1 Nov 05:17 2010
Picon

[libvirt] [PATCH 1/2] util: Add helper function to build timestamp string

* src/util/util.h
* src/util/util.c
* src/libvirt_private.syms
---
 src/libvirt_private.syms |    1 +
 src/util/util.c          |   20 ++++++++++++++++++++
 src/util/util.h          |    3 +++
 3 files changed, 24 insertions(+), 0 deletions(-)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index cf64bd3..bd77a34 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
 <at>  <at>  -779,6 +779,7  <at>  <at>  virStrToLong_ui;
 virStrToLong_ull;
 virStrcpy;
 virStrncpy;
+virTimestamp;

 # uuid.h
diff --git a/src/util/util.c b/src/util/util.c
index 2632fe7..6f83730 100644
--- a/src/util/util.c
+++ b/src/util/util.c
 <at>  <at>  -38,6 +38,7  <at>  <at> 
 #include <sys/stat.h>
 #include <sys/ioctl.h>
 #include <sys/wait.h>
+#include <sys/time.h>
 #if HAVE_MMAP
 # include <sys/mman.h>
 #endif
 <at>  <at>  -2912,3 +2913,22  <at>  <at>  int virBuildPathInternal(char **path, ...)

     return ret;
 }
+
+char *virTimestamp(void) {
+    struct timeval cur_time;
+    struct tm time_info;
+    char timestr[100];
+    char *timestamp;
+
+    gettimeofday(&cur_time, NULL);
+    localtime_r(&cur_time.tv_sec, &time_info);
+
+    strftime(timestr, sizeof(timestr), "%Y-%m-%d %H:%M:%S", &time_info);
+
+    if (virAsprintf(&timestamp, "%s.%3d: ",
+                    timestr, (int) cur_time.tv_usec / 1000) < 0) {
+        return NULL;
+    }
+
+    return timestamp;
+}
diff --git a/src/util/util.h b/src/util/util.h
index 5de4fd6..a240d87 100644
--- a/src/util/util.h
+++ b/src/util/util.h
 <at>  <at>  -160,6 +160,7  <at>  <at>  int virFileOpenTtyAt(const char *ptmx,

 char* virFilePid(const char *dir,
                  const char *name);
+
 int virFileWritePidPath(const char *path,
                         pid_t pid) ATTRIBUTE_RETURN_CHECK;
 int virFileWritePid(const char *dir,
 <at>  <at>  -277,4 +278,6  <at>  <at>  void virFileWaitForDevices(void);
 # define virBuildPath(path, ...) virBuildPathInternal(path, __VA_ARGS__, NULL)
 int virBuildPathInternal(char **path, ...) ATTRIBUTE_SENTINEL;

+char *virTimestamp(void);
+
 #endif /* __VIR_UTIL_H__ */
--
1.7.2.3

Osier Yang | 1 Nov 05:17 2010
Picon

[libvirt] [PATCH 2/2] qemu: Record timestamp for qemu domain log

Currently only support domain start and domain shutdown, for domain
start, adding timestamp before qemu command line, for domain shutdown,
just say it's shutting down with timestamp.

* src/qemu/qemu_driver.c
---
 src/qemu/qemu_driver.c |   42 +++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 41 insertions(+), 1 deletions(-)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index a7cce6a..963b70c 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
 <at>  <at>  -3830,6 +3830,7  <at>  <at>  static int qemudStartVMDaemon(virConnectPtr conn,
     char ebuf[1024];
     char *pidfile = NULL;
     int logfile = -1;
+    char *timestamp;
     qemuDomainObjPrivatePtr priv = vm->privateData;

     struct qemudHookData hookData;
 <at>  <at>  -4017,7 +4018,17  <at>  <at>  static int qemudStartVMDaemon(virConnectPtr conn,
             goto cleanup;
     }

+    if ((timestamp = virTimestamp()) == NULL) {
+        virReportOOMError();
+        goto cleanup;
+    } else if (safewrite(logfile, timestamp, strlen(timestamp)) < 0) {
+        VIR_FREE(timestamp);
+        VIR_WARN("Unable to write timestamp to logfile: %s",
+                 virStrerror(errno, ebuf, sizeof ebuf));
+    }
+
     tmp = progenv;
+
     while (*tmp) {
         if (safewrite(logfile, *tmp, strlen(*tmp)) < 0)
             VIR_WARN("Unable to write envv to logfile: %s",
 <at>  <at>  -4168,7 +4179,6  <at>  <at>  cleanup:
     return -1;
 }

-
 static void qemudShutdownVMDaemon(struct qemud_driver *driver,
                                   virDomainObjPtr vm,
                                   int migrated) {
 <at>  <at>  -4178,6 +4188,31  <at>  <at>  static void qemudShutdownVMDaemon(struct qemud_driver *driver,
     virErrorPtr orig_err;
     virDomainDefPtr def;
     int i;
+    int logfile = -1;
+    char *timestamp;
+    char ebuf[1024];
+
+    VIR_DEBUG0("Creating domain log file");
+    if ((logfile = qemudLogFD(driver, vm->def->name)) < 0) {
+        /* To not break the normal domain shutdown process, skip the
+         * timestamp log writing if failed on opening log file. */
+        VIR_WARN("Unable to open logfile: %s",
+                  virStrerror(errno, ebuf, sizeof ebuf));
+    } else {
+        if ((timestamp = virTimestamp()) == NULL) {
+            virReportOOMError();
+            goto cleanup;
+        } else {
+            strcat(timestamp, "shutting down\n");
+
+            if (safewrite(logfile, timestamp, strlen(timestamp)) < 0) {
+                VIR_WARN("Unable to write timestamp to logfile: %s",
+                          virStrerror(errno, ebuf, sizeof ebuf));
+            }
+
+            VIR_FREE(timestamp);
+        }
+    }

     VIR_DEBUG("Shutting down VM '%s' pid=%d migrated=%d",
               vm->def->name, vm->pid, migrated);
 <at>  <at>  -4315,6 +4350,11  <at>  <at>  retry:
         virSetError(orig_err);
         virFreeError(orig_err);
     }
+
+cleanup:
+    if (close(logfile) < 0)
+        VIR_WARN("Unable to close logfile: %s",
+                 virStrerror(errno, ebuf, sizeof ebuf));
 }

--
1.7.2.3

arnaud.champion | 1 Nov 09:36 2010
Picon

Re: [libvirt] SPAM-LOW: Re: Re: Node.GetInfo error

Hi,
I think the solution is in the last patches I have send (which are not yet in the git). Have you tried the NodeInfoStructure I have sended yesterday ?
 
Arnaud

From: 黄亮
Sent: Monday, November 01, 2010 3:01 AM
Subject: SPAM-LOW: Re: Re: Node.GetInfo error

HI,
 
I tried
 
Errors.Error err = Errors.GetLastError();
MessageBox.Show(err.Message);
 
But  IDE shows compilation errors that there is no "Error" defination in "Errors", and "Errors.GetLastError()" returns int.
I made a guess that maybe it was like this:
 
Error err = Errors.SaveLastError();
MessageBox.Show("Get Info error: " + err.Message);
 
It can be compiled but "err.Message" has nothing in it.
 
Did I make a wrong assumption?
 
Regards
 
 
2010-11-01
Lancer 
发件人: arnaud.champion <at> devatom.fr
发送时间: 2010-10-31  16:48:15
收件人: 黄亮
抄送: libvir-list <at> redhat.com
主题: Re: Node.GetInfo error
Ok,
 
at first GetLastError return an Error object. So you should anything like :
 
Errors.Error err = Errors.GetLastError();
MessageBox.Show(err.Message);
 
For the NodeInfo structure, I think the problem is the same that was for DomainInfo, I'll check marshaling. Then respond you with the correct infos.
 
Arnaud
 
PS : can you also put libvirt-list <at> redhat.com in copy of your mails, to keep everyone in the loop ?

From: 黄亮
Sent: Sunday, October 31, 2010 8:20 AM
Subject: Node.GetInfo error

Hi,
 
Sorry for disturbing again. But I get error while using Node.GetInfo.
 
Code:
 
NodeInfo aNodeInfo = new NodeInfo();
if (Node.GetInfo(con, aNodeInfo) < 0)
{
//MessageBox.Show("Node Info Error");
MessageBox.Show(Errors.GetLastError().ToString());
return 0f;
}
 
I'm sure con != IntPtr.Zero. I tried to use Errors.GetLastError(), it returns int. But I don't know what to do with it.
So, any suggestions ? Thanks
 
Regards
2010-10-31
Lancer 


__________ Information from ESET Smart Security, version of virus signature database 5577 (20101030) __________

The message was checked by ESET Smart Security.

http://www.eset.com
<div>
<div>Hi,</div>
<div>I&nbsp;think the solution is in the last patches 
I have send (which are not yet in the git). Have you tried the NodeInfoStructure 
I have sended yesterday ?</div>
<div>&nbsp;</div>
<div>Arnaud</div>
<div>
<div><br></div>
<div>
<div>From: <a title="lancerhuang <at> 163.com" href="mailto:lancerhuang <at> 163.com">&#40644;&#20142;</a> </div>
<div>Sent: Monday, November 01, 2010 3:01 AM</div>
<div>To: <a title="arnaud.champion <at> devatom.fr" href="mailto:arnaud.champion <at> devatom.fr">arnaud.champion <at> devatom.fr</a> </div>
<div>Cc: <a title="libvir-list <at> redhat.com" href="mailto:libvir-list <at> redhat.com">libvir-list</a> </div>
<div>Subject: SPAM-LOW: Re: Re: Node.GetInfo error</div>
</div>
</div>
<div><br></div>
<div>HI,</div>
<div>&nbsp;</div>
<div>I tried </div>
<div>
<div>&nbsp;</div>
<div>Errors.Error err = 
Errors.GetLastError();</div>
<div>MessageBox.Show(err.Message);</div>
<div>&nbsp;</div>
<div>But&nbsp; IDE shows compilation errors that there 
is no "Error" defination in "Errors", and "Errors.GetLastError()" returns 
int.</div>
<div>I made a guess that maybe it was like 
this:</div>
<div>&nbsp;</div>
<div>
<div>Error&nbsp;err&nbsp;=&nbsp;Errors.SaveLastError();</div>
<div>MessageBox.Show("Get&nbsp;Info&nbsp;error:&nbsp;"&nbsp;+&nbsp;err.Message);</div>
</div>
<div>&nbsp;</div>
<div>It can be compiled but "err.Message" has nothing 
in it.</div>
<div>&nbsp;</div>
<div>Did I make a wrong assumption?</div>
<div>&nbsp;</div>
<div>Regards</div>
</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>2010-11-01 </div>

<div>
<span>Lancer</span>&nbsp;</div>
<div>&#21457;&#20214;&#20154;&#65306; arnaud.champion <at> devatom.fr 
</div>
<div>&#21457;&#36865;&#26102;&#38388;&#65306; 2010-10-31&nbsp; 16:48:15 
</div>
<div>&#25910;&#20214;&#20154;&#65306; &#40644;&#20142; </div>
<div>&#25220;&#36865;&#65306; libvir-list <at> redhat.com 
</div>
<div>&#20027;&#39064;&#65306; Re: Node.GetInfo error 
</div>
<div></div>
<div>
<div>Ok,</div>
<div>&nbsp;</div>
<div>at first GetLastError return an Error object. So 
you should anything like :</div>
<div>&nbsp;</div>
<div>Errors.Error err = 
Errors.GetLastError();</div>
<div>MessageBox.Show(err.Message);</div>
<div>&nbsp;</div>
<div>For the NodeInfo structure, I think the problem 
is the same that was for DomainInfo, I'll check marshaling. Then respond you 
with the correct infos.</div>
<div>&nbsp;</div>
<div>Arnaud</div>
<div>&nbsp;</div>
<div>PS : can you also put <a href="mailto:libvirt-list <at> redhat.com">libvirt-list <at> redhat.com</a> in copy of 
your mails, to keep everyone in the loop ?</div>
<div>
<div><br></div>
<div>
<div>From: <a title="lancerhuang <at> 163.com" href="mailto:lancerhuang <at> 163.com">&#40644;&#20142;</a> </div>
<div>Sent: Sunday, October 31, 2010 8:20 AM</div>
<div>To: <a title="arnaud.champion <at> devatom.fr" href="mailto:arnaud.champion <at> devatom.fr">arnaud.champion</a> </div>
<div>Subject: Node.GetInfo error</div>
</div>
</div>
<div><br></div>
<div>Hi,</div>
<div>&nbsp;</div>
<div>Sorry for disturbing again. But I get error while using Node.GetInfo.</div>
<div>&nbsp;</div>
<div>Code:</div>
<div>&nbsp;</div>
<div>
<div>NodeInfo&nbsp;aNodeInfo&nbsp;=&nbsp;new&nbsp;NodeInfo();</div>
<div>if&nbsp;(Node.GetInfo(con,&nbsp;aNodeInfo)&nbsp;&lt;&nbsp;0)</div>
<div>{</div>
<div>//MessageBox.Show("Node&nbsp;Info&nbsp;Error");</div>
<div>MessageBox.Show(Errors.GetLastError().ToString());</div>
<div>return&nbsp;0f;</div>
<div>}</div>
<div>&nbsp;</div>
<div>I'm sure con != IntPtr.Zero. I tried to use Errors.GetLastError(), it 
returns int. But I don't know what to do with it.</div>
<div>So, any suggestions ? Thanks </div>
<div>&nbsp;</div>
<div>Regards</div>
</div>
<div align="left">2010-10-31 
</div>
<div>Lancer&nbsp;</div>
<br><br>__________ Information from 
ESET Smart Security, version of virus signature database 5577 (20101030) 
__________<br><br>The message was checked by ESET Smart Security.<br><br><a href="http://www.eset.com">http://www.eset.com</a><br>
</div>
</div>
arnaud.champion | 1 Nov 09:54 2010
Picon

Re: [libvirt] SPAM-LOW: Re: Re: Node.GetInfo error

Ok,
 
if you are under windows (like me), use GitExtension (http://sourceforge.net/projects/gitextensions/)
It works, not perfect, but it works.
 
Arnaud

From: 黄亮
Sent: Monday, November 01, 2010 9:52 AM
Subject: Re: Re: SPAM-LOW: Re: Re: Node.GetInfo error

Hi Arnaud,
 
The NodeInfoStructure you sent to me yesterday works, thank you.
I saw your patch file, should I manually apply it to the source code or is there some tools I can use to automatically apply the changes?
 
Regards
 
 
2010-11-01
Lancer 
发送时间: 2010-11-01  16:37:17
收件人: 黄亮
抄送: libvir-list
主题: Re: SPAM-LOW: Re: Re: Node.GetInfo error
Hi,
I think the solution is in the last patches I have send (which are not yet in the git). Have you tried the NodeInfoStructure I have sended yesterday ?
 
Arnaud

From: 黄亮
Sent: Monday, November 01, 2010 3:01 AM
Subject: SPAM-LOW: Re: Re: Node.GetInfo error

HI,
 
I tried
 
Errors.Error err = Errors.GetLastError();
MessageBox.Show(err.Message);
 
But  IDE shows compilation errors that there is no "Error" defination in "Errors", and "Errors.GetLastError()" returns int.
I made a guess that maybe it was like this:
 
Error err = Errors.SaveLastError();
MessageBox.Show("Get Info error: " + err.Message);
 
It can be compiled but "err.Message" has nothing in it.
 
Did I make a wrong assumption?
 
Regards
 
 
2010-11-01
Lancer 
发件人: arnaud.champion <at> devatom.fr
发送时间: 2010-10-31  16:48:15
收件人: 黄亮
抄送: libvir-list <at> redhat.com
主题: Re: Node.GetInfo error
Ok,
 
at first GetLastError return an Error object. So you should anything like :
 
Errors.Error err = Errors.GetLastError();
MessageBox.Show(err.Message);
 
For the NodeInfo structure, I think the problem is the same that was for DomainInfo, I'll check marshaling. Then respond you with the correct infos.
 
Arnaud
 
PS : can you also put libvirt-list <at> redhat.com in copy of your mails, to keep everyone in the loop ?

From: 黄亮
Sent: Sunday, October 31, 2010 8:20 AM
Subject: Node.GetInfo error

Hi,
 
Sorry for disturbing again. But I get error while using Node.GetInfo.
 
Code:
 
NodeInfo aNodeInfo = new NodeInfo();
if (Node.GetInfo(con, aNodeInfo) < 0)
{
//MessageBox.Show("Node Info Error");
MessageBox.Show(Errors.GetLastError().ToString());
return 0f;
}
 
I'm sure con != IntPtr.Zero. I tried to use Errors.GetLastError(), it returns int. But I don't know what to do with it.
So, any suggestions ? Thanks
 
Regards
2010-10-31
Lancer 


__________ Information from ESET Smart Security, version of virus signature database 5577 (20101030) __________

The message was checked by ESET Smart Security.

http://www.eset.com
<div>
<div>Ok,</div>
<div>&nbsp;</div>
<div>if you are under windows (like me), use 
GitExtension (<a href="http://sourceforge.net/projects/gitextensions/">http://sourceforge.net/projects/gitextensions/</a>)</div>
<div>It works, not perfect, but it works.</div>
<div>&nbsp;</div>
<div>Arnaud</div>
<div>
<div><br></div>
<div>
<div>From: <a title="lancerhuang <at> 163.com" href="mailto:lancerhuang <at> 163.com">&#40644;&#20142;</a> </div>
<div>Sent: Monday, November 01, 2010 9:52 AM</div>
<div>To: <a title="arnaud.champion <at> devatom.fr" href="mailto:arnaud.champion <at> devatom.fr">arnaud.champion <at> devatom.fr</a> </div>
<div>Subject: Re: Re: SPAM-LOW: Re: Re: Node.GetInfo 
error</div>
</div>
</div>
<div><br></div>
<div>Hi Arnaud,</div>
<div>&nbsp;</div>
<div>The NodeInfoStructure you sent to me yesterday works, 
thank you.</div>
<div>I saw your patch file, should I manually apply it to 
the source code or is there some tools I can use to automatically apply the 
changes? </div>
<div>&nbsp;</div>
<div>Regards</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>2010-11-01 </div>

<div>Lancer&nbsp;</div>
<div>&#21457;&#20214;&#20154;&#65306; <a href="mailto:arnaud.champion <at> devatom.fr">arnaud.champion <at> devatom.fr</a> 
</div>
<div>&#21457;&#36865;&#26102;&#38388;&#65306; 2010-11-01&nbsp; 16:37:17 
</div>
<div>&#25910;&#20214;&#20154;&#65306; &#40644;&#20142; </div>
<div>&#25220;&#36865;&#65306; libvir-list </div>
<div>&#20027;&#39064;&#65306; Re: SPAM-LOW: Re: Re: 
Node.GetInfo error </div>
<div></div>
<div>
<div>Hi,</div>
<div>I&nbsp;think the solution is in the last patches 
I have send (which are not yet in the git). Have you tried the NodeInfoStructure 
I have sended yesterday ?</div>
<div>&nbsp;</div>
<div>Arnaud</div>
<div>
<div><br></div>
<div>
<div>From: <a title="lancerhuang <at> 163.com" href="mailto:lancerhuang <at> 163.com">&#40644;&#20142;</a> </div>
<div>Sent: Monday, November 01, 2010 3:01 AM</div>
<div>To: <a title="arnaud.champion <at> devatom.fr" href="mailto:arnaud.champion <at> devatom.fr">arnaud.champion <at> devatom.fr</a> </div>
<div>Cc: <a title="libvir-list <at> redhat.com" href="mailto:libvir-list <at> redhat.com">libvir-list</a> </div>
<div>Subject: SPAM-LOW: Re: Re: Node.GetInfo error</div>
</div>
</div>
<div><br></div>
<div>HI,</div>
<div>&nbsp;</div>
<div>I tried </div>
<div>
<div>&nbsp;</div>
<div>Errors.Error err = 
Errors.GetLastError();</div>
<div>MessageBox.Show(err.Message);</div>
<div>&nbsp;</div>
<div>But&nbsp; IDE shows compilation errors that there 
is no "Error" defination in "Errors", and "Errors.GetLastError()" returns 
int.</div>
<div>I made a guess that maybe it was like 
this:</div>
<div>&nbsp;</div>
<div>
<div>Error&nbsp;err&nbsp;=&nbsp;Errors.SaveLastError();</div>
<div>MessageBox.Show("Get&nbsp;Info&nbsp;error:&nbsp;"&nbsp;+&nbsp;err.Message);</div>
</div>
<div>&nbsp;</div>
<div>It can be compiled but "err.Message" has nothing 
in it.</div>
<div>&nbsp;</div>
<div>Did I make a wrong assumption?</div>
<div>&nbsp;</div>
<div>Regards</div>
</div>
<div>&nbsp;</div>
<div>&nbsp;</div>
<div>2010-11-01 </div>

<div>
<span>Lancer</span>&nbsp;</div>
<div>&#21457;&#20214;&#20154;&#65306; arnaud.champion <at> devatom.fr 
</div>
<div>&#21457;&#36865;&#26102;&#38388;&#65306; 2010-10-31&nbsp; 16:48:15 
</div>
<div>&#25910;&#20214;&#20154;&#65306; &#40644;&#20142; </div>
<div>&#25220;&#36865;&#65306; libvir-list <at> redhat.com 
</div>
<div>&#20027;&#39064;&#65306; Re: Node.GetInfo error 
</div>
<div></div>
<div>
<div>Ok,</div>
<div>&nbsp;</div>
<div>at first GetLastError return an Error object. So 
you should anything like :</div>
<div>&nbsp;</div>
<div>Errors.Error err = 
Errors.GetLastError();</div>
<div>MessageBox.Show(err.Message);</div>
<div>&nbsp;</div>
<div>For the NodeInfo structure, I think the problem 
is the same that was for DomainInfo, I'll check marshaling. Then respond you 
with the correct infos.</div>
<div>&nbsp;</div>
<div>Arnaud</div>
<div>&nbsp;</div>
<div>PS : can you also put <a href="mailto:libvirt-list <at> redhat.com">libvirt-list <at> redhat.com</a> in copy of 
your mails, to keep everyone in the loop ?</div>
<div>
<div><br></div>
<div>
<div>From: <a title="lancerhuang <at> 163.com" href="mailto:lancerhuang <at> 163.com">&#40644;&#20142;</a> </div>
<div>Sent: Sunday, October 31, 2010 8:20 AM</div>
<div>To: <a title="arnaud.champion <at> devatom.fr" href="mailto:arnaud.champion <at> devatom.fr">arnaud.champion</a> </div>
<div>Subject: Node.GetInfo error</div>
</div>
</div>
<div><br></div>
<div>Hi,</div>
<div>&nbsp;</div>
<div>Sorry for disturbing again. But I get error while using Node.GetInfo.</div>
<div>&nbsp;</div>
<div>Code:</div>
<div>&nbsp;</div>
<div>
<div>NodeInfo&nbsp;aNodeInfo&nbsp;=&nbsp;new&nbsp;NodeInfo();</div>
<div>if&nbsp;(Node.GetInfo(con,&nbsp;aNodeInfo)&nbsp;&lt;&nbsp;0)</div>
<div>{</div>
<div>//MessageBox.Show("Node&nbsp;Info&nbsp;Error");</div>
<div>MessageBox.Show(Errors.GetLastError().ToString());</div>
<div>return&nbsp;0f;</div>
<div>}</div>
<div>&nbsp;</div>
<div>I'm sure con != IntPtr.Zero. I tried to use Errors.GetLastError(), it 
returns int. But I don't know what to do with it.</div>
<div>So, any suggestions ? Thanks </div>
<div>&nbsp;</div>
<div>Regards</div>
</div>
<div align="left">2010-10-31 
</div>
<div>Lancer&nbsp;</div>
<br><br>__________ Information from 
ESET Smart Security, version of virus signature database 5577 (20101030) 
__________<br><br>The message was checked by ESET Smart Security.<br><br><a href="http://www.eset.com">http://www.eset.com</a><br>
</div>
</div>
</div>
Daniel P. Berrange | 1 Nov 11:26 2010
Picon

Re: [libvirt] [PATCH] qemu: add the USB devices to the cgroup whitelist

On Sat, Oct 30, 2010 at 12:25:30AM +0200, Diego Elio Pettenò wrote:
> Add a new interface to hostusb.h to add an USB device abstraction to a
> cgroup whitelist; then use it both when attaching a new USB device and when
> adding it to the commandline so that the device can be accessed by the
> QEmu-specific cgroup.
> ---
>  src/libvirt_private.syms |    1 +
>  src/qemu/qemu_driver.c   |   36 ++++++++++++++++++++++++++++++++++++
>  src/util/hostusb.c       |    6 ++++++
>  src/util/hostusb.h       |    4 +++-
>  4 files changed, 46 insertions(+), 1 deletions(-)
> 
> diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
> index cf06256..0c6f308 100644
> --- a/src/libvirt_private.syms
> +++ b/src/libvirt_private.syms
>  <at>  <at>  -707,6 +707,7  <at>  <at>  virMutexUnlock;
>  
>  
>  # usb.h
> +usbAllowDeviceCgroup;
>  usbDeviceFileIterate;
>  usbDeviceGetBus;
>  usbDeviceGetDevno;
> diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
> index 1eea3a9..acf319e 100644
> --- a/src/qemu/qemu_driver.c
> +++ b/src/qemu/qemu_driver.c
>  <at>  <at>  -3505,6 +3505,23  <at>  <at>  static int qemuSetupCgroup(struct qemud_driver *driver,
>                                     qemuSetupChardevCgroup,
>                                     cgroup) < 0)
>              goto cleanup;
> +
> +        for (i = 0; i < vm->def->nhostdevs; i++) {
> +          virDomainHostdevDefPtr hostdev = vm->def->hostdevs[i];
> +          usbDevice *usb;
> +
> +          if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
> +            continue;
> +          if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
> +            continue;
> +
> +          if ((usb = usbFindDevice(hostdev->source.subsys.u.usb.vendor,
> +                                   hostdev->source.subsys.u.usb.product)) == NULL)
> +            goto cleanup;

This should actually use  usbGetDevice with bus+device, since the
(optional) vendor+product has already been resolved into a bus+device
ID pair.

> +          if (usbAllowDeviceCgroup(usb, cgroup) < 0)
> +            goto cleanup;
> +        }
>      }

This should call out to usbDeviceFileIterate, passing a callback
todo the cgroup relabelling.

>  
>      if ((rc = qemuCgroupControllerActive(driver, VIR_CGROUP_CONTROLLER_MEMORY))) {
>  <at>  <at>  -8454,6 +8471,25  <at>  <at>  static int qemudDomainAttachHostUsbDevice(struct qemud_driver *driver,
>          goto error;
>      }
>  
> +    if (qemuCgroupControllerActive(driver, VIR_CGROUP_CONTROLLER_DEVICES)) {
> +      virCgroupPtr cgroup = NULL;
> +      usbDevice *usb;
> +
> +      if (virCgroupForDomain(driver->cgroup, vm->def->name, &cgroup, 0) !=0 ) {
> +        qemuReportError(VIR_ERR_INTERNAL_ERROR,
> +                        _("Unable to find cgroup for %s\n"),
> +                        vm->def->name);
> +        goto error;
> +      }
> +
> +      if ((usb = usbFindDevice(hostdev->source.subsys.u.usb.vendor,
> +                               hostdev->source.subsys.u.usb.product)) == NULL)
> +        goto error;

Likewise here.

> +
> +      if (usbAllowDeviceCgroup(usb, cgroup) < 0)
> +        goto error;
> +    }

Also usbDeviceFileIterate.

> +
>      qemuDomainObjEnterMonitorWithDriver(driver, vm);
>      if (qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE)
>          ret = qemuMonitorAddDevice(priv->mon, devstr);
> diff --git a/src/util/hostusb.c b/src/util/hostusb.c
> index 2d6e414..2cbe1fb 100644
> --- a/src/util/hostusb.c
> +++ b/src/util/hostusb.c
>  <at>  <at>  -225,3 +225,9  <at>  <at>  int usbDeviceFileIterate(usbDevice *dev,
>  {
>      return (actor)(dev, dev->path, opaque);
>  }
> +
> +int usbAllowDeviceCgroup(usbDevice *dev,
> +                         virCgroupPtr group)
> +{
> +    return virCgroupAllowDevicePath(group, dev->path);
> +}

This introduces a strict coupling between the usb + cgroups
code which isn't something we want. Using the usbDeviceFileIterate
API avoids this coupling.

One general point is that the indentation in your patch is not
correct - needs to be 4 space indented rather than 2. See the
HACKING file for .emacs rules.

Regards,
Daniel
--

-- 
|: Red Hat, Engineering, London    -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org        -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

--
libvir-list mailing list
libvir-list <at> redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
Stefan Berger | 1 Nov 11:56 2010
Picon

Re: [libvirt] [PATCH] [TCK] network: create networks and check for exected results

  On 10/29/2010 11:33 AM, Eric Blake wrote:
> On 10/26/2010 05:27 PM, Stefan Berger wrote:
>>   On 10/26/2010 07:08 PM, Eric Blake wrote:
>>> Sorry for sounding so depressing; I'm very pleased to see your efforts
>>> in providing tests for the code you've written.  Even though this test
>>> is intended to be skipped on non-Linux, you still have to worry about
>>> merely parsing through the test on other platforms like Solaris, where
>>> /bin/sh won't understand the bash-isms and where /bin/bash is not
>>> guaranteed to exist.  But if we decide that requiring the presence of
>>> /bin/bash is acceptable for the TCK, then a lot of my review becomes
>>> irrelevant; but my comments about your mkstemp replacement being
>>> insecure are still applicable even in that case.
>>>
>> Ok. Well, I hope for bash then...
> IRC verdict - Dan and I are both okay with assuming /bin/bash exists.
> So, that just leaves cleaning up the temporary file management.  Would
> you like me to tackle that as an incremental diff on top of your
> original patch?
>
Yes, you can put it in on top of it. So is this an ACK now so I can push?

I just currently don't have the time to convert it into a generic shell 
script, but put that on a future todo list. Also the original nwfilter 
test should probably be converted then as well...

   Stefan

Diego Elio Pettenò | 1 Nov 12:03 2010
Picon

[libvirt] [PATCH 1/2] qemu: add the USB devices to the cgroup whitelist

Make sure that the QEmu process within the cgroup can access the device
file for the USB device that has to be connected to the virtual domain.
---
 src/qemu/qemu_driver.c |   55 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 55 insertions(+), 0 deletions(-)

diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index a7cce6a..0612e69 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
 <at>  <at>  -3434,6 +3434,25  <at>  <at>  static int qemuSetupChardevCgroup(virDomainDefPtr def,
 }

 
+static int qemuSetupHostUsbDeviceCgroup(usbDevice *dev ATTRIBUTE_UNUSED,
+                                        const char *path,
+                                        void *opaque)
+{
+    virCgroupPtr cgroup = opaque;
+    int rc;
+
+    VIR_DEBUG("Process path '%s' for USB device", path);
+    rc = virCgroupAllowDevicePath(cgroup, path);
+    if (rc != 0) {
+        virReportSystemError(-rc,
+                             _("Unable to allow device %s"),
+                             path);
+        return -1;
+    }
+
+    return 0;
+}
+
 static int qemuSetupCgroup(struct qemud_driver *driver,
                            virDomainObjPtr vm)
 {
 <at>  <at>  -3507,6 +3526,23  <at>  <at>  static int qemuSetupCgroup(struct qemud_driver *driver,
                                    qemuSetupChardevCgroup,
                                    cgroup) < 0)
             goto cleanup;
+
+        for (i = 0; i < vm->def->nhostdevs; i++) {
+            virDomainHostdevDefPtr hostdev = vm->def->hostdevs[i];
+            usbDevice *usb;
+
+            if (hostdev->mode != VIR_DOMAIN_HOSTDEV_MODE_SUBSYS)
+                continue;
+            if (hostdev->source.subsys.type != VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_USB)
+                continue;
+
+            if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus,
+                                    hostdev->source.subsys.u.usb.device)) == NULL)
+                goto cleanup;
+
+            if (usbDeviceFileIterate(usb, qemuSetupHostUsbDeviceCgroup, cgroup) < 0 )
+                goto cleanup;
+        }
     }

     if ((rc = qemuCgroupControllerActive(driver, VIR_CGROUP_CONTROLLER_MEMORY))) {
 <at>  <at>  -8511,6 +8547,25  <at>  <at>  static int qemudDomainAttachHostUsbDevice(struct qemud_driver *driver,
         goto error;
     }

+    if (qemuCgroupControllerActive(driver, VIR_CGROUP_CONTROLLER_DEVICES)) {
+        virCgroupPtr cgroup = NULL;
+        usbDevice *usb;
+
+        if (virCgroupForDomain(driver->cgroup, vm->def->name, &cgroup, 0) !=0 ) {
+            qemuReportError(VIR_ERR_INTERNAL_ERROR,
+                            _("Unable to find cgroup for %s\n"),
+                            vm->def->name);
+            goto error;
+        }
+
+        if ((usb = usbGetDevice(hostdev->source.subsys.u.usb.bus,
+                                hostdev->source.subsys.u.usb.device)) == NULL)
+            goto error;
+
+        if (usbDeviceFileIterate(usb, qemuSetupHostUsbDeviceCgroup, cgroup) < 0 )
+            goto error;
+    }
+
     qemuDomainObjEnterMonitorWithDriver(driver, vm);
     if (qemuCmdFlags & QEMUD_CMD_FLAG_DEVICE)
         ret = qemuMonitorAddDevice(priv->mon, devstr);
--

-- 
1.7.3.2

Stefan Berger | 1 Nov 12:16 2010
Picon

[libvirt] [PATCH v3] bye to close(), welcome to VIR_(FORCE_)CLOSE()

Now that 0.8.5 is out, here is another posting of this big cleanup patch.

If there are some dubious hunks in it, please let me know and I'd rather cut them out and we fix them with in separate patches...

There were some problems with Eric's suggested cfg.mk extension (showing contents of error messages with 'close' as text), so I could not add the 'sc_avoid_close' to it.

I again put the diff of tree+v3 against tree+v1 to the end of the patch. I forward-ported V1 for that.


V3:
  - reaction to Daniel's comments on V2

V2:
  - forgot to convert close ( occurrences (with whitespace)
  - following Eric's and Laine's comments

Using automated replacement with sed and editing I have now replaced all
occurrences of close() with VIR_(FORCE_)CLOSE() except for one, of
course. Some replacements were straight forward, others I needed to pay
attention. I hope I payed attention in all the right places... Please
have a look. This should have at least solved one more double-close
error.

Signed-off-by: Stefan Berger <stefanB <at> us.ibm.com>




---
 daemon/libvirtd.c                         |   48 ++++++---------
 proxy/libvirt_proxy.c                     |   16 ++---
 src/libvirt.c                             |   10 +--
 src/lxc/lxc_container.c                   |   13 ++--
 src/lxc/lxc_controller.c                  |   27 +++-----
 src/lxc/lxc_driver.c                      |   27 +++-----
 src/node_device/node_device_linux_sysfs.c |    5 -
 src/nwfilter/nwfilter_ebiptables_driver.c |    8 +-
 src/openvz/openvz_conf.c                  |   35 ++++-------
 src/openvz/openvz_driver.c                |    3 
 src/phyp/phyp_driver.c                    |   21 ++++--
 src/qemu/qemu_conf.c                      |   30 ++++-----
 src/qemu/qemu_driver.c                    |   94 ++++++++++++------------------
 src/qemu/qemu_monitor.c                   |    3 
 src/remote/remote_driver.c                |   34 ++++------
 src/secret/secret_driver.c                |   12 +--
 src/security/security_apparmor.c          |    9 +-
 src/security/security_selinux.c           |    9 +-
 src/security/virt-aa-helper.c             |    9 +-
 src/storage/storage_backend.c             |   27 +++-----
 src/storage/storage_backend_fs.c          |   11 +--
 src/storage/storage_backend_iscsi.c       |    5 -
 src/storage/storage_backend_mpath.c       |    5 -
 src/storage/storage_backend_scsi.c        |    8 +-
 src/storage/storage_driver.c              |    5 -
 src/test/test_driver.c                    |   20 ++----
 src/uml/uml_conf.c                        |    3 
 src/uml/uml_driver.c                      |   24 +++----
 src/util/bridge.c                         |   14 ++--
 src/util/conf.c                           |    3 
 src/util/hooks.c                          |   22 +++----
 src/util/interface.c                      |   12 +--
 src/util/logging.c                        |    6 -
 src/util/macvtap.c                        |   15 +---
 src/util/pci.c                            |    6 -
 src/util/storage_file.c                   |    5 -
 src/util/util.c                           |   71 ++++++++++------------
 src/util/uuid.c                           |    9 +-
 src/util/virtaudit.c                      |    3 
 src/xen/proxy_internal.c                  |   14 ++--
 src/xen/xen_hypervisor.c                  |   12 +--
 src/xen/xen_inotify.c                     |    3 
 src/xen/xend_internal.c                   |   17 ++---
 tests/testutils.c                         |   19 +++---
 tools/console.c                           |    3 
 45 files changed, 352 insertions(+), 403 deletions(-)

Index: libvirt-acl/src/libvirt.c
===================================================================
--- libvirt-acl.orig/src/libvirt.c
+++ libvirt-acl/src/libvirt.c
 <at>  <at>  -10794,7 +10794,7  <at>  <at>  virStreamRef(virStreamPtr stream)
  *      ... report an error ....
  * done:
  *   virStreamFree(st);
- *   close(fd);
+ *   VIR_FORCE_CLOSE(fd);
  *
  * Returns the number of bytes written, which may be less
  * than requested.
 <at>  <at>  -10884,8 +10884,8  <at>  <at>  error:
  *      ... report an error ....
  * done:
  *   virStreamFree(st);
- *   close(fd);
- *
+ *   if (VIR_CLOSE(fd) < 0)
+ *       virReportSystemError(errno, "%s", _("failed to close file"));
  *
  * Returns the number of bytes read, which may be less
  * than requested.
 <at>  <at>  -10964,7 +10964,7  <at>  <at>  error:
  *   if (virStreamFinish(st) < 0)
  *      ...report an error...
  *   virStreamFree(st);
- *   close(fd);
+ *   VIR_FORCE_CLOSE(fd);
  *
  * Returns 0 if all the data was successfully sent. The caller
  * should invoke virStreamFinish(st) to flush the stream upon
 <at>  <at>  -11061,7 +11061,7  <at>  <at>  cleanup:
  *   if (virStreamFinish(st) < 0)
  *      ...report an error...
  *   virStreamFree(st);
- *   close(fd);
+ *   VIR_FORCE_CLOSE(fd);
  *
  * Returns 0 if all the data was successfully received. The caller
  * should invoke virStreamFinish(st) to flush the stream upon
Index: libvirt-acl/src/lxc/lxc_container.c
===================================================================
--- libvirt-acl.orig/src/lxc/lxc_container.c
+++ libvirt-acl/src/lxc/lxc_container.c
 <at>  <at>  -52,6 +52,7  <at>  <at> 
 #include "util.h"
 #include "memory.h"
 #include "veth.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_LXC
 
 <at>  <at>  -145,8 +146,10  <at>  <at>  static int lxcContainerSetStdio(int cont
      * close all FDs before executing the container */
     open_max = sysconf (_SC_OPEN_MAX);
     for (i = 0; i < open_max; i++)
-        if (i != ttyfd && i != control)
-            close(i);
+        if (i != ttyfd && i != control) {
+            int tmpfd = i;
+            VIR_FORCE_CLOSE(tmpfd);
+        }
 
     if (dup2(ttyfd, 0) < 0) {
         virReportSystemError(errno, "%s",
 <at>  <at>  -222,7 +225,7  <at>  <at>  static int lxcContainerWaitForContinue(i
                              _("Failed to read the container continue message"));
         return -1;
     }
-    close(control);
+    VIR_FORCE_CLOSE(control);
 
     DEBUG0("Received container continue message");
 
 <at>  <at>  -776,10 +779,10  <at>  <at>  static int lxcContainerChild( void *data
     VIR_FREE(ttyPath);
 
     if (lxcContainerSetStdio(argv->monitor, ttyfd) < 0) {
-        close(ttyfd);
+        VIR_FORCE_CLOSE(ttyfd);
         return -1;
     }
-    close(ttyfd);
+    VIR_FORCE_CLOSE(ttyfd);
 
     if (lxcContainerSetupMounts(vmDef, root) < 0)
         return -1;
Index: libvirt-acl/src/lxc/lxc_controller.c
===================================================================
--- libvirt-acl.orig/src/lxc/lxc_controller.c
+++ libvirt-acl/src/lxc/lxc_controller.c
 <at>  <at>  -48,6 +48,7  <at>  <at> 
 #include "veth.h"
 #include "memory.h"
 #include "util.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_LXC
 
 <at>  <at>  -233,8 +234,7  <at>  <at>  static int lxcMonitorServer(const char *
     return fd;
 
 error:
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     return -1;
 }
 
 <at>  <at>  -409,7 +409,7  <at>  <at>  static int lxcControllerMain(int monitor
                     goto cleanup;
                 }
                 if (client != -1) { /* Already connected, so kick new one out */
-                    close(fd);
+                    VIR_FORCE_CLOSE(fd);
                     continue;
                 }
                 client = fd;
 <at>  <at>  -426,8 +426,7  <at>  <at>  static int lxcControllerMain(int monitor
                                          _("epoll_ctl(client) failed"));
                     goto cleanup;
                 }
-                close(client);
-                client = -1;
+                VIR_FORCE_CLOSE(client);
             } else {
                 if (epollEvent.events & EPOLLIN) {
                     curFdOff = epollEvent.data.fd == appPty ? 0 : 1;
 <at>  <at>  -485,9 +484,9  <at>  <at>  static int lxcControllerMain(int monitor
     rc = 0;
 
 cleanup:
-    close(appPty);
-    close(contPty);
-    close(epollFd);
+    VIR_FORCE_CLOSE(appPty);
+    VIR_FORCE_CLOSE(contPty);
+    VIR_FORCE_CLOSE(epollFd);
     return rc;
 }
 
 <at>  <at>  -660,8 +659,7  <at>  <at>  lxcControllerRun(virDomainDefPtr def,
                                        control[1],
                                        containerPtyPath)) < 0)
         goto cleanup;
-    close(control[1]);
-    control[1] = -1;
+    VIR_FORCE_CLOSE(control[1]);
 
     if (lxcControllerMoveInterfaces(nveths, veths, container) < 0)
         goto cleanup;
 <at>  <at>  -679,13 +677,10  <at>  <at>  lxcControllerRun(virDomainDefPtr def,
 cleanup:
     VIR_FREE(devptmx);
     VIR_FREE(devpts);
-    if (control[0] != -1)
-        close(control[0]);
-    if (control[1] != -1)
-        close(control[1]);
+    VIR_FORCE_CLOSE(control[0]);
+    VIR_FORCE_CLOSE(control[1]);
     VIR_FREE(containerPtyPath);
-    if (containerPty != -1)
-        close(containerPty);
+    VIR_FORCE_CLOSE(containerPty);
 
     if (container > 1) {
         int status;
Index: libvirt-acl/src/lxc/lxc_driver.c
===================================================================
--- libvirt-acl.orig/src/lxc/lxc_driver.c
+++ libvirt-acl/src/lxc/lxc_driver.c
 <at>  <at>  -51,6 +51,7  <at>  <at> 
 #include "uuid.h"
 #include "stats_linux.h"
 #include "hooks.h"
+#include "files.h"
 
 
 #define VIR_FROM_THIS VIR_FROM_LXC
 <at>  <at>  -974,7 +975,7  <at>  <at>  static int lxcVmCleanup(lxc_driver_t *dr
     }
 
     virEventRemoveHandle(priv->monitorWatch);
-    close(priv->monitor);
+    VIR_FORCE_CLOSE(priv->monitor);
 
     virFileDeletePid(driver->stateDir, vm->def->name);
     virDomainDeleteConfig(driver->stateDir, NULL, vm);
 <at>  <at>  -1156,8 +1157,7  <at>  <at>  static int lxcMonitorClient(lxc_driver_t
 
 error:
     VIR_FREE(sockpath);
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     return -1;
 }
 
 <at>  <at>  -1539,19 +1539,18  <at>  <at>  static int lxcVmStart(virConnectPtr conn
     rc = 0;
 
 cleanup:
+    if (VIR_CLOSE(logfd) < 0) {
+        virReportSystemError(errno, "%s", _("could not close logfile"));
+        rc = -1;
+    }
     for (i = 0 ; i < nveths ; i++) {
         if (rc != 0)
             vethDelete(veths[i]);
         VIR_FREE(veths[i]);
     }
-    if (rc != 0 && priv->monitor != -1) {
-        close(priv->monitor);
-        priv->monitor = -1;
-    }
-    if (parentTty != -1)
-        close(parentTty);
-    if (logfd != -1)
-        close(logfd);
+    if (rc != 0)
+        VIR_FORCE_CLOSE(priv->monitor);
+    VIR_FORCE_CLOSE(parentTty);
     VIR_FREE(logfile);
     return rc;
 }
 <at>  <at>  -2011,8 +2010,7  <at>  <at>  lxcReconnectVM(void *payload, const char
 
     /* Read pid from controller */
     if ((virFileReadPid(lxc_driver->stateDir, vm->def->name, &vm->pid)) != 0) {
-        close(priv->monitor);
-        priv->monitor = -1;
+        VIR_FORCE_CLOSE(priv->monitor);
         goto cleanup;
     }
 
 <at>  <at>  -2042,8 +2040,7  <at>  <at>  lxcReconnectVM(void *payload, const char
         }
     } else {
         vm->def->id = -1;
-        close(priv->monitor);
-        priv->monitor = -1;
+        VIR_FORCE_CLOSE(priv->monitor);
     }
 
 cleanup:
Index: libvirt-acl/src/node_device/node_device_linux_sysfs.c
===================================================================
--- libvirt-acl.orig/src/node_device/node_device_linux_sysfs.c
+++ libvirt-acl/src/node_device/node_device_linux_sysfs.c
 <at>  <at>  -31,6 +31,7  <at>  <at> 
 #include "virterror_internal.h"
 #include "memory.h"
 #include "logging.h"
+#include "files.h"
 #include <dirent.h>
 
 #define VIR_FROM_THIS VIR_FROM_NODEDEV
 <at>  <at>  -104,9 +105,7  <at>  <at>  int read_wwn_linux(int host, const char 
     }
 
 out:
-    if (fd != -1) {
-        close(fd);
-    }
+    VIR_FORCE_CLOSE(fd);
     return retval;
 }
 
Index: libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
===================================================================
--- libvirt-acl.orig/src/nwfilter/nwfilter_ebiptables_driver.c
+++ libvirt-acl/src/nwfilter/nwfilter_ebiptables_driver.c
 <at>  <at>  -37,6 +37,7  <at>  <at> 
 #include "nwfilter_conf.h"
 #include "nwfilter_gentech_driver.h"
 #include "nwfilter_ebiptables_driver.h"
+#include "files.h"
 
 
 #define VIR_FROM_THIS VIR_FROM_NWFILTER
 <at>  <at>  -2493,13 +2494,12  <at>  <at>  ebiptablesWriteToTempFile(const char *st
     }
 
     VIR_FREE(header);
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     return filnam;
 
 err_exit:
     VIR_FREE(header);
-    if (fd >= 0)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     unlink(filename);
     return NULL;
 }
 <at>  <at>  -3259,7 +3259,7  <at>  <at>  iptablesCheckBridgeNFCallEnabled(bool is
                         lastReport = now;
                 }
             }
-            close(fd);
+            VIR_FORCE_CLOSE(fd);
         }
     }
 }
Index: libvirt-acl/src/openvz/openvz_conf.c
===================================================================
--- libvirt-acl.orig/src/openvz/openvz_conf.c
+++ libvirt-acl/src/openvz/openvz_conf.c
 <at>  <at>  -50,6 +50,7  <at>  <at> 
 #include "memory.h"
 #include "util.h"
 #include "nodeinfo.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_OPENVZ
 
 <at>  <at>  -109,7 +110,7  <at>  <at>  openvzExtractVersionInfo(const char *cmd
 
 cleanup2:
     VIR_FREE(help);
-    if (close(newstdout) < 0)
+    if (VIR_CLOSE(newstdout) < 0)
         ret = -1;
 
 rewait:
 <at>  <at>  -569,7 +570,7  <at>  <at>  openvzWriteConfigParam(const char * conf
         goto error;
     temp_fd = open(temp_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
     if (temp_fd == -1) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         goto error;
     }
 
 <at>  <at>  -590,12 +591,10  <at>  <at>  openvzWriteConfigParam(const char * conf
         safewrite(temp_fd, "\"\n", 2) < 0)
         goto error;
 
-    if (close(fd) < 0)
+    if (VIR_CLOSE(fd) < 0)
         goto error;
-    fd = -1;
-    if (close(temp_fd) < 0)
+    if (VIR_CLOSE(temp_fd) < 0)
         goto error;
-    temp_fd = -1;
 
     if (rename(temp_file, conf_file) < 0)
         goto error;
 <at>  <at>  -603,10 +602,8  <at>  <at>  openvzWriteConfigParam(const char * conf
     return 0;
 
 error:
-    if (fd != -1)
-        close(fd);
-    if (temp_fd != -1)
-        close(temp_fd);
+    VIR_FORCE_CLOSE(fd);
+    VIR_FORCE_CLOSE(temp_fd);
     if (temp_file)
         unlink(temp_file);
     VIR_FREE(temp_file);
 <at>  <at>  -662,7 +659,7  <at>  <at>  openvzReadConfigParam(const char * conf_
             }
        }
     }
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     if (ret == 0 && found)
         ret = 1;
 <at>  <at>  -703,7 +700,7  <at>  <at>  openvz_copyfile(char* from_path, char* t
         return -1;
     copy_fd = open(to_path, O_WRONLY | O_CREAT | O_TRUNC, 0644);
     if (copy_fd == -1) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
 
 <at>  <at>  -716,19 +713,16  <at>  <at>  openvz_copyfile(char* from_path, char* t
             goto error;
     }
 
-    if (close(fd) < 0)
+    if (VIR_CLOSE(fd) < 0)
         goto error;
-    fd = -1;
-    if (close(copy_fd) < 0)
+    if (VIR_CLOSE(copy_fd) < 0)
         goto error;
 
     return 0;
 
 error:
-    if (fd != -1)
-        close(fd);
-    if (copy_fd != -1)
-        close(copy_fd);
+    VIR_FORCE_CLOSE(fd);
+    VIR_FORCE_CLOSE(copy_fd);
     return -1;
 }
 
 <at>  <at>  -880,8 +874,7  <at>  <at>  openvzGetVPSUUID(int vpsid, char *uuidst
     }
     retval = 0;
 cleanup:
-    if (fd >= 0)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     VIR_FREE(conf_file);
 
     return retval;
Index: libvirt-acl/src/openvz/openvz_driver.c
===================================================================
--- libvirt-acl.orig/src/openvz/openvz_driver.c
+++ libvirt-acl/src/openvz/openvz_driver.c
 <at>  <at>  -57,6 +57,7  <at>  <at> 
 #include "nodeinfo.h"
 #include "memory.h"
 #include "bridge.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_OPENVZ
 
 <at>  <at>  -1540,7 +1541,7  <at>  <at>  Version: 2.2
         }
     }
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     if (ret < 0)
         return -1;
 
Index: libvirt-acl/src/phyp/phyp_driver.c
===================================================================
--- libvirt-acl.orig/src/phyp/phyp_driver.c
+++ libvirt-acl/src/phyp/phyp_driver.c
 <at>  <at>  -58,6 +58,7  <at>  <at> 
 #include "domain_conf.h"
 #include "storage_conf.h"
 #include "nodeinfo.h"
+#include "files.h"
 
 #include "phyp_driver.h"
 
 <at>  <at>  -457,11 +458,15  <at>  <at>  phypUUIDTable_WriteFile(virConnectPtr co
         }
     }
 
-    close(fd);
+    if (VIR_CLOSE(fd) < 0) {
+        virReportSystemError(errno, _("Could not close %s\n"),
+                             local_file);
+        goto err;
+    }
     return 0;
 
   err:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     return -1;
 }
 
 <at>  <at>  -672,11 +677,11  <at>  <at>  phypUUIDTable_ReadFile(virConnectPtr con
     } else
         virReportOOMError();
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     return 0;
 
   err:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     return -1;
 }
 
 <at>  <at>  -764,7 +769,11  <at>  <at>  phypUUIDTable_Pull(virConnectPtr conn)
         }
         break;
     }
-    close(fd);
+    if (VIR_CLOSE(fd) < 0) {
+        virReportSystemError(errno, _("Could not close %s\n"),
+                             local_file);
+        goto err;
+    }
     goto exit;
 
   exit:
 <at>  <at>  -1001,7 +1010,7  <at>  <at>  openSSHSession(virConnectPtr conn, virCo
             if (connect(sock, cur->ai_addr, cur->ai_addrlen) == 0) {
                 goto connected;
             }
-            close(sock);
+            VIR_FORCE_CLOSE(sock);
         }
         cur = cur->ai_next;
     }
Index: libvirt-acl/src/qemu/qemu_conf.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_conf.c
+++ libvirt-acl/src/qemu/qemu_conf.c
 <at>  <at>  -55,6 +55,7  <at>  <at> 
 #include "macvtap.h"
 #include "cpu/cpu.h"
 #include "domain_nwfilter.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_QEMU
 
 <at>  <at>  -541,7 +542,7  <at>  <at>  qemudProbeMachineTypes(const char *binar
 cleanup2:
     VIR_FREE(output);
 cleanup:
-    if (close(newstdout) < 0)
+    if (VIR_CLOSE(newstdout) < 0)
         ret = -1;
 
 rewait:
 <at>  <at>  -791,7 +792,7  <at>  <at>  qemudProbeCPUModels(const char *qemu,
 
 cleanup:
     VIR_FREE(output);
-    if (close(newstdout) < 0)
+    if (VIR_CLOSE(newstdout) < 0)
         ret = -1;
 
 rewait:
 <at>  <at>  -1440,7 +1441,7  <at>  <at>  static void qemudParsePCIDeviceStrs(cons
 
 cleanup:
     VIR_FREE(pciassign);
-    close(newstderr);
+    VIR_FORCE_CLOSE(newstderr);
 rewait:
     if (waitpid(child, &status, 0) != child) {
         if (errno == EINTR)
 <at>  <at>  -1500,7 +1501,7  <at>  <at>  int qemudExtractVersionInfo(const char *
 
 cleanup2:
     VIR_FREE(help);
-    if (close(newstdout) < 0)
+    if (VIR_CLOSE(newstdout) < 0)
         ret = -1;
 
 rewait:
 <at>  <at>  -1615,8 +1616,7  <at>  <at>  qemudPhysIfaceConnect(virConnectPtr conn
         if ((net->filter) && (net->ifname)) {
             err = virDomainConfNWFilterInstantiate(conn, net);
             if (err) {
-                close(rc);
-                rc = -1;
+                VIR_FORCE_CLOSE(rc);
                 delMacvtap(net->ifname, net->mac, net->data.direct.linkdev,
                            &net->data.direct.virtPortProfile);
                 VIR_FREE(net->ifname);
 <at>  <at>  -1761,10 +1761,8  <at>  <at>  qemudNetworkIfaceConnect(virConnectPtr c
     if (tapfd >= 0) {
         if ((net->filter) && (net->ifname)) {
             err = virDomainConfNWFilterInstantiate(conn, net);
-            if (err) {
-                close(tapfd);
-                tapfd = -1;
-            }
+            if (err)
+                VIR_FORCE_CLOSE(tapfd);
         }
     }
 
 <at>  <at>  -4576,7 +4574,7  <at>  <at>  int qemudBuildCommandLine(virConnectPtr 
 
                 if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
                     virDomainConfNWFilterTeardown(net);
-                    close(tapfd);
+                    VIR_FORCE_CLOSE(tapfd);
                     goto no_memory;
                 }
 
 <at>  <at>  -4595,7 +4593,7  <at>  <at>  int qemudBuildCommandLine(virConnectPtr 
 
                 if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
                     virDomainConfNWFilterTeardown(net);
-                    close(tapfd);
+                    VIR_FORCE_CLOSE(tapfd);
                     goto no_memory;
                 }
 
 <at>  <at>  -4615,7 +4613,7  <at>  <at>  int qemudBuildCommandLine(virConnectPtr 
                 int vhostfd = qemudOpenVhostNet(net, qemuCmdFlags);
                 if (vhostfd >= 0) {
                     if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
-                        close(vhostfd);
+                        VIR_FORCE_CLOSE(vhostfd);
                         goto no_memory;
                     }
 
 <at>  <at>  -5115,14 +5113,14  <at>  <at>  int qemudBuildCommandLine(virConnectPtr 
 
                     if (configfd >= 0) {
                         if (virAsprintf(&configfd_name, "%d", configfd) < 0) {
-                            close(configfd);
+                            VIR_FORCE_CLOSE(configfd);
                             virReportOOMError();
                             goto no_memory;
                         }
 
                         if (VIR_REALLOC_N(*vmfds, (*nvmfds)+1) < 0) {
                             VIR_FREE(configfd_name);
-                            close(configfd);
+                            VIR_FORCE_CLOSE(configfd);
                             goto no_memory;
                         }
 
 <at>  <at>  -5215,7 +5213,7  <at>  <at>  int qemudBuildCommandLine(virConnectPtr 
     if (vmfds &&
         *vmfds) {
         for (i = 0; i < *nvmfds; i++)
-            close((*vmfds)[i]);
+            VIR_FORCE_CLOSE((*vmfds)[i]);
         VIR_FREE(*vmfds);
         *nvmfds = 0;
     }
Index: libvirt-acl/src/qemu/qemu_driver.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_driver.c
+++ libvirt-acl/src/qemu/qemu_driver.c
 <at>  <at>  -81,6 +81,7  <at>  <at> 
 #include "hooks.h"
 #include "storage_file.h"
 #include "virtaudit.h"
+#include "files.h"
 
 
 #define VIR_FROM_THIS VIR_FROM_QEMU
 <at>  <at>  -767,7 +768,7  <at>  <at>  qemudLogFD(struct qemud_driver *driver, 
     if (virSetCloseExec(fd) < 0) {
         virReportSystemError(errno, "%s",
                              _("Unable to set VM logfile close-on-exec flag"));
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
     return fd;
 <at>  <at>  -799,14 +800,14  <at>  <at>  qemudLogReadFD(const char* logDir, const
     if (virSetCloseExec(fd) < 0) {
         virReportSystemError(errno, "%s",
                              _("Unable to set VM logfile close-on-exec flag"));
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
     if (pos < 0 || lseek(fd, pos, SEEK_SET) < 0) {
-      virReportSystemError(pos < 0 ? 0 : errno,
+        virReportSystemError(pos < 0 ? 0 : errno,
                              _("Unable to seek to %lld in %s"),
                              (long long) pos, logfile);
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
     }
     return fd;
 }
 <at>  <at>  -2394,7 +2395,7  <at>  <at>  cleanup:
     }
 
 closelog:
-    if (close(logfd) < 0) {
+    if (VIR_CLOSE(logfd) < 0) {
         char ebuf[4096];
         VIR_WARN("Unable to close logfile: %s",
                  virStrerror(errno, ebuf, sizeof ebuf));
 <at>  <at>  -2973,13 +2974,13  <at>  <at>  static int qemudNextFreeVNCPort(struct q
             return -1;
 
         if (setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (void*)&reuse, sizeof(reuse)) < 0) {
-            close(fd);
+            VIR_FORCE_CLOSE(fd);
             break;
         }
 
         if (bind(fd, (struct sockaddr*)&addr, sizeof(addr)) == 0) {
             /* Not in use, lets grab it */
-            close(fd);
+            VIR_FORCE_CLOSE(fd);
             /* Add port to bitmap of reserved ports */
             if (virBitmapSetBit(driver->reservedVNCPorts,
                                 i - QEMU_VNC_PORT_MIN) < 0) {
 <at>  <at>  -2988,7 +2989,7  <at>  <at>  static int qemudNextFreeVNCPort(struct q
             }
             return i;
         }
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
 
         if (errno == EADDRINUSE) {
             /* In use, try next */
 <at>  <at>  -3240,7 +3241,7  <at>  <at>  qemuPrepareChardevDevice(virDomainDefPtr
         return -1;
     }
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return 0;
 }
 <at>  <at>  -4098,7 +4099,7  <at>  <at>  static int qemudStartVMDaemon(virConnect
 
     if (vmfds) {
         for (i = 0 ; i < nvmfds ; i++) {
-            close(vmfds[i]);
+            VIR_FORCE_CLOSE(vmfds[i]);
         }
         VIR_FREE(vmfds);
     }
 <at>  <at>  -4151,8 +4152,7  <at>  <at>  static int qemudStartVMDaemon(virConnect
     if (virDomainSaveStatus(driver->caps, driver->stateDir, vm) < 0)
         goto cleanup;
 
-    if (logfile != -1)
-        close(logfile);
+    VIR_FORCE_CLOSE(logfile);
 
     return 0;
 
 <at>  <at>  -4162,8 +4162,7  <at>  <at>  cleanup:
      * pretend we never started it */
     qemudShutdownVMDaemon(driver, vm, 0);
 
-    if (logfile != -1)
-        close(logfile);
+    VIR_FORCE_CLOSE(logfile);
 
     return -1;
 }
 <at>  <at>  -4438,7 +4437,7  <at>  <at>  static int kvmGetMaxVCPUs(void) {
     if (r > 0)
         maxvcpus = r;
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     return maxvcpus;
 }
 
 <at>  <at>  -5543,10 +5542,10  <at>  <at>  static int qemudDomainSaveFlag(struct qe
             goto endjob;
         }
         if (qemudDomainSaveFileOpHook(fd, &hdata) < 0) {
-            close(fd);
+            VIR_FORCE_CLOSE(fd);
             goto endjob;
         }
-        if (close(fd) < 0) {
+        if (VIR_CLOSE(fd) < 0) {
             virReportSystemError(errno, _("unable to close %s"), path);
             goto endjob;
         }
 <at>  <at>  -5982,7 +5981,7  <at>  <at>  static int qemudDomainCoreDump(virDomain
         goto endjob;
     }
 
-    if (close(fd) < 0) {
+    if (VIR_CLOSE(fd) < 0) {
         virReportSystemError(errno,
                              _("unable to save file %s"),
                              path);
 <at>  <at>  -6627,8 +6626,7  <at>  <at>  static int qemudOpenAsUID(const char *pa
         /* parent */
 
         /* parent doesn't need the write side of the pipe */
-        close(pipefd[1]);
-        pipefd[1] = -1;
+        VIR_FORCE_CLOSE(pipefd[1]);
 
         if (forkRet < 0) {
             virReportSystemError(errno,
 <at>  <at>  -6640,10 +6638,8  <at>  <at>  static int qemudOpenAsUID(const char *pa
         fd = pipefd[0];
         pipefd[0] = -1;
 parent_cleanup:
-        if (pipefd[0] != -1)
-            close(pipefd[0]);
-        if (pipefd[1] != -1)
-            close(pipefd[1]);
+        VIR_FORCE_CLOSE(pipefd[0]);
+        VIR_FORCE_CLOSE(pipefd[1]);
         if ((fd < 0) && (*child_pid > 0)) {
             /* a child process was started and subsequently an error
                occurred in the parent, so we need to wait for it to
 <at>  <at>  -6669,7 +6665,7  <at>  <at>  parent_cleanup:
     struct passwd pwd, *pwd_result;
 
     /* child doesn't need the read side of the pipe */
-    close(pipefd[0]);
+    VIR_FORCE_CLOSE(pipefd[0]);
 
     if (forkRet < 0) {
         exit_code = errno;
 <at>  <at>  -6734,10 +6730,8  <at>  <at>  parent_cleanup:
 
 child_cleanup:
     VIR_FREE(buf);
-    if (fd != -1)
-        close(fd);
-    if (pipefd[1] != -1)
-        close(pipefd[1]);
+    VIR_FORCE_CLOSE(fd);
+    VIR_FORCE_CLOSE(pipefd[1]);
     _exit(exit_code);
 }
 
 <at>  <at>  -6745,8 +6739,10  <at>  <at>  static int qemudDomainSaveImageClose(int
 {
     int ret = 0;
 
-    if (fd != -1)
-        close(fd);
+    if (VIR_CLOSE(fd) < 0) {
+        virReportSystemError(errno, "%s",
+                             _("cannot close file"));
+    }
 
     if (read_pid != -1) {
         /* reap the process that read the file */
 <at>  <at>  -6902,8 +6898,7  <at>  <at>  qemudDomainSaveImageStartVM(virConnectPt
             /* empty */
         }
     }
-    if (intermediatefd != -1)
-        close(intermediatefd);
+    VIR_FORCE_CLOSE(intermediatefd);
 
     wait_ret = qemudDomainSaveImageClose(fd, read_pid, &status);
     fd = -1;
 <at>  <at>  -8282,9 +8277,7  <at>  <at>  static int qemudDomainAttachNetDevice(vi
     }
     qemuDomainObjExitMonitorWithDriver(driver, vm);
 
-    if (tapfd != -1)
-        close(tapfd);
-    tapfd = -1;
+    VIR_FORCE_CLOSE(tapfd);
 
     if (!virDomainObjIsActive(vm)) {
         qemuReportError(VIR_ERR_INTERNAL_ERROR, "%s",
 <at>  <at>  -8338,8 +8331,7  <at>  <at>  cleanup:
     VIR_FREE(nicstr);
     VIR_FREE(netstr);
     VIR_FREE(tapfd_name);
-    if (tapfd != -1)
-        close(tapfd);
+    VIR_FORCE_CLOSE(tapfd);
 
     return ret;
 
 <at>  <at>  -8468,8 +8460,7  <at>  <at>  static int qemudDomainAttachHostPciDevic
 
     VIR_FREE(devstr);
     VIR_FREE(configfd_name);
-    if (configfd >= 0)
-        close(configfd);
+    VIR_FORCE_CLOSE(configfd);
 
     return 0;
 
 <at>  <at>  -8483,8 +8474,7  <at>  <at>  error:
 
     VIR_FREE(devstr);
     VIR_FREE(configfd_name);
-    if (configfd >= 0)
-        close(configfd);
+    VIR_FORCE_CLOSE(configfd);
 
     return -1;
 }
 <at>  <at>  -10346,8 +10336,7  <at>  <at>  qemudDomainBlockPeek (virDomainPtr dom,
     }
 
 cleanup:
-    if (fd >= 0)
-        close (fd);
+    VIR_FORCE_CLOSE(fd);
     if (vm)
         virDomainObjUnlock(vm);
     return ret;
 <at>  <at>  -10434,7 +10423,7  <at>  <at>  endjob:
 
 cleanup:
     VIR_FREE(tmp);
-    if (fd >= 0) close (fd);
+    VIR_FORCE_CLOSE(fd);
     unlink (tmp);
     if (vm)
         virDomainObjUnlock(vm);
 <at>  <at>  -10590,8 +10579,7  <at>  <at>  static int qemuDomainGetBlockInfo(virDom
     }
 
 cleanup:
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     if (vm)
         virDomainObjUnlock(vm);
     return ret;
 <at>  <at>  -10906,8 +10894,7  <at>  <at>  cleanup:
 
 static void qemuStreamMigFree(struct qemuStreamMigFile *qemust)
 {
-    if (qemust->fd != -1)
-        close(qemust->fd);
+    VIR_FORCE_CLOSE(qemust->fd);
     VIR_FREE(qemust);
 }
 
 <at>  <at>  -11748,10 +11735,8  <at>  <at>  finish:
     qemuDomainObjExitRemoteWithDriver(driver, vm);
 
 cleanup:
-    if (client_sock != -1)
-        close(client_sock);
-    if (qemu_sock != -1)
-        close(qemu_sock);
+    VIR_FORCE_CLOSE(client_sock);
+    VIR_FORCE_CLOSE(qemu_sock);
 
     if (ddomain)
         virUnrefDomain(ddomain);
 <at>  <at>  -12532,8 +12517,7  <at>  <at>  cleanup:
     VIR_FREE(snapFile);
     VIR_FREE(snapDir);
     VIR_FREE(newxml);
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     return ret;
 }
 
Index: libvirt-acl/src/qemu/qemu_monitor.c
===================================================================
--- libvirt-acl.orig/src/qemu/qemu_monitor.c
+++ libvirt-acl/src/qemu/qemu_monitor.c
 <at>  <at>  -36,6 +36,7  <at>  <at> 
 #include "virterror_internal.h"
 #include "memory.h"
 #include "logging.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_QEMU
 
 <at>  <at>  -283,7 +284,7  <at>  <at>  qemuMonitorOpenUnix(const char *monitor)
     return monfd;
 
 error:
-    close(monfd);
+    VIR_FORCE_CLOSE(monfd);
     return -1;
 }
 
Index: libvirt-acl/src/remote/remote_driver.c
===================================================================
--- libvirt-acl.orig/src/remote/remote_driver.c
+++ libvirt-acl/src/remote/remote_driver.c
 <at>  <at>  -82,6 +82,7  <at>  <at> 
 #include "util.h"
 #include "event.h"
 #include "ignore-value.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_REMOTE
 
 <at>  <at>  -621,7 +622,7  <at>  <at>  doRemoteOpen (virConnectPtr conn,
 
             if (connect (priv->sock, r->ai_addr, r->ai_addrlen) == -1) {
                 saved_errno = errno;
-                close (priv->sock);
+                VIR_FORCE_CLOSE(priv->sock);
                 continue;
             }
 
 <at>  <at>  -630,8 +631,7  <at>  <at>  doRemoteOpen (virConnectPtr conn,
                     negotiate_gnutls_on_connection
                       (conn, priv, no_verify);
                 if (!priv->session) {
-                    close (priv->sock);
-                    priv->sock = -1;
+                    VIR_FORCE_CLOSE(priv->sock);
                     goto failed;
                 }
             }
 <at>  <at>  -711,8 +711,7  <at>  <at>  doRemoteOpen (virConnectPtr conn,
             if (errno == ECONNREFUSED &&
                 flags & VIR_DRV_OPEN_REMOTE_AUTOSTART &&
                 trials < 20) {
-                close(priv->sock);
-                priv->sock = -1;
+                VIR_FORCE_CLOSE(priv->sock);
                 if (trials > 0 ||
                     remoteForkDaemon() == 0) {
                     trials++;
 <at>  <at>  -806,8 +805,8  <at>  <at>  doRemoteOpen (virConnectPtr conn,
             goto failed;
 
         /* Parent continues here. */
-        close (sv[1]);
-        close (errfd[1]);
+        VIR_FORCE_CLOSE(sv[1]);
+        VIR_FORCE_CLOSE(errfd[1]);
         priv->sock = sv[0];
         priv->errfd = errfd[0];
         priv->pid = pid;
 <at>  <at>  -955,15 +954,14  <at>  <at>  doRemoteOpen (virConnectPtr conn,
 
  failed:
     /* Close the socket if we failed. */
-    if (priv->errfd >= 0)
-        close(priv->errfd);
+    VIR_FORCE_CLOSE(priv->errfd);
 
     if (priv->sock >= 0) {
         if (priv->uses_tls && priv->session) {
             gnutls_bye (priv->session, GNUTLS_SHUT_RDWR);
             gnutls_deinit (priv->session);
         }
-        close (priv->sock);
+        VIR_FORCE_CLOSE(priv->sock);
 #ifndef WIN32
         if (priv->pid > 0) {
             pid_t reap;
 <at>  <at>  -977,10 +975,8  <at>  <at>  retry:
 #endif
     }
 
-    if (wakeupFD[0] >= 0) {
-        close(wakeupFD[0]);
-        close(wakeupFD[1]);
-    }
+    VIR_FORCE_CLOSE(wakeupFD[0]);
+    VIR_FORCE_CLOSE(wakeupFD[1]);
 
     VIR_FREE(priv->hostname);
     goto cleanup;
 <at>  <at>  -1442,8 +1438,8  <at>  <at>  doRemoteClose (virConnectPtr conn, struc
     if (priv->saslconn)
         sasl_dispose (&priv->saslconn);
 #endif
-    close (priv->sock);
-    close (priv->errfd);
+    VIR_FORCE_CLOSE(priv->sock);
+    VIR_FORCE_CLOSE(priv->errfd);
 
 #ifndef WIN32
     if (priv->pid > 0) {
 <at>  <at>  -1456,10 +1452,8  <at>  <at>  retry:
         } while (reap != -1 && reap != priv->pid);
     }
 #endif
-    if (priv->wakeupReadFD >= 0) {
-        close(priv->wakeupReadFD);
-        close(priv->wakeupSendFD);
-    }
+    VIR_FORCE_CLOSE(priv->wakeupReadFD);
+    VIR_FORCE_CLOSE(priv->wakeupSendFD);
 
 
     /* Free hostname copy */
Index: libvirt-acl/src/secret/secret_driver.c
===================================================================
--- libvirt-acl.orig/src/secret/secret_driver.c
+++ libvirt-acl/src/secret/secret_driver.c
 <at>  <at>  -41,6 +41,7  <at>  <at> 
 #include "util.h"
 #include "uuid.h"
 #include "virterror_internal.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECRET
 
 <at>  <at>  -181,7 +182,7  <at>  <at>  replaceFile(const char *filename, void *
                               tmp_path);
         goto cleanup;
     }
-    if (close(fd) < 0) {
+    if (VIR_CLOSE(fd) < 0) {
         virReportSystemError(errno, _("error closing '%s'"), tmp_path);
         goto cleanup;
     }
 <at>  <at>  -196,8 +197,7  <at>  <at>  replaceFile(const char *filename, void *
     ret = 0;
 
 cleanup:
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     if (tmp_path != NULL) {
         unlink(tmp_path);
         VIR_FREE(tmp_path);
 <at>  <at>  -394,8 +394,7  <at>  <at>  secretLoadValue(virSecretDriverStatePtr 
         virReportSystemError(errno, _("cannot read '%s'"), filename);
         goto cleanup;
     }
-    close(fd);
-    fd = -1;
+    VIR_FORCE_CLOSE(fd);
 
     if (!base64_decode_alloc(contents, st.st_size, &value, &value_size)) {
         virSecretReportError(VIR_ERR_INTERNAL_ERROR,
 <at>  <at>  -422,8 +421,7  <at>  <at>  cleanup:
         memset(contents, 0, st.st_size);
         VIR_FREE(contents);
     }
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     VIR_FREE(filename);
     return ret;
 }
Index: libvirt-acl/src/security/security_apparmor.c
===================================================================
--- libvirt-acl.orig/src/security/security_apparmor.c
+++ libvirt-acl/src/security/security_apparmor.c
 <at>  <at>  -37,6 +37,7  <at>  <at> 
 #include "uuid.h"
 #include "pci.h"
 #include "hostusb.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECURITY
 #define SECURITY_APPARMOR_VOID_DOI      "0"
 <at>  <at>  -215,7 +216,7  <at>  <at>  load_profile(virSecurityDriverPtr drv,
         virReportSystemError(errno, "%s", _("unable to write to pipe"));
         goto clean;
     }
-    close(pipefd[1]);
+    VIR_FORCE_CLOSE(pipefd[1]);
     rc = 0;
 
   rewait:
 <at>  <at>  -233,10 +234,8  <at>  <at>  load_profile(virSecurityDriverPtr drv,
   clean:
     VIR_FREE(xml);
 
-    if (pipefd[0] > 0)
-        close(pipefd[0]);
-    if (pipefd[1] > 0)
-        close(pipefd[1]);
+    VIR_FORCE_CLOSE(pipefd[0]);
+    VIR_FORCE_CLOSE(pipefd[1]);
 
     return rc;
 }
Index: libvirt-acl/src/security/security_selinux.c
===================================================================
--- libvirt-acl.orig/src/security/security_selinux.c
+++ libvirt-acl/src/security/security_selinux.c
 <at>  <at>  -28,6 +28,7  <at>  <at> 
 #include "pci.h"
 #include "hostusb.h"
 #include "storage_file.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECURITY
 
 <at>  <at>  -120,10 +121,10  <at>  <at>  SELinuxInitialize(void)
         virReportSystemError(errno,
                              _("cannot read SELinux virtual domain context file %s"),
                              selinux_virtual_domain_context_path());
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     ptr = strchrnul(default_domain_context, '\n');
     *ptr = '\0';
 <at>  <at>  -139,10 +140,10  <at>  <at>  SELinuxInitialize(void)
         virReportSystemError(errno,
                              _("cannot read SELinux virtual image context file %s"),
                              selinux_virtual_image_context_path());
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     ptr = strchrnul(default_image_context, '\n');
     if (*ptr == '\n') {
Index: libvirt-acl/src/security/virt-aa-helper.c
===================================================================
--- libvirt-acl.orig/src/security/virt-aa-helper.c
+++ libvirt-acl/src/security/virt-aa-helper.c
 <at>  <at>  -37,6 +37,7  <at>  <at> 
 #include "uuid.h"
 #include "hostusb.h"
 #include "pci.h"
+#include "files.h"
 
 static char *progname;
 
 <at>  <at>  -278,12 +279,12  <at>  <at>  update_include_file(const char *include_
     }
 
     if (safewrite(fd, pcontent, plen) < 0) { /* don't write the '\0' */
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         vah_error(NULL, 0, "failed to write to profile");
         goto clean;
     }
 
-    if (close(fd) != 0) {
+    if (VIR_CLOSE(fd) != 0) {
         vah_error(NULL, 0, "failed to close or write to profile");
         goto clean;
     }
 <at>  <at>  -385,12 +386,12  <at>  <at>  create_profile(const char *profile, cons
     }
 
     if (safewrite(fd, pcontent, plen - 1) < 0) { /* don't write the '\0' */
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         vah_error(NULL, 0, "failed to write to profile");
         goto clean_all;
     }
 
-    if (close(fd) != 0) {
+    if (VIR_CLOSE(fd) != 0) {
         vah_error(NULL, 0, "failed to close or write to profile");
         goto clean_all;
     }
Index: libvirt-acl/src/storage/storage_backend.c
===================================================================
--- libvirt-acl.orig/src/storage/storage_backend.c
+++ libvirt-acl/src/storage/storage_backend.c
 <at>  <at>  -51,6 +51,7  <at>  <at> 
 #include "storage_file.h"
 #include "storage_backend.h"
 #include "logging.h"
+#include "files.h"
 
 #if WITH_STORAGE_LVM
 # include "storage_backend_logical.h"
 <at>  <at>  -181,7 +182,7  <at>  <at>  virStorageBackendCopyToFD(virStorageVolD
         } while ((amtleft -= 512) > 0);
     }
 
-    if (inputfd != -1 && close(inputfd) < 0) {
+    if (VIR_CLOSE(inputfd) < 0) {
         ret = -errno;
         virReportSystemError(errno,
                              _("cannot close file '%s'"),
 <at>  <at>  -193,8 +194,7  <at>  <at>  virStorageBackendCopyToFD(virStorageVolD
     *total -= remain;
 
 cleanup:
-    if (inputfd != -1)
-        close(inputfd);
+    VIR_FORCE_CLOSE(inputfd);
 
     VIR_FREE(buf);
 
 <at>  <at>  -251,7 +251,7  <at>  <at>  virStorageBackendCreateBlockFrom(virConn
                              vol->target.path, vol->target.perms.mode);
         goto cleanup;
     }
-    if (close(fd) < 0) {
+    if (VIR_CLOSE(fd) < 0) {
         virReportSystemError(errno,
                              _("cannot close file '%s'"),
                              vol->target.path);
 <at>  <at>  -261,8 +261,7  <at>  <at>  virStorageBackendCreateBlockFrom(virConn
 
     ret = 0;
 cleanup:
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return ret;
 }
 <at>  <at>  -608,7 +607,7  <at>  <at>  static int virStorageBackendQEMUImgBacki
 
 cleanup:
     VIR_FREE(help);
-    close(newstdout);
+    VIR_FORCE_CLOSE(newstdout);
 rewait:
     if (child) {
         if (waitpid(child, &status, 0) != child) {
 <at>  <at>  -997,7 +996,7  <at>  <at>  virStorageBackendVolOpenCheckMode(const 
         virReportSystemError(errno,
                              _("cannot stat file '%s'"),
                              path);
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
 
 <at>  <at>  -1009,7 +1008,7  <at>  <at>  virStorageBackendVolOpenCheckMode(const 
         mode = VIR_STORAGE_VOL_OPEN_BLOCK;
 
     if (!(mode & flags)) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
 
         if (mode & VIR_STORAGE_VOL_OPEN_ERROR) {
             virStorageReportError(VIR_ERR_INTERNAL_ERROR,
 <at>  <at>  -1045,7 +1044,7  <at>  <at>  virStorageBackendUpdateVolTargetInfo(vir
                                                  allocation,
                                                  capacity);
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return ret;
 }
 <at>  <at>  -1461,10 +1460,8  <at>  <at>  virStorageBackendRunProgRegex(virStorage
 
     if (list)
         fclose(list);
-    else {
-        if (fd >= 0)
-            close(fd);
-    }
+    else
+        VIR_FORCE_CLOSE(fd);
 
     while ((err = waitpid(child, &exitstatus, 0) == -1) && errno == EINTR);
 
 <at>  <at>  -1579,7 +1576,7  <at>  <at>  virStorageBackendRunProgNul(virStoragePo
     if (fp)
         fclose (fp);
     else
-        close (fd);
+        VIR_FORCE_CLOSE(fd);
 
     while ((w_err = waitpid (child, &exitstatus, 0) == -1) && errno == EINTR)
         /* empty */ ;
Index: libvirt-acl/src/storage/storage_backend_fs.c
===================================================================
--- libvirt-acl.orig/src/storage/storage_backend_fs.c
+++ libvirt-acl/src/storage/storage_backend_fs.c
 <at>  <at>  -45,6 +45,7  <at>  <at> 
 #include "util.h"
 #include "memory.h"
 #include "xml.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_STORAGE
 
 <at>  <at>  -72,25 +73,25  <at>  <at>  virStorageBackendProbeTarget(virStorageV
     if ((ret = virStorageBackendUpdateVolTargetInfoFD(target, fd,
                                                       allocation,
                                                       capacity)) < 0) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return ret;
     }
 
     memset(&meta, 0, sizeof(meta));
 
     if ((target->format = virStorageFileProbeFormatFromFD(target->path, fd)) < 0) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
 
     if (virStorageFileGetMetadataFromFD(target->path, fd,
                                         target->format,
                                         &meta) < 0) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     if (meta.backingStore) {
         *backingStore = meta.backingStore;
 <at>  <at>  -98,7 +99,7  <at>  <at>  virStorageBackendProbeTarget(virStorageV
         if (meta.backingStoreFormat == VIR_STORAGE_FILE_AUTO) {
             if ((*backingStoreFormat
                  = virStorageFileProbeFormat(*backingStore)) < 0) {
-                close(fd);
+                VIR_FORCE_CLOSE(fd);
                 goto cleanup;
             }
         } else {
Index: libvirt-acl/src/storage/storage_backend_iscsi.c
===================================================================
--- libvirt-acl.orig/src/storage/storage_backend_iscsi.c
+++ libvirt-acl/src/storage/storage_backend_iscsi.c
 <at>  <at>  -41,6 +41,7  <at>  <at> 
 #include "util.h"
 #include "memory.h"
 #include "logging.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_STORAGE
 
 <at>  <at>  -237,9 +238,7  <at>  <at>  out:
     if (fp != NULL) {
         fclose(fp);
     } else {
-        if (fd != -1) {
-            close(fd);
-        }
+        VIR_FORCE_CLOSE(fd);
     }
 
     return ret;
Index: libvirt-acl/src/storage/storage_backend_mpath.c
===================================================================
--- libvirt-acl.orig/src/storage/storage_backend_mpath.c
+++ libvirt-acl/src/storage/storage_backend_mpath.c
 <at>  <at>  -35,6 +35,7  <at>  <at> 
 #include "storage_backend.h"
 #include "memory.h"
 #include "logging.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_STORAGE
 
 <at>  <at>  -61,9 +62,7  <at>  <at>  virStorageBackendMpathUpdateVolTargetInf
 
     ret = 0;
 out:
-    if (fd != -1) {
-        close(fd);
-    }
+    VIR_FORCE_CLOSE(fd);
     return ret;
 }
 
Index: libvirt-acl/src/storage/storage_backend_scsi.c
===================================================================
--- libvirt-acl.orig/src/storage/storage_backend_scsi.c
+++ libvirt-acl/src/storage/storage_backend_scsi.c
 <at>  <at>  -32,6 +32,7  <at>  <at> 
 #include "storage_backend_scsi.h"
 #include "memory.h"
 #include "logging.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_STORAGE
 
 <at>  <at>  -154,8 +155,7  <at>  <at>  virStorageBackendSCSIUpdateVolTargetInfo
     ret = 0;
 
 cleanup:
-    if (fd >= 0)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return ret;
 }
 <at>  <at>  -572,14 +572,14  <at>  <at>  virStorageBackendSCSITriggerRescan(uint3
     if (safewrite(fd,
                   LINUX_SYSFS_SCSI_HOST_SCAN_STRING,
                   sizeof(LINUX_SYSFS_SCSI_HOST_SCAN_STRING)) < 0) {
-
+        VIR_FORCE_CLOSE(fd);
         virReportSystemError(errno,
                              _("Write to '%s' to trigger host scan failed"),
                              path);
         retval = -1;
     }
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 free_path:
     VIR_FREE(path);
 out:
Index: libvirt-acl/src/storage/storage_driver.c
===================================================================
--- libvirt-acl.orig/src/storage/storage_driver.c
+++ libvirt-acl/src/storage/storage_driver.c
 <at>  <at>  -45,6 +45,7  <at>  <at> 
 #include "memory.h"
 #include "storage_backend.h"
 #include "logging.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_STORAGE
 
 <at>  <at>  -1664,9 +1665,7  <at>  <at>  storageVolumeWipeInternal(virStorageVolD
 out:
     VIR_FREE(writebuf);
 
-    if (fd != -1) {
-        close(fd);
-    }
+    VIR_FORCE_CLOSE(fd);
 
     return ret;
 }
Index: libvirt-acl/src/test/test_driver.c
===================================================================
--- libvirt-acl.orig/src/test/test_driver.c
+++ libvirt-acl/src/test/test_driver.c
 <at>  <at>  -50,6 +50,7  <at>  <at> 
 #include "xml.h"
 #include "threads.h"
 #include "logging.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_TEST
 
 <at>  <at>  -788,8 +789,7  <at>  <at>  static int testOpenFromFile(virConnectPt
                   _("Invalid XML in file '%s'"), file);
         goto error;
     }
-    close(fd);
-    fd = -1;
+    VIR_FORCE_CLOSE(fd);
 
     root = xmlDocGetRootElement(xml);
     if ((root == NULL) || (!xmlStrEqual(root->name, BAD_CAST "node"))) {
 <at>  <at>  -1101,8 +1101,7  <at>  <at>  static int testOpenFromFile(virConnectPt
     VIR_FREE(networks);
     VIR_FREE(ifaces);
     VIR_FREE(pools);
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     virDomainObjListDeinit(&privconn->domains);
     virNetworkObjListFree(&privconn->networks);
     virInterfaceObjListFree(&privconn->ifaces);
 <at>  <at>  -1752,7 +1751,7  <at>  <at>  static int testDomainSave(virDomainPtr d
         goto cleanup;
     }
 
-    if (close(fd) < 0) {
+    if (VIR_CLOSE(fd) < 0) {
         virReportSystemError(errno,
                              _("saving domain '%s' to '%s': write failed"),
                              domain->name, path);
 <at>  <at>  -1779,8 +1778,7  <at>  <at>  cleanup:
      * in either case we're already in a failure scenario
      * and have reported a earlier error */
     if (ret != 0) {
-        if (fd != -1)
-            close(fd);
+        VIR_FORCE_CLOSE(fd);
         unlink(path);
     }
     if (privdom)
 <at>  <at>  -1870,8 +1868,7  <at>  <at>  static int testDomainRestore(virConnectP
 cleanup:
     virDomainDefFree(def);
     VIR_FREE(xml);
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     if (dom)
         virDomainObjUnlock(dom);
     if (event)
 <at>  <at>  -1911,7 +1908,7  <at>  <at>  static int testDomainCoreDump(virDomainP
                              domain->name, to);
         goto cleanup;
     }
-    if (close(fd) < 0) {
+    if (VIR_CLOSE(fd) < 0) {
         virReportSystemError(errno,
                              _("domain '%s' coredump: write failed: %s"),
                              domain->name, to);
 <at>  <at>  -1932,8 +1929,7  <at>  <at>  static int testDomainCoreDump(virDomainP
 
     ret = 0;
 cleanup:
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     if (privdom)
         virDomainObjUnlock(privdom);
     if (event)
Index: libvirt-acl/src/uml/uml_conf.c
===================================================================
--- libvirt-acl.orig/src/uml/uml_conf.c
+++ libvirt-acl/src/uml/uml_conf.c
 <at>  <at>  -47,6 +47,7  <at>  <at> 
 #include "bridge.h"
 #include "logging.h"
 #include "domain_nwfilter.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_UML
 
 <at>  <at>  -367,7 +368,7  <at>  <at>  umlBuildCommandLineChr(virDomainChrDefPt
             }
             if (virAsprintf(&ret, "%s%d=null,fd:%d", dev, def->target.port, fd_out) < 0) {
                 virReportOOMError();
-                close(fd_out);
+                VIR_FORCE_CLOSE(fd_out);
                 return NULL;
             }
             FD_SET(fd_out, keepfd);
Index: libvirt-acl/src/uml/uml_driver.c
===================================================================
--- libvirt-acl.orig/src/uml/uml_driver.c
+++ libvirt-acl/src/uml/uml_driver.c
 <at>  <at>  -59,6 +59,7  <at>  <at> 
 #include "datatypes.h"
 #include "logging.h"
 #include "domain_nwfilter.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_UML
 
 <at>  <at>  -533,7 +534,7  <at>  <at>  umlShutdown(void) {
     umlDriverLock(uml_driver);
     if (uml_driver->inotifyWatch != -1)
         virEventRemoveHandle(uml_driver->inotifyWatch);
-    close(uml_driver->inotifyFD);
+    VIR_FORCE_CLOSE(uml_driver->inotifyFD);
     virCapabilitiesFree(uml_driver->caps);
 
     /* shutdown active VMs
 <at>  <at>  -659,8 +660,7  <at>  <at>  restat:
     if (bind(priv->monitor, (struct sockaddr *)&addr, sizeof addr) < 0) {
         virReportSystemError(errno,
                              "%s", _("cannot bind socket"));
-        close(priv->monitor);
-        priv->monitor = -1;
+        VIR_FORCE_CLOSE(priv->monitor);
         return -1;
     }
 
 <at>  <at>  -870,13 +870,13  <at>  <at>  static int umlStartVMDaemon(virConnectPt
     if (umlSetCloseExec(logfd) < 0) {
         virReportSystemError(errno,
                              "%s", _("Unable to set VM logfile close-on-exec flag"));
-        close(logfd);
+        VIR_FORCE_CLOSE(logfd);
         return -1;
     }
 
     if (umlBuildCommandLine(conn, driver, vm, &keepfd,
                             &argv, &progenv) < 0) {
-        close(logfd);
+        VIR_FORCE_CLOSE(logfd);
         virDomainConfVMNWFilterTeardown(vm);
         umlCleanupTapDevices(conn, vm);
         return -1;
 <at>  <at>  -912,15 +912,17  <at>  <at>  static int umlStartVMDaemon(virConnectPt
                            -1, &logfd, &logfd,
                            VIR_EXEC_CLEAR_CAPS,
                            NULL, NULL, NULL);
-    close(logfd);
+    VIR_FORCE_CLOSE(logfd);
 
     /*
      * At the moment, the only thing that populates keepfd is
      * umlBuildCommandLineChr. We want to close every fd it opens.
      */
     for (i = 0; i < FD_SETSIZE; i++)
-        if (FD_ISSET(i, &keepfd))
-            close(i);
+        if (FD_ISSET(i, &keepfd)) {
+            int tmpfd = i;
+            VIR_FORCE_CLOSE(tmpfd);
+        }
 
     for (i = 0 ; argv[i] ; i++)
         VIR_FREE(argv[i]);
 <at>  <at>  -957,9 +959,7  <at>  <at>  static void umlShutdownVMDaemon(virConne
 
     virKillProcess(vm->pid, SIGTERM);
 
-    if (priv->monitor != -1)
-        close(priv->monitor);
-    priv->monitor = -1;
+    VIR_FORCE_CLOSE(priv->monitor);
 
     if ((ret = waitpid(vm->pid, NULL, 0)) != vm->pid) {
         VIR_WARN("Got unexpected pid %d != %d",
 <at>  <at>  -2088,7 +2088,7  <at>  <at>  umlDomainBlockPeek (virDomainPtr dom,
     }
 
 cleanup:
-    if (fd >= 0) close (fd);
+    VIR_FORCE_CLOSE(fd);
     if (vm)
         virDomainObjUnlock(vm);
     return ret;
Index: libvirt-acl/src/util/bridge.c
===================================================================
--- libvirt-acl.orig/src/util/bridge.c
+++ libvirt-acl/src/util/bridge.c
 <at>  <at>  -24,6 +24,7  <at>  <at> 
 #if defined(WITH_BRIDGE)
 
 # include "bridge.h"
+# include "files.h"
 
 # include <stdlib.h>
 # include <stdio.h>
 <at>  <at>  -82,12 +83,12  <at>  <at>  brInit(brControl **ctlp)
     if ((flags = fcntl(fd, F_GETFD)) < 0 ||
         fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) {
         int err = errno;
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return err;
     }
 
     if (VIR_ALLOC(*ctlp) < 0) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return ENOMEM;
     }
 
 <at>  <at>  -108,8 +109,7  <at>  <at>  brShutdown(brControl *ctl)
     if (!ctl)
         return;
 
-    close(ctl->fd);
-    ctl->fd = 0;
+    VIR_FORCE_CLOSE(ctl->fd);
 
     VIR_FREE(ctl);
 }
 <at>  <at>  -540,11 +540,11  <at>  <at>  brAddTap(brControl *ctl,
     if (tapfd)
         *tapfd = fd;
     else
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
     return 0;
 
  error:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return errno;
 }
 <at>  <at>  -575,7 +575,7  <at>  <at>  int brDeleteTap(brControl *ctl,
     }
 
  error:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return errno;
 }
Index: libvirt-acl/src/util/conf.c
===================================================================
--- libvirt-acl.orig/src/util/conf.c
+++ libvirt-acl/src/util/conf.c
 <at>  <at>  -24,6 +24,7  <at>  <at> 
 #include "util.h"
 #include "c-ctype.h"
 #include "memory.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_CONF
 
 <at>  <at>  -954,7 +955,7  <at>  <at>  virConfWriteFile(const char *filename, v
     content = virBufferContentAndReset(&buf);
     ret = safewrite(fd, content, use);
     VIR_FREE(content);
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     if (ret != (int)use) {
         virConfError(NULL, VIR_ERR_WRITE_FAILED, _("failed to save content"));
         return -1;
Index: libvirt-acl/src/util/interface.c
===================================================================
--- libvirt-acl.orig/src/util/interface.c
+++ libvirt-acl/src/util/interface.c
 <at>  <at>  -39,6 +39,7  <at>  <at> 
 #include "util.h"
 #include "interface.h"
 #include "virterror_internal.h"
+#include "files.h"
 
 #define ifaceError(code, ...) \
         virReportErrorHelper(NULL, VIR_FROM_NET, code, __FILE__, \
 <at>  <at>  -82,7 +83,7  <at>  <at>  ifaceGetFlags(const char *ifname, short 
 
     *flags = ifr.ifr_flags;
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return rc;
 }
 <at>  <at>  -161,7 +162,7  <at>  <at>  static int chgIfaceFlags(const char *ifn
     }
 
 err_exit:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     return rc;
 }
 
 <at>  <at>  -259,8 +260,7  <at>  <at>  ifaceCheck(bool reportError, const char 
     }
 
  err_exit:
-    if (fd >= 0)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return rc;
 }
 <at>  <at>  -326,7 +326,7  <at>  <at>  ifaceGetIndex(bool reportError, const ch
     }
 
 err_exit:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return rc;
 }
 <at>  <at>  -373,7 +373,7  <at>  <at>  ifaceGetVlanID(const char *vlanifname, i
     *vlanid = vlanargs.u.VID;
 
  err_exit:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return rc;
 }
Index: libvirt-acl/src/util/logging.c
===================================================================
--- libvirt-acl.orig/src/util/logging.c
+++ libvirt-acl/src/util/logging.c
 <at>  <at>  -40,6 +40,7  <at>  <at> 
 #include "util.h"
 #include "buf.h"
 #include "threads.h"
+#include "files.h"
 
 /*
  * Macro used to format the message as a string in virLogMessage
 <at>  <at>  -603,8 +604,7  <at>  <at>  static int virLogOutputToFd(const char *
 static void virLogCloseFd(void *data) {
     int fd = (long) data;
 
-    if (fd >= 0)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
 }
 
 static int virLogAddOutputToStderr(int priority) {
 <at>  <at>  -622,7 +622,7  <at>  <at>  static int virLogAddOutputToFile(int pri
         return(-1);
     if (virLogDefineOutput(virLogOutputToFd, virLogCloseFd, (void *)(long)fd,
                            priority, VIR_LOG_TO_FILE, file, 0) < 0) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return(-1);
     }
     return(0);
Index: libvirt-acl/src/util/macvtap.c
===================================================================
--- libvirt-acl.orig/src/util/macvtap.c
+++ libvirt-acl/src/util/macvtap.c
 <at>  <at>  -52,6 +52,7  <at>  <at> 
 # include "conf/domain_conf.h"
 # include "virterror_internal.h"
 # include "uuid.h"
+# include "files.h"
 
 # define VIR_FROM_THIS VIR_FROM_NET
 
 <at>  <at>  -92,12 +93,6  <at>  <at>  static int nlOpen(void)
 }
 
 
-static void nlClose(int fd)
-{
-    close(fd);
-}
-
-
 /**
  * nlComm:
  *  <at> nlmsg: pointer to netlink message
 <at>  <at>  -191,7 +186,7  <at>  <at>  err_exit:
         *respbuflen = 0;
     }
 
-    nlClose(fd);
+    VIR_FORCE_CLOSE(fd);
     return rc;
 }
 
 <at>  <at>  -689,8 +684,7  <at>  <at>  create_name:
 
     if (rc >= 0) {
         if (configMacvtapTap(rc, vnet_hdr) < 0) {
-            close(rc);
-            rc = -1;
+            VIR_FORCE_CLOSE(rc); /* sets rc to -1 */
             goto disassociate_exit;
         }
         *res_ifname = strdup(cr_ifname);
 <at>  <at>  -778,8 +772,7  <at>  <at>  getLldpadPid(void) {
                              _("Error opening file %s"), LLDPAD_PID_FILE);
     }
 
-    if (fd >= 0)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return pid;
 }
Index: libvirt-acl/src/util/pci.c
===================================================================
--- libvirt-acl.orig/src/util/pci.c
+++ libvirt-acl/src/util/pci.c
 <at>  <at>  -37,6 +37,7  <at>  <at> 
 #include "memory.h"
 #include "util.h"
 #include "virterror_internal.h"
+#include "files.h"
 
 /* avoid compilation breakage on some systems */
 #ifndef MODPROBE
 <at>  <at>  -188,10 +189,7  <at>  <at>  pciCloseConfig(pciDevice *dev)
     if (!dev)
         return;
 
-    if (dev->fd >= 0) {
-        close(dev->fd);
-        dev->fd = -1;
-    }
+    VIR_FORCE_CLOSE(dev->fd);
 }
 
 static int
Index: libvirt-acl/src/util/storage_file.c
===================================================================
--- libvirt-acl.orig/src/util/storage_file.c
+++ libvirt-acl/src/util/storage_file.c
 <at>  <at>  -36,6 +36,7  <at>  <at> 
 #include "memory.h"
 #include "virterror_internal.h"
 #include "logging.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_STORAGE
 
 <at>  <at>  -688,7 +689,7  <at>  <at>  virStorageFileProbeFormat(const char *pa
 
     ret = virStorageFileProbeFormatFromFD(path, fd);
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return ret;
 }
 <at>  <at>  -782,7 +783,7  <at>  <at>  virStorageFileGetMetadata(const char *pa
 
     ret = virStorageFileGetMetadataFromFD(path, fd, format, meta);
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return ret;
 }
Index: libvirt-acl/src/util/util.c
===================================================================
--- libvirt-acl.orig/src/util/util.c
+++ libvirt-acl/src/util/util.c
 <at>  <at>  -71,6 +71,7  <at>  <at> 
 #include "memory.h"
 #include "threads.h"
 #include "verify.h"
+#include "files.h"
 
 #ifndef NSIG
 # define NSIG 32
 <at>  <at>  -461,6 +462,7  <at>  <at>  __virExec(const char *const*argv,
     int pipeerr[2] = {-1,-1};
     int childout = -1;
     int childerr = -1;
+    int tmpfd;
 
     if ((null = open("/dev/null", O_RDONLY)) < 0) {
         virReportSystemError(errno,
 <at>  <at>  -534,13 +536,13  <at>  <at>  __virExec(const char *const*argv,
     }
 
     if (pid) { /* parent */
-        close(null);
+        VIR_FORCE_CLOSE(null);
         if (outfd && *outfd == -1) {
-            close(pipeout[1]);
+            VIR_FORCE_CLOSE(pipeout[1]);
             *outfd = pipeout[0];
         }
         if (errfd && *errfd == -1) {
-            close(pipeerr[1]);
+            VIR_FORCE_CLOSE(pipeerr[1]);
             *errfd = pipeerr[0];
         }
 
 <at>  <at>  -568,8 +570,10  <at>  <at>  __virExec(const char *const*argv,
             i != childout &&
             i != childerr &&
             (!keepfd ||
-             !FD_ISSET(i, keepfd)))
-            close(i);
+             !FD_ISSET(i, keepfd))) {
+            tmpfd = i;
+            VIR_FORCE_CLOSE(tmpfd);
+        }
 
     if (dup2(infd >= 0 ? infd : null, STDIN_FILENO) < 0) {
         virReportSystemError(errno,
 <at>  <at>  -589,14 +593,15  <at>  <at>  __virExec(const char *const*argv,
         goto fork_error;
     }
 
-    if (infd > 0)
-        close(infd);
-    close(null);
-    if (childout > 0)
-        close(childout);
+    VIR_FORCE_CLOSE(infd);
+    VIR_FORCE_CLOSE(null);
+    tmpfd = childout;   /* preserve childout value */
+    VIR_FORCE_CLOSE(tmpfd);
     if (childerr > 0 &&
-        childerr != childout)
-        close(childerr);
+        childerr != childout) {
+        VIR_FORCE_CLOSE(childerr);
+        childout = -1;
+    }
 
     /* Daemonize as late as possible, so the parent process can detect
      * the above errors with wait* */
 <at>  <at>  -666,16 +671,11  <at>  <at>  __virExec(const char *const*argv,
     /* NB we don't virUtilError() on any failures here
        because the code which jumped hre already raised
        an error condition which we must not overwrite */
-    if (pipeerr[0] > 0)
-        close(pipeerr[0]);
-    if (pipeerr[1] > 0)
-        close(pipeerr[1]);
-    if (pipeout[0] > 0)
-        close(pipeout[0]);
-    if (pipeout[1] > 0)
-        close(pipeout[1]);
-    if (null > 0)
-        close(null);
+    VIR_FORCE_CLOSE(pipeerr[0]);
+    VIR_FORCE_CLOSE(pipeerr[1]);
+    VIR_FORCE_CLOSE(pipeout[0]);
+    VIR_FORCE_CLOSE(pipeout[1]);
+    VIR_FORCE_CLOSE(null);
     return -1;
 }
 
 <at>  <at>  -865,10 +865,8  <at>  <at>  virRunWithHook(const char *const*argv,
     VIR_FREE(outbuf);
     VIR_FREE(errbuf);
     VIR_FREE(argv_str);
-    if (outfd != -1)
-        close(outfd);
-    if (errfd != -1)
-        close(errfd);
+    VIR_FORCE_CLOSE(outfd);
+    VIR_FORCE_CLOSE(errfd);
     return ret;
 }
 
 <at>  <at>  -1108,7 +1106,7  <at>  <at>  int virFileReadAll(const char *path, int
     }
 
     int len = virFileReadLimFD(fd, maxlen, buf);
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     if (len < 0) {
         virReportSystemError(errno, _("Failed to read file '%s'"), path);
         return -1;
 <at>  <at>  -1129,13 +1127,13  <at>  <at>  int virFileWriteStr(const char *path, co
 
     if (safewrite(fd, str, strlen(str)) < 0) {
         int saved_errno = errno;
-        close (fd);
+        VIR_FORCE_CLOSE(fd);
         errno = saved_errno;
         return -1;
     }
 
     /* Use errno from failed close only if there was no write error.  */
-    if (close (fd) != 0)
+    if (VIR_CLOSE(fd) != 0)
         return -1;
 
     return 0;
 <at>  <at>  -1314,7 +1312,7  <at>  <at>  static int virFileOperationNoFork(const 
     if ((hook) && ((ret = hook(fd, hookdata)) != 0)) {
         goto error;
     }
-    if (close(fd) < 0) {
+    if (VIR_CLOSE(fd) < 0) {
         ret = -errno;
         virReportSystemError(errno, _("failed to close new file '%s'"),
                              path);
 <at>  <at>  -1323,8 +1321,7  <at>  <at>  static int virFileOperationNoFork(const 
     }
     fd = -1;
 error:
-    if (fd != -1)
-       close(fd);
+    VIR_FORCE_CLOSE(fd);
     return ret;
 }
 
 <at>  <at>  -1475,7 +1472,7  <at>  <at>  parenterror:
     if ((hook) && ((ret = hook(fd, hookdata)) != 0)) {
         goto childerror;
     }
-    if (close(fd) < 0) {
+    if (VIR_CLOSE(fd) < 0) {
         ret = -errno;
         virReportSystemError(errno, _("child failed to close new file '%s'"),
                              path);
 <at>  <at>  -1752,10 +1749,8  <at>  <at>  int virFileOpenTtyAt(const char *ptmx,
     rc = 0;
 
 cleanup:
-    if (rc != 0 &&
-        *ttymaster != -1) {
-        close(*ttymaster);
-    }
+    if (rc != 0)
+        VIR_FORCE_CLOSE(*ttymaster);
 
     return rc;
 
 <at>  <at>  -1821,7 +1816,7  <at>  <at>  int virFileWritePidPath(const char *pidf
 
     if (!(file = fdopen(fd, "w"))) {
         rc = errno;
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         goto cleanup;
     }
 
Index: libvirt-acl/src/util/uuid.c
===================================================================
--- libvirt-acl.orig/src/util/uuid.c
+++ libvirt-acl/src/util/uuid.c
 <at>  <at>  -39,6 +39,7  <at>  <at> 
 #include "virterror_internal.h"
 #include "logging.h"
 #include "memory.h"
+#include "files.h"
 
 #ifndef ENODATA
 # define ENODATA EIO
 <at>  <at>  -61,7 +62,7  <at>  <at>  virUUIDGenerateRandomBytes(unsigned char
         if ((n = read(fd, buf, buflen)) <= 0) {
             if (errno == EINTR)
                 continue;
-            close(fd);
+            VIR_FORCE_CLOSE(fd);
             return n < 0 ? errno : ENODATA;
         }
 
 <at>  <at>  -69,7 +70,7  <at>  <at>  virUUIDGenerateRandomBytes(unsigned char
         buflen -= n;
     }
 
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
 
     return 0;
 }
 <at>  <at>  -240,10 +241,10  <at>  <at>  getDMISystemUUID(char *uuid, int len)
         int fd = open(paths[i], O_RDONLY);
         if (fd > 0) {
             if (saferead(fd, uuid, len) == len) {
-                close(fd);
+                VIR_FORCE_CLOSE(fd);
                 return 0;
             }
-            close(fd);
+            VIR_FORCE_CLOSE(fd);
         }
         i++;
     }
Index: libvirt-acl/src/util/virtaudit.c
===================================================================
--- libvirt-acl.orig/src/util/virtaudit.c
+++ libvirt-acl/src/util/virtaudit.c
 <at>  <at>  -31,6 +31,7  <at>  <at> 
 #include "logging.h"
 #include "virtaudit.h"
 #include "util.h"
+#include "files.h"
 
 /* Provide the macros in case the header file is old.
    FIXME: should be removed. */
 <at>  <at>  -134,7 +135,7  <at>  <at>  void virAuditSend(const char *file ATTRI
 void virAuditClose(void)
 {
 #if HAVE_AUDIT
-    close(auditfd);
+    VIR_FORCE_CLOSE(auditfd);
 #endif
 }
 
Index: libvirt-acl/src/xen/proxy_internal.c
===================================================================
--- libvirt-acl.orig/src/xen/proxy_internal.c
+++ libvirt-acl/src/xen/proxy_internal.c
 <at>  <at>  -30,6 +30,7  <at>  <at> 
 #include "util.h"
 #include "xen_driver.h"
 #include "memory.h"
+#include "files.h"
 
 #define STANDALONE
 
 <at>  <at>  -196,7 +197,7  <at>  <at>  retry:
     addr.sun_family = AF_UNIX;
     addr.sun_path[0] = '\0';
     if (virStrcpy(&addr.sun_path[1], path, sizeof(addr.sun_path) - 1) == NULL) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
 
 <at>  <at>  -204,7 +205,7  <at>  <at>  retry:
      * now bind the socket to that address and listen on it
      */
     if (connect(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         if (trials < 3) {
             if (virProxyForkServer() < 0)
                 return(-1);
 <at>  <at>  -232,16 +233,17  <at>  <at>  retry:
 static int
 virProxyCloseSocket(xenUnifiedPrivatePtr priv) {
     int ret;
+    int tmpfd;
 
     if (priv->proxy < 0)
         return(-1);
 
-    ret = close(priv->proxy);
+    tmpfd = priv->proxy;
+    ret = VIR_CLOSE(priv->proxy);
     if (ret != 0)
-        VIR_WARN("Failed to close socket %d", priv->proxy);
+        VIR_WARN("Failed to close socket %d", tmpfd);
     else
-        VIR_DEBUG("Closed socket %d", priv->proxy);
-    priv->proxy = -1;
+        VIR_DEBUG("Closed socket %d", tmpfd);
     return(ret);
 }
 
Index: libvirt-acl/src/xen/xen_hypervisor.c
===================================================================
--- libvirt-acl.orig/src/xen/xen_hypervisor.c
+++ libvirt-acl/src/xen/xen_hypervisor.c
 <at>  <at>  -65,6 +65,7  <at>  <at> 
 #include "buf.h"
 #include "capabilities.h"
 #include "memory.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_XEN
 
 <at>  <at>  -2036,7 +2037,7  <at>  <at>  xenHypervisorInit(void)
     hypervisor_version = -1;
     virXenError(VIR_ERR_XEN_CALL, " ioctl %lu",
                 (unsigned long) IOCTL_PRIVCMD_HYPERCALL);
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     in_init = 0;
     return(-1);
 
 <at>  <at>  -2122,13 +2123,13  <at>  <at>  xenHypervisorInit(void)
     hypervisor_version = -1;
     virXenError(VIR_ERR_XEN_CALL, " ioctl %lu",
                 (unsigned long)IOCTL_PRIVCMD_HYPERCALL);
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     in_init = 0;
     VIR_FREE(ipt);
     return(-1);
 
  done:
-    close(fd);
+    VIR_FORCE_CLOSE(fd);
     in_init = 0;
     VIR_FREE(ipt);
     return(0);
 <at>  <at>  -2191,7 +2192,7  <at>  <at>  xenHypervisorClose(virConnectPtr conn)
     if (priv->handle < 0)
         return -1;
 
-    ret = close(priv->handle);
+    ret = VIR_CLOSE(priv->handle);
     if (ret < 0)
         return (-1);
 
 <at>  <at>  -2396,8 +2397,7  <at>  <at>  get_cpu_flags(virConnectPtr conn, const 
     ret = 1;
 
 out:
-    if (fd != -1)
-        close(fd);
+    VIR_FORCE_CLOSE(fd);
     return ret;
 }
 
Index: libvirt-acl/src/xen/xen_inotify.c
===================================================================
--- libvirt-acl.orig/src/xen/xen_inotify.c
+++ libvirt-acl/src/xen/xen_inotify.c
 <at>  <at>  -39,6 +39,7  <at>  <at> 
 #include "xend_internal.h"
 #include "logging.h"
 #include "uuid.h"
+#include "files.h"
 
 #include "xm_internal.h" /* for xenXMDomainConfigParse */
 
 <at>  <at>  -483,7 +484,7  <at>  <at>  xenInotifyClose(virConnectPtr conn)
 
     if (priv->inotifyWatch != -1)
         virEventRemoveHandle(priv->inotifyWatch);
-    close(priv->inotifyFD);
+    VIR_FORCE_CLOSE(priv->inotifyFD);
 
     return 0;
 }
Index: libvirt-acl/src/xen/xend_internal.c
===================================================================
--- libvirt-acl.orig/src/xen/xend_internal.c
+++ libvirt-acl/src/xen/xend_internal.c
 <at>  <at>  -45,6 +45,7  <at>  <at> 
 #include "xs_internal.h" /* To extract VNC port & Serial console TTY */
 #include "memory.h"
 #include "count-one-bits.h"
+#include "files.h"
 
 /* required for cpumap_t */
 #include <xen/dom0_ops.h>
 <at>  <at>  -118,7 +119,6  <at>  <at>  static int
 do_connect(virConnectPtr xend)
 {
     int s;
-    int serrno;
     int no_slow_start = 1;
     xenUnifiedPrivatePtr priv = (xenUnifiedPrivatePtr) xend->privateData;
 
 <at>  <at>  -137,10 +137,7  <at>  <at>  do_connect(virConnectPtr xend)
 
 
     if (connect(s, (struct sockaddr *)&priv->addr, priv->addrlen) == -1) {
-        serrno = errno;
-        close(s);
-        errno = serrno;
-        s = -1;
+        VIR_FORCE_CLOSE(s); /* preserves errno */
 
         /*
          * Connecting to XenD when privileged is mandatory, so log this
 <at>  <at>  -387,7 +384,7  <at>  <at>  xend_get(virConnectPtr xend, const char 
             "Content-Type: application/x-www-form-urlencoded\r\n" "\r\n");
 
     ret = xend_req(s, content);
-    close(s);
+    VIR_FORCE_CLOSE(s);
 
     if (((ret < 0) || (ret >= 300)) &&
         ((ret != 404) || (!STRPREFIX(path, "/xend/domain/")))) {
 <at>  <at>  -437,7 +434,7  <at>  <at>  xend_post(virConnectPtr xend, const char
     swrites(s, ops);
 
     ret = xend_req(s, &err_buf);
-    close(s);
+    VIR_FORCE_CLOSE(s);
 
     if ((ret < 0) || (ret >= 300)) {
         virXendError(VIR_ERR_POST_FAILED,
 <at>  <at>  -833,7 +830,7  <at>  <at>  xenDaemonOpen_tcp(virConnectPtr conn, co
 
         if (connect (sock, r->ai_addr, r->ai_addrlen) == -1) {
             saved_errno = errno;
-            close (sock);
+            VIR_FORCE_CLOSE(sock);
             continue;
         }
 
 <at>  <at>  -843,7 +840,7  <at>  <at>  xenDaemonOpen_tcp(virConnectPtr conn, co
         memcpy(&priv->addr,
                r->ai_addr,
                r->ai_addrlen);
-        close(sock);
+        VIR_FORCE_CLOSE(sock);
         break;
     }
 
 <at>  <at>  -5153,7 +5150,7  <at>  <at>  xenDaemonDomainBlockPeek (virDomainPtr d
 
     ret = 0;
  cleanup:
-    if (fd >= 0) close (fd);
+    VIR_FORCE_CLOSE(fd);
     sexpr_free(root);
     virDomainDefFree(def);
     return ret;
Index: libvirt-acl/daemon/libvirtd.c
===================================================================
--- libvirt-acl.orig/daemon/libvirtd.c
+++ libvirt-acl/daemon/libvirtd.c
 <at>  <at>  -50,6 +50,7  <at>  <at> 
 
 #include "libvirt_internal.h"
 #include "virterror_internal.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_QEMU
 
 <at>  <at>  -425,7 +426,7  <at>  <at>  static int daemonForkIntoBackground(void
             int stdoutfd = -1;
             int nextpid;
 
-            close(statuspipe[0]);
+            VIR_FORCE_CLOSE(statuspipe[0]);
 
             if ((stdinfd = open("/dev/null", O_RDONLY)) < 0)
                 goto cleanup;
 <at>  <at>  -437,12 +438,10  <at>  <at>  static int daemonForkIntoBackground(void
                 goto cleanup;
             if (dup2(stdoutfd, STDERR_FILENO) != STDERR_FILENO)
                 goto cleanup;
-            if (close(stdinfd) < 0)
+            if (VIR_CLOSE(stdinfd) < 0)
                 goto cleanup;
-            stdinfd = -1;
-            if (close(stdoutfd) < 0)
+            if (VIR_CLOSE(stdoutfd) < 0)
                 goto cleanup;
-            stdoutfd = -1;
 
             if (setsid() < 0)
                 goto cleanup;
 <at>  <at>  -458,10 +457,8  <at>  <at>  static int daemonForkIntoBackground(void
             }
 
         cleanup:
-            if (stdoutfd != -1)
-                close(stdoutfd);
-            if (stdinfd != -1)
-                close(stdinfd);
+            VIR_FORCE_CLOSE(stdoutfd);
+            VIR_FORCE_CLOSE(stdinfd);
             return -1;
 
         }
 <at>  <at>  -475,7 +472,7  <at>  <at>  static int daemonForkIntoBackground(void
             int ret;
             char status;
 
-            close(statuspipe[1]);
+            VIR_FORCE_CLOSE(statuspipe[1]);
 
             /* We wait to make sure the first child forked successfully */
             if ((got = waitpid(pid, &exitstatus, 0)) < 0 ||
 <at>  <at>  -518,7 +515,7  <at>  <at>  static int qemudWritePidFile(const char 
     if (!(fh = fdopen(fd, "w"))) {
         VIR_ERROR(_("Failed to fdopen pid file '%s' : %s"),
                   pidFile, virStrerror(errno, ebuf, sizeof ebuf));
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
 
 <at>  <at>  -610,8 +607,7  <at>  <at>  static int qemudListenUnix(struct qemud_
     return 0;
 
  cleanup:
-    if (sock->fd >= 0)
-        close(sock->fd);
+    VIR_FORCE_CLOSE(sock->fd);
     VIR_FREE(sock);
     return -1;
 }
 <at>  <at>  -665,7 +661,7  <at>  <at>  remoteMakeSockets (int *fds, int max_fds
                 VIR_ERROR(_("bind: %s"), virStrerror (errno, ebuf, sizeof ebuf));
                 return -1;
             }
-            close (fds[*nfds_r]);
+            VIR_FORCE_CLOSE(fds[*nfds_r]);
         } else {
             ++*nfds_r;
         }
 <at>  <at>  -734,7 +730,7  <at>  <at>  remoteListenTCP (struct qemud_server *se
 
 cleanup:
     for (i = 0; i < nfds; ++i)
-        close(fds[i]);
+        VIR_FORCE_CLOSE(fds[i]);
     return -1;
 }
 
 <at>  <at>  -1483,7 +1479,7  <at>  <at>  error:
         VIR_FREE(client);
     }
     VIR_FREE(addrstr);
-    close (fd);
+    VIR_FORCE_CLOSE(fd);
     PROBE(CLIENT_DISCONNECT, "fd=%d", fd);
     return -1;
 }
 <at>  <at>  -1529,8 +1525,7  <at>  <at>  void qemudDispatchClientFailure(struct q
     }
     if (client->fd != -1) {
         PROBE(CLIENT_DISCONNECT, "fd=%d", client->fd);
-        close(client->fd);
-        client->fd = -1;
+        VIR_FORCE_CLOSE(client->fd);
     }
     VIR_FREE(client->addrstr);
 }
 <at>  <at>  -2433,17 +2428,15  <at>  <at>  static int qemudStartEventLoop(struct qe
 static void qemudCleanup(struct qemud_server *server) {
     struct qemud_socket *sock;
 
-    if (server->sigread != -1)
-        close(server->sigread);
-    if (server->sigwrite != -1)
-        close(server->sigwrite);
+    VIR_FORCE_CLOSE(server->sigread);
+    VIR_FORCE_CLOSE(server->sigwrite);
 
     sock = server->sockets;
     while (sock) {
         struct qemud_socket *next = sock->next;
         if (sock->watch)
             virEventRemoveHandleImpl(sock->watch);
-        close(sock->fd);
+        VIR_FORCE_CLOSE(sock->fd);
 
         /* Unlink unix domain sockets which are not in
          * the abstract namespace */
 <at>  <at>  -2999,8 +2992,8  <at>  <at>  daemonSetupSignals(struct qemud_server *
     return 0;
 
 error:
-    close(sigpipe[0]);
-    close(sigpipe[1]);
+    VIR_FORCE_CLOSE(sigpipe[0]);
+    VIR_FORCE_CLOSE(sigpipe[1]);
     return -1;
 }
 
 <at>  <at>  -3257,8 +3250,7  <at>  <at>  int main(int argc, char **argv) {
         while (write(statuswrite, &status, 1) == -1 &&
                errno == EINTR)
             ;
-        close(statuswrite);
-        statuswrite = -1;
+        VIR_FORCE_CLOSE(statuswrite);
     }
 
     /* Start the event loop in a background thread, since
 <at>  <at>  -3315,7 +3307,7  <at>  <at>  error:
                    errno == EINTR)
                 ;
         }
-        close(statuswrite);
+        VIR_FORCE_CLOSE(statuswrite);
     }
     if (server)
         qemudCleanup(server);
Index: libvirt-acl/src/util/hooks.c
===================================================================
--- libvirt-acl.orig/src/util/hooks.c
+++ libvirt-acl/src/util/hooks.c
 <at>  <at>  -36,6 +36,7  <at>  <at> 
 #include "conf/domain_conf.h"
 #include "logging.h"
 #include "memory.h"
+#include "files.h"
 
 #define VIR_FROM_THIS VIR_FROM_HOOK
 
 <at>  <at>  -368,11 +369,10  <at>  <at>  virHookCall(int driver, const char *id, 
         }
         ret = virExec(argv, env, NULL, &pid, pipefd[0], &outfd, &errfd,
                       VIR_EXEC_NONE | VIR_EXEC_NONBLOCK);
-        if (close(pipefd[1]) < 0) {
+        if (VIR_CLOSE(pipefd[1]) < 0) {
             virReportSystemError(errno, "%s",
                              _("unable to close pipe for hook input"));
         }
-        pipefd[1] = -1;
     } else {
         ret = virExec(argv, env, NULL, &pid, -1, &outfd, &errfd,
                       VIR_EXEC_NONE | VIR_EXEC_NONBLOCK);
 <at>  <at>  -418,17 +418,15  <at>  <at>  virHookCall(int driver, const char *id, 
     }
 
 cleanup:
-    if (pipefd[0] >= 0) {
-        if (close(pipefd[0]) < 0) {
-            virReportSystemError(errno, "%s",
-                             _("unable to close pipe for hook input"));
-        }
+    if (VIR_CLOSE(pipefd[0]) < 0) {
+        virReportSystemError(errno, "%s",
+                         _("unable to close pipe for hook input"));
+        ret = 1;
     }
-    if (pipefd[1] >= 0) {
-        if (close(pipefd[1]) < 0) {
-            virReportSystemError(errno, "%s",
-                             _("unable to close pipe for hook input"));
-        }
+    if (VIR_CLOSE(pipefd[1]) < 0) {
+        virReportSystemError(errno, "%s",
+                         _("unable to close pipe for hook input"));
+        ret = 1;
     }
     if (argv) {
         for (i = 0 ; i < argc ; i++)
Index: libvirt-acl/tests/testutils.c
===================================================================
--- libvirt-acl.orig/tests/testutils.c
+++ libvirt-acl/tests/testutils.c
 <at>  <at>  -47,6 +47,8  <at>  <at> 
     ((((int) ((T)->tv_sec - (U)->tv_sec)) * 1000000.0 +	\
       ((int) ((T)->tv_usec - (U)->tv_usec))) / 1000.0)
 
+#include "files.h"
+
 static unsigned int testDebug = -1;
 static unsigned int testVerbose = -1;
 
 <at>  <at>  -222,8 +224,10  <at>  <at>  void virtTestCaptureProgramExecChild(con
     open_max = sysconf (_SC_OPEN_MAX);
     for (i = 0; i < open_max; i++) {
         if (i != stdinfd &&
-            i != pipefd)
-            close(i);
+            i != pipefd) {
+            int tmpfd = i;
+            VIR_FORCE_CLOSE(tmpfd);
+        }
     }
 
     if (dup2(stdinfd, STDIN_FILENO) != STDIN_FILENO)
 <at>  <at>  -237,8 +241,7  <at>  <at>  void virtTestCaptureProgramExecChild(con
     execve(argv[0], (char *const*)argv, (char *const*)env);
 
  cleanup:
-    if (stdinfd != -1)
-        close(stdinfd);
+    VIR_FORCE_CLOSE(stdinfd);
 }
 
 int virtTestCaptureProgramOutput(const char *const argv[],
 <at>  <at>  -252,10 +255,10  <at>  <at>  int virtTestCaptureProgramOutput(const c
     int pid = fork();
     switch (pid) {
     case 0:
-        close(pipefd[0]);
+        VIR_FORCE_CLOSE(pipefd[0]);
         virtTestCaptureProgramExecChild(argv, pipefd[1]);
 
-        close(pipefd[1]);
+        VIR_FORCE_CLOSE(pipefd[1]);
         _exit(1);
 
     case -1:
 <at>  <at>  -267,7 +270,7  <at>  <at>  int virtTestCaptureProgramOutput(const c
             int ret = -1;
             int want = buflen-1;
 
-            close(pipefd[1]);
+            VIR_FORCE_CLOSE(pipefd[1]);
 
             while (want) {
                 if ((ret = read(pipefd[0], (*buf)+got, want)) <= 0)
 <at>  <at>  -275,7 +278,7  <at>  <at>  int virtTestCaptureProgramOutput(const c
                 got += ret;
                 want -= ret;
             }
-            close(pipefd[0]);
+            VIR_FORCE_CLOSE(pipefd[0]);
 
             if (!ret)
                 (*buf)[got] = '\0';
Index: libvirt-acl/proxy/libvirt_proxy.c
===================================================================
--- libvirt-acl.orig/proxy/libvirt_proxy.c
+++ libvirt-acl/proxy/libvirt_proxy.c
 <at>  <at>  -31,6 +31,7  <at>  <at> 
 # include "xend_internal.h"
 # include "xs_internal.h"
 # include "xen_driver.h"
+# include "files.h"
 
 static int fdServer = -1;
 static int debug = 0;
 <at>  <at>  -133,10 +134,9  <at>  <at>  proxyCloseUnixSocket(void) {
     if (fdServer < 0)
         return(0);
 
-    ret = close(fdServer);
     if (debug > 0)
         fprintf(stderr, "closing unix socket %d: %d\n", fdServer, ret);
-    fdServer = -1;
+    ret = VIR_CLOSE(fdServer);
     pollInfos[0].fd = -1;
     return(ret);
 }
 <at>  <at>  -172,7 +172,7  <at>  <at>  proxyListenUnixSocket(const char *path) 
     addr.sun_path[0] = '\0';
     if (virStrcpy(&addr.sun_path[1], path, sizeof(addr.sun_path) - 1) == NULL) {
         fprintf(stderr, "Path %s too long to fit into destination\n", path);
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return -1;
     }
 
 <at>  <at>  -181,12 +181,12  <at>  <at>  proxyListenUnixSocket(const char *path) 
      */
     if (bind(fd, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
         fprintf(stderr, "Failed to bind to socket %s\n", path);
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return (-1);
     }
     if (listen(fd, 30 /* backlog */ ) < 0) {
         fprintf(stderr, "Failed to listen to socket %s\n", path);
-        close(fd);
+        VIR_FORCE_CLOSE(fd);
         return (-1);
     }
 
 <at>  <at>  -230,7 +230,7  <at>  <at>  retry:
 
     if (nbClients >= MAX_CLIENT) {
         fprintf(stderr, "Too many client registered\n");
-        close(client);
+        VIR_FORCE_CLOSE(client);
         return(-1);
     }
     nbClients++;
 <at>  <at>  -260,7 +260,7  <at>  <at>  static int
 proxyCloseClientSocket(int nr) {
     int ret;
 
-    ret = close(pollInfos[nr].fd);
+    ret = VIR_CLOSE(pollInfos[nr].fd);
     if (ret != 0)
         fprintf(stderr, "Failed to close socket %d from client %d\n",
                 pollInfos[nr].fd, nr);
 <at>  <at>  -285,7 +285,7  <at>  <at>  proxyCloseClientSockets(void) {
     int i, ret;
 
     for (i = 1;i <= nbClients;i++) {
-        ret = close(pollInfos[i].fd);
+        ret = VIR_CLOSE(pollInfos[i].fd);
         if (ret != 0)
             fprintf(stderr, "Failed to close socket %d from client %d\n",
                     pollInfos[i].fd, i);
Index: libvirt-acl/tools/console.c
===================================================================
--- libvirt-acl.orig/tools/console.c
+++ libvirt-acl/tools/console.c
 <at>  <at>  -39,6 +39,7  <at>  <at> 
 # include "internal.h"
 # include "logging.h"
 # include "util.h"
+# include "files.h"
 
 /* ie  Ctrl-]  as per telnet */
 # define CTRL_CLOSE_BRACKET '\35'
 <at>  <at>  -192,7 +193,7  <at>  <at>  int vshRunConsole(const char *tty) {
     tcsetattr(STDIN_FILENO, TCSAFLUSH, &ttyattr);
 
  closetty:
-    close(ttyfd);
+    VIR_FORCE_CLOSE(ttyfd);
 
     return ret;
 }



Diff tree+V3 against tree+V1


--- ../bak/libvirt-acl/daemon/libvirtd.c	2010-10-31 14:17:36.993380869 -0400
+++ daemon/libvirtd.c	2010-10-31 14:19:16.068381346 -0400
 <at>  <at>  -661,7 +661,7  <at>  <at> 
                 VIR_ERROR(_("bind: %s"), virStrerror (errno, ebuf, sizeof ebuf));
                 return -1;
             }
-            close (fds[*nfds_r]);
+            VIR_FORCE_CLOSE(fds[*nfds_r]);
         } else {
             ++*nfds_r;
         }
 <at>  <at>  -1479,7 +1479,7  <at>  <at> 
         VIR_FREE(client);
     }
     VIR_FREE(addrstr);
-    close (fd);
+    VIR_FORCE_CLOSE(fd);
     PROBE(CLIENT_DISCONNECT, "fd=%d", fd);
     return -1;
 }
--- ../bak/libvirt-acl/src/libvirt.c	2010-10-31 14:17:36.974131928 -0400
+++ src/libvirt.c	2010-10-31 14:19:16.040380869 -0400
 <at>  <at>  -10884,8 +10884,8  <at>  <at> 
  *      ... report an error ....
  * done:
  *   virStreamFree(st);
- *   VIR_FORCE_CLOSE(fd);
- *
+ *   if (VIR_CLOSE(fd) < 0)
+ *       virReportSystemError(errno, "%s", _("failed to close file"));
  *
  * Returns the number of bytes read, which may be less
  * than requested.
--- ../bak/libvirt-acl/src/lxc/lxc_container.c	2010-10-31 14:17:36.975130893 -0400
+++ src/lxc/lxc_container.c	2010-10-31 14:19:16.041381133 -0400
 <at>  <at>  -128,7 +128,7  <at>  <at> 
 static int lxcContainerSetStdio(int control, int ttyfd)
 {
     int rc = -1;
-    int open_max, i, tpmfd;
+    int open_max, i;
 
     if (setsid() < 0) {
         virReportSystemError(errno, "%s",
 <at>  <at>  -147,8 +147,8  <at>  <at> 
     open_max = sysconf (_SC_OPEN_MAX);
     for (i = 0; i < open_max; i++)
         if (i != ttyfd && i != control) {
-            tpmfd = i;
-            VIR_FORCE_CLOSE(tpmfd);
+            int tmpfd = i;
+            VIR_FORCE_CLOSE(tmpfd);
         }
 
     if (dup2(ttyfd, 0) < 0) {
--- ../bak/libvirt-acl/src/lxc/lxc_driver.c	2010-10-31 14:17:36.975130893 -0400
+++ src/lxc/lxc_driver.c	2010-10-31 14:41:44.756151598 -0400
 <at>  <at>  -1539,6 +1539,10  <at>  <at> 
     rc = 0;
 
 cleanup:
+    if (VIR_CLOSE(logfd) < 0) {
+        virReportSystemError(errno, "%s", _("could not close logfile"));
+        rc = -1;
+    }
     for (i = 0 ; i < nveths ; i++) {
         if (rc != 0)
             vethDelete(veths[i]);
 <at>  <at>  -1547,7 +1551,6  <at>  <at> 
     if (rc != 0)
         VIR_FORCE_CLOSE(priv->monitor);
     VIR_FORCE_CLOSE(parentTty);
-    VIR_FORCE_CLOSE(logfd);
     VIR_FREE(logfile);
     return rc;
 }
--- ../bak/libvirt-acl/src/phyp/phyp_driver.c	2010-10-31 14:17:36.977381236 -0400
+++ src/phyp/phyp_driver.c	2010-10-31 14:19:16.044380905 -0400
 <at>  <at>  -458,7 +458,11  <at>  <at> 
         }
     }
 
-    VIR_FORCE_CLOSE(fd);
+    if (VIR_CLOSE(fd) < 0) {
+        virReportSystemError(errno, _("Could not close %s\n"),
+                             local_file);
+        goto err;
+    }
     return 0;
 
   err:
 <at>  <at>  -765,7 +769,11  <at>  <at> 
         }
         break;
     }
-    VIR_FORCE_CLOSE(fd);
+    if (VIR_CLOSE(fd) < 0) {
+        virReportSystemError(errno, _("Could not close %s\n"),
+                             local_file);
+        goto err;
+    }
     goto exit;
 
   exit:
--- ../bak/libvirt-acl/src/qemu/qemu_driver.c	2010-10-31 14:17:36.981380798 -0400
+++ src/qemu/qemu_driver.c	2010-10-31 14:19:16.049381184 -0400
 <at>  <at>  -10336,8 +10336,7  <at>  <at> 
     }
 
 cleanup:
-    if (fd >= 0)
-        close (fd);
+    VIR_FORCE_CLOSE(fd);
     if (vm)
         virDomainObjUnlock(vm);
     return ret;
 <at>  <at>  -10424,7 +10423,7  <at>  <at> 
 
 cleanup:
     VIR_FREE(tmp);
-    if (fd >= 0) close (fd);
+    VIR_FORCE_CLOSE(fd);
     unlink (tmp);
     if (vm)
         virDomainObjUnlock(vm);
--- ../bak/libvirt-acl/src/qemu/qemu_monitor.c	2010-10-31 14:17:36.982380935 -0400
+++ src/qemu/qemu_monitor.c	2010-10-31 14:19:16.049381184 -0400
 <at>  <at>  -695,7 +695,8  <at>  <at> 
     if (!mon->closed) {
         if (mon->watch)
             virEventRemoveHandle(mon->watch);
-        VIR_FORCE_CLOSE(mon->fd);
+        if (mon->fd != -1)
+            close(mon->fd);
         /* NB: ordinarily one might immediately set mon->watch to -1
          * and mon->fd to -1, but there may be a callback active
          * that is still relying on these fields being valid. So
--- ../bak/libvirt-acl/src/remote/remote_driver.c	2010-10-31 14:17:36.983381023 -0400
+++ src/remote/remote_driver.c	2010-10-31 14:19:16.051381190 -0400
 <at>  <at>  -622,7 +622,7  <at>  <at> 
 
             if (connect (priv->sock, r->ai_addr, r->ai_addrlen) == -1) {
                 saved_errno = errno;
-                close (priv->sock);
+                VIR_FORCE_CLOSE(priv->sock);
                 continue;
             }
 
 <at>  <at>  -631,8 +631,7  <at>  <at> 
                     negotiate_gnutls_on_connection
                       (conn, priv, no_verify);
                 if (!priv->session) {
-                    close (priv->sock);
-                    priv->sock = -1;
+                    VIR_FORCE_CLOSE(priv->sock);
                     goto failed;
                 }
             }
 <at>  <at>  -713,7 +712,6  <at>  <at> 
                 flags & VIR_DRV_OPEN_REMOTE_AUTOSTART &&
                 trials < 20) {
                 VIR_FORCE_CLOSE(priv->sock);
-                priv->sock = -1;
                 if (trials > 0 ||
                     remoteForkDaemon() == 0) {
                     trials++;
 <at>  <at>  -807,8 +805,8  <at>  <at> 
             goto failed;
 
         /* Parent continues here. */
-        close (sv[1]);
-        close (errfd[1]);
+        VIR_FORCE_CLOSE(sv[1]);
+        VIR_FORCE_CLOSE(errfd[1]);
         priv->sock = sv[0];
         priv->errfd = errfd[0];
         priv->pid = pid;
 <at>  <at>  -963,7 +961,7  <at>  <at> 
             gnutls_bye (priv->session, GNUTLS_SHUT_RDWR);
             gnutls_deinit (priv->session);
         }
-        close (priv->sock);
+        VIR_FORCE_CLOSE(priv->sock);
 #ifndef WIN32
         if (priv->pid > 0) {
             pid_t reap;
 <at>  <at>  -1440,8 +1438,8  <at>  <at> 
     if (priv->saslconn)
         sasl_dispose (&priv->saslconn);
 #endif
-    close (priv->sock);
-    close (priv->errfd);
+    VIR_FORCE_CLOSE(priv->sock);
+    VIR_FORCE_CLOSE(priv->errfd);
 
 #ifndef WIN32
     if (priv->pid > 0) {
--- ../bak/libvirt-acl/src/storage/storage_backend.c	2010-10-31 14:17:36.985380881 -0400
+++ src/storage/storage_backend.c	2010-10-31 14:19:16.057380931 -0400
 <at>  <at>  -1576,7 +1576,7  <at>  <at> 
     if (fp)
         fclose (fp);
     else
-        close (fd);
+        VIR_FORCE_CLOSE(fd);
 
     while ((w_err = waitpid (child, &exitstatus, 0) == -1) && errno == EINTR)
         /* empty */ ;
--- ../bak/libvirt-acl/src/uml/uml_driver.c	2010-10-31 14:17:36.987380981 -0400
+++ src/uml/uml_driver.c	2010-10-31 14:19:16.060381549 -0400
 <at>  <at>  -811,7 +811,7  <at>  <at> 
                             virDomainObjPtr vm) {
     const char **argv = NULL, **tmp;
     const char **progenv = NULL;
-    int i, ret, tmpfd;
+    int i, ret;
     pid_t pid;
     char *logfile;
     int logfd = -1;
 <at>  <at>  -920,7 +920,7  <at>  <at> 
      */
     for (i = 0; i < FD_SETSIZE; i++)
         if (FD_ISSET(i, &keepfd)) {
-            tmpfd = i;
+            int tmpfd = i;
             VIR_FORCE_CLOSE(tmpfd);
         }
 
 <at>  <at>  -2088,7 +2088,7  <at>  <at> 
     }
 
 cleanup:
-    if (fd >= 0) close (fd);
+    VIR_FORCE_CLOSE(fd);
     if (vm)
         virDomainObjUnlock(vm);
     return ret;
--- ../bak/libvirt-acl/src/util/bridge.c	2010-10-31 14:17:36.988380773 -0400
+++ src/util/bridge.c	2010-10-31 14:19:16.060381549 -0400
 <at>  <at>  -110,7 +110,6  <at>  <at> 
         return;
 
     VIR_FORCE_CLOSE(ctl->fd);
-    ctl->fd = 0;
 
     VIR_FREE(ctl);
 }
--- ../bak/libvirt-acl/src/util/hooks.c	2010-10-31 14:17:36.993380869 -0400
+++ src/util/hooks.c	2010-10-31 14:46:06.855140940 -0400
 <at>  <at>  -373,7 +373,6  <at>  <at> 
             virReportSystemError(errno, "%s",
                              _("unable to close pipe for hook input"));
         }
-        pipefd[1] = -1;
     } else {
         ret = virExec(argv, env, NULL, &pid, -1, &outfd, &errfd,
                       VIR_EXEC_NONE | VIR_EXEC_NONBLOCK);
 <at>  <at>  -422,10 +421,12  <at>  <at> 
     if (VIR_CLOSE(pipefd[0]) < 0) {
         virReportSystemError(errno, "%s",
                          _("unable to close pipe for hook input"));
+        ret = 1;
     }
     if (VIR_CLOSE(pipefd[1]) < 0) {
         virReportSystemError(errno, "%s",
                          _("unable to close pipe for hook input"));
+        ret = 1;
     }
     if (argv) {
         for (i = 0 ; i < argc ; i++)
--- ../bak/libvirt-acl/src/util/macvtap.c	2010-10-31 14:17:36.989380812 -0400
+++ src/util/macvtap.c	2010-10-31 14:19:16.062381346 -0400
 <at>  <at>  -93,12 +93,6  <at>  <at> 
 }
 
 
-static void nlClose(int fd)
-{
-    VIR_FORCE_CLOSE(fd);
-}
-
-
 /**
  * nlComm:
  *  <at> nlmsg: pointer to netlink message
 <at>  <at>  -192,7 +186,7  <at>  <at> 
         *respbuflen = 0;
     }
 
-    nlClose(fd);
+    VIR_FORCE_CLOSE(fd);
     return rc;
 }
 
 <at>  <at>  -690,8 +684,7  <at>  <at> 
 
     if (rc >= 0) {
         if (configMacvtapTap(rc, vnet_hdr) < 0) {
-            VIR_FORCE_CLOSE(rc);
-            rc = -1;
+            VIR_FORCE_CLOSE(rc); /* sets rc to -1 */
             goto disassociate_exit;
         }
         *res_ifname = strdup(cr_ifname);
--- ../bak/libvirt-acl/src/util/util.c	2010-10-31 14:17:36.990380788 -0400
+++ src/util/util.c	2010-10-31 14:19:16.063381237 -0400
 <at>  <at>  -1127,13 +1127,13  <at>  <at> 
 
     if (safewrite(fd, str, strlen(str)) < 0) {
         int saved_errno = errno;
-        close (fd);
+        VIR_FORCE_CLOSE(fd);
         errno = saved_errno;
         return -1;
     }
 
     /* Use errno from failed close only if there was no write error.  */
-    if (close (fd) != 0)
+    if (VIR_CLOSE(fd) != 0)
         return -1;
 
     return 0;
--- ../bak/libvirt-acl/src/util/virtaudit.c	2010-10-31 14:18:05.137140928 -0400
+++ src/util/virtaudit.c	2010-10-31 14:20:15.982151881 -0400
 <at>  <at>  -135,7 +135,7  <at>  <at> 
 void virAuditClose(void)
 {
 #if HAVE_AUDIT
-    VIR_CLOSE(auditfd);
+    VIR_FORCE_CLOSE(auditfd);
 #endif
 }
 
--- ../bak/libvirt-acl/src/xen/proxy_internal.c	2010-10-31 14:17:36.990380788 -0400
+++ src/xen/proxy_internal.c	2010-10-31 14:19:16.066381180 -0400
 <at>  <at>  -233,15 +233,17  <at>  <at> 
 static int
 virProxyCloseSocket(xenUnifiedPrivatePtr priv) {
     int ret;
+    int tmpfd;
 
     if (priv->proxy < 0)
         return(-1);
 
+    tmpfd = priv->proxy;
     ret = VIR_CLOSE(priv->proxy);
     if (ret != 0)
-        VIR_WARN("Failed to close socket %d", priv->proxy);
+        VIR_WARN("Failed to close socket %d", tmpfd);
     else
-        VIR_DEBUG("Closed socket %d", priv->proxy);
+        VIR_DEBUG("Closed socket %d", tmpfd);
     return(ret);
 }
 
--- ../bak/libvirt-acl/src/xen/xend_internal.c	2010-10-31 14:17:36.992381259 -0400
+++ src/xen/xend_internal.c	2010-10-31 14:19:16.068381346 -0400
 <at>  <at>  -137,8 +137,7  <at>  <at> 
 
 
     if (connect(s, (struct sockaddr *)&priv->addr, priv->addrlen) == -1) {
-        VIR_FORCE_CLOSE(s);
-        s = -1;
+        VIR_FORCE_CLOSE(s); /* preserves errno */
 
         /*
          * Connecting to XenD when privileged is mandatory, so log this
 <at>  <at>  -831,7 +830,7  <at>  <at> 
 
         if (connect (sock, r->ai_addr, r->ai_addrlen) == -1) {
             saved_errno = errno;
-            close (sock);
+            VIR_FORCE_CLOSE(sock);
             continue;
         }
 
 <at>  <at>  -5151,7 +5150,7  <at>  <at> 
 
     ret = 0;
  cleanup:
-    if (fd >= 0) close (fd);
+    VIR_FORCE_CLOSE(fd);
     sexpr_free(root);
     virDomainDefFree(def);
     return ret;
--- ../bak/libvirt-acl/tests/testutils.c	2010-10-31 14:17:36.993380869 -0400
+++ tests/testutils.c	2010-10-31 14:19:16.069381264 -0400
 <at>  <at>  -207,7 +207,7  <at>  <at> 
 static
 void virtTestCaptureProgramExecChild(const char *const argv[],
                                      int pipefd) {
-    int i, tmpfd;
+    int i;
     int open_max;
     int stdinfd = -1;
     const char *const env[] = {
 <at>  <at>  -225,7 +225,7  <at>  <at> 
     for (i = 0; i < open_max; i++) {
         if (i != stdinfd &&
             i != pipefd) {
-            tmpfd = i;
+            int tmpfd = i;
             VIR_FORCE_CLOSE(tmpfd);
         }
     }

Daniel Veillard | 1 Nov 10:36 2010
Picon

Re: [libvirt] [PATCH] xen: work with ia64 MAX_VIRT_CPUS of 64

On Fri, Oct 29, 2010 at 11:19:50AM -0600, Eric Blake wrote:
> * src/xen/xen_hypervisor.c (MAX_VIRT_CPUS): Move...
> * src/xen/xen_driver.h (MAX_VIRT_CPUS): ...so all xen code can see
> same value.
> * src/xen/xend_internal.c (sexpr_to_xend_domain_info)
> (xenDaemonDomainGetVcpusFlags, xenDaemonParseSxpr)
> (xenDaemonFormatSxpr): Work if MAX_VIRT_CPUS is 64 on a platform
> where long is 64-bits.
> * src/xen/xm_internal.c (xenXMDomainConfigParse)
> (xenXMDomainConfigFormat): Likewise.

  ACK,

Daniel

--

-- 
Daniel Veillard      | libxml Gnome XML XSLT toolkit  http://xmlsoft.org/
daniel <at> veillard.com  | Rpmfind RPM search engine http://rpmfind.net/
http://veillard.com/ | virtualization library  http://libvirt.org/


Gmane