From: Li Feng <fengli@smartx.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: "Li Feng" <lifeng1519@gmail.com>, "Kyle Zhang" <kyle@smartx.com>,
"Marc-André Lureau" <marcandre.lureau@gmail.com>,
"open list:All patches CC here" <qemu-devel@nongnu.org>,
"Dima Stepanov" <dimastep@yandex-team.ru>
Subject: Re: [PATCH v3 1/2] io/channel: fix crash when qio_channel_readv_all return 0
Date: Mon, 11 May 2020 20:09:44 +0800 [thread overview]
Message-ID: <CAHckoCy=j3Zb2m8wjHnF_5=Da=pu0SjuJsHG1MFEV5gFSZYZSA@mail.gmail.com> (raw)
In-Reply-To: <20200511100257.GG1135885@redhat.com>
Thank you, Daniel and Marc-André.
I understand now. The error_abort is used to abort the program.
I should rewrite the char_socket_ping_pong.
I will post a new version without this wrong patch.
Thanks,
Feng Li
Daniel P. Berrangé <berrange@redhat.com> 于2020年5月11日周一 下午6:03写道:
>
> On Fri, May 08, 2020 at 08:42:22PM +0800, Li Feng wrote:
> > Marc-André Lureau <marcandre.lureau@gmail.com> 于2020年5月8日周五 下午8:32写道:
> > >
> > > Hi
> > >
> > > On Fri, May 8, 2020 at 7:14 AM Li Feng <fengli@smartx.com> wrote:
> > > >
> > > > Root cause:
> > > > From `man recvmsg`, the RETURN VALUE says:
> > > > These calls return the number of bytes received, or -1 if an error occurred.
> > > > In the event of an error, errno is set to indicate the error.
> > > > The return value will be 0 when the peer has performed an orderly shutdown.
> > > >
> > > > When an error happens, the socket will be closed, and recvmsg return 0,
> > > > then error_setg will trigger a crash.
> > > >
> > > > This unit test could reproduce this issue:
> > > > tests/test-char -p /char/socket/client/reconnect-error/unix
> > >
> > > Current master doesn't trigger the backtrace, it's only after your patch 2.
> > Yes. However, the issue did exist in the master code base.
> > The test case in patch 2 revealed this issue.
> >
> > >
> > > >
> > > > The core file backtrace is :
> > > >
> > > > (gdb) bt
> > > > #0 0x00007ffff5ac3277 in raise () from /lib64/libc.so.6
> > > > #1 0x00007ffff5ac4968 in abort () from /lib64/libc.so.6
> > > > #2 0x00005555555aaa94 in error_handle_fatal (errp=<optimized out>, err=0x7fffec0012d0) at util/error.c:40
> > > > #3 0x00005555555aab6d in error_setv (errp=0x555555802a08 <error_abort>, src=0x5555555c4280 "io/channel.c", line=148,
> > > > func=0x5555555c4580 <__func__.17489> "qio_channel_readv_all", err_class=ERROR_CLASS_GENERIC_ERROR,
> > > > fmt=<optimized out>, ap=0x7ffff423bae0, suffix=0x0) at util/error.c:73
> > > > #4 0x00005555555aacf0 in error_setg_internal (errp=errp@entry=0x555555802a08 <error_abort>,
> > > > src=src@entry=0x5555555c4280 "io/channel.c", line=line@entry=148,
> > > > func=func@entry=0x5555555c4580 <__func__.17489> "qio_channel_readv_all",
> > > > fmt=fmt@entry=0x5555555c43a0 "Unexpected end-of-file before all bytes were read") at util/error.c:97
> > > > #5 0x000055555556c25c in qio_channel_readv_all (ioc=<optimized out>, iov=<optimized out>, niov=<optimized out>,
> > > > errp=0x555555802a08 <error_abort>) at io/channel.c:147
> > > > #6 0x000055555556c29a in qio_channel_read_all (ioc=<optimized out>, buf=<optimized out>, buflen=<optimized out>,
> > > > errp=<optimized out>) at io/channel.c:247
> > > > #7 0x000055555556ad22 in char_socket_ping_pong (ioc=0x7fffec0008c0) at tests/test-char.c:732
> > > > #8 0x000055555556ae12 in char_socket_client_server_thread (data=data@entry=0x55555582e350) at tests/test-char.c:891
> > > > #9 0x00005555555a95b6 in qemu_thread_start (args=<optimized out>) at util/qemu-thread-posix.c:519
> > > > #10 0x00007ffff5e61e25 in start_thread () from /lib64/libpthread.so.0
> > > > #11 0x00007ffff5b8bbad in clone () from /lib64/libc.so.6
> > > >
> > > > Signed-off-by: Li Feng <fengli@smartx.com>
> > > > ---
> > > > io/channel.c | 2 --
> > > > 1 file changed, 2 deletions(-)
> > > >
> > > > diff --git a/io/channel.c b/io/channel.c
> > > > index e4376eb0bc..1a4a505f01 100644
> > > > --- a/io/channel.c
> > > > +++ b/io/channel.c
> > > > @@ -144,8 +144,6 @@ int qio_channel_readv_all(QIOChannel *ioc,
> > > >
> > > > if (ret == 0) {
> > > > ret = -1;
> > > > - error_setg(errp,
> > > > - "Unexpected end-of-file before all bytes were read");
> > >
> > > Nack, this code is fine.
> > >
> > > The problem is that the test case doesn't expect a disconnect in
> > > char_socket_ping_pong().
> > Yes, in the test case I try to inject an error in char_socket_ping_pong.
> > Any concerns about these two patches?
>
> I agree with Marc-André - this patch is wrong. qio_channel_readv_all
> *MUST* always set 'errp' if the return value is -1. To not set 'errp'
> is violating the calling convention.
>
> The bug here is in your test case - it is passing '&error_abort' to the
> 'qio_channel_readv_all' call. If you don't want the test to crash, then
> don't pass &error_abort
>
> Regards,
> Daniel
> --
> |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
> |: https://libvirt.org -o- https://fstop138.berrange.com :|
> |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
>
next prev parent reply other threads:[~2020-05-11 12:10 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-15 3:28 [PATCH 0/4] fix crashes when inject errors to vhost-user-blk chardev Li Feng
2020-04-15 3:28 ` [PATCH 1/4] vhost-user-blk: delay vhost_user_blk_disconnect Li Feng
2020-04-14 1:24 ` Raphael Norwitz
2020-04-20 11:18 ` Li Feng
2020-04-15 3:28 ` [PATCH 2/4] vhost-user-blk: fix invalid memory access Li Feng
2020-04-14 1:44 ` Raphael Norwitz
2020-04-15 3:28 ` [PATCH 3/4] char-socket: avoid double call tcp_chr_free_connection Li Feng
2020-04-15 10:35 ` Marc-André Lureau
2020-04-20 3:10 ` Li Feng
2020-04-20 14:28 ` Marc-André Lureau
2020-04-28 8:51 ` [PATCH v2] char-socket: initialize reconnect timer only when the timer doesn't start Li Feng
[not found] ` <20200508051441.8143-1-fengli@smartx.com>
2020-05-08 5:14 ` [PATCH v3 1/2] io/channel: fix crash when qio_channel_readv_all return 0 Li Feng
2020-05-08 12:32 ` Marc-André Lureau
2020-05-08 12:42 ` Li Feng
2020-05-11 10:02 ` Daniel P. Berrangé
2020-05-11 12:09 ` Li Feng [this message]
2020-05-08 5:14 ` [PATCH v3 2/2] char-socket: initialize reconnect timer only when the timer doesn't start Li Feng
2020-05-08 11:00 ` Marc-André Lureau
2020-05-08 12:16 ` Li Feng
2020-05-08 12:28 ` Marc-André Lureau
2020-05-08 12:31 ` Li Feng
2020-05-11 12:39 ` [PATCH v4] " Li Feng
2020-05-21 15:15 ` Paolo Bonzini
2020-04-28 8:54 ` [PATCH v2] " Li Feng
2020-04-28 8:59 ` Li Feng
2020-04-28 11:05 ` Marc-André Lureau
2020-04-28 14:09 ` Feng Li
2020-04-15 3:28 ` [PATCH 4/4] vhost-user-blk: fix crash in realize process Li Feng
2020-04-14 1:54 ` Raphael Norwitz
[not found] ` <CAHckoCwsLwqNhVHK4PF+pzt5ExkurPNsWLw7ueRG8dfOUA2rXg@mail.gmail.com>
2020-04-17 10:07 ` Fwd: " Li Feng
2020-04-17 9:45 ` [PATCH 0/4] fix crashes when inject errors to vhost-user-blk chardev Michael S. Tsirkin
2020-04-17 10:11 ` Li Feng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHckoCy=j3Zb2m8wjHnF_5=Da=pu0SjuJsHG1MFEV5gFSZYZSA@mail.gmail.com' \
--to=fengli@smartx.com \
--cc=berrange@redhat.com \
--cc=dimastep@yandex-team.ru \
--cc=kyle@smartx.com \
--cc=lifeng1519@gmail.com \
--cc=marcandre.lureau@gmail.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.