All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jason Wang <jasowang@redhat.com>
To: Zhang Chen <zhangckid@gmail.com>,
	qemu-devel@nongnu.org, Paolo Bonzini <pbonzini@redhat.com>,
	Juan Quintela <quintela@redhat.com>,
	"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
	Eric Blake <eblake@redhat.com>,
	Markus Armbruster <armbru@redhat.com>
Cc: zhanghailiang <zhang.zhanghailiang@huawei.com>,
	Li Zhijian <lizhijian@cn.fujitsu.com>
Subject: Re: [Qemu-devel] [PATCH V8 01/17] filter-rewriter: fix memory leak for connection in connection_track_table
Date: Mon, 4 Jun 2018 13:51:19 +0800	[thread overview]
Message-ID: <f6951f5c-4005-78b3-cd22-738a89829df9@redhat.com> (raw)
In-Reply-To: <20180603050546.6827-2-zhangckid@gmail.com>



On 2018年06月03日 13:05, Zhang Chen wrote:
> After a net connection is closed, we didn't clear its releated resources
> in connection_track_table, which will lead to memory leak.
>
> Let't track the state of net connection, if it is closed, its related
> resources will be cleared up.
>
> Signed-off-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
> Signed-off-by: Zhang Chen <zhangckid@gmail.com>
> ---
>   net/colo.h            |  4 +++
>   net/filter-rewriter.c | 69 ++++++++++++++++++++++++++++++++++++++-----
>   2 files changed, 66 insertions(+), 7 deletions(-)
>
> diff --git a/net/colo.h b/net/colo.h
> index da6c36dcf7..cd118510c5 100644
> --- a/net/colo.h
> +++ b/net/colo.h
> @@ -18,6 +18,7 @@
>   #include "slirp/slirp.h"
>   #include "qemu/jhash.h"
>   #include "qemu/timer.h"
> +#include "slirp/tcp.h"
>   
>   #define HASHTABLE_MAX_SIZE 16384
>   
> @@ -86,6 +87,9 @@ typedef struct Connection {
>        * run once in independent tcp connection
>        */
>       int syn_flag;
> +
> +    int tcp_state; /* TCP FSM state */
> +    tcp_seq fin_ack_seq; /* the seq of 'fin=1,ack=1' */

So the question is, the state machine is not complete. I suspect there 
will be corner cases that will be left because of lacking sufficient 
states. LAST_ACK happens only for passive close. How about active close?

So I think we need either maintain a full state machine or not instead 
of a partial one. We don't want endless bugs.

Thanks

>   } Connection;
>   
>   uint32_t connection_key_hash(const void *opaque);
> diff --git a/net/filter-rewriter.c b/net/filter-rewriter.c
> index 62dad2d773..0909a9a8af 100644
> --- a/net/filter-rewriter.c
> +++ b/net/filter-rewriter.c
> @@ -59,9 +59,9 @@ static int is_tcp_packet(Packet *pkt)
>   }
>   
>   /* handle tcp packet from primary guest */
> -static int handle_primary_tcp_pkt(NetFilterState *nf,
> +static int handle_primary_tcp_pkt(RewriterState *rf,
>                                     Connection *conn,
> -                                  Packet *pkt)
> +                                  Packet *pkt, ConnectionKey *key)
>   {
>       struct tcphdr *tcp_pkt;
>   
> @@ -99,15 +99,44 @@ static int handle_primary_tcp_pkt(NetFilterState *nf,
>               net_checksum_calculate((uint8_t *)pkt->data + pkt->vnet_hdr_len,
>                                      pkt->size - pkt->vnet_hdr_len);
>           }
> +        /*
> +         * Case 1:
> +         * The *server* side of this connect is VM, *client* tries to close
> +         * the connection.
> +         *
> +         * We got 'ack=1' packets from client side, it acks 'fin=1, ack=1'
> +         * packet from server side. From this point, we can ensure that there
> +         * will be no packets in the connection, except that, some errors
> +         * happen between the path of 'filter object' and vNIC, if this rare
> +         * case really happen, we can still create a new connection,
> +         * So it is safe to remove the connection from connection_track_table.
> +         *
> +         */
> +        if ((conn->tcp_state == TCPS_LAST_ACK) &&
> +            (ntohl(tcp_pkt->th_ack) == (conn->fin_ack_seq + 1))) {
> +            g_hash_table_remove(rf->connection_track_table, key);
> +        }
> +    }
> +    /*
> +     * Case 2:
> +     * The *server* side of this connect is VM, *server* tries to close
> +     * the connection.
> +     *
> +     * We got 'fin=1, ack=1' packet from client side, we need to
> +     * record the seq of 'fin=1, ack=1' packet.
> +     */
> +    if ((tcp_pkt->th_flags & (TH_ACK | TH_FIN)) == (TH_ACK | TH_FIN)) {
> +        conn->fin_ack_seq = htonl(tcp_pkt->th_seq);
> +        conn->tcp_state = TCPS_LAST_ACK;
>       }
>   
>       return 0;
>   }
>   
>   /* handle tcp packet from secondary guest */
> -static int handle_secondary_tcp_pkt(NetFilterState *nf,
> +static int handle_secondary_tcp_pkt(RewriterState *rf,
>                                       Connection *conn,
> -                                    Packet *pkt)
> +                                    Packet *pkt, ConnectionKey *key)
>   {
>       struct tcphdr *tcp_pkt;
>   
> @@ -139,8 +168,34 @@ static int handle_secondary_tcp_pkt(NetFilterState *nf,
>               net_checksum_calculate((uint8_t *)pkt->data + pkt->vnet_hdr_len,
>                                      pkt->size - pkt->vnet_hdr_len);
>           }
> +        /*
> +         * Case 2:
> +         * The *server* side of this connect is VM, *server* tries to close
> +         * the connection.
> +         *
> +         * We got 'ack=1' packets from server side, it acks 'fin=1, ack=1'
> +         * packet from client side. Like Case 1, there should be no packets
> +         * in the connection from now know, But the difference here is
> +         * if the packet is lost, We will get the resent 'fin=1,ack=1' packet.
> +         * TODO: Fix above case.
> +         */
> +        if ((conn->tcp_state == TCPS_LAST_ACK) &&
> +            (ntohl(tcp_pkt->th_ack) == (conn->fin_ack_seq + 1))) {
> +            g_hash_table_remove(rf->connection_track_table, key);
> +        }
> +    }
> +    /*
> +     * Case 1:
> +     * The *server* side of this connect is VM, *client* tries to close
> +     * the connection.
> +     *
> +     * We got 'fin=1, ack=1' packet from server side, we need to
> +     * record the seq of 'fin=1, ack=1' packet.
> +     */
> +    if ((tcp_pkt->th_flags & (TH_ACK | TH_FIN)) == (TH_ACK | TH_FIN)) {
> +        conn->fin_ack_seq = ntohl(tcp_pkt->th_seq);
> +        conn->tcp_state = TCPS_LAST_ACK;
>       }
> -
>       return 0;
>   }
>   
> @@ -190,7 +245,7 @@ static ssize_t colo_rewriter_receive_iov(NetFilterState *nf,
>   
>           if (sender == nf->netdev) {
>               /* NET_FILTER_DIRECTION_TX */
> -            if (!handle_primary_tcp_pkt(nf, conn, pkt)) {
> +            if (!handle_primary_tcp_pkt(s, conn, pkt, &key)) {
>                   qemu_net_queue_send(s->incoming_queue, sender, 0,
>                   (const uint8_t *)pkt->data, pkt->size, NULL);
>                   packet_destroy(pkt, NULL);
> @@ -203,7 +258,7 @@ static ssize_t colo_rewriter_receive_iov(NetFilterState *nf,
>               }
>           } else {
>               /* NET_FILTER_DIRECTION_RX */
> -            if (!handle_secondary_tcp_pkt(nf, conn, pkt)) {
> +            if (!handle_secondary_tcp_pkt(s, conn, pkt, &key)) {
>                   qemu_net_queue_send(s->incoming_queue, sender, 0,
>                   (const uint8_t *)pkt->data, pkt->size, NULL);
>                   packet_destroy(pkt, NULL);

  reply	other threads:[~2018-06-04  5:51 UTC|newest]

Thread overview: 46+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-06-03  5:05 [Qemu-devel] [PATCH V8 00/17] COLO: integrate colo frame with block replication and COLO proxy Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 01/17] filter-rewriter: fix memory leak for connection in connection_track_table Zhang Chen
2018-06-04  5:51   ` Jason Wang [this message]
2018-06-10 14:08     ` Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 02/17] colo-compare: implement the process of checkpoint Zhang Chen
2018-06-04  6:31   ` Jason Wang
2018-06-10 14:08     ` Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 03/17] colo-compare: use notifier to notify packets comparing result Zhang Chen
2018-06-04  6:36   ` Jason Wang
2018-06-10 14:09     ` Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 04/17] COLO: integrate colo compare with colo frame Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 05/17] COLO: Add block replication into colo process Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 06/17] COLO: Remove colo_state migration struct Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 07/17] COLO: Load dirty pages into SVM's RAM cache firstly Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 08/17] ram/COLO: Record the dirty pages that SVM received Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 09/17] COLO: Flush memory data from ram cache Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 10/17] qmp event: Add COLO_EXIT event to notify users while exited COLO Zhang Chen
2018-06-04 22:23   ` Eric Blake
2018-06-07 12:54     ` Markus Armbruster
2018-06-10 17:24       ` Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 11/17] qapi: Add new command to query colo status Zhang Chen
2018-06-04 22:23   ` Eric Blake
2018-06-10 17:42     ` Zhang Chen
2018-06-10 17:53       ` Zhang Chen
2018-06-07 12:59   ` Markus Armbruster
2018-06-10 17:39     ` Zhang Chen
2018-06-11  6:48       ` Markus Armbruster
2018-06-11 15:34         ` Zhang Chen
2018-06-13 16:50           ` Dr. David Alan Gilbert
2018-06-14  8:42             ` Markus Armbruster
2018-06-14  9:25               ` Dr. David Alan Gilbert
2018-06-19  4:00                 ` Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 12/17] savevm: split the process of different stages for loadvm/savevm Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 13/17] COLO: flush host dirty ram from cache Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 14/17] filter: Add handle_event method for NetFilterClass Zhang Chen
2018-06-04  6:57   ` Jason Wang
2018-06-10 14:09     ` Zhang Chen
2018-06-11  1:56       ` Jason Wang
2018-06-11  6:46         ` Zhang Chen
2018-06-11  7:02           ` Jason Wang
2018-06-11 15:36             ` Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 15/17] filter-rewriter: handle checkpoint and failover event Zhang Chen
2018-06-04  7:42   ` Jason Wang
2018-06-10 17:20     ` Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 16/17] COLO: notify net filters about checkpoint/failover event Zhang Chen
2018-06-03  5:05 ` [Qemu-devel] [PATCH V8 17/17] COLO: quick failover process by kick COLO thread Zhang Chen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f6951f5c-4005-78b3-cd22-738a89829df9@redhat.com \
    --to=jasowang@redhat.com \
    --cc=armbru@redhat.com \
    --cc=dgilbert@redhat.com \
    --cc=eblake@redhat.com \
    --cc=lizhijian@cn.fujitsu.com \
    --cc=pbonzini@redhat.com \
    --cc=qemu-devel@nongnu.org \
    --cc=quintela@redhat.com \
    --cc=zhang.zhanghailiang@huawei.com \
    --cc=zhangckid@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.