From: Stefan Hajnoczi <stefanha@gmail.com>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: qemu-devel@nongnu.org, Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Subject: [Qemu-devel] [PATCH 06/13] net: do not report queued packets as sent
Date: Fri, 14 Sep 2012 09:46:53 +0100 [thread overview]
Message-ID: <1347612420-5704-7-git-send-email-stefanha@gmail.com> (raw)
In-Reply-To: <1347612420-5704-1-git-send-email-stefanha@gmail.com>
From: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
Net send functions have a return value where 0 means the packet has not
been sent and will be queued. A non-zero value means the packet was
sent or an error caused the packet to be dropped.
This patch fixes two instances where packets are queued but we return
their size. This causes callers to believe the packets were sent. When
the caller uses the async send interface this creates a real problem
because the callback will be invoked for a packet that the caller
believed to be already sent. This bug can cause double-frees in the
caller.
Signed-off-by: Stefan Hajnoczi <stefanha@linux.vnet.ibm.com>
---
net/queue.c | 35 ++++++++++++++++-------------------
1 file changed, 16 insertions(+), 19 deletions(-)
diff --git a/net/queue.c b/net/queue.c
index 6e64091..254f280 100644
--- a/net/queue.c
+++ b/net/queue.c
@@ -83,12 +83,12 @@ void qemu_del_net_queue(NetQueue *queue)
g_free(queue);
}
-static ssize_t qemu_net_queue_append(NetQueue *queue,
- NetClientState *sender,
- unsigned flags,
- const uint8_t *buf,
- size_t size,
- NetPacketSent *sent_cb)
+static void qemu_net_queue_append(NetQueue *queue,
+ NetClientState *sender,
+ unsigned flags,
+ const uint8_t *buf,
+ size_t size,
+ NetPacketSent *sent_cb)
{
NetPacket *packet;
@@ -100,16 +100,14 @@ static ssize_t qemu_net_queue_append(NetQueue *queue,
memcpy(packet->data, buf, size);
QTAILQ_INSERT_TAIL(&queue->packets, packet, entry);
-
- return size;
}
-static ssize_t qemu_net_queue_append_iov(NetQueue *queue,
- NetClientState *sender,
- unsigned flags,
- const struct iovec *iov,
- int iovcnt,
- NetPacketSent *sent_cb)
+static void qemu_net_queue_append_iov(NetQueue *queue,
+ NetClientState *sender,
+ unsigned flags,
+ const struct iovec *iov,
+ int iovcnt,
+ NetPacketSent *sent_cb)
{
NetPacket *packet;
size_t max_len = 0;
@@ -133,8 +131,6 @@ static ssize_t qemu_net_queue_append_iov(NetQueue *queue,
}
QTAILQ_INSERT_TAIL(&queue->packets, packet, entry);
-
- return packet->size;
}
static ssize_t qemu_net_queue_deliver(NetQueue *queue,
@@ -177,7 +173,8 @@ ssize_t qemu_net_queue_send(NetQueue *queue,
ssize_t ret;
if (queue->delivering || !qemu_can_send_packet(sender)) {
- return qemu_net_queue_append(queue, sender, flags, data, size, sent_cb);
+ qemu_net_queue_append(queue, sender, flags, data, size, sent_cb);
+ return 0;
}
ret = qemu_net_queue_deliver(queue, sender, flags, data, size);
@@ -201,8 +198,8 @@ ssize_t qemu_net_queue_send_iov(NetQueue *queue,
ssize_t ret;
if (queue->delivering || !qemu_can_send_packet(sender)) {
- return qemu_net_queue_append_iov(queue, sender, flags,
- iov, iovcnt, sent_cb);
+ qemu_net_queue_append_iov(queue, sender, flags, iov, iovcnt, sent_cb);
+ return 0;
}
ret = qemu_net_queue_deliver_iov(queue, sender, flags, iov, iovcnt);
--
1.7.10.4
next prev parent reply other threads:[~2012-09-14 8:47 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-14 8:46 [Qemu-devel] [PULL 00/13] Net patches Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 01/13] net: notify iothread after flushing queue Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 02/13] e1000: flush queue whenever can_receive can go from false to true Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 03/13] xen: flush queue when getting an event Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 04/13] eepro100: Fix network hang when rx buffers run out Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 05/13] net: add receive_disabled logic to iov delivery path Stefan Hajnoczi
2012-09-14 8:46 ` Stefan Hajnoczi [this message]
2012-09-14 8:46 ` [Qemu-devel] [PATCH 07/13] net: add -netdev options to man page Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 08/13] net: clean up usbnet_receive() Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 09/13] net: fix usbnet_receive() packet drops Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 10/13] net: broadcast hub packets if at least one port can receive Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 11/13] net: asynchronous send/receive infrastructure for net/socket.c Stefan Hajnoczi
2012-09-14 8:46 ` [Qemu-devel] [PATCH 12/13] net: EAGAIN handling for net/socket.c UDP Stefan Hajnoczi
2012-09-14 8:47 ` [Qemu-devel] [PATCH 13/13] net: EAGAIN handling for net/socket.c TCP Stefan Hajnoczi
2012-09-17 18:19 ` [Qemu-devel] [PULL 00/13] Net patches Anthony Liguori
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1347612420-5704-7-git-send-email-stefanha@gmail.com \
--to=stefanha@gmail.com \
--cc=aliguori@us.ibm.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).