From: Auger Eric <eric.auger@redhat.com>
To: Stefan Hajnoczi <stefanha@redhat.com>
Cc: zhang.zhanghailiang@huawei.com, qemu-trivial@nongnu.org,
pannengyuan@huawei.com, qemu-devel@nongnu.org,
Alex Williamson <alex.williamson@redhat.com>,
Euler Robot <euler.robot@huawei.com>,
Chen Qun <kuhn.chenqun@huawei.com>
Subject: Re: [PATCH 07/11] vfio/platform: Remove dead assignment in vfio_intp_interrupt()
Date: Tue, 18 Aug 2020 15:42:29 +0200 [thread overview]
Message-ID: <20ee54db-e36c-fc45-aa5c-14bf6433602b@redhat.com> (raw)
In-Reply-To: <20200818125446.GC36102@stefanha-x1.localdomain>
Hi Stefan,
On 8/18/20 2:54 PM, Stefan Hajnoczi wrote:
> On Thu, Aug 13, 2020 at 09:18:59PM +0200, Auger Eric wrote:
>> Hi Alex,
>>
>> On 8/13/20 9:15 PM, Alex Williamson wrote:
>>> On Thu, 13 Aug 2020 20:02:45 +0200
>>> Auger Eric <eric.auger@redhat.com> wrote:
>>>
>>>> Hi Alex,
>>>>
>>>> On 8/13/20 6:59 PM, Alex Williamson wrote:
>>>>> On Thu, 13 Aug 2020 15:37:08 +0800
>>>>> Chen Qun <kuhn.chenqun@huawei.com> wrote:
>>>>>
>>>>>> Clang static code analyzer show warning:
>>>>>> hw/vfio/platform.c:239:9: warning: Value stored to 'ret' is never read
>>>>>> ret = event_notifier_test_and_clear(intp->interrupt);
>>>>>> ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>>>>
>>>>>> Reported-by: Euler Robot <euler.robot@huawei.com>
>>>>>> Signed-off-by: Chen Qun <kuhn.chenqun@huawei.com>
>>>>>> ---
>>>>>> Cc: Alex Williamson <alex.williamson@redhat.com>
>>>>>> Cc: Eric Auger <eric.auger@redhat.com>
>>>>>> ---
>>>>>> hw/vfio/platform.c | 2 +-
>>>>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>>
>>>>>> diff --git a/hw/vfio/platform.c b/hw/vfio/platform.c
>>>>>> index ac2cefc9b1..869ed2c39d 100644
>>>>>> --- a/hw/vfio/platform.c
>>>>>> +++ b/hw/vfio/platform.c
>>>>>> @@ -236,7 +236,7 @@ static void vfio_intp_interrupt(VFIOINTp *intp)
>>>>>> trace_vfio_intp_interrupt_set_pending(intp->pin);
>>>>>> QSIMPLEQ_INSERT_TAIL(&vdev->pending_intp_queue,
>>>>>> intp, pqnext);
>>>>>> - ret = event_notifier_test_and_clear(intp->interrupt);
>>>>>> + event_notifier_test_and_clear(intp->interrupt);
>>>>>> return;
>>>>>> }
>>>>>
>>>>> Testing that an event is pending in our notifier is generally a
>>>>> prerequisite to doing anything in the interrupt handler, I don't
>>>>> understand why we're just consuming it and ignoring the return value.
>>>>> The above is in the delayed handling branch of the function, but the
>>>>> normal non-delayed path would only go on to error_report() if the
>>>>> notifier is not pending and then inject an interrupt anyway. This all
>>>>> seems rather suspicious and it's a unique pattern among the vfio
>>>>> callers of this function. Is there a more fundamental bug that this
>>>>> function should perform this test once and return without doing
>>>>> anything if it's called spuriously, ie. without a notifier pending?
>>>>> Thanks,
>>>>
>>>> Hum that's correct that other VFIO call sites do the check. My
>>>> understanding was that this could not fail in this case as, if we
>>>> entered the handler there was something to be cleared. In which
>>>> situation can this fail?
>>>
>>> I'm not sure what the right answer is, I see examples either way
>>> looking outside of vfio code. On one hand, maybe we never get called
>>> spuriously, on the other if it's the callee's responsibility to drain
>>> events from the fd and we have it readily accessible whether there were
>>> any events pending, why would we inject an interrupt if the result that
>>> we have in hand shows no pending events? The overhead of returning
>>> based on that result is minuscule.
>>
>> I agree
>>>
>>> qemu_set_fd_handler() is a wrapper for aio_set_fd_handler(). Stefan is
>>> a possible defacto maintainer of some of the aio code. Stefan, do you
>>> have thoughts on whether callbacks from event notifier fds should
>>> consider spurious events? Thanks,
>>
>> Indeed I saw that for instance block/nvme.c nvme_handle_event is not
>> checking the result.
>>
>> Let's wait for Stefan's answer ...
>
> vfio_intp_interrupt() will always read a non-zero eventfd value, based
> on these assumptions:
>
> intp->interrupt is "readable" since vfio_intp_interrupt() is called by
> the AioContext (event loop). "readable" does not guarantee that data can
> actually be read because it also includes error events:
>
> new_node->pfd.events = (io_read ? G_IO_IN | G_IO_HUP | G_IO_ERR : 0);
>
> However, I think we can exclude the error case for the VFIO interrupt
> eventfds because there are no error cases for eventfds (unlike socket
> disconnection, for example).
>
> The other important assumption is that only one thread on the host is
> monitoring the eventfd for activity.
Thank for your the confirmation. So this patch should be safe.
Best Regards
Eric
>
> Stefan
>
next prev parent reply other threads:[~2020-08-18 13:43 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-13 7:37 [PATCH 00/11] trivial patchs for static code analyzer fixes Chen Qun
2020-08-13 7:37 ` [PATCH 01/11] hw/arm/virt-acpi-build:Remove dead assignment in build_madt() Chen Qun
2020-08-19 11:06 ` Igor Mammedov
2020-08-31 10:46 ` Michael S. Tsirkin
2020-08-13 7:37 ` [PATCH 02/11] hw/arm/omap1:Remove redundant statement in omap_clkdsp_read() Chen Qun
2020-08-13 7:37 ` [PATCH 03/11] target/arm/translate-a64:Remove dead assignment in handle_scalar_simd_shli() Chen Qun
2020-08-13 7:37 ` [PATCH 04/11] target/arm/translate-a64:Remove redundant statement in disas_simd_two_reg_misc_fp16() Chen Qun
2020-08-13 7:37 ` [PATCH 05/11] hw/virtio/vhost-user:Remove dead assignment in scrub_shadow_regions() Chen Qun
2020-08-13 17:44 ` Raphael Norwitz
2020-08-31 10:46 ` Michael S. Tsirkin
2020-08-13 7:37 ` [PATCH 06/11] hw/net/virtio-net:Remove redundant statement in virtio_net_rsc_tcp_ctrl_check() Chen Qun
2020-08-13 8:18 ` Philippe Mathieu-Daudé
2020-08-31 10:47 ` Michael S. Tsirkin
2020-08-13 7:37 ` [PATCH 07/11] vfio/platform: Remove dead assignment in vfio_intp_interrupt() Chen Qun
2020-08-13 9:25 ` Auger Eric
2020-08-13 16:59 ` Alex Williamson
2020-08-13 18:02 ` Auger Eric
2020-08-13 19:15 ` Alex Williamson
2020-08-13 19:18 ` Auger Eric
2020-08-18 12:54 ` Stefan Hajnoczi
2020-08-18 13:42 ` Auger Eric [this message]
2020-08-13 7:37 ` [PATCH 08/11] tcg/optimize: Remove redundant statement in tcg_optimize() Chen Qun
2020-08-13 16:22 ` Richard Henderson
2020-08-17 13:04 ` Chenqun (kuhn)
2020-08-18 0:24 ` Richard Henderson
2020-08-13 7:37 ` [PATCH 09/11] usb/bus: Remove dead assignment in usb_get_fw_dev_path() Chen Qun
2020-08-13 9:05 ` Chenqun (kuhn)
2020-08-13 7:37 ` [PATCH 10/11] hw/intc: Remove redundant statement in exynos4210_combiner_read() Chen Qun
2020-08-13 7:37 ` [PATCH 11/11] hw/display/vga:Remove redundant statement in vga_draw_graphic() Chen Qun
2020-08-17 6:49 ` Gerd Hoffmann
2020-08-13 8:39 ` [PATCH 00/11] trivial patchs for static code analyzer fixes no-reply
2020-08-13 9:23 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20ee54db-e36c-fc45-aa5c-14bf6433602b@redhat.com \
--to=eric.auger@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=euler.robot@huawei.com \
--cc=kuhn.chenqun@huawei.com \
--cc=pannengyuan@huawei.com \
--cc=qemu-devel@nongnu.org \
--cc=qemu-trivial@nongnu.org \
--cc=stefanha@redhat.com \
--cc=zhang.zhanghailiang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).