From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1K6Web-0006of-9d for qemu-devel@nongnu.org; Wed, 11 Jun 2008 16:10:45 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1K6WeZ-0006mn-CJ for qemu-devel@nongnu.org; Wed, 11 Jun 2008 16:10:44 -0400 Received: from [199.232.76.173] (port=36919 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1K6WeZ-0006mZ-7G for qemu-devel@nongnu.org; Wed, 11 Jun 2008 16:10:43 -0400 Received: from mail.windriver.com ([147.11.1.11]:60586 helo=mail.wrs.com) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1K6WeZ-00077t-Dh for qemu-devel@nongnu.org; Wed, 11 Jun 2008 16:10:43 -0400 Message-ID: <4850313B.8030304@windriver.com> Date: Wed, 11 Jun 2008 15:10:35 -0500 From: Jason Wessel MIME-Version: 1.0 Subject: Re: [Qemu-devel] [PATCH] Proposed fix broken RST response to a slirp redirect socket References: <485009A9.6000900@windriver.com> <20080611180739.GA20729@edgar.se.axis.com> <20080611193712.GB20729@edgar.se.axis.com> In-Reply-To: <20080611193712.GB20729@edgar.se.axis.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Edgar E. Iglesias" Cc: qemu-devel@nongnu.org Edgar E. Iglesias wrote: > On Wed, Jun 11, 2008 at 08:07:39PM +0200, Edgar E. Iglesias wrote: >> On Wed, Jun 11, 2008 at 12:21:45PM -0500, Jason Wessel wrote: >>> When using slirp networking with a redirected tcp socket, the qemu guest >>> os does not receive RST packets when a redirected, accepted socket goes >>> into the FIN_WAIT_2 status. Presently slirp sends ACKs instead of RST >>> packets, which means the guest os application socket writes do not fail >>> event after the client has terminated the socket. >>> >>> Here is a simple way to demonstrate the problem. >>> >>> * Start qemu with user mode networking plus: >>> -redir tcp:4441::4441 >>> >>> * Assuming you booted a linux guest os you could run: >>> cat /dev/zero | nc -p 4441 -l >>> >>> * On the host run the following command and you >>> must hit control-c after about 1 second >>> nc localhost 4441 >> Hello Jason, >> >> IIRC connections in FIN_WAIT_2 can continue to receive data. >> >> If I might take a wild guess at whats going on: >> The host closed the receiving socket when you ctrl-c nc. That socket still has >> data in it's rcvbuf so the stack aborts the connection and sends a RST. The >> slirp code should now see a -1 on it's next write to that socket and an errno >> ECONNRESET but it's not correctly taking care of that case, instead it's >> incorrectly setting the TCP state to FIN_WAIT_2. It should have set it to >> CLOSED and sent a RST to the guest. > > Heh, that guess wasn't entirely correct... > Anyway, here is a patch that hopefully helps. > > Best regards I'll agree that I didn't look in quite the right place to begin with. With respect to your patch you might consider making a minor change. diff --git a/slirp/socket.c b/slirp/socket.c index 75003af..2a459a1 100644 --- a/slirp/socket.c +++ b/slirp/socket.c @@ -165,9 +165,21 @@ soread(so) if (nn < 0 && (errno == EINTR || errno == EAGAIN)) return 0; else { + int err; + socklen_t slen; + + err = errno; --- Probably don't need to set err to errno since you are collecting it with getsockopt --- + if (nn == 0) + getsockopt(so->s, SOL_SOCKET, SO_ERROR, + &err, &slen); --- In theory you are supposed to set slen = sizeof(err); prior to calling getsockopt() The rest looks fine. I used the debugger to step through qemu to double check it was hitting the right places for the client / server sockets. --- + DEBUG_MISC((dfd, " --- soread() disconnected, nn = %d, errno = %d-%s\n", nn, errno,strerror(errno))); sofcantrcvmore(so); - tcp_sockclosed(sototcpcb(so)); + if (err == ECONNRESET + || err == ENOTCONN || err == EPIPE) + tcp_drop(sototcpcb(so), err); + else + tcp_sockclosed(sototcpcb(so)); return -1; } } Jason.