From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:54889)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ico2ico2@gmail.com>) id 1QFTq3-0002Lx-Aw
	for qemu-devel@nongnu.org; Thu, 28 Apr 2011 12:13:13 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <ico2ico2@gmail.com>) id 1QFTq2-0006oy-KX
	for qemu-devel@nongnu.org; Thu, 28 Apr 2011 12:13:11 -0400
Received: from mail-fx0-f45.google.com ([209.85.161.45]:51929)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <ico2ico2@gmail.com>) id 1QFTq2-0006ot-EL
	for qemu-devel@nongnu.org; Thu, 28 Apr 2011 12:13:10 -0400
Received: by fxm2 with SMTP id 2so2210149fxm.4
	for <qemu-devel@nongnu.org>; Thu, 28 Apr 2011 09:13:09 -0700 (PDT)
MIME-Version: 1.0
Sender: ico2ico2@gmail.com
Date: Thu, 28 Apr 2011 17:13:09 +0100
Message-ID: <BANLkTi=YcOXPfOkDeMhB9XJKzD6Kz4Rcpg@mail.gmail.com>
From: Sassan Panahinejad <sassan@sassan.me.uk>
Content-Type: multipart/alternative; boundary=001517475ad253ed8004a1fcd5cb
Subject: [Qemu-devel] Bug in virtio-9p when fstatting an fd referring to a
 file that no longer exists
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

--001517475ad253ed8004a1fcd5cb
Content-Type: text/plain; charset=ISO-8859-1

It should be possible for guest applications to fstat a file for which they
have a valid file descriptor, even if the file has been removed.
Demonstrated by the code sample below (fstat reports no such file or
directory).
Strangely it seems that reading from a file in this state works fine (and
when both are run, the server receives a different fid for each).
On any other filesystem, the code runs correctly. On our 9p filesystem it
fails.
Many applications (including bash) depend on this working correctly.
I will continue investigating, but any thoughts anyone has on the subject
would be appreciated.


Thanks
Sassan


#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/stat.h>


int main(void)
{
        int ret;
        struct stat statbuf;
        int fd = open("test.txt", O_RDWR | O_CREAT, 0666);
        if (fd < 0) {
                printf("open failed: %m\n");
                return 1;
        }
        ret = write(fd, "test1\n", 6);
        if (ret < 0) {
                printf("write1 failed: %m\n");
                return 1;
        }
        ret = unlink("test.txt");
        if (ret < 0) {
                printf("unlink failed: %m\n");
                return 1;
        }
        ret = fstat(fd, &statbuf);
        if (ret < 0) {
                printf("fstat failed: %m\n");
                return 1;
        }
        return 0;
}

--001517475ad253ed8004a1fcd5cb
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

It should be possible for guest applications to fstat a file for which they=
 have a valid file descriptor, even if the file has been removed.<br>Demons=
trated by the code sample below (fstat reports no such file or directory).<=
br>
Strangely it seems that reading from a file in this state works fine (and w=
hen both are run, the server receives a different fid for each).<br>
On any other filesystem, the code runs correctly. On our 9p filesystem it f=
ails.<br>Many applications (including bash) depend on this working correctl=
y.<br>
I will continue investigating, but any thoughts anyone has on the subject w=
ould be appreciated.<br><br><br>
Thanks<br>
Sassan<br><br><br>#include &lt;stdio.h&gt;<br>#include &lt;unistd.h&gt;<br>=
#include &lt;fcntl.h&gt;<br>#include &lt;sys/types.h&gt;<br>#include &lt;sy=
s/stat.h&gt;<br><br><br>int main(void)<br>{<br>=A0=A0=A0=A0=A0=A0=A0 int re=
t;<br>=A0=A0=A0=A0=A0=A0=A0 struct stat statbuf;<br>

=A0=A0=A0=A0=A0=A0=A0 int fd =3D open(&quot;test.txt&quot;, O_RDWR | O_CREA=
T, 0666);<br>=A0=A0=A0=A0=A0=A0=A0 if (fd &lt; 0) {<br>=A0=A0=A0=A0=A0=A0=
=A0=A0=A0=A0=A0=A0=A0=A0=A0 printf(&quot;open failed: %m\n&quot;);<br>=A0=
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 return 1;<br>=A0=A0=A0=A0=A0=A0=
=A0 }<br>=A0=A0=A0=A0=A0=A0=A0 ret =3D write(fd, &quot;test1\n&quot;, 6);<b=
r>

=A0=A0=A0=A0=A0=A0=A0 if (ret &lt; 0) {<br>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=
=A0=A0=A0=A0=A0 printf(&quot;write1 failed: %m\n&quot;);<br>=A0=A0=A0=A0=A0=
=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 return 1;<br>=A0=A0=A0=A0=A0=A0=A0 }<br>=A0=
=A0=A0=A0=A0=A0=A0 ret =3D unlink(&quot;test.txt&quot;);<br>=A0=A0=A0=A0=A0=
=A0=A0 if (ret &lt; 0) {<br>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 p=
rintf(&quot;unlink failed: %m\n&quot;);<br>

=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0 return 1;<br>=A0=A0=A0=A0=A0=
=A0=A0 }<br>=A0=A0=A0=A0=A0=A0=A0 ret =3D fstat(fd, &amp;statbuf);<br>=A0=
=A0=A0=A0=A0=A0=A0 if (ret &lt; 0) {<br>=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=A0=
=A0=A0=A0=A0 printf(&quot;fstat failed: %m\n&quot;);<br>=A0=A0=A0=A0=A0=A0=
=A0=A0=A0=A0=A0=A0=A0=A0=A0 return 1;<br>=A0=A0=A0=A0=A0=A0=A0 }<br>=A0=A0=
=A0=A0=A0=A0=A0 return 0;<br>

}<br>

--001517475ad253ed8004a1fcd5cb--