| Message ID | 20220620053944.257547-3-leobras@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | MSG_ZEROCOPY fixes & improvements | expand |
Leonardo Bras <leobras@redhat.com> wrote: > Somewhere between v6 and v7 the of the zero-copy-send patchset a crucial > part of the flushing mechanism got missing: incrementing zero_copy_queued. > > Without that, the flushing interface becomes a no-op, and there is no > guarantee the buffer is really sent. > > This can go as bad as causing a corruption in RAM during migration. > > Fixes: 2bc58ffc2926 ("QIOChannelSocket: Implement io_writev zero copy > flag & io_flush for CONFIG_LINUX") > Reported-by: 徐闯 <xuchuangxclwt@bytedance.com> > Signed-off-by: Leonardo Bras <leobras@redhat.com> > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Juan Quintela <quintela@redhat.com>
On Mon, Jun 20, 2022 at 02:39:43AM -0300, Leonardo Bras wrote: > Somewhere between v6 and v7 the of the zero-copy-send patchset a crucial > part of the flushing mechanism got missing: incrementing zero_copy_queued. > > Without that, the flushing interface becomes a no-op, and there is no > guarantee the buffer is really sent. > > This can go as bad as causing a corruption in RAM during migration. > > Fixes: 2bc58ffc2926 ("QIOChannelSocket: Implement io_writev zero copy flag & io_flush for CONFIG_LINUX") > Reported-by: 徐闯 <xuchuangxclwt@bytedance.com> > Signed-off-by: Leonardo Bras <leobras@redhat.com> > Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: Peter Xu <peterx@redhat.com>
diff --git a/io/channel-socket.c b/io/channel-socket.c index dac9e60c20..4fa0402f54 100644 --- a/io/channel-socket.c +++ b/io/channel-socket.c @@ -611,6 +611,11 @@ static ssize_t qio_channel_socket_writev(QIOChannel *ioc, "Unable to write to socket"); return -1; } + + if (flags & QIO_CHANNEL_WRITE_FLAG_ZERO_COPY) { + sioc->zero_copy_queued++; + } + return ret; } #else /* WIN32 */
Somewhere between v6 and v7 the of the zero-copy-send patchset a crucial part of the flushing mechanism got missing: incrementing zero_copy_queued. Without that, the flushing interface becomes a no-op, and there is no guarantee the buffer is really sent. This can go as bad as causing a corruption in RAM during migration. Fixes: 2bc58ffc2926 ("QIOChannelSocket: Implement io_writev zero copy flag & io_flush for CONFIG_LINUX") Reported-by: 徐闯 <xuchuangxclwt@bytedance.com> Signed-off-by: Leonardo Bras <leobras@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> --- io/channel-socket.c | 5 +++++ 1 file changed, 5 insertions(+)