diff options
| author | Markus Armbruster <armbru@redhat.com> | 2023-09-28 15:19:44 +0200 |
|---|---|---|
| committer | Juan Quintela <quintela@redhat.com> | 2023-10-11 11:17:03 +0200 |
| commit | 8e262e0b3d41ade37354cf9fa28bcbba2e273caf (patch) | |
| tree | ebd1b3d809b5f38e4e09c1fd28a26a92d1bee777 | |
| parent | 1b6e1da6e7505f9b152ca2d0be2059eeb7e55708 (diff) | |
migration/rdma: Fix io_writev(), io_readv() methods to obey contract
QIOChannelClass methods qio_channel_rdma_readv() and
qio_channel_rdma_writev() violate their method contract when
rdma->error_state is non-zero:
1. They return whatever is in rdma->error_state then. Only -1 will be
fine. -2 will be misinterpreted as "would block". Anything less
than -2 isn't defined in the contract. A positive value would be
misinterpreted as success, but I believe that's not actually
possible.
2. They neglect to set an error then. If something up the call stack
dereferences the error when failure is returned, it will crash. If
it ignores the return value and checks the error instead, it will
miss the error.
Crap like this happens when return statements hide in macros,
especially when their uses are far away from the definition.
I elected not to investigate how callers are impacted.
Expand the two bad macro uses, so we can set an error and return -1.
The next commit will then get rid of the macro altogether.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Fabiano Rosas <farosas@suse.de>
Reviewed-by: Li Zhijian <lizhijian@fujitsu.com>
Reviewed-by: Juan Quintela <quintela@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
Message-ID: <20230928132019.2544702-19-armbru@redhat.com>
| -rw-r--r-- | migration/rdma.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/migration/rdma.c b/migration/rdma.c index c4197c6437..18be228e3b 100644 --- a/migration/rdma.c +++ b/migration/rdma.c @@ -2810,7 +2810,11 @@ static ssize_t qio_channel_rdma_writev(QIOChannel *ioc, return -1; } - CHECK_ERROR_STATE(); + if (rdma->error_state) { + error_setg(errp, + "RDMA is in an error state waiting migration to abort!"); + return -1; + } /* * Push out any writes that @@ -2896,7 +2900,11 @@ static ssize_t qio_channel_rdma_readv(QIOChannel *ioc, return -1; } - CHECK_ERROR_STATE(); + if (rdma->error_state) { + error_setg(errp, + "RDMA is in an error state waiting migration to abort!"); + return -1; + } for (i = 0; i < niov; i++) { size_t want = iov[i].iov_len; |