Message ID | 1448382858-28616-1-git-send-email-marcandre.lureau@redhat.com |
---|---|
State | New |
Headers | show |
On 11/24/2015 09:34 AM, marcandre.lureau@redhat.com wrote: > From: Marc-André Lureau <marcandre.lureau@redhat.com> In the subject: s/implicitely/implicitly/ if you are fixing the typo, or s/implicitely/explicitly/ if you are trying to make it match what the patch actually does. No 0/2 cover letter? ALL multi-patch series should include a cover letter, as it is easier on tooling to be able to base series-wide conversations on the cover letter. > > According to the specification: > http://pubs.opengroup.org/onlinepubs/9699919799/functions/fopen.html > > "the application shall ensure that output is not directly followed by > input without an intervening call to fflush() or to a file positioning > function (fseek(), fsetpos(), or rewind()), and input is not directly > followed by output without an intervening call to a file positioning > function, unless the input operation encounters end-of-file." > > Without this change, a write() followed by a read() may lose the > previously written content, as shown in the following test. > > Fixes: > https://bugzilla.redhat.com/show_bug.cgi?id=1210246 > > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> > --- > qga/commands-posix.c | 22 ++++++++++++++++++++++ > 1 file changed, 22 insertions(+) > > diff --git a/qga/commands-posix.c b/qga/commands-posix.c > index 0ebd473..3c86a4e 100644 > --- a/qga/commands-posix.c > +++ b/qga/commands-posix.c > @@ -219,6 +219,7 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp) > typedef struct GuestFileHandle { > uint64_t id; > FILE *fh; > + bool writing; > QTAILQ_ENTRY(GuestFileHandle) next; > } GuestFileHandle; > > @@ -460,6 +461,17 @@ struct GuestFileRead *qmp_guest_file_read(int64_t handle, bool has_count, > } > > fh = gfh->fh; > + > + /* implicitely flush when switching from writing to reading */ Again, s/implicitely/explicitly/ > + if (gfh->writing) { > + int ret = fflush(fh); > + if (ret == EOF) { > + error_setg_errno(errp, errno, "failed to flush file"); > + return NULL; > + } > + gfh->writing = false; > + } > + > buf = g_malloc0(count+1); > read_count = fread(buf, 1, count, fh); > if (ferror(fh)) { > @@ -496,6 +508,16 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64, > } > > fh = gfh->fh; > + > + if (!gfh->writing) { > + int ret = fseek(fh, 0, SEEK_CUR); Seems a bit odd to use fflush() in one place and fseek() in the other, but the net result is the same either way. > + if (ret == -1) { > + error_setg_errno(errp, errno, "failed to seek file"); > + return NULL; > + } > + gfh->writing = true; > + } > + With typos fixed, Reviewed-by: Eric Blake <eblake@redhat.com> > buf = g_base64_decode(buf_b64, &buf_len); > > if (!has_count) { >
Hi ----- Original Message ----- > On 11/24/2015 09:34 AM, marcandre.lureau@redhat.com wrote: > > From: Marc-André Lureau <marcandre.lureau@redhat.com> > > In the subject: s/implicitely/implicitly/ if you are fixing the typo, or > s/implicitely/explicitly/ if you are trying to make it match what the > patch actually does. > ok, I'll switch to explicitely (it depends on the point of view, I was commenting from the qga API user pov, but I get your point) > No 0/2 cover letter? ALL multi-patch series should include a cover > letter, as it is easier on tooling to be able to base series-wide > conversations on the cover letter. > Ok, I didn't know. If I don't have much to say in cover letter, I usually drop it. I'll keep it then. > > > > According to the specification: > > http://pubs.opengroup.org/onlinepubs/9699919799/functions/fopen.html > > > > "the application shall ensure that output is not directly followed by > > input without an intervening call to fflush() or to a file positioning > > function (fseek(), fsetpos(), or rewind()), and input is not directly > > followed by output without an intervening call to a file positioning > > function, unless the input operation encounters end-of-file." > > > > Without this change, a write() followed by a read() may lose the > > previously written content, as shown in the following test. > > > > Fixes: > > https://bugzilla.redhat.com/show_bug.cgi?id=1210246 > > > > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> > > --- > > qga/commands-posix.c | 22 ++++++++++++++++++++++ > > 1 file changed, 22 insertions(+) > > > > diff --git a/qga/commands-posix.c b/qga/commands-posix.c > > index 0ebd473..3c86a4e 100644 > > --- a/qga/commands-posix.c > > +++ b/qga/commands-posix.c > > @@ -219,6 +219,7 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, > > Error **errp) > > typedef struct GuestFileHandle { > > uint64_t id; > > FILE *fh; > > + bool writing; > > QTAILQ_ENTRY(GuestFileHandle) next; > > } GuestFileHandle; > > > > @@ -460,6 +461,17 @@ struct GuestFileRead *qmp_guest_file_read(int64_t > > handle, bool has_count, > > } > > > > fh = gfh->fh; > > + > > + /* implicitely flush when switching from writing to reading */ > > Again, s/implicitely/explicitly/ > > > + if (gfh->writing) { > > + int ret = fflush(fh); > > + if (ret == EOF) { > > + error_setg_errno(errp, errno, "failed to flush file"); > > + return NULL; > > + } > > + gfh->writing = false; > > + } > > + > > buf = g_malloc0(count+1); > > read_count = fread(buf, 1, count, fh); > > if (ferror(fh)) { > > @@ -496,6 +508,16 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, > > const char *buf_b64, > > } > > > > fh = gfh->fh; > > + > > + if (!gfh->writing) { > > + int ret = fseek(fh, 0, SEEK_CUR); > > Seems a bit odd to use fflush() in one place and fseek() in the other, > but the net result is the same either way. "and input is not directly followed by output without an intervening call to a file positioning function, unless the input operation encounters end-of-file." so I tried to follow what the spec said. > > > + if (ret == -1) { > > + error_setg_errno(errp, errno, "failed to seek file"); > > + return NULL; > > + } > > + gfh->writing = true; > > + } > > + > > With typos fixed, > Reviewed-by: Eric Blake <eblake@redhat.com> thanks > > > buf = g_base64_decode(buf_b64, &buf_len); > > > > if (!has_count) { > > > > -- > Eric Blake eblake redhat com +1-919-301-3266 > Libvirt virtualization library http://libvirt.org > >
On 11/24/2015 10:52 AM, Marc-André Lureau wrote: > Hi > > ----- Original Message ----- >> On 11/24/2015 09:34 AM, marcandre.lureau@redhat.com wrote: >>> From: Marc-André Lureau <marcandre.lureau@redhat.com> >> >> In the subject: s/implicitely/implicitly/ if you are fixing the typo, or >> s/implicitely/explicitly/ if you are trying to make it match what the >> patch actually does. >> > > ok, I'll switch to explicitely (it depends on the point of view, I was commenting from the qga API user pov, but I get your point) I was trying to point out not only the 2 points of view, but also the typo (it's explicitly, not explicitely) :) >>> fh = gfh->fh; >>> + >>> + if (!gfh->writing) { >>> + int ret = fseek(fh, 0, SEEK_CUR); >> >> Seems a bit odd to use fflush() in one place and fseek() in the other, >> but the net result is the same either way. > > "and input is not directly followed by output without an intervening call to a file positioning function, unless the input operation encounters end-of-file." > > so I tried to follow what the spec said. POSIX currently specifies the behavior of fflush() on seekable input files, but did not always do so; and it has been a source of bugs on several libc implementations (it is still undefined to use fflush() on a non-seekable file, but I don't know if anyone is using qga guest-file-* on non-seekable files, at least in a situation where they are both reading and writing to the same file handle). So on further thought, I actually prefer avoiding fflush() after input when possible, to avoid confusing older libc, and as a result, your asymmetry is probably the best choice after all.
diff --git a/qga/commands-posix.c b/qga/commands-posix.c index 0ebd473..3c86a4e 100644 --- a/qga/commands-posix.c +++ b/qga/commands-posix.c @@ -219,6 +219,7 @@ void qmp_guest_set_time(bool has_time, int64_t time_ns, Error **errp) typedef struct GuestFileHandle { uint64_t id; FILE *fh; + bool writing; QTAILQ_ENTRY(GuestFileHandle) next; } GuestFileHandle; @@ -460,6 +461,17 @@ struct GuestFileRead *qmp_guest_file_read(int64_t handle, bool has_count, } fh = gfh->fh; + + /* implicitely flush when switching from writing to reading */ + if (gfh->writing) { + int ret = fflush(fh); + if (ret == EOF) { + error_setg_errno(errp, errno, "failed to flush file"); + return NULL; + } + gfh->writing = false; + } + buf = g_malloc0(count+1); read_count = fread(buf, 1, count, fh); if (ferror(fh)) { @@ -496,6 +508,16 @@ GuestFileWrite *qmp_guest_file_write(int64_t handle, const char *buf_b64, } fh = gfh->fh; + + if (!gfh->writing) { + int ret = fseek(fh, 0, SEEK_CUR); + if (ret == -1) { + error_setg_errno(errp, errno, "failed to seek file"); + return NULL; + } + gfh->writing = true; + } + buf = g_base64_decode(buf_b64, &buf_len); if (!has_count) {