Comments (9)
What version of kernel are you testing on?
This is on:
❯ uname -r
5.15.0-48-generic
For sometime, the kernel driver folks have said the data only needs to be good
until the 'enter' call is made, not the whole time the operation is in flight.
Submissions are batched: if the queue isn't full, submit_with
just does sq.push
, which does not enter. (But you're right that this means the inputs can probably live right until enter). I literally started playing with io_uring today, so I'm still not sure about anything, but - isn't there also a mode where submitting ops doesn't require calling enter at all?
Confused by this. The kernel doesn't write to any of our data, it returns a result and some flags bits. Do you mean you think the kernel has kept the original SockAddr pointers during its accept? I didn't see that documented anywhere in their man pages but I've never tried looking at their kernel code.
That is what I think is happening, yes - we're giving the kernel a place to store the local_addr for the accepted connection:
from tokio-uring.
Note that the Accept
op boxes the socketaddr before pushing an sqe that points to it:
tokio-uring/src/driver/accept.rs
Lines 15 to 18 in 1c0a2bf
I still don't think that's enough, but there's much fewer chances of that heap-allocated memory being overwritten by the time the kernel gets to it.
from tokio-uring.
Ah, the accept situation is a bit different since it's an out pointer. I see what holds the data now - the op
isn't dropped, it's returned. That's why when I simply tried boxing the connect address, it also fixed it. It wasn't luck (that the heap memory location wasn't getting overwritten), it was that even though I was moving the Op
future around, the location of the connect address remained stable.
So, Boxing the address would fix the connect thing for good, but I still feel like having the "future handle" hold associated data is the wrong model. If one were to drop the connect/accept future before the operation completes, the kernel would be reading from / writing to invalid memory - same lifetime concerns as buffers.
from tokio-uring.
Is it the accept op or the connection op that you think is dropping the fd too early?
I don't know all the details of the latest Completable design but I hadn't had problems with the earlier one. I thought the code paths kept the fd in a SharedFd that only got dropped when the Op was dropped and the operation had completed per a cqe entry.
Oh, not the fd, the address?
The Connect struct in connect.rs takes ownership of the SockAddr. How is that being dropped before the Op is dropped? I don't see unsafe being used anywhere around the connect.socket_addr so I'm wondering about the address of the sock address being passed to the kernel.
from tokio-uring.
Oh, not the fd, the address?
Exactly. As things stand now, both accept and connect are unsafe:
- accept cannot be dropped, or whenever the kernel does accept a socket it'll write the local_addr in a freed heap memory location
- connect cannot be dropped (or kernel reads from a freed location) but it also cannot be moved, which moves the location of the
SockAddr
and has the kernel read garbage, too.
That model is flawed imho - both the inputs AND the outputs must be kept in the slab so they never move until the operation is successfully completed OR successfully cancelled. The future handle must be just that - a handle.
from tokio-uring.
What version of kernel are you testing on? For sometime, the kernel driver folks have said the data only needs to be good
until the 'enter' call is made, not the whole time the operation is in flight.
from tokio-uring.
- accept cannot be dropped, or whenever the kernel does accept a socket it'll write the local_addr in a freed heap memory location
Confused by this. The kernel doesn't write to any of our data, it returns a result and some flags bits. Do you mean you think the kernel has kept the original SockAddr pointers during its accept? I didn't see that documented anywhere in their man pages but I've never tried looking at their kernel code.
from tokio-uring.
Accept is fine because on drop the state gets dropped into the driver (Lifecycle::Ignored).
from tokio-uring.
Accept is fine because on drop the state gets dropped into the driver (Lifecycle::Ignored).
That's true! That means this issue was closed by #126.
from tokio-uring.
Related Issues (20)
- multi_thread support HOT 5
- Direct IO HOT 2
- Support _msg syscalls HOT 4
- impl Clone for stream types?
- Add chunks() for BoundedBuf
- Not in a runtime context is not always true HOT 5
- Return msghdr from `recvmsg`
- DPDK support? HOT 5
- Dead or dying? HOT 9
- Support for windows IOCP (input/output completion ports) another completion-based async API HOT 1
- Is it support `splice` operation now?
- New Release? HOT 3
- tokio-uring missing similar tokio runtime builder options
- io_uring command support? HOT 3
- Support for IO_LINK feature
- Restructuring HOT 2
- __io_uring_buf_ring_cq_advance broken? HOT 1
- [BUG] Hangs when using iopoll without sqpoll HOT 2
- Expose access to io_uring in the form of submission and completion queues HOT 1
- Panic when calling recv_from() after shutdown()
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tokio-uring.