Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't segfault on header replay #14191

Merged
merged 1 commit into from
Jan 26, 2018
Merged

Don't segfault on header replay #14191

merged 1 commit into from
Jan 26, 2018

Conversation

kpayson64
Copy link
Contributor

@kpayson64 kpayson64 commented Jan 26, 2018
edited

Once approved will backport fix to 1.8/1.9

Fixes #14175

@grpc-testing
Copy link 

****************************************************************

libgrpc.so

     VM SIZE                                                                                            FILE SIZE
 ++++++++++++++ GROWING                                                                              ++++++++++++++
  +0.0%     +24 [None]                                                                                  +528  +0.0%
  +0.4%     +64 src/core/lib/surface/call.cc                                                             +64  +0.4%
      [NEW]    +506 set_encodings_accepted_by_peer(grpc_call*, grpc_mdelem, unsigned int*, bool) [clone     +506  [NEW]
      [NEW]    +266 publish_app_metadata(grpc_call*, grpc_metadata_batch*, int) [clone .isra.5] [clone .    +266  [NEW]
      +1.2%     +16 finish_batch_step                                                                        +16  +1.2%
      +1.0%     +15 receiving_initial_metadata_ready                                                         +15  +1.0%
      +0.6%      +2 [Unmapped]                                                                                +2  +0.6%

  +0.0%     +88 TOTAL                                                                                   +592  +0.0%


****************************************************************

libgrpc++.so

     VM SIZE        FILE SIZE
 ++++++++++++++  ++++++++++++++

  [ = ]       0        0  [ = ]

yang-g
yang-g reviewed Jan 26, 2018
View reviewed changes
src/core/lib/surface/call.cc Outdated
GPR_TIMER_BEGIN("publish_app_metadata", 0);
grpc_metadata_array* dest;
grpc_metadata* mdusr;
dest = call->buffered_metadata[is_trailing];
if (dest == NULL) gpr_log(GPR_ERROR, "dest %p", dest);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the point of this log line?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, good catch

yang-g
yang-g reviewed Jan 26, 2018
View reviewed changes
test/core/bad_client/tests/duplicate_header.cc Outdated
@@ -0,0 +1,131 @@
/*
*
* Copyright 2017 gRPC authors.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

2018 :P

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

yang-g
yang-g reviewed Jan 26, 2018
View reviewed changes
test/core/bad_client/tests/duplicate_header.cc

/* Verify that sending multiple headers doesn't segfault */
GRPC_RUN_BAD_CLIENT_TEST(verifier, nullptr,
PFX_STR HEADER_STR HEADER_STR PAYLOAD_STR, 0);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we want to test other cases?
For example:

  • PFX_STR HEADER_STR PAYLOAD_STR(no EOS) HEADER_STR
  • Duplicate HEADERS does not contain reserved keys

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is also interesting to see 3 HEADERS will cause what... if that is not too much...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's not a bad idea.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, if at all possible, it'd be nice to inject that into the fuzzer's corpus, so it can further try and discover bugs around this.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added the 3 leading headers to the test. I can add more variants into the fuzzer's corpus.

(FWIW, PFX_STR HEADER_STR PAYLOAD_STR(no EOS) HEADER_STR doesnt segfault, but cq->next returns an unsuccessful event)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That can be further investigated without blocking this fix.

@grpc-testing
Copy link 

[trickle] No significant performance differences

@nicolasnoble
Copy link
Member

I think you wanted to open that PR against 1.8, and not master.

@nicolasnoble nicolasnoble changed the base branch from master to v1.8.x January 26, 2018 01:21
@nicolasnoble nicolasnoble changed the base branch from v1.8.x to master January 26, 2018 01:21
@nicolasnoble
Copy link
Member

Right and I can't just change the base, it will otherwise try to bring all of master into 1.8.

@yang-g
Copy link
Member

yang-g commented Jan 26, 2018

LGTM if the 3 headers case pass

@grpc-testing
Copy link 

[microbenchmarks] No significant performance differences

@kpayson64 kpayson64 changed the base branch from master to v1.8.x January 26, 2018 18:33
@kpayson64
Copy link
Contributor Author

I've addressed comments and rebased to 1.8.x

@grpc-testing
Copy link 

****************************************************************

libgrpc.so

     VM SIZE                                                                                       FILE SIZE
 ++++++++++++++ GROWING                                                                         ++++++++++++++
  +0.1%     +16 src/core/lib/surface/call.cc                                                        +16  +0.1%
      +6.8%     +16 publish_app_metadata(grpc_call*, grpc_metadata_batch*, int) [clone .isra.6]         +16  +6.8%

 -+-+-+-+-+-+-+ MIXED                                                                           +-+-+-+-+-+-+-
  -0.0%     -16 [None]                                                                              +24  +0.0%

  [ = ]       0 TOTAL                                                                               +40  +0.0%


****************************************************************

libgrpc++.so

     VM SIZE        FILE SIZE
 ++++++++++++++  ++++++++++++++

  [ = ]       0        0  [ = ]

yang-g
yang-g approved these changes Jan 26, 2018
View reviewed changes
Copy link
Member

@yang-g yang-g left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fix.

@grpc-testing
Copy link 

[trickle] No significant performance differences

@kpayson64 kpayson64 mentioned this pull request Jan 26, 2018
Merged
@grpc-testing
Copy link 

[microbenchmarks] No significant performance differences

ctiller
ctiller reviewed Jan 26, 2018
View reviewed changes
src/core/lib/surface/call.cc
@@ -1101,6 +1101,7 @@ static grpc_stream_compression_algorithm decode_stream_compression(
static void publish_app_metadata(grpc_call* call, grpc_metadata_batch* b,
int is_trailing) {
if (b->list.count == 0) return;
if (is_trailing && call->buffered_metadata[1] == nullptr) return;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It'd be better to find a fix in chttp2: fixes at this layer are more likely to break with efforts to remove this layer entirely in the c++ stack.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, this is a temporary bandaid. We want to actually return a 400 from within chttp2, but "stop the bleeding first".

@nicolasnoble nicolasnoble merged commit 2d52c78 into grpc:v1.8.x Jan 26, 2018
@kpayson64 kpayson64 mentioned this pull request Jan 29, 2018
Closed
@lock lock bot locked as resolved and limited conversation to collaborators Jan 20, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ctiller ctiller ctiller left review comments

@yang-g yang-g yang-g approved these changes

@nicolasnoble nicolasnoble Awaiting requested review from nicolasnoble

Assignees

@nicolasnoble nicolasnoble

Labels
priority/P1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@kpayson64 @grpc-testing @nicolasnoble @yang-g @ctiller @mehrdada