conn->sendsize is used in rpmsg_socket_ept_cb() and
rpmsg_socket_connect_internal(), the connected event may be missed
as stated below:
1. in rpmsg_socket_connect_internal(), judge conn->sendsize == 0
and prepare to wait sendsem;
2. interrupt by rptun thread, rpmsg_socket_ept_cb() is called to
update conn->sendsize and post the sendsem, but the no one wait
rx sem yet, so not post (see rpmsg_socket_post());
3. return to rpmsg_socket_connect_internal() to wait the sendsem, but
has miss the connected event.
So add recvlock in rpmsg_socket_connect_internal() also.
Signed-off-by: Bowen Wang <wangbowen6@xiaomi.com>
Use PRIx64 which defines the width correctly regardless or architecture.
Fixes build error:
rpmsg/rpmsg_sockif.c:610:57: error: format '%llx' expects argument of type 'long long unsigned int', but argument 4 has type 'uint64_t' {aka 'long unsigned int'} [-Werror=format=]
610 | snprintf(conn->nameid, sizeof(conn->nameid), ":%llx", g_rpmsg_id++);
| ~~~^ ~~~~~~~~~~~~
| | |
| | uint64_t {aka long unsigned int}
| long long unsigned int
| %lx
recvmsg() will incorrectly return 0 if the count of sema before waiting is greater than 0,
This commit will reinitialize the sema count before waiting:
1181 static ssize_t rpmsg_socket_recvmsg(FAR struct socket *psock,
1182 FAR struct msghdr *msg, int flags)
1183 {
...
1255 ret = net_sem_timedwait(&conn->recvsem,
1256 _SO_TIMEOUT(conn->sconn.s_rcvtimeo)); // recvsem.sem_count == 1; return 0
...
1264 if (!conn->recvdata) // recvdata not consumed; goto else
1265 {
1266 ret = conn->recvlen;
1267 }
1268 else
1269 {
1270 conn->recvdata = NULL;
1271 }
...
1282 return ret; // BUGON! incorrectly return 0 to user
1283 }
Signed-off-by: chao an <anchao@xiaomi.com>
The rpmsg addr get from socket accept has rp_family=0, which is not
intended, to avoid wrong logic in other place, set the rp_family
in ns_bind function.
Signed-off-by: Zhe Weng <wengzhe@xiaomi.com>
==1598322==ERROR: AddressSanitizer: heap-use-after-free on address 0xf514f8a8 at pc 0x58ac3898 bp 0xd0b4d488 sp 0xd0b4d478
READ of size 4 at 0xf514f8a8 thread T0
#0 0x58ac3897 in rpmsg_socket_pollnotify rpmsg/rpmsg_sockif.c:211
#1 0x58ac512f in rpmsg_socket_ept_cb rpmsg/rpmsg_sockif.c:312
#2 0x5787881c in rpmsg_virtio_rx_callback open-amp/lib/rpmsg/rpmsg_virtio.c:331
#3 0x57886a67 in virtqueue_notification open-amp/lib/virtio/virtqueue.c:623
#4 0x5786fb89 in rproc_virtio_notified open-amp/lib/remoteproc/remoteproc_virtio.c:340
#5 0x5786bde3 in remoteproc_get_notification open-amp/lib/remoteproc/remoteproc.c:985
#6 0x57755a50 in rptun_worker rptun/rptun.c:303
#7 0x57755e51 in rptun_thread rptun/rptun.c:352
#8 0x57730d4a in nxtask_start task/task_start.c:128
#9 0xdeadbeee (/memfd:pulseaudio (deleted)+0x15dbeee)
Signed-off-by: ligd <liguiding1@xiaomi.com>
Fix this compile-time warning:
rpmsg/rpmsg_sockif.c:381:24: warning: format '%d' expects argument of type 'int', but argument 3 has type 'ssize_t' {aka 'long int'} [-Wformat=]
381 | nerr("circbuf_write overflow, %d, %d\n", written, len);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~
| |
| ssize_t {aka long int}
Signed-off-by: Eero Nurkkala <eero.nurkkala@offcode.fi>
after correct:
client: server
connect ns_bind --> create new conn --> create_ept
accept --> set conn->psock to newpsock
Signed-off-by: ligd <liguiding1@xiaomi.com>
