From 43f774e4d4077e60abe0be6211f3d9b67559b1ff Mon Sep 17 00:00:00 2001 From: "Mark D. Roth" Date: Tue, 4 Apr 2017 16:35:37 -0700 Subject: [PATCH 1/9] Add check that we don't schedule the same closure twice at once. --- src/core/lib/iomgr/closure.c | 11 +++++++++++ src/core/lib/iomgr/closure.h | 4 ++++ src/core/lib/iomgr/combiner.c | 6 ++++++ src/core/lib/iomgr/ev_epoll_linux.c | 3 +++ src/core/lib/iomgr/exec_ctx.c | 6 ++++++ src/core/lib/iomgr/executor.c | 6 ++++++ 6 files changed, 36 insertions(+) diff --git a/src/core/lib/iomgr/closure.c b/src/core/lib/iomgr/closure.c index 6633fb68ecf..8ef0b210ad2 100644 --- a/src/core/lib/iomgr/closure.c +++ b/src/core/lib/iomgr/closure.c @@ -45,6 +45,9 @@ grpc_closure *grpc_closure_init(grpc_closure *closure, grpc_iomgr_cb_func cb, closure->cb = cb; closure->cb_arg = cb_arg; closure->scheduler = scheduler; +#ifndef NDEBUG + closure->scheduled = false; +#endif return closure; } @@ -137,6 +140,10 @@ void grpc_closure_sched(grpc_exec_ctx *exec_ctx, grpc_closure *c, grpc_error *error) { GPR_TIMER_BEGIN("grpc_closure_sched", 0); if (c != NULL) { +#ifndef NDEBUG + GPR_ASSERT(!c->scheduled); + c->scheduled = true; +#endif assert(c->cb); c->scheduler->vtable->sched(exec_ctx, c, error); } else { @@ -149,6 +156,10 @@ void grpc_closure_list_sched(grpc_exec_ctx *exec_ctx, grpc_closure_list *list) { grpc_closure *c = list->head; while (c != NULL) { grpc_closure *next = c->next_data.next; +#ifndef NDEBUG + GPR_ASSERT(!c->scheduled); + c->scheduled = true; +#endif assert(c->cb); c->scheduler->vtable->sched(exec_ctx, c, c->error_data.error); c = next; diff --git a/src/core/lib/iomgr/closure.h b/src/core/lib/iomgr/closure.h index 2510d50b428..2bedbf00d63 100644 --- a/src/core/lib/iomgr/closure.h +++ b/src/core/lib/iomgr/closure.h @@ -99,6 +99,10 @@ struct grpc_closure { grpc_error *error; uintptr_t scratch; } error_data; + +#ifndef NDEBUG + bool scheduled; +#endif }; /** Initializes \a closure with \a cb and \a cb_arg. Returns \a closure. */ diff --git a/src/core/lib/iomgr/combiner.c b/src/core/lib/iomgr/combiner.c index 2bc476bbef6..05cdbdad2b7 100644 --- a/src/core/lib/iomgr/combiner.c +++ b/src/core/lib/iomgr/combiner.c @@ -319,6 +319,9 @@ bool grpc_combiner_continue_exec_ctx(grpc_exec_ctx *exec_ctx) { GPR_TIMER_BEGIN("combiner.exec1", 0); grpc_closure *cl = (grpc_closure *)n; error_data err = unpack_error_data(cl->error_data.scratch); +#ifndef NDEBUG + cl->scheduled = false; +#endif cl->cb(exec_ctx, cl->cb_arg, err.error); if (err.covered_by_poller) { gpr_atm_no_barrier_fetch_add(&lock->elements_covered_by_poller, -1); @@ -337,6 +340,9 @@ bool grpc_combiner_continue_exec_ctx(grpc_exec_ctx *exec_ctx) { gpr_log(GPR_DEBUG, "C:%p execute_final[%d] c=%p", lock, loops, c)); grpc_closure *next = c->next_data.next; grpc_error *error = c->error_data.error; +#ifndef NDEBUG + c->scheduled = false; +#endif c->cb(exec_ctx, c->cb_arg, error); GRPC_ERROR_UNREF(error); c = next; diff --git a/src/core/lib/iomgr/ev_epoll_linux.c b/src/core/lib/iomgr/ev_epoll_linux.c index 7014b983495..748b4c4f98d 100644 --- a/src/core/lib/iomgr/ev_epoll_linux.c +++ b/src/core/lib/iomgr/ev_epoll_linux.c @@ -1549,6 +1549,9 @@ static bool maybe_do_workqueue_work(grpc_exec_ctx *exec_ctx, } grpc_closure *c = (grpc_closure *)n; grpc_error *error = c->error_data.error; +#ifndef NDEBUG + c->scheduled = false; +#endif c->cb(exec_ctx, c->cb_arg, error); GRPC_ERROR_UNREF(error); return true; diff --git a/src/core/lib/iomgr/exec_ctx.c b/src/core/lib/iomgr/exec_ctx.c index 83bb436bd0a..2532a708e7b 100644 --- a/src/core/lib/iomgr/exec_ctx.c +++ b/src/core/lib/iomgr/exec_ctx.c @@ -73,6 +73,9 @@ bool grpc_exec_ctx_flush(grpc_exec_ctx *exec_ctx) { grpc_closure *next = c->next_data.next; grpc_error *error = c->error_data.error; did_something = true; +#ifndef NDEBUG + c->scheduled = false; +#endif c->cb(exec_ctx, c->cb_arg, error); GRPC_ERROR_UNREF(error); c = next; @@ -93,6 +96,9 @@ void grpc_exec_ctx_finish(grpc_exec_ctx *exec_ctx) { static void exec_ctx_run(grpc_exec_ctx *exec_ctx, grpc_closure *closure, grpc_error *error) { +#ifndef NDEBUG + closure->scheduled = false; +#endif closure->cb(exec_ctx, closure->cb_arg, error); GRPC_ERROR_UNREF(error); } diff --git a/src/core/lib/iomgr/executor.c b/src/core/lib/iomgr/executor.c index ae3e2eabc39..75fd5b1c50c 100644 --- a/src/core/lib/iomgr/executor.c +++ b/src/core/lib/iomgr/executor.c @@ -83,6 +83,9 @@ static void closure_exec_thread_func(void *ignored) { while (c != NULL) { grpc_closure *next = c->next_data.next; grpc_error *error = c->error_data.error; +#ifndef NDEBUG + c->scheduled = false; +#endif c->cb(&exec_ctx, c->cb_arg, error); GRPC_ERROR_UNREF(error); c = next; @@ -146,6 +149,9 @@ void grpc_executor_shutdown(grpc_exec_ctx *exec_ctx) { while (c != NULL) { grpc_closure *next = c->next_data.next; grpc_error *error = c->error_data.error; +#ifndef NDEBUG + c->scheduled = false; +#endif c->cb(exec_ctx, c->cb_arg, error); GRPC_ERROR_UNREF(error); c = next; From ca3b32f67d2dcce8cf09612a24fee93aa69c5a7f Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Wed, 12 Apr 2017 09:36:40 -0700 Subject: [PATCH 2/9] Handle div0 --- src/core/lib/transport/pid_controller.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/core/lib/transport/pid_controller.c b/src/core/lib/transport/pid_controller.c index 19cb1c0b367..c851564201f 100644 --- a/src/core/lib/transport/pid_controller.c +++ b/src/core/lib/transport/pid_controller.c @@ -49,6 +49,7 @@ void grpc_pid_controller_reset(grpc_pid_controller *pid_controller) { double grpc_pid_controller_update(grpc_pid_controller *pid_controller, double error, double dt) { + if (dt == 0) return pid_controller->last_control_value; /* integrate error using the trapezoid rule */ pid_controller->error_integral += dt * (pid_controller->last_error + error) * 0.5; From 9f99c303d01c706306eb54a5cfd0a23e1e76c6e3 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Wed, 12 Apr 2017 09:37:47 -0700 Subject: [PATCH 3/9] Handle 0-length --- src/core/lib/slice/slice.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/core/lib/slice/slice.c b/src/core/lib/slice/slice.c index 1cddf062cd4..da5dc3e52af 100644 --- a/src/core/lib/slice/slice.c +++ b/src/core/lib/slice/slice.c @@ -197,6 +197,7 @@ grpc_slice grpc_slice_new_with_len(void *p, size_t len, } grpc_slice grpc_slice_from_copied_buffer(const char *source, size_t length) { + if (length == 0) return grpc_empty_slice(); grpc_slice slice = grpc_slice_malloc(length); memcpy(GRPC_SLICE_START_PTR(slice), source, length); return slice; From 7fea75125846a0326dfa907c5a310f62d5f8e567 Mon Sep 17 00:00:00 2001 From: Craig Tiller Date: Wed, 12 Apr 2017 09:43:34 -0700 Subject: [PATCH 4/9] ubsan fixes --- src/core/lib/iomgr/sockaddr_utils.c | 4 +++- src/core/lib/slice/slice.c | 5 +++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/core/lib/iomgr/sockaddr_utils.c b/src/core/lib/iomgr/sockaddr_utils.c index 9d2732666b2..a6a4cac3e29 100644 --- a/src/core/lib/iomgr/sockaddr_utils.c +++ b/src/core/lib/iomgr/sockaddr_utils.c @@ -55,7 +55,9 @@ int grpc_sockaddr_is_v4mapped(const grpc_resolved_address *resolved_addr, GPR_ASSERT(resolved_addr != resolved_addr4_out); const struct sockaddr *addr = (const struct sockaddr *)resolved_addr->addr; struct sockaddr_in *addr4_out = - (struct sockaddr_in *)resolved_addr4_out->addr; + resolved_addr4_out == NULL + ? NULL + : (struct sockaddr_in *)resolved_addr4_out->addr; if (addr->sa_family == AF_INET6) { const struct sockaddr_in6 *addr6 = (const struct sockaddr_in6 *)addr; if (memcmp(addr6->sin6_addr.s6_addr, kV4MappedPrefix, diff --git a/src/core/lib/slice/slice.c b/src/core/lib/slice/slice.c index da5dc3e52af..a2fcbbdbdf5 100644 --- a/src/core/lib/slice/slice.c +++ b/src/core/lib/slice/slice.c @@ -383,8 +383,9 @@ grpc_slice grpc_slice_split_head(grpc_slice *source, size_t split) { } int grpc_slice_default_eq_impl(grpc_slice a, grpc_slice b) { - return GRPC_SLICE_LENGTH(a) == GRPC_SLICE_LENGTH(b) && - 0 == memcmp(GRPC_SLICE_START_PTR(a), GRPC_SLICE_START_PTR(b), + if (GRPC_SLICE_LENGTH(a) != GRPC_SLICE_LENGTH(b)) return false; + if (GRPC_SLICE_LENGTH(a) == 0) return true; + return 0 == memcmp(GRPC_SLICE_START_PTR(a), GRPC_SLICE_START_PTR(b), GRPC_SLICE_LENGTH(a)); } From 9ee816e6ef4f98afd076a22ecc631e2d0266ba7b Mon Sep 17 00:00:00 2001 From: "Mark D. Roth" Date: Wed, 12 Apr 2017 12:52:20 -0700 Subject: [PATCH 5/9] Fix message_size_filter to use RESOURCE_EXHAUSTED status code. --- src/core/lib/channel/message_size_filter.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/lib/channel/message_size_filter.c b/src/core/lib/channel/message_size_filter.c index 57726c8476c..28a4f6eb189 100644 --- a/src/core/lib/channel/message_size_filter.c +++ b/src/core/lib/channel/message_size_filter.c @@ -122,7 +122,7 @@ static void recv_message_ready(grpc_exec_ctx* exec_ctx, void* user_data, (*calld->recv_message)->length, calld->max_recv_size); grpc_error* new_error = grpc_error_set_int( GRPC_ERROR_CREATE_FROM_COPIED_STRING(message_string), - GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_INVALID_ARGUMENT); + GRPC_ERROR_INT_GRPC_STATUS, GRPC_STATUS_RESOURCE_EXHAUSTED); if (error == GRPC_ERROR_NONE) { error = new_error; } else { @@ -152,7 +152,7 @@ static void start_transport_stream_op_batch( exec_ctx, op, grpc_error_set_int(GRPC_ERROR_CREATE_FROM_COPIED_STRING(message_string), GRPC_ERROR_INT_GRPC_STATUS, - GRPC_STATUS_INVALID_ARGUMENT)); + GRPC_STATUS_RESOURCE_EXHAUSTED)); gpr_free(message_string); return; } From 2a86d3f39902f9256260b4452f22e75cc79bc8ff Mon Sep 17 00:00:00 2001 From: "Mark D. Roth" Date: Wed, 12 Apr 2017 12:52:47 -0700 Subject: [PATCH 6/9] Update status codes doc. --- doc/statuscodes.md | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/doc/statuscodes.md b/doc/statuscodes.md index 1cd72df30ad..f2df9e00dec 100644 --- a/doc/statuscodes.md +++ b/doc/statuscodes.md @@ -1,9 +1,20 @@ # Status codes and their use in gRPC -gRPC uses a set of well defined status codes as part of the RPC API. All RPCs started at a client return a `status` object composed of an integer `code` and a string `message`. The server-side can choose the status it returns for a given RPC. +gRPC uses a set of well defined status codes as part of the RPC API. All +RPCs started at a client return a `status` object composed of an integer +`code` and a string `message`. The server-side can choose the status it +returns for a given RPC. -The gRPC client and server-side implementations may also generate and return `status` on their own when errors happen. -Only a subset of the pre-defined status codes are generated by the gRPC libraries. The following table lists these codes and summarizes the situations in which they are generated, either by the client or the server-side library implementation. +The gRPC client and server-side implementations may also generate and +return `status` on their own when errors happen. Only a subset of +the pre-defined status codes are generated by the gRPC libraries. This +allows applications to be sure that any other code it sees was actually +returned by the application (although it is also possible for the +server-side to return one of the codes generated by the gRPC libraries). + +The following table lists the codes that may be returned by the gRPC +libraries (on either the client-side or server-side) and summarizes the +situations in which they are generated. | Case | Code | Generated at Client or Server | | ------------- |:-------------| :-----:| @@ -26,7 +37,7 @@ Only a subset of the pre-defined status codes are generated by the gRPC librarie | Response cardinality violation (method requires exactly one response but server sent some other number of responses) | UNIMPLEMENTED | Client| | Error parsing response proto | INTERNAL | Client| | Error parsing request proto | INTERNAL | Server| - +| Sent or received message was larger than configured limit | RESOURCE_EXHAUSTED | Both | The following status codes are never generated by the library: - INVALID_ARGUMENT From 8cf15aa9ecc63be67a828c1175c6840b00722e57 Mon Sep 17 00:00:00 2001 From: Matt Kwong Date: Wed, 12 Apr 2017 19:10:39 -0700 Subject: [PATCH 7/9] Fix typo in Kokoro scripts --- tools/internal_ci/linux/sanitizer/grpc_cpp_asan.sh | 2 +- tools/internal_ci/linux/sanitizer/grpc_cpp_tsan.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/internal_ci/linux/sanitizer/grpc_cpp_asan.sh b/tools/internal_ci/linux/sanitizer/grpc_cpp_asan.sh index c3bf79b1fb5..47ccb26f878 100755 --- a/tools/internal_ci/linux/sanitizer/grpc_cpp_asan.sh +++ b/tools/internal_ci/linux/sanitizer/grpc_cpp_asan.sh @@ -37,4 +37,4 @@ git submodule update --init # download docker images from dockerhub export DOCKERHUB_ORGANIZATION=grpctesting -tools/run_tests/run_tests_matrix.py -f cpp asan +tools/run_tests/run_tests_matrix.py -f c++ asan diff --git a/tools/internal_ci/linux/sanitizer/grpc_cpp_tsan.sh b/tools/internal_ci/linux/sanitizer/grpc_cpp_tsan.sh index c72a106c91a..ee3ec5ebb08 100755 --- a/tools/internal_ci/linux/sanitizer/grpc_cpp_tsan.sh +++ b/tools/internal_ci/linux/sanitizer/grpc_cpp_tsan.sh @@ -37,4 +37,4 @@ git submodule update --init # download docker images from dockerhub export DOCKERHUB_ORGANIZATION=grpctesting -tools/run_tests/run_tests_matrix.py -f cpp tsan +tools/run_tests/run_tests_matrix.py -f c++ tsan From 17a93b33e07636c8fb012ee1375498a10b956e31 Mon Sep 17 00:00:00 2001 From: "Mark D. Roth" Date: Thu, 13 Apr 2017 07:14:47 -0700 Subject: [PATCH 8/9] Fix test. --- test/core/end2end/tests/max_message_length.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/core/end2end/tests/max_message_length.c b/test/core/end2end/tests/max_message_length.c index ab58d9f9a62..a8b6f1f79a9 100644 --- a/test/core/end2end/tests/max_message_length.c +++ b/test/core/end2end/tests/max_message_length.c @@ -272,7 +272,7 @@ static void test_max_message_length_on_request(grpc_end2end_test_config config, GPR_ASSERT(was_cancelled == 1); done: - GPR_ASSERT(status == GRPC_STATUS_INVALID_ARGUMENT); + GPR_ASSERT(status == GRPC_STATUS_RESOURCE_EXHAUSTED); GPR_ASSERT( grpc_slice_str_cmp( details, send_limit @@ -466,7 +466,7 @@ static void test_max_message_length_on_response(grpc_end2end_test_config config, GPR_ASSERT(0 == grpc_slice_str_cmp(call_details.host, "foo.test.google.fr:1234")); - GPR_ASSERT(status == GRPC_STATUS_INVALID_ARGUMENT); + GPR_ASSERT(status == GRPC_STATUS_RESOURCE_EXHAUSTED); GPR_ASSERT( grpc_slice_str_cmp( details, send_limit From d6547f45d1fd2c85f8e860db7894ab19411c52f2 Mon Sep 17 00:00:00 2001 From: Julien Boeuf Date: Thu, 13 Apr 2017 09:22:18 -0700 Subject: [PATCH 9/9] Be more explicit about the contract for free_fn in the gpr_allocation_functions doc. --- include/grpc/support/alloc.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/grpc/support/alloc.h b/include/grpc/support/alloc.h index 541433c6880..017d75a3d0e 100644 --- a/include/grpc/support/alloc.h +++ b/include/grpc/support/alloc.h @@ -68,7 +68,8 @@ GPRAPI void gpr_free_aligned(void *ptr); /** Request the family of allocation functions in \a functions be used. NOTE * that this request will be honored in a *best effort* basis and that no - * guarantees are made about the default functions (eg, malloc) being called. */ + * guarantees are made about the default functions (eg, malloc) being called. + * The functions.free_fn implementation must be a no-op for NULL input. */ GPRAPI void gpr_set_allocation_functions(gpr_allocation_functions functions); /** Return the family of allocation functions currently in effect. */