Re: [Nbd] [PATCH v4 04/11] nbd: Improve server handling of bogus commands
- To: Alex Bligh <alex@...872...>
- Cc: "email@example.com" <firstname.lastname@example.org>, Wouter Verhelst <w@...112...>, "qemu-devel@...530..." <qemu-devel@...530...>, qemu block <qemu-block@...530...>
- Subject: Re: [Nbd] [PATCH v4 04/11] nbd: Improve server handling of bogus commands
- From: Paolo Bonzini <pbonzini@...696...>
- Date: Wed, 15 Jun 2016 12:34:59 +0200
- Message-id: <703d4836-e250-857b-cb3e-a6e0c3f02f5a@...696...>
- In-reply-to: <2974A238-B81A-4D02-9FB6-7A70C0AA6E8F@...872...>
- References: <1463006384-7734-1-git-send-email-eblake@...696...> <575EA656.80508@...696...> <6DD06745-C91C-4BFB-BFE5-92E5982ACB42@...872...> <11f620d2-a51d-5235-5abd-4ced314c9090@...696...> <38ABE56B-CA23-4372-A413-CDA72BDAE86A@...872...> <20160615070522.GC3787@...3...> <20160615080346.GA6994@...3...> <077010D7-81BE-4AD5-B36A-408844852006@...872...> <2050439854.22663791.1465982331939.JavaMail.zimbra@...696...> <2974A238-B81A-4D02-9FB6-7A70C0AA6E8F@...872...>
On 15/06/2016 12:27, Alex Bligh wrote:
> On 15 Jun 2016, at 10:18, Paolo Bonzini <pbonzini@...696...> wrote:
>>> So what should those servers do (like 2 of mine) which don't buffer
>>> the entire read, if they get an error having already sent some data?
>> They have sent an error code of zero, and it turned out to be wrong. So
>> the only thing they can do safely is disconnect.
> Right, but that is not what Wouter's change says:
> + If an error occurs, the server SHOULD set the appropriate error code
> + in the error field. The server MAY then initiate a hard disconnect.
> + If it chooses not to, it MUST NOT send any payload for this request.
> I read this as either
> a) the server can issue a hard disconnect without sending any reply; or
> b) it must send the reply header with no payload
> It also seems to permit not setting the error code (it's only a 'SHOULD'),
> not disconnecting (it's a MAY), then not sending any payload, which is a
> Perhaps this should read "If an error occurs, the server MUST either initiate
> a hard disconnect before the entire payload has been sent or
> set the appropriate code in the error field and send the response header
> without any payload." if we want to go down this route.
Yes, I agree.
I do believe we want to go down this route. I think we agree that
partial buffering may always require the server to disconnect after an
error. Therefore I don't see any benefit at all in sending a payload
after an error message.