On 14/01/20 17:28, Stefan Hajnoczi wrote:
> On Wed, Jan 08, 2020 at 03:55:53PM +0100, Paolo Bonzini wrote:
>> Peter Lieven noticed that reqs->overlap_offset and reqs->overlap_bytes
>> are written outside bs->reqs_lock.  Patch 3 fixes it, while patches 1
>> and 2 are preparatory cleanups.
>>
>> v1->v2: fix comment in patch 2, commit message in patch 3 [Kevin]
>>
>> Paolo Bonzini (3):
>>   block: eliminate BDRV_REQ_NO_SERIALISING
>>   block/io: wait for serialising requests when a request becomes
>>     serialising
>>   block/io: take bs->reqs_lock in bdrv_mark_request_serialising
>>
>>  block/file-posix.c        |   1 -
>>  block/io.c                | 162 +++++++++++++++++++++++-----------------------
>>  include/block/block.h     |  12 ----
>>  include/block/block_int.h |   3 +-
>>  4 files changed, 81 insertions(+), 97 deletions(-)
> Is it possible to trigger the bug somehow?
> 
> Can you implement a test case?

No, it was found by inspection only, and it's actually protected by the
AioContext lock for now.

Paolo