From: Kevin Wolf <kwolf@redhat.com>
To: qemu-block@nongnu.org
Cc: kwolf@redhat.com, qemu-devel@nongnu.org
Subject: [PULL 02/15] nbd/server: Fix race in draining the export
Date: Mon, 18 Mar 2024 14:01:05 +0100 [thread overview]
Message-ID: <20240318130118.358920-3-kwolf@redhat.com> (raw)
In-Reply-To: <20240318130118.358920-1-kwolf@redhat.com>
When draining an NBD export, nbd_drained_begin() first sets
client->quiescing so that nbd_client_receive_next_request() won't start
any new request coroutines. Then nbd_drained_poll() tries to makes sure
that we wait for any existing request coroutines by checking that
client->nb_requests has become 0.
However, there is a small window between creating a new request
coroutine and increasing client->nb_requests. If a coroutine is in this
state, it won't be waited for and drain returns too early.
In the context of switching to a different AioContext, this means that
blk_aio_attached() will see client->recv_coroutine != NULL and fail its
assertion.
Fix this by increasing client->nb_requests immediately when starting the
coroutine. Doing this after the checks if we should create a new
coroutine is okay because client->lock is held.
Cc: qemu-stable@nongnu.org
Fixes: fd6afc501a01 ("nbd/server: Use drained block ops to quiesce the server")
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240314165825.40261-2-kwolf@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
nbd/server.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/nbd/server.c b/nbd/server.c
index 941832f178..c3484cc1eb 100644
--- a/nbd/server.c
+++ b/nbd/server.c
@@ -3007,8 +3007,8 @@ static coroutine_fn int nbd_handle_request(NBDClient *client,
/* Owns a reference to the NBDClient passed as opaque. */
static coroutine_fn void nbd_trip(void *opaque)
{
- NBDClient *client = opaque;
- NBDRequestData *req = NULL;
+ NBDRequestData *req = opaque;
+ NBDClient *client = req->client;
NBDRequest request = { 0 }; /* GCC thinks it can be used uninitialized */
int ret;
Error *local_err = NULL;
@@ -3037,8 +3037,6 @@ static coroutine_fn void nbd_trip(void *opaque)
goto done;
}
- req = nbd_request_get(client);
-
/*
* nbd_co_receive_request() returns -EAGAIN when nbd_drained_begin() has
* set client->quiescing but by the time we get back nbd_drained_end() may
@@ -3112,9 +3110,7 @@ static coroutine_fn void nbd_trip(void *opaque)
}
done:
- if (req) {
- nbd_request_put(req);
- }
+ nbd_request_put(req);
qemu_mutex_unlock(&client->lock);
@@ -3143,10 +3139,13 @@ disconnect:
*/
static void nbd_client_receive_next_request(NBDClient *client)
{
+ NBDRequestData *req;
+
if (!client->recv_coroutine && client->nb_requests < MAX_NBD_REQUESTS &&
!client->quiescing) {
nbd_client_get(client);
- client->recv_coroutine = qemu_coroutine_create(nbd_trip, client);
+ req = nbd_request_get(client);
+ client->recv_coroutine = qemu_coroutine_create(nbd_trip, req);
aio_co_schedule(client->exp->common.ctx, client->recv_coroutine);
}
}
--
2.44.0
next prev parent reply other threads:[~2024-03-18 13:05 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-18 13:01 [PULL 00/15] Block layer patches Kevin Wolf
2024-03-18 13:01 ` [PULL 01/15] mirror: Don't call job_pause_point() under graph lock Kevin Wolf
2024-03-18 13:01 ` Kevin Wolf [this message]
2024-03-18 13:01 ` [PULL 03/15] iotests: Add test for reset/AioContext switches with NBD exports Kevin Wolf
2024-03-18 13:01 ` [PULL 04/15] blockdev: Fix blockdev-snapshot-sync error reporting for no medium Kevin Wolf
2024-03-18 13:01 ` [PULL 05/15] qemu-img: Fix Column Width and Improve Formatting in snapshot list Kevin Wolf
2024-03-18 13:01 ` [PULL 06/15] tests/qemu-iotests: Fix test 033 for running with non-file protocols Kevin Wolf
2024-03-18 13:01 ` [PULL 07/15] tests/qemu-iotests: Restrict test 066 to the 'file' protocol Kevin Wolf
2024-03-18 13:01 ` [PULL 08/15] tests/qemu-iotests: Restrict test 114 " Kevin Wolf
2024-03-18 13:01 ` [PULL 09/15] tests/qemu-iotests: Restrict test 130 " Kevin Wolf
2024-03-18 13:01 ` [PULL 10/15] tests/qemu-iotests: Restrict test 134 and 158 " Kevin Wolf
2024-03-18 13:01 ` [PULL 11/15] tests/qemu-iotests: Restrict test 156 " Kevin Wolf
2024-03-18 13:01 ` [PULL 12/15] tests/qemu-iotests: Restrict tests that use --image-opts " Kevin Wolf
2024-03-18 13:01 ` [PULL 13/15] tests/qemu-iotests: Fix some tests that use --image-opts for other protocols Kevin Wolf
2024-03-18 13:01 ` [PULL 14/15] tests/qemu-iotests: Restrict tests using "--blockdev file" to the file protocol Kevin Wolf
2024-03-18 13:01 ` [PULL 15/15] iotests: adapt to output change for recently introduced 'detached header' field Kevin Wolf
2024-03-19 10:23 ` [PULL 00/15] Block layer patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240318130118.358920-3-kwolf@redhat.com \
--to=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.