[Qemu-devel] [PATCH for-2.9] throttle: Remove block from group on hot-unplug

Eric Blake posted 1 patch 6 years, 11 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20170406190847.29347-1-eblake@redhat.com
Test checkpatch passed
Test docker passed
Test s390x passed
block/block-backend.c | 3 +++
1 file changed, 3 insertions(+)
[Qemu-devel] [PATCH for-2.9] throttle: Remove block from group on hot-unplug
Posted by Eric Blake 6 years, 11 months ago
When a block device that is part of a throttle group is hot-unplugged,
we forgot to remove it from the throttle group. This leaves stale
memory around, and causes an easily reproducible crash:

$ ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio \
-device virtio-scsi-pci,bus=pci.0 -drive \
id=drive_image2,if=none,format=raw,file=file2,bps=512000,iops=100,group=foo \
-device scsi-hd,id=image2,drive=drive_image2 -drive \
id=drive_image3,if=none,format=raw,file=file3,bps=512000,iops=100,group=foo \
-device scsi-hd,id=image3,drive=drive_image3
{'execute':'qmp_capabilities'}
{'execute':'device_del','arguments':{'id':'image3'}}
{'execute':'system_reset'}

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1428810

Suggested-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
---
 block/block-backend.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/block/block-backend.c b/block/block-backend.c
index 0b63773..d27c3a3 100644
--- a/block/block-backend.c
+++ b/block/block-backend.c
@@ -230,6 +230,9 @@ static void blk_delete(BlockBackend *blk)
     assert(!blk->refcnt);
     assert(!blk->name);
     assert(!blk->dev);
+    if (blk->public.throttle_state) {
+        blk_io_limits_disable(blk);
+    }
     if (blk->root) {
         blk_remove_bs(blk);
     }
-- 
2.9.3


Re: [Qemu-devel] [PATCH for-2.9] throttle: Remove block from group on hot-unplug
Posted by Max Reitz 6 years, 11 months ago
On 06.04.2017 21:08, Eric Blake wrote:
> When a block device that is part of a throttle group is hot-unplugged,
> we forgot to remove it from the throttle group. This leaves stale
> memory around, and causes an easily reproducible crash:
> 
> $ ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio \
> -device virtio-scsi-pci,bus=pci.0 -drive \
> id=drive_image2,if=none,format=raw,file=file2,bps=512000,iops=100,group=foo \
> -device scsi-hd,id=image2,drive=drive_image2 -drive \
> id=drive_image3,if=none,format=raw,file=file3,bps=512000,iops=100,group=foo \
> -device scsi-hd,id=image3,drive=drive_image3
> {'execute':'qmp_capabilities'}
> {'execute':'device_del','arguments':{'id':'image3'}}
> {'execute':'system_reset'}
> 
> Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1428810
> 
> Suggested-by: Alberto Garcia <berto@igalia.com>
> Signed-off-by: Eric Blake <eblake@redhat.com>
> ---
>  block/block-backend.c | 3 +++
>  1 file changed, 3 insertions(+)

Thanks, applied to my block branch:

https://github.com/XanClic/qemu/commits/block

Max

Re: [Qemu-devel] [Qemu-block] [PATCH for-2.9] throttle: Remove block from group on hot-unplug
Posted by Stefan Hajnoczi 6 years, 11 months ago
On Thu, Apr 06, 2017 at 02:08:47PM -0500, Eric Blake wrote:
> When a block device that is part of a throttle group is hot-unplugged,
> we forgot to remove it from the throttle group. This leaves stale
> memory around, and causes an easily reproducible crash:
> 
> $ ./x86_64-softmmu/qemu-system-x86_64 -nodefaults -nographic -qmp stdio \
> -device virtio-scsi-pci,bus=pci.0 -drive \
> id=drive_image2,if=none,format=raw,file=file2,bps=512000,iops=100,group=foo \
> -device scsi-hd,id=image2,drive=drive_image2 -drive \
> id=drive_image3,if=none,format=raw,file=file3,bps=512000,iops=100,group=foo \
> -device scsi-hd,id=image3,drive=drive_image3
> {'execute':'qmp_capabilities'}
> {'execute':'device_del','arguments':{'id':'image3'}}
> {'execute':'system_reset'}
> 
> Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1428810
> 
> Suggested-by: Alberto Garcia <berto@igalia.com>
> Signed-off-by: Eric Blake <eblake@redhat.com>
> ---
>  block/block-backend.c | 3 +++
>  1 file changed, 3 insertions(+)

Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>