From nobody Sat May 4 06:51:45 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1510260268183207.7953236940806; Thu, 9 Nov 2017 12:44:28 -0800 (PST) Received: from localhost ([::1]:38719 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eCtgW-00081E-5J for importer@patchew.org; Thu, 09 Nov 2017 15:44:24 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41207) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1eCtfh-0007hM-Ej for qemu-devel@nongnu.org; Thu, 09 Nov 2017 15:43:34 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1eCtfg-0005zR-Fg for qemu-devel@nongnu.org; Thu, 09 Nov 2017 15:43:33 -0500 Received: from mx1.redhat.com ([209.132.183.28]:41284) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1eCtfa-0005sk-3U; Thu, 09 Nov 2017 15:43:26 -0500 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0E2F8916AB; Thu, 9 Nov 2017 20:43:25 +0000 (UTC) Received: from localhost (ovpn-204-42.brq.redhat.com [10.40.204.42]) by smtp.corp.redhat.com (Postfix) with ESMTPS id C9CB760016; Thu, 9 Nov 2017 20:43:17 +0000 (UTC) From: Max Reitz To: qemu-block@nongnu.org Date: Thu, 9 Nov 2017 21:43:15 +0100 Message-Id: <20171109204315.27072-1-mreitz@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Thu, 09 Nov 2017 20:43:25 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH for-2.11] block: Keep strong reference when draining all BDS X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , Fam Zheng , qemu-devel@nongnu.org, Stefan Hajnoczi , Max Reitz Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Draining a BDS may lead to graph modifications, which in turn may result in it and other BDS being stripped of their current references. If bdrv_drain_all_begin() and bdrv_drain_all_end() do not keep strong references themselves, the BDS they are trying to drain (or undrain) may disappear right under their feet -- or, more specifically, under the feet of BDRV_POLL_WHILE() in bdrv_drain_recurse(). This fixes an occasional hang of iotest 194. Signed-off-by: Max Reitz Reviewed-by: Eric Blake --- block/io.c | 47 ++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 44 insertions(+), 3 deletions(-) diff --git a/block/io.c b/block/io.c index 3d5ef2cabe..a0a2833e8e 100644 --- a/block/io.c +++ b/block/io.c @@ -340,7 +340,10 @@ void bdrv_drain_all_begin(void) bool waited =3D true; BlockDriverState *bs; BdrvNextIterator it; - GSList *aio_ctxs =3D NULL, *ctx; + GSList *aio_ctxs =3D NULL, *ctx, *bs_list =3D NULL, *bs_list_entry; + + /* Must be called from the main loop */ + assert(qemu_get_current_aio_context() =3D=3D qemu_get_aio_context()); =20 block_job_pause_all(); =20 @@ -355,6 +358,12 @@ void bdrv_drain_all_begin(void) if (!g_slist_find(aio_ctxs, aio_context)) { aio_ctxs =3D g_slist_prepend(aio_ctxs, aio_context); } + + /* Keep a strong reference to all root BDS and copy them into + * an own list because draining them may lead to graph + * modifications. */ + bdrv_ref(bs); + bs_list =3D g_slist_prepend(bs_list, bs); } =20 /* Note that completion of an asynchronous I/O operation can trigger a= ny @@ -370,7 +379,11 @@ void bdrv_drain_all_begin(void) AioContext *aio_context =3D ctx->data; =20 aio_context_acquire(aio_context); - for (bs =3D bdrv_first(&it); bs; bs =3D bdrv_next(&it)) { + for (bs_list_entry =3D bs_list; bs_list_entry; + bs_list_entry =3D bs_list_entry->next) + { + bs =3D bs_list_entry->data; + if (aio_context =3D=3D bdrv_get_aio_context(bs)) { waited |=3D bdrv_drain_recurse(bs, true); } @@ -379,24 +392,52 @@ void bdrv_drain_all_begin(void) } } =20 + for (bs_list_entry =3D bs_list; bs_list_entry; + bs_list_entry =3D bs_list_entry->next) + { + bdrv_unref(bs_list_entry->data); + } + g_slist_free(aio_ctxs); + g_slist_free(bs_list); } =20 void bdrv_drain_all_end(void) { BlockDriverState *bs; BdrvNextIterator it; + GSList *bs_list =3D NULL, *bs_list_entry; + + /* Must be called from the main loop */ + assert(qemu_get_current_aio_context() =3D=3D qemu_get_aio_context()); =20 + /* Keep a strong reference to all root BDS and copy them into an + * own list because draining them may lead to graph modifications. + */ for (bs =3D bdrv_first(&it); bs; bs =3D bdrv_next(&it)) { - AioContext *aio_context =3D bdrv_get_aio_context(bs); + bdrv_ref(bs); + bs_list =3D g_slist_prepend(bs_list, bs); + } + + for (bs_list_entry =3D bs_list; bs_list_entry; + bs_list_entry =3D bs_list_entry->next) + { + AioContext *aio_context; + + bs =3D bs_list_entry->data; + aio_context =3D bdrv_get_aio_context(bs); =20 aio_context_acquire(aio_context); aio_enable_external(aio_context); bdrv_parent_drained_end(bs); bdrv_drain_recurse(bs, false); aio_context_release(aio_context); + + bdrv_unref(bs); } =20 + g_slist_free(bs_list); + block_job_resume_all(); } =20 --=20 2.13.6