Series comparison

-[Qemu-devel] [PULL 0/4] Block patches
+[PULL for-6.1 0/3] Block patches
-The following changes since commit f58d9620aa4a514b1227074ff56eefd1334a6225:
+The following changes since commit 3521ade3510eb5cefb2e27a101667f25dad89935:
-  Merge remote-tracking branch 'remotes/rth/tags/pull-dt-20180326' into staging (2018-03-27 10:27:34 +0100)
+  Merge remote-tracking branch 'remotes/thuth-gitlab/tags/pull-request-2021-07-29' into staging (2021-07-29 13:17:20 +0100)
 are available in the Git repository at:
-  git://github.com/stefanha/qemu.git tags/block-pull-request
+  https://gitlab.com/stefanha/qemu.git tags/block-pull-request
-for you to fetch changes up to f5a53faad4bfbf1b86012a13055d2a1a774a42b6:
+for you to fetch changes up to cc8eecd7f105a1dff5876adeb238a14696061a4a:
-  MAINTAINERS: add include/block/aio-wait.h (2018-03-27 13:05:48 +0100)
+  MAINTAINERS: Added myself as a reviewer for the NVMe Block Driver (2021-07-29 17:17:34 +0100)
 ----------------------------------------------------------------
 Pull request
 The main fix here is for io_uring. Spurious -EAGAIN errors can happen and the
 request needs to be resubmitted.
 The MAINTAINERS changes carry no risk and we might as well include them in QEMU
 .1.
 ----------------------------------------------------------------
-----------------------------------------------------------------
+Fabian Ebner (1):
   block/io_uring: resubmit when result is -EAGAIN
-Stefan Hajnoczi (4):
+Philippe Mathieu-Daudé (1):
-  queue: add QSIMPLEQ_PREPEND()
+  MAINTAINERS: Added myself as a reviewer for the NVMe Block Driver
   coroutine: avoid co_queue_wakeup recursion
   coroutine: add test-aio coroutine queue chaining test case
   MAINTAINERS: add include/block/aio-wait.h
- MAINTAINERS                  |   1 +
+Stefano Garzarella (1):
- include/qemu/coroutine_int.h |   1 -
+  MAINTAINERS: add Stefano Garzarella as io_uring reviewer
- include/qemu/queue.h         |   8 ++++
- block/io.c                   |   3 +-
+ MAINTAINERS      |  2 ++
- tests/test-aio.c             |  65 ++++++++++++++++++++-----
+ block/io_uring.c | 16 +++++++++++++++-
- util/qemu-coroutine-lock.c   |  34 -------------
+files changed, 17 insertions(+), 1 deletion(-)
  util/qemu-coroutine.c        | 110 +++++++++++++++++++++++--------------------
 files changed, 121 insertions(+), 101 deletions(-)
 --
-.14.3
+.31.1

-[Qemu-devel] [PULL 1/4] queue: add QSIMPLEQ_PREPEND()
+Deleted patch
-QSIMPLEQ_CONCAT(a, b) joins a = a + b.  The new QSIMPLEQ_PREPEND(a, b)
-API joins a = b + a.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
-Message-id: 20180322152834.12656-2-stefanha@redhat.com
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
----
- include/qemu/queue.h | 8 ++++++++
-file changed, 8 insertions(+)
-diff --git a/include/qemu/queue.h b/include/qemu/queue.h
-index XXXXXXX..XXXXXXX 100644
---- a/include/qemu/queue.h
-+++ b/include/qemu/queue.h
-@@ -XXX,XX +XXX,XX @@ struct {                                                                \
-     }                                                                   \
- } while (/*CONSTCOND*/0)
-+#define QSIMPLEQ_PREPEND(head1, head2) do {                             \
-+    if (!QSIMPLEQ_EMPTY((head2))) {                                     \
-+        *(head2)->sqh_last = (head1)->sqh_first;                        \
-+        (head1)->sqh_first = (head2)->sqh_first;                          \
-+        QSIMPLEQ_INIT((head2));                                         \
-+    }                                                                   \
-+} while (/*CONSTCOND*/0)
-+
- #define QSIMPLEQ_LAST(head, type, field)                                \
-     (QSIMPLEQ_EMPTY((head)) ?                                           \
-         NULL :                                                          \
---
-.14.3

-[Qemu-devel] [PULL 3/4] coroutine: add test-aio coroutine queue chaining test case
+[PULL for-6.1 1/3] MAINTAINERS: add Stefano Garzarella as io_uring reviewer
-Check that two coroutines can queue each other repeatedly without
+From: Stefano Garzarella <sgarzare@redhat.com>
 hitting stack exhaustion.
-Switch to qemu_init_main_loop() in main() because coroutines use
+I've been working with io_uring for a while so I'd like to help
-qemu_get_aio_context() - they don't know about test-aio's ctx variable.
+with reviews.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
+Signed-off-by: Stefano Garzarella <sgarzare@redhat.com>
-Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
+Message-Id: <20210728131515.131045-1-sgarzare@redhat.com>
 Message-id: 20180322152834.12656-4-stefanha@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- tests/test-aio.c | 65 ++++++++++++++++++++++++++++++++++++++++++++------------
+ MAINTAINERS | 1 +
-file changed, 52 insertions(+), 13 deletions(-)
+file changed, 1 insertion(+)
-diff --git a/tests/test-aio.c b/tests/test-aio.c
+diff --git a/MAINTAINERS b/MAINTAINERS
 index XXXXXXX..XXXXXXX 100644
---- a/tests/test-aio.c
+--- a/MAINTAINERS
-+++ b/tests/test-aio.c
++++ b/MAINTAINERS
-@@ -XXX,XX +XXX,XX @@
+@@ -XXX,XX +XXX,XX @@ Linux io_uring
- #include "qemu/timer.h"
+ M: Aarushi Mehta <mehta.aaru20@gmail.com>
- #include "qemu/sockets.h"
+ M: Julia Suvorova <jusual@redhat.com>
- #include "qemu/error-report.h"
+ M: Stefan Hajnoczi <stefanha@redhat.com>
-+#include "qemu/coroutine.h"
++R: Stefano Garzarella <sgarzare@redhat.com>
-+#include "qemu/main-loop.h"
+ L: qemu-block@nongnu.org
+ S: Maintained
- static AioContext *ctx;
+ F: block/io_uring.c
@@ -XXX,XX +XXX,XX @@ static void test_source_timer_schedule(void)
      timer_del(&data.timer);
  }
 +/*
 + * Check that aio_co_enter() can chain many times
 + *
 + * Two coroutines should be able to invoke each other via aio_co_enter() many
 + * times without hitting a limit like stack exhaustion.  In other words, the
 + * calls should be chained instead of nested.
 + */
 +
 +typedef struct {
 +    Coroutine *other;
 +    unsigned i;
 +    unsigned max;
 +} ChainData;
 +
 +static void coroutine_fn chain(void *opaque)
 +{
 +    ChainData *data = opaque;
 +
 +    for (data->i = 0; data->i < data->max; data->i++) {
 +        /* Queue up the other coroutine... */
 +        aio_co_enter(ctx, data->other);
 +
 +        /* ...and give control to it */
 +        qemu_coroutine_yield();
 +    }
 +}
 +
 +static void test_queue_chaining(void)
 +{
 +    /* This number of iterations hit stack exhaustion in the past: */
 +    ChainData data_a = { .max = 25000 };
 +    ChainData data_b = { .max = 25000 };
 +
 +    data_b.other = qemu_coroutine_create(chain, &data_a);
 +    data_a.other = qemu_coroutine_create(chain, &data_b);
 +
 +    qemu_coroutine_enter(data_b.other);
 +
 +    g_assert_cmpint(data_a.i, ==, data_a.max);
 +    g_assert_cmpint(data_b.i, ==, data_b.max - 1);
 +
 +    /* Allow the second coroutine to terminate */
 +    qemu_coroutine_enter(data_a.other);
 +
 +    g_assert_cmpint(data_b.i, ==, data_b.max);
 +}
  /* End of tests.  */
  int main(int argc, char **argv)
  {
 -    Error *local_error = NULL;
 -    GSource *src;
 -
 -    init_clocks(NULL);
 -
 -    ctx = aio_context_new(&local_error);
 -    if (!ctx) {
 -        error_reportf_err(local_error, "Failed to create AIO Context: ");
 -        exit(1);
 -    }
 -    src = aio_get_g_source(ctx);
 -    g_source_attach(src, NULL);
 -    g_source_unref(src);
 +    qemu_init_main_loop(&error_fatal);
 +    ctx = qemu_get_aio_context();
      while (g_main_context_iteration(NULL, false));
@@ -XXX,XX +XXX,XX @@ int main(int argc, char **argv)
      g_test_add_func("/aio/external-client",         test_aio_external_client);
      g_test_add_func("/aio/timer/schedule",          test_timer_schedule);
 +    g_test_add_func("/aio/coroutine/queue-chaining", test_queue_chaining);
 +
      g_test_add_func("/aio-gsource/flush",                   test_source_flush);
      g_test_add_func("/aio-gsource/bh/schedule",             test_source_bh_schedule);
      g_test_add_func("/aio-gsource/bh/schedule10",           test_source_bh_schedule10);
 --
-.14.3
+.31.1

-[Qemu-devel] [PULL 2/4] coroutine: avoid co_queue_wakeup recursion
+[PULL for-6.1 2/3] block/io_uring: resubmit when result is -EAGAIN
-qemu_aio_coroutine_enter() is (indirectly) called recursively when
+From: Fabian Ebner <f.ebner@proxmox.com>
 processing co_queue_wakeup.  This can lead to stack exhaustion.
-This patch rewrites co_queue_wakeup in an iterative fashion (instead of
+Linux SCSI can throw spurious -EAGAIN in some corner cases in its
-recursive) with bounded memory usage to prevent stack exhaustion.
+completion path, which will end up being the result in the completed
 io_uring request.
-qemu_co_queue_run_restart() is inlined into qemu_aio_coroutine_enter()
+Resubmitting such requests should allow block jobs to complete, even
-and the qemu_coroutine_enter() call is turned into a loop to avoid
+if such spurious errors are encountered.
 recursion.
-There is one change that is worth mentioning:  Previously, when
+Co-authored-by: Stefan Hajnoczi <stefanha@gmail.com>
-coroutine A queued coroutine B, qemu_co_queue_run_restart() entered
+Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
-coroutine B from coroutine A.  If A was terminating then it would still
+Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
-stay alive until B yielded.  After this patch B is entered by A's parent
+Message-id: 20210729091029.65369-1-f.ebner@proxmox.com
 so that a A can be deleted immediately if it is terminating.
 It is safe to make this change since B could never interact with A if it
 was terminating anyway.
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
 Message-id: 20180322152834.12656-3-stefanha@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
- include/qemu/coroutine_int.h |   1 -
+ block/io_uring.c | 16 +++++++++++++++-
- block/io.c                   |   3 +-
+file changed, 15 insertions(+), 1 deletion(-)
  util/qemu-coroutine-lock.c   |  34 -------------
  util/qemu-coroutine.c        | 110 +++++++++++++++++++++++--------------------
 files changed, 60 insertions(+), 88 deletions(-)
-diff --git a/include/qemu/coroutine_int.h b/include/qemu/coroutine_int.h
+diff --git a/block/io_uring.c b/block/io_uring.c
 index XXXXXXX..XXXXXXX 100644
---- a/include/qemu/coroutine_int.h
+--- a/block/io_uring.c
-+++ b/include/qemu/coroutine_int.h
++++ b/block/io_uring.c
-@@ -XXX,XX +XXX,XX @@ Coroutine *qemu_coroutine_new(void);
+@@ -XXX,XX +XXX,XX @@ static void luring_process_completions(LuringState *s)
- void qemu_coroutine_delete(Coroutine *co);
+         total_bytes = ret + luringcb->total_read;
- CoroutineAction qemu_coroutine_switch(Coroutine *from, Coroutine *to,
-                                       CoroutineAction action);
+         if (ret < 0) {
--void coroutine_fn qemu_co_queue_run_restart(Coroutine *co);
+-            if (ret == -EINTR) {
++            /*
- #endif
++             * Only writev/readv/fsync requests on regular files or host block
-diff --git a/block/io.c b/block/io.c
++             * devices are submitted. Therefore -EAGAIN is not expected but it's
-index XXXXXXX..XXXXXXX 100644
++             * known to happen sometimes with Linux SCSI. Submit again and hope
---- a/block/io.c
++             * the request completes successfully.
-+++ b/block/io.c
++             *
-@@ -XXX,XX +XXX,XX @@ static void coroutine_fn bdrv_co_yield_to_drain(BlockDriverState *bs,
++             * For more information, see:
-     BdrvCoDrainData data;
++             * https://lore.kernel.org/io-uring/20210727165811.284510-3-axboe@kernel.dk/T/#u
++             *
-     /* Calling bdrv_drain() from a BH ensures the current coroutine yields and
++             * If the code is changed to submit other types of requests in the
--     * other coroutines run if they were queued from
++             * future, then this workaround may need to be extended to deal with
--     * qemu_co_queue_run_restart(). */
++             * genuine -EAGAIN results that should not be resubmitted
-+     * other coroutines run if they were queued by aio_co_enter(). */
++             * immediately.
++             */
-     assert(qemu_in_coroutine());
++            if (ret == -EINTR || ret == -EAGAIN) {
-     data = (BdrvCoDrainData) {
+                 luring_resubmit(s, luringcb);
-diff --git a/util/qemu-coroutine-lock.c b/util/qemu-coroutine-lock.c
+                 continue;
-index XXXXXXX..XXXXXXX 100644
+             }
 --- a/util/qemu-coroutine-lock.c
 +++ b/util/qemu-coroutine-lock.c
@@ -XXX,XX +XXX,XX @@ void coroutine_fn qemu_co_queue_wait_impl(CoQueue *queue, QemuLockable *lock)
      }
  }
 -/**
 - * qemu_co_queue_run_restart:
 - *
 - * Enter each coroutine that was previously marked for restart by
 - * qemu_co_queue_next() or qemu_co_queue_restart_all().  This function is
 - * invoked by the core coroutine code when the current coroutine yields or
 - * terminates.
 - */
 -void qemu_co_queue_run_restart(Coroutine *co)
 -{
 -    Coroutine *next;
 -    QSIMPLEQ_HEAD(, Coroutine) tmp_queue_wakeup =
 -        QSIMPLEQ_HEAD_INITIALIZER(tmp_queue_wakeup);
 -
 -    trace_qemu_co_queue_run_restart(co);
 -
 -    /* Because "co" has yielded, any coroutine that we wakeup can resume it.
 -     * If this happens and "co" terminates, co->co_queue_wakeup becomes
 -     * invalid memory.  Therefore, use a temporary queue and do not touch
 -     * the "co" coroutine as soon as you enter another one.
 -     *
 -     * In its turn resumed "co" can populate "co_queue_wakeup" queue with
 -     * new coroutines to be woken up.  The caller, who has resumed "co",
 -     * will be responsible for traversing the same queue, which may cause
 -     * a different wakeup order but not any missing wakeups.
 -     */
 -    QSIMPLEQ_CONCAT(&tmp_queue_wakeup, &co->co_queue_wakeup);
 -
 -    while ((next = QSIMPLEQ_FIRST(&tmp_queue_wakeup))) {
 -        QSIMPLEQ_REMOVE_HEAD(&tmp_queue_wakeup, co_queue_next);
 -        qemu_coroutine_enter(next);
 -    }
 -}
 -
  static bool qemu_co_queue_do_restart(CoQueue *queue, bool single)
  {
      Coroutine *next;
 diff --git a/util/qemu-coroutine.c b/util/qemu-coroutine.c
 index XXXXXXX..XXXXXXX 100644
 --- a/util/qemu-coroutine.c
 +++ b/util/qemu-coroutine.c
@@ -XXX,XX +XXX,XX @@ static void coroutine_delete(Coroutine *co)
  void qemu_aio_coroutine_enter(AioContext *ctx, Coroutine *co)
  {
 -    Coroutine *self = qemu_coroutine_self();
 -    CoroutineAction ret;
 -
 -    /* Cannot rely on the read barrier for co in aio_co_wake(), as there are
 -     * callers outside of aio_co_wake() */
 -    const char *scheduled = atomic_mb_read(&co->scheduled);
 -
 -    trace_qemu_aio_coroutine_enter(ctx, self, co, co->entry_arg);
 -
 -    /* if the Coroutine has already been scheduled, entering it again will
 -     * cause us to enter it twice, potentially even after the coroutine has
 -     * been deleted */
 -    if (scheduled) {
 -        fprintf(stderr,
 -                "%s: Co-routine was already scheduled in '%s'\n",
 -                __func__, scheduled);
 -        abort();
 -    }
 -
 -    if (co->caller) {
 -        fprintf(stderr, "Co-routine re-entered recursively\n");
 -        abort();
 -    }
 -
 -    co->caller = self;
 -    co->ctx = ctx;
 -
 -    /* Store co->ctx before anything that stores co.  Matches
 -     * barrier in aio_co_wake and qemu_co_mutex_wake.
 -     */
 -    smp_wmb();
 -
 -    ret = qemu_coroutine_switch(self, co, COROUTINE_ENTER);
 -
 -    qemu_co_queue_run_restart(co);
 -
 -    /* Beware, if ret == COROUTINE_YIELD and qemu_co_queue_run_restart()
 -     * has started any other coroutine, "co" might have been reentered
 -     * and even freed by now!  So be careful and do not touch it.
 -     */
 -
 -    switch (ret) {
 -    case COROUTINE_YIELD:
 -        return;
 -    case COROUTINE_TERMINATE:
 -        assert(!co->locks_held);
 -        trace_qemu_coroutine_terminate(co);
 -        coroutine_delete(co);
 -        return;
 -    default:
 -        abort();
 +    QSIMPLEQ_HEAD(, Coroutine) pending = QSIMPLEQ_HEAD_INITIALIZER(pending);
 +    Coroutine *from = qemu_coroutine_self();
 +
 +    QSIMPLEQ_INSERT_TAIL(&pending, co, co_queue_next);
 +
 +    /* Run co and any queued coroutines */
 +    while (!QSIMPLEQ_EMPTY(&pending)) {
 +        Coroutine *to = QSIMPLEQ_FIRST(&pending);
 +        CoroutineAction ret;
 +
 +        /* Cannot rely on the read barrier for to in aio_co_wake(), as there are
 +         * callers outside of aio_co_wake() */
 +        const char *scheduled = atomic_mb_read(&to->scheduled);
 +
 +        QSIMPLEQ_REMOVE_HEAD(&pending, co_queue_next);
 +
 +        trace_qemu_aio_coroutine_enter(ctx, from, to, to->entry_arg);
 +
 +        /* if the Coroutine has already been scheduled, entering it again will
 +         * cause us to enter it twice, potentially even after the coroutine has
 +         * been deleted */
 +        if (scheduled) {
 +            fprintf(stderr,
 +                    "%s: Co-routine was already scheduled in '%s'\n",
 +                    __func__, scheduled);
 +            abort();
 +        }
 +
 +        if (to->caller) {
 +            fprintf(stderr, "Co-routine re-entered recursively\n");
 +            abort();
 +        }
 +
 +        to->caller = from;
 +        to->ctx = ctx;
 +
 +        /* Store to->ctx before anything that stores to.  Matches
 +         * barrier in aio_co_wake and qemu_co_mutex_wake.
 +         */
 +        smp_wmb();
 +
 +        ret = qemu_coroutine_switch(from, to, COROUTINE_ENTER);
 +
 +        /* Queued coroutines are run depth-first; previously pending coroutines
 +         * run after those queued more recently.
 +         */
 +        QSIMPLEQ_PREPEND(&pending, &to->co_queue_wakeup);
 +
 +        switch (ret) {
 +        case COROUTINE_YIELD:
 +            break;
 +        case COROUTINE_TERMINATE:
 +            assert(!to->locks_held);
 +            trace_qemu_coroutine_terminate(to);
 +            coroutine_delete(to);
 +            break;
 +        default:
 +            abort();
 +        }
      }
  }
 --
-.14.3
+.31.1

-[Qemu-devel] [PULL 4/4] MAINTAINERS: add include/block/aio-wait.h
+[PULL for-6.1 3/3] MAINTAINERS: Added myself as a reviewer for the NVMe Block Driver
-The include/block/aio-wait.h header file was added by commit
+From: Philippe Mathieu-Daudé <philmd@redhat.com>
 f3c968c59e1bcda7e177679dc765b59e578f ("block: extract
 AIO_WAIT_WHILE() from BlockDriverState") without updating MAINTAINERS.
-Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
+I'm interested in following the activity around the NVMe bdrv.
-Reviewed-by: Eric Blake <eblake@redhat.com>
-Message-id: 20180312132204.23683-1-stefanha@redhat.com
+Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
 Message-id: 20210728183340.2018313-1-philmd@redhat.com
 Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
 ---
  MAINTAINERS | 1 +
 file changed, 1 insertion(+)
 diff --git a/MAINTAINERS b/MAINTAINERS
 index XXXXXXX..XXXXXXX 100644
 --- a/MAINTAINERS
 +++ b/MAINTAINERS
-@@ -XXX,XX +XXX,XX @@ F: util/aio-*.c
+@@ -XXX,XX +XXX,XX @@ F: block/null.c
- F: block/io.c
+ NVMe Block Driver
- F: migration/block*
+ M: Stefan Hajnoczi <stefanha@redhat.com>
- F: include/block/aio.h
+ R: Fam Zheng <fam@euphon.net>
-+F: include/block/aio-wait.h
++R: Philippe Mathieu-Daudé <philmd@redhat.com>
- F: scripts/qemugdb/aio.py
+ L: qemu-block@nongnu.org
- T: git git://github.com/stefanha/qemu.git block
+ S: Supported
+ F: block/nvme*
 --
-.14.3
+.31.1

The following changes since commit f58d9620aa4a514b1227074ff56eefd1334a6225:

Merge remote-tracking branch 'remotes/rth/tags/pull-dt-20180326' into staging (2018-03-27 10:27:34 +0100)

are available in the Git repository at:

git://github.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to f5a53faad4bfbf1b86012a13055d2a1a774a42b6:

MAINTAINERS: add include/block/aio-wait.h (2018-03-27 13:05:48 +0100)

----------------------------------------------------------------

Stefan Hajnoczi (4):
  queue: add QSIMPLEQ_PREPEND()
  coroutine: avoid co_queue_wakeup recursion
  coroutine: add test-aio coroutine queue chaining test case
  MAINTAINERS: add include/block/aio-wait.h

-- 
2.14.3

QSIMPLEQ_CONCAT(a, b) joins a = a + b.  The new QSIMPLEQ_PREPEND(a, b)
API joins a = b + a.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180322152834.12656-2-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 include/qemu/queue.h | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/include/qemu/queue.h b/include/qemu/queue.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/queue.h
+++ b/include/qemu/queue.h
@@ -XXX,XX +XXX,XX @@ struct {                                                                \
     }                                                                   \
 } while (/*CONSTCOND*/0)
 
+#define QSIMPLEQ_PREPEND(head1, head2) do {                             \
+    if (!QSIMPLEQ_EMPTY((head2))) {                                     \
+        *(head2)->sqh_last = (head1)->sqh_first;                        \
+        (head1)->sqh_first = (head2)->sqh_first;                          \
+        QSIMPLEQ_INIT((head2));                                         \
+    }                                                                   \
+} while (/*CONSTCOND*/0)
+
 #define QSIMPLEQ_LAST(head, type, field)                                \
     (QSIMPLEQ_EMPTY((head)) ?                                           \
         NULL :                                                          \
-- 
2.14.3

qemu_aio_coroutine_enter() is (indirectly) called recursively when
processing co_queue_wakeup.  This can lead to stack exhaustion.

This patch rewrites co_queue_wakeup in an iterative fashion (instead of
recursive) with bounded memory usage to prevent stack exhaustion.

qemu_co_queue_run_restart() is inlined into qemu_aio_coroutine_enter()
and the qemu_coroutine_enter() call is turned into a loop to avoid
recursion.

There is one change that is worth mentioning:  Previously, when
coroutine A queued coroutine B, qemu_co_queue_run_restart() entered
coroutine B from coroutine A.  If A was terminating then it would still
stay alive until B yielded.  After this patch B is entered by A's parent
so that a A can be deleted immediately if it is terminating.

It is safe to make this change since B could never interact with A if it
was terminating anyway.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180322152834.12656-3-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 include/qemu/coroutine_int.h |   1 -
 block/io.c                   |   3 +-
 util/qemu-coroutine-lock.c   |  34 -------------
 util/qemu-coroutine.c        | 110 +++++++++++++++++++++++--------------------
 4 files changed, 60 insertions(+), 88 deletions(-)

diff --git a/include/qemu/coroutine_int.h b/include/qemu/coroutine_int.h
index XXXXXXX..XXXXXXX 100644
--- a/include/qemu/coroutine_int.h
+++ b/include/qemu/coroutine_int.h
@@ -XXX,XX +XXX,XX @@ Coroutine *qemu_coroutine_new(void);
 void qemu_coroutine_delete(Coroutine *co);
 CoroutineAction qemu_coroutine_switch(Coroutine *from, Coroutine *to,
                                       CoroutineAction action);
-void coroutine_fn qemu_co_queue_run_restart(Coroutine *co);
 
 #endif
diff --git a/block/io.c b/block/io.c
index XXXXXXX..XXXXXXX 100644
--- a/block/io.c
+++ b/block/io.c
@@ -XXX,XX +XXX,XX @@ static void coroutine_fn bdrv_co_yield_to_drain(BlockDriverState *bs,
     BdrvCoDrainData data;
 
     /* Calling bdrv_drain() from a BH ensures the current coroutine yields and
-     * other coroutines run if they were queued from
-     * qemu_co_queue_run_restart(). */
+     * other coroutines run if they were queued by aio_co_enter(). */
 
     assert(qemu_in_coroutine());
     data = (BdrvCoDrainData) {
diff --git a/util/qemu-coroutine-lock.c b/util/qemu-coroutine-lock.c
index XXXXXXX..XXXXXXX 100644
--- a/util/qemu-coroutine-lock.c
+++ b/util/qemu-coroutine-lock.c
@@ -XXX,XX +XXX,XX @@ void coroutine_fn qemu_co_queue_wait_impl(CoQueue *queue, QemuLockable *lock)
     }
 }
 
-/**
- * qemu_co_queue_run_restart:
- *
- * Enter each coroutine that was previously marked for restart by
- * qemu_co_queue_next() or qemu_co_queue_restart_all().  This function is
- * invoked by the core coroutine code when the current coroutine yields or
- * terminates.
- */
-void qemu_co_queue_run_restart(Coroutine *co)
-{
-    Coroutine *next;
-    QSIMPLEQ_HEAD(, Coroutine) tmp_queue_wakeup =
-        QSIMPLEQ_HEAD_INITIALIZER(tmp_queue_wakeup);
-
-    trace_qemu_co_queue_run_restart(co);
-
-    /* Because "co" has yielded, any coroutine that we wakeup can resume it.
-     * If this happens and "co" terminates, co->co_queue_wakeup becomes
-     * invalid memory.  Therefore, use a temporary queue and do not touch
-     * the "co" coroutine as soon as you enter another one.
-     *
-     * In its turn resumed "co" can populate "co_queue_wakeup" queue with
-     * new coroutines to be woken up.  The caller, who has resumed "co",
-     * will be responsible for traversing the same queue, which may cause
-     * a different wakeup order but not any missing wakeups.
-     */
-    QSIMPLEQ_CONCAT(&tmp_queue_wakeup, &co->co_queue_wakeup);
-
-    while ((next = QSIMPLEQ_FIRST(&tmp_queue_wakeup))) {
-        QSIMPLEQ_REMOVE_HEAD(&tmp_queue_wakeup, co_queue_next);
-        qemu_coroutine_enter(next);
-    }
-}
-
 static bool qemu_co_queue_do_restart(CoQueue *queue, bool single)
 {
     Coroutine *next;
diff --git a/util/qemu-coroutine.c b/util/qemu-coroutine.c
index XXXXXXX..XXXXXXX 100644
--- a/util/qemu-coroutine.c
+++ b/util/qemu-coroutine.c
@@ -XXX,XX +XXX,XX @@ static void coroutine_delete(Coroutine *co)
 
 void qemu_aio_coroutine_enter(AioContext *ctx, Coroutine *co)
 {
-    Coroutine *self = qemu_coroutine_self();
-    CoroutineAction ret;
-
-    /* Cannot rely on the read barrier for co in aio_co_wake(), as there are
-     * callers outside of aio_co_wake() */
-    const char *scheduled = atomic_mb_read(&co->scheduled);
-
-    trace_qemu_aio_coroutine_enter(ctx, self, co, co->entry_arg);
-
-    /* if the Coroutine has already been scheduled, entering it again will
-     * cause us to enter it twice, potentially even after the coroutine has
-     * been deleted */
-    if (scheduled) {
-        fprintf(stderr,
-                "%s: Co-routine was already scheduled in '%s'\n",
-                __func__, scheduled);
-        abort();
-    }
-
-    if (co->caller) {
-        fprintf(stderr, "Co-routine re-entered recursively\n");
-        abort();
-    }
-
-    co->caller = self;
-    co->ctx = ctx;
-
-    /* Store co->ctx before anything that stores co.  Matches
-     * barrier in aio_co_wake and qemu_co_mutex_wake.
-     */
-    smp_wmb();
-
-    ret = qemu_coroutine_switch(self, co, COROUTINE_ENTER);
-
-    qemu_co_queue_run_restart(co);
-
-    /* Beware, if ret == COROUTINE_YIELD and qemu_co_queue_run_restart()
-     * has started any other coroutine, "co" might have been reentered
-     * and even freed by now!  So be careful and do not touch it.
-     */
-
-    switch (ret) {
-    case COROUTINE_YIELD:
-        return;
-    case COROUTINE_TERMINATE:
-        assert(!co->locks_held);
-        trace_qemu_coroutine_terminate(co);
-        coroutine_delete(co);
-        return;
-    default:
-        abort();
+    QSIMPLEQ_HEAD(, Coroutine) pending = QSIMPLEQ_HEAD_INITIALIZER(pending);
+    Coroutine *from = qemu_coroutine_self();
+
+    QSIMPLEQ_INSERT_TAIL(&pending, co, co_queue_next);
+
+    /* Run co and any queued coroutines */
+    while (!QSIMPLEQ_EMPTY(&pending)) {
+        Coroutine *to = QSIMPLEQ_FIRST(&pending);
+        CoroutineAction ret;
+
+        /* Cannot rely on the read barrier for to in aio_co_wake(), as there are
+         * callers outside of aio_co_wake() */
+        const char *scheduled = atomic_mb_read(&to->scheduled);
+
+        QSIMPLEQ_REMOVE_HEAD(&pending, co_queue_next);
+
+        trace_qemu_aio_coroutine_enter(ctx, from, to, to->entry_arg);
+
+        /* if the Coroutine has already been scheduled, entering it again will
+         * cause us to enter it twice, potentially even after the coroutine has
+         * been deleted */
+        if (scheduled) {
+            fprintf(stderr,
+                    "%s: Co-routine was already scheduled in '%s'\n",
+                    __func__, scheduled);
+            abort();
+        }
+
+        if (to->caller) {
+            fprintf(stderr, "Co-routine re-entered recursively\n");
+            abort();
+        }
+
+        to->caller = from;
+        to->ctx = ctx;
+
+        /* Store to->ctx before anything that stores to.  Matches
+         * barrier in aio_co_wake and qemu_co_mutex_wake.
+         */
+        smp_wmb();
+
+        ret = qemu_coroutine_switch(from, to, COROUTINE_ENTER);
+
+        /* Queued coroutines are run depth-first; previously pending coroutines
+         * run after those queued more recently.
+         */
+        QSIMPLEQ_PREPEND(&pending, &to->co_queue_wakeup);
+
+        switch (ret) {
+        case COROUTINE_YIELD:
+            break;
+        case COROUTINE_TERMINATE:
+            assert(!to->locks_held);
+            trace_qemu_coroutine_terminate(to);
+            coroutine_delete(to);
+            break;
+        default:
+            abort();
+        }
     }
 }
 
-- 
2.14.3

Check that two coroutines can queue each other repeatedly without
hitting stack exhaustion.

Switch to qemu_init_main_loop() in main() because coroutines use
qemu_get_aio_context() - they don't know about test-aio's ctx variable.

Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 20180322152834.12656-4-stefanha@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 tests/test-aio.c | 65 ++++++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 52 insertions(+), 13 deletions(-)

diff --git a/tests/test-aio.c b/tests/test-aio.c
index XXXXXXX..XXXXXXX 100644
--- a/tests/test-aio.c
+++ b/tests/test-aio.c
@@ -XXX,XX +XXX,XX @@
 #include "qemu/timer.h"
 #include "qemu/sockets.h"
 #include "qemu/error-report.h"
+#include "qemu/coroutine.h"
+#include "qemu/main-loop.h"
 
 static AioContext *ctx;
 
@@ -XXX,XX +XXX,XX @@ static void test_source_timer_schedule(void)
     timer_del(&data.timer);
 }
 
+/*
+ * Check that aio_co_enter() can chain many times
+ *
+ * Two coroutines should be able to invoke each other via aio_co_enter() many
+ * times without hitting a limit like stack exhaustion.  In other words, the
+ * calls should be chained instead of nested.
+ */
+
+typedef struct {
+    Coroutine *other;
+    unsigned i;
+    unsigned max;
+} ChainData;
+
+static void coroutine_fn chain(void *opaque)
+{
+    ChainData *data = opaque;
+
+    for (data->i = 0; data->i < data->max; data->i++) {
+        /* Queue up the other coroutine... */
+        aio_co_enter(ctx, data->other);
+
+        /* ...and give control to it */
+        qemu_coroutine_yield();
+    }
+}
+
+static void test_queue_chaining(void)
+{
+    /* This number of iterations hit stack exhaustion in the past: */
+    ChainData data_a = { .max = 25000 };
+    ChainData data_b = { .max = 25000 };
+
+    data_b.other = qemu_coroutine_create(chain, &data_a);
+    data_a.other = qemu_coroutine_create(chain, &data_b);
+
+    qemu_coroutine_enter(data_b.other);
+
+    g_assert_cmpint(data_a.i, ==, data_a.max);
+    g_assert_cmpint(data_b.i, ==, data_b.max - 1);
+
+    /* Allow the second coroutine to terminate */
+    qemu_coroutine_enter(data_a.other);
+
+    g_assert_cmpint(data_b.i, ==, data_b.max);
+}
 
 /* End of tests.  */
 
 int main(int argc, char **argv)
 {
-    Error *local_error = NULL;
-    GSource *src;
-
-    init_clocks(NULL);
-
-    ctx = aio_context_new(&local_error);
-    if (!ctx) {
-        error_reportf_err(local_error, "Failed to create AIO Context: ");
-        exit(1);
-    }
-    src = aio_get_g_source(ctx);
-    g_source_attach(src, NULL);
-    g_source_unref(src);
+    qemu_init_main_loop(&error_fatal);
+    ctx = qemu_get_aio_context();
 
     while (g_main_context_iteration(NULL, false));
 
@@ -XXX,XX +XXX,XX @@ int main(int argc, char **argv)
     g_test_add_func("/aio/external-client",         test_aio_external_client);
     g_test_add_func("/aio/timer/schedule",          test_timer_schedule);
 
+    g_test_add_func("/aio/coroutine/queue-chaining", test_queue_chaining);
+
     g_test_add_func("/aio-gsource/flush",                   test_source_flush);
     g_test_add_func("/aio-gsource/bh/schedule",             test_source_bh_schedule);
     g_test_add_func("/aio-gsource/bh/schedule10",           test_source_bh_schedule10);
-- 
2.14.3

The following changes since commit 3521ade3510eb5cefb2e27a101667f25dad89935:

Merge remote-tracking branch 'remotes/thuth-gitlab/tags/pull-request-2021-07-29' into staging (2021-07-29 13:17:20 +0100)

are available in the Git repository at:

https://gitlab.com/stefanha/qemu.git tags/block-pull-request

for you to fetch changes up to cc8eecd7f105a1dff5876adeb238a14696061a4a:

MAINTAINERS: Added myself as a reviewer for the NVMe Block Driver (2021-07-29 17:17:34 +0100)

----------------------------------------------------------------
Pull request

The main fix here is for io_uring. Spurious -EAGAIN errors can happen and the
request needs to be resubmitted.

The MAINTAINERS changes carry no risk and we might as well include them in QEMU
6.1.

----------------------------------------------------------------

Fabian Ebner (1):
  block/io_uring: resubmit when result is -EAGAIN

Philippe Mathieu-Daudé (1):
  MAINTAINERS: Added myself as a reviewer for the NVMe Block Driver

Stefano Garzarella (1):
  MAINTAINERS: add Stefano Garzarella as io_uring reviewer

MAINTAINERS      |  2 ++
 block/io_uring.c | 16 +++++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

-- 
2.31.1

From: Fabian Ebner <f.ebner@proxmox.com>

Linux SCSI can throw spurious -EAGAIN in some corner cases in its
completion path, which will end up being the result in the completed
io_uring request.

Resubmitting such requests should allow block jobs to complete, even
if such spurious errors are encountered.

Co-authored-by: Stefan Hajnoczi <stefanha@gmail.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Fabian Ebner <f.ebner@proxmox.com>
Message-id: 20210729091029.65369-1-f.ebner@proxmox.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
---
 block/io_uring.c | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/block/io_uring.c b/block/io_uring.c
index XXXXXXX..XXXXXXX 100644
--- a/block/io_uring.c
+++ b/block/io_uring.c
@@ -XXX,XX +XXX,XX @@ static void luring_process_completions(LuringState *s)
         total_bytes = ret + luringcb->total_read;
 
         if (ret < 0) {
-            if (ret == -EINTR) {
+            /*
+             * Only writev/readv/fsync requests on regular files or host block
+             * devices are submitted. Therefore -EAGAIN is not expected but it's
+             * known to happen sometimes with Linux SCSI. Submit again and hope
+             * the request completes successfully.
+             *
+             * For more information, see:
+             * https://lore.kernel.org/io-uring/20210727165811.284510-3-axboe@kernel.dk/T/#u
+             *
+             * If the code is changed to submit other types of requests in the
+             * future, then this workaround may need to be extended to deal with
+             * genuine -EAGAIN results that should not be resubmitted
+             * immediately.
+             */
+            if (ret == -EINTR || ret == -EAGAIN) {
                 luring_resubmit(s, luringcb);
                 continue;
             }
-- 
2.31.1