From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:39679) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TEKfc-0001EG-E8 for qemu-devel@nongnu.org; Wed, 19 Sep 2012 09:50:34 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1TEKfW-0005ZV-6x for qemu-devel@nongnu.org; Wed, 19 Sep 2012 09:50:28 -0400 Received: from mail-pb0-f45.google.com ([209.85.160.45]:56240) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1TEKfW-0005IH-0A for qemu-devel@nongnu.org; Wed, 19 Sep 2012 09:50:22 -0400 Received: by mail-pb0-f45.google.com with SMTP id rp12so2503409pbb.4 for ; Wed, 19 Sep 2012 06:50:21 -0700 (PDT) Sender: Paolo Bonzini From: Paolo Bonzini Date: Wed, 19 Sep 2012 15:49:49 +0200 Message-Id: <1348062596-30446-6-git-send-email-pbonzini@redhat.com> In-Reply-To: <1348062596-30446-1-git-send-email-pbonzini@redhat.com> References: <1348062596-30446-1-git-send-email-pbonzini@redhat.com> Subject: [Qemu-devel] [PATCH 05/12] nbd: do not leak nbd_trip coroutines when a connection is torn down List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Because nbd_client_close removes the I/O handlers for the client socket, there is no way that any suspended coroutines are restarted. This will be a problem with the QEMU embedded NBD server, because we will have a QMP command to forcibly close all connections with the clients. Instead, we can exploit the reference counting of NBDClients; shutdown the client socket, which will make it readable and writeable. Also call the close callback, which will release the user's reference. The coroutines then will fail and exit cleanly, and release all remaining references, until the last refcount finally triggers the closure of the client. Signed-off-by: Paolo Bonzini --- nbd.c | 33 +++++++++++++++++++++++++++------ nbd.h | 1 + 2 file modificati, 28 inserzioni(+), 6 rimozioni(-) diff --git a/nbd.c b/nbd.c index 4aeb80a..eb72f4a 100644 --- a/nbd.c +++ b/nbd.c @@ -109,6 +109,7 @@ struct NBDClient { Coroutine *send_coroutine; int nb_requests; + bool closing; }; /* That's all folks */ @@ -655,19 +656,35 @@ void nbd_client_get(NBDClient *client) void nbd_client_put(NBDClient *client) { if (--client->refcount == 0) { + /* The last reference should be dropped by client->close, + * which is called by nbd_client_close. + */ + assert(client->closing); + + qemu_set_fd_handler2(client->sock, NULL, NULL, NULL, NULL); + close(client->sock); + client->sock = -1; g_free(client); } } -static void nbd_client_close(NBDClient *client) +void nbd_client_close(NBDClient *client) { - qemu_set_fd_handler2(client->sock, NULL, NULL, NULL, NULL); - close(client->sock); - client->sock = -1; + if (client->closing) { + return; + } + + client->closing = true; + + /* Force requests to finish. They will drop their own references, + * then we'll close the socket and free the NBDClient. + */ + shutdown(client->sock, 2); + + /* Also tell the client, so that they release their reference. */ if (client->close) { client->close(client); } - nbd_client_put(client); } static NBDRequest *nbd_request_get(NBDClient *client) @@ -810,14 +827,18 @@ out: static void nbd_trip(void *opaque) { NBDClient *client = opaque; - NBDRequest *req = nbd_request_get(client); NBDExport *exp = client->exp; + NBDRequest *req; struct nbd_request request; struct nbd_reply reply; ssize_t ret; TRACE("Reading request."); + if (client->closing) { + return; + } + req = nbd_request_get(client); ret = nbd_co_receive_request(req, &request); if (ret == -EAGAIN) { goto done; diff --git a/nbd.h b/nbd.h index a9038dc..8b84a50 100644 --- a/nbd.h +++ b/nbd.h @@ -84,6 +84,7 @@ void nbd_export_close(NBDExport *exp); NBDClient *nbd_client_new(NBDExport *exp, int csock, void (*close)(NBDClient *)); +void nbd_client_close(NBDClient *client); void nbd_client_get(NBDClient *client); void nbd_client_put(NBDClient *client); -- 1.7.12