From: "Michael S. Tsirkin" <mst@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
Greg Kurz <groug@kaod.org>, Stefan Hajnoczi <stefanha@redhat.com>,
Kevin Wolf <kwolf@redhat.com>, Max Reitz <mreitz@redhat.com>,
qemu-block@nongnu.org
Subject: [Qemu-devel] [PULL 14/33] virtio-blk: handle virtio_blk_handle_request() errors
Date: Mon, 10 Oct 2016 05:57:53 +0300 [thread overview]
Message-ID: <1476057841-21108-15-git-send-email-mst@redhat.com> (raw)
In-Reply-To: <1476057841-21108-1-git-send-email-mst@redhat.com>
From: Greg Kurz <groug@kaod.org>
All these errors are caused by a buggy guest: QEMU should not exit.
With this patch, if virtio_blk_handle_request() detects a buggy request, it
marks the device as broken and returns an error to the caller so it takes
appropriate action.
In the case of virtio_blk_handle_vq(), we detach the request from the
virtqueue, free its allocated memory and stop popping new requests.
We don't need to bother about multireq since virtio_blk_handle_request()
errors out early and mrb.num_reqs == 0.
In the case of virtio_blk_dma_restart_bh(), we need to detach and free all
queued requests as well.
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
---
hw/block/virtio-blk.c | 38 ++++++++++++++++++++++++++++----------
1 file changed, 28 insertions(+), 10 deletions(-)
diff --git a/hw/block/virtio-blk.c b/hw/block/virtio-blk.c
index bbacd56..0ddd7fb 100644
--- a/hw/block/virtio-blk.c
+++ b/hw/block/virtio-blk.c
@@ -468,30 +468,32 @@ static bool virtio_blk_sect_range_ok(VirtIOBlock *dev,
return true;
}
-static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
+static int virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
{
uint32_t type;
struct iovec *in_iov = req->elem.in_sg;
struct iovec *iov = req->elem.out_sg;
unsigned in_num = req->elem.in_num;
unsigned out_num = req->elem.out_num;
+ VirtIOBlock *s = req->dev;
+ VirtIODevice *vdev = VIRTIO_DEVICE(s);
if (req->elem.out_num < 1 || req->elem.in_num < 1) {
- error_report("virtio-blk missing headers");
- exit(1);
+ virtio_error(vdev, "virtio-blk missing headers");
+ return -1;
}
if (unlikely(iov_to_buf(iov, out_num, 0, &req->out,
sizeof(req->out)) != sizeof(req->out))) {
- error_report("virtio-blk request outhdr too short");
- exit(1);
+ virtio_error(vdev, "virtio-blk request outhdr too short");
+ return -1;
}
iov_discard_front(&iov, &out_num, sizeof(req->out));
if (in_iov[in_num - 1].iov_len < sizeof(struct virtio_blk_inhdr)) {
- error_report("virtio-blk request inhdr too short");
- exit(1);
+ virtio_error(vdev, "virtio-blk request inhdr too short");
+ return -1;
}
/* We always touch the last byte, so just see how big in_iov is. */
@@ -529,7 +531,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
block_acct_invalid(blk_get_stats(req->dev->blk),
is_write ? BLOCK_ACCT_WRITE : BLOCK_ACCT_READ);
virtio_blk_free_request(req);
- return;
+ return 0;
}
block_acct_start(blk_get_stats(req->dev->blk),
@@ -576,6 +578,7 @@ static void virtio_blk_handle_request(VirtIOBlockReq *req, MultiReqBuffer *mrb)
virtio_blk_req_complete(req, VIRTIO_BLK_S_UNSUPP);
virtio_blk_free_request(req);
}
+ return 0;
}
void virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq)
@@ -586,7 +589,11 @@ void virtio_blk_handle_vq(VirtIOBlock *s, VirtQueue *vq)
blk_io_plug(s->blk);
while ((req = virtio_blk_get_request(s, vq))) {
- virtio_blk_handle_request(req, &mrb);
+ if (virtio_blk_handle_request(req, &mrb)) {
+ virtqueue_detach_element(req->vq, &req->elem, 0);
+ virtio_blk_free_request(req);
+ break;
+ }
}
if (mrb.num_reqs) {
@@ -625,7 +632,18 @@ static void virtio_blk_dma_restart_bh(void *opaque)
while (req) {
VirtIOBlockReq *next = req->next;
- virtio_blk_handle_request(req, &mrb);
+ if (virtio_blk_handle_request(req, &mrb)) {
+ /* Device is now broken and won't do any processing until it gets
+ * reset. Already queued requests will be lost: let's purge them.
+ */
+ while (req) {
+ next = req->next;
+ virtqueue_detach_element(req->vq, &req->elem, 0);
+ virtio_blk_free_request(req);
+ req = next;
+ }
+ break;
+ }
req = next;
}
--
MST
next prev parent reply other threads:[~2016-10-10 2:58 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-10 2:57 [Qemu-devel] [PULL 00/33] virtio, pc: fixes and features Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 01/33] virtio-balloon: Remove needless precompiled directive Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 02/33] virtio-serial: add plumbing for virtio console emergency write support Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 03/33] virtio-serial: enable virtio console emergency write feature Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 04/33] numa: reduce code duplication by adding helper numa_get_node_for_cpu() Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 05/33] acpi: provide _PXM method for CPU devices if QEMU is started numa enabled Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 06/33] tests: acpi: extend cphp testcase with numa check Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 07/33] tests: acpi tables expected blobs update Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 08/33] virtio: add virtio_detach_element() Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 09/33] virtio-blk: add missing virtio_detach_element() call Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 10/33] virtio-serial: " Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 11/33] virtio-9p: add parentheses to sizeof operator Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 12/33] virtio-blk: make some functions static Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 13/33] virtio-9p: handle handle_9p_output() error Michael S. Tsirkin
2016-10-10 2:57 ` Michael S. Tsirkin [this message]
2016-10-10 2:57 ` [Qemu-devel] [PULL 15/33] virtio-net: handle virtio_net_handle_ctrl() error Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 16/33] virtio-net: handle virtio_net_receive() errors Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 17/33] virtio-net: handle virtio_net_flush_tx() errors Michael S. Tsirkin
2016-10-10 2:57 ` [Qemu-devel] [PULL 18/33] virtio-scsi: convert virtio_scsi_bad_req() to use virtio_error() Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 19/33] virtio-scsi: handle virtio_scsi_set_config() error Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 20/33] net: don't poke at chardev internal QemuOpts Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 21/33] virtio: prepare change VMSTATE_VIRTIO_DEVICE macro Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 22/33] virtio-blk: convert VMSTATE_VIRTIO_DEVICE Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 23/33] virtio-net: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 24/33] virtio-9p: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 25/33] virtio-serial: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 26/33] virtio-gpu: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 27/33] virtio-input: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 28/33] virtio-scsi: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 29/33] virtio-balloon: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 30/33] virtio-rng: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 31/33] vhost-vsock: " Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 32/33] virtio: cleanup VMSTATE_VIRTIO_DEVICE Michael S. Tsirkin
2016-10-10 2:58 ` [Qemu-devel] [PULL 33/33] intel-iommu: Check IOAPIC's Trigger Mode against the one in IRTE Michael S. Tsirkin
2016-10-10 14:13 ` [Qemu-devel] [PULL 00/33] virtio, pc: fixes and features Peter Maydell
2016-10-10 18:32 ` Peter Maydell
2016-10-10 19:27 ` Michael S. Tsirkin
2016-10-11 8:27 ` Sascha Silbe
2016-10-11 9:17 ` Peter Maydell
2016-10-11 11:17 ` Thomas Huth
2016-10-11 11:54 ` Sascha Silbe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1476057841-21108-15-git-send-email-mst@redhat.com \
--to=mst@redhat.com \
--cc=groug@kaod.org \
--cc=kwolf@redhat.com \
--cc=mreitz@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).