From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:56225)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1YqM5h-0002LX-Ql
	for qemu-devel@nongnu.org; Thu, 07 May 2015 09:43:54 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <stefanha@gmail.com>) id 1YqM5d-0006E3-Ja
	for qemu-devel@nongnu.org; Thu, 07 May 2015 09:43:53 -0400
Date: Thu, 7 May 2015 14:43:43 +0100
From: Stefan Hajnoczi <stefanha@gmail.com>
Message-ID: <20150507134343.GM13985@stefanha-thinkpad.redhat.com>
References: <1430911419-8256-1-git-send-email-famz@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="6CiRFyVmOOJ3DkBX"
Content-Disposition: inline
In-Reply-To: <1430911419-8256-1-git-send-email-famz@redhat.com>
Subject: Re: [Qemu-devel] [Qemu-block] [RFC PATCH 0/7] Fix transactional
 snapshot with virtio-blk dataplane
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Fam Zheng <famz@redhat.com>
Cc: qemu-block@nongnu.org, armbru@redhat.com, qemu-devel@nongnu.org, mreitz@redhat.com, Stefan Hajnoczi <stefanha@redhat.com>, pbonzini@redhat.com


--6CiRFyVmOOJ3DkBX
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, May 06, 2015 at 07:23:32PM +0800, Fam Zheng wrote:
> Reported by Paolo.
>=20
> Unlike the iohandler in main loop, iothreads currently process the event
> notifier used as virtio-blk ioeventfd in all nested aio_poll. This is dan=
gerous
> without proper protection, because guest requests could sneak to block la=
yer
> where they mustn't.
>=20
> For example, a QMP transaction may involve multiple bdrv_drain_all() in
> handling the list of AioContext it works on. If an aio_poll in one of the
> bdrv_drain_all() happens to process a guest VQ kick by dispatching the
> ioeventfd event, a new guest write is then submitted, and voila, the
> transaction semantics is violated.
>=20
> This series avoids this problem by disabling virtio-blk handlers during
> bdrv_drain_all() and transactions.
>=20
> Notes:
>=20
> If the general approach is right, other transaction types could get the
> blockers similarly, in next revision. And some related bdrv_drain_all() c=
ould
> also be changed to bdrv_drain().
>=20
> virtio-scsi-dataplane will be a bit more complicated, but still doable.  =
It
> would probably need one more interface abstraction between scsi-disk, scs=
i-bus
> and virtio-scsi.
>=20
> Although other devices don't have a pause/resume callback yet, the
> blk_check_request, which returns -EBUSY if "device io" op blocker is set,=
 could
> hopefully cover most cases already.
>=20
> Timers and block jobs also generate IO, but it should be fine as long as =
they
> don't change guest visible data, which is true AFAICT.
>=20
>=20
> Fam Zheng (7):
>   block: Add op blocker type "device IO"
>   block: Block "device IO" during bdrv_drain and bdrv_drain_all
>   block: Add op blocker notifier list
>   block-backend: Add blk_op_blocker_add_notifier
>   virtio-blk: Move complete_request to 'ops' structure
>   virtio-blk: Don't handle output when there is "device IO" op blocker
>   blockdev: Add "device IO" op blocker during snapshot transaction
>=20
>  block.c                         | 20 ++++++++++++
>  block/block-backend.c           | 10 ++++++
>  block/io.c                      | 12 +++++++
>  blockdev.c                      |  7 +++++
>  hw/block/dataplane/virtio-blk.c | 36 ++++++++++++++++++---
>  hw/block/virtio-blk.c           | 69 +++++++++++++++++++++++++++++++++++=
++++--
>  include/block/block.h           |  9 ++++++
>  include/block/block_int.h       |  3 ++
>  include/hw/virtio/virtio-blk.h  | 17 ++++++++--
>  include/sysemu/block-backend.h  |  2 ++
>  10 files changed, 174 insertions(+), 11 deletions(-)

Please also add a listener to nbd.c so NBD exports cannot submit I/O
during bdrv_drain_all().

--6CiRFyVmOOJ3DkBX
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVS2wPAAoJEJykq7OBq3PIst0IAJDgH+5s3WNiOScfZ1F7t4eS
mjf0R1klr7P4EqTP5RrLSXMrvdmuRN4GJdr1axGS/io0kjsKzY8MnNqCCCQ53z8f
CRQFEeA5pKJeGZrdyK3fUKiE/VFX4RhnP5Ap6FIvxhDwJvnqLV4FZCHpRU3kzakp
9dK4sIw/ivW7M8Xw/wCN9mNDr2YGJf/NMXFUKyIi7e+dcvp6TC+POXYYg3+qdFPl
mydTDKrA7W5AIgIxgD5TFWOiLM6n5i/R7IovVR2r8kGfJzSwb+1B0ZzBLGKCxcBh
pCcnl4dDse/Z+B18CLTBEbaae2KbxwjGV2jGnHizoAAjuOBQoSaB2SjxvQsF690=
=4iFF
-----END PGP SIGNATURE-----

--6CiRFyVmOOJ3DkBX--