From: Max Reitz <mreitz@redhat.com>
To: qemu-block@nongnu.org
Cc: Kevin Wolf <kwolf@redhat.com>,
Peter Maydell <peter.maydell@linaro.org>,
qemu-devel@nongnu.org, Max Reitz <mreitz@redhat.com>
Subject: [Qemu-devel] [PULL 11/16] curl: Handle success in multi_check_completion
Date: Mon, 16 Sep 2019 16:22:41 +0200 [thread overview]
Message-ID: <20190916142246.31474-12-mreitz@redhat.com> (raw)
In-Reply-To: <20190916142246.31474-1-mreitz@redhat.com>
Background: As of cURL 7.59.0, it verifies that several functions are
not called from within a callback. Among these functions is
curl_multi_add_handle().
curl_read_cb() is a callback from cURL and not a coroutine. Waking up
acb->co will lead to entering it then and there, which means the current
request will settle and the caller (if it runs in the same coroutine)
may then issue the next request. In such a case, we will enter
curl_setup_preadv() effectively from within curl_read_cb().
Calling curl_multi_add_handle() will then fail and the new request will
not be processed.
Fix this by not letting curl_read_cb() wake up acb->co. Instead, leave
the whole business of settling the AIOCB objects to
curl_multi_check_completion() (which is called from our timer callback
and our FD handler, so not from any cURL callbacks).
Reported-by: Natalie Gavrielov <ngavrilo@redhat.com>
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1740193
Cc: qemu-stable@nongnu.org
Signed-off-by: Max Reitz <mreitz@redhat.com>
Message-id: 20190910124136.10565-7-mreitz@redhat.com
Reviewed-by: John Snow <jsnow@redhat.com>
Reviewed-by: Maxim Levitsky <mlevitsk@redhat.com>
Signed-off-by: Max Reitz <mreitz@redhat.com>
---
block/curl.c | 69 ++++++++++++++++++++++------------------------------
1 file changed, 29 insertions(+), 40 deletions(-)
diff --git a/block/curl.c b/block/curl.c
index fd70f1ebc4..c343c7ed3d 100644
--- a/block/curl.c
+++ b/block/curl.c
@@ -229,7 +229,6 @@ static size_t curl_read_cb(void *ptr, size_t size, size_t nmemb, void *opaque)
{
CURLState *s = ((CURLState*)opaque);
size_t realsize = size * nmemb;
- int i;
trace_curl_read_cb(realsize);
@@ -245,32 +244,6 @@ static size_t curl_read_cb(void *ptr, size_t size, size_t nmemb, void *opaque)
memcpy(s->orig_buf + s->buf_off, ptr, realsize);
s->buf_off += realsize;
- for(i=0; i<CURL_NUM_ACB; i++) {
- CURLAIOCB *acb = s->acb[i];
-
- if (!acb)
- continue;
-
- if ((s->buf_off >= acb->end)) {
- size_t request_length = acb->bytes;
-
- qemu_iovec_from_buf(acb->qiov, 0, s->orig_buf + acb->start,
- acb->end - acb->start);
-
- if (acb->end - acb->start < request_length) {
- size_t offset = acb->end - acb->start;
- qemu_iovec_memset(acb->qiov, offset, 0,
- request_length - offset);
- }
-
- acb->ret = 0;
- s->acb[i] = NULL;
- qemu_mutex_unlock(&s->s->mutex);
- aio_co_wake(acb->co);
- qemu_mutex_lock(&s->s->mutex);
- }
- }
-
read_end:
/* curl will error out if we do not return this value */
return size * nmemb;
@@ -351,13 +324,14 @@ static void curl_multi_check_completion(BDRVCURLState *s)
break;
if (msg->msg == CURLMSG_DONE) {
+ int i;
CURLState *state = NULL;
+ bool error = msg->data.result != CURLE_OK;
+
curl_easy_getinfo(msg->easy_handle, CURLINFO_PRIVATE,
(char **)&state);
- /* ACBs for successful messages get completed in curl_read_cb */
- if (msg->data.result != CURLE_OK) {
- int i;
+ if (error) {
static int errcount = 100;
/* Don't lose the original error message from curl, since
@@ -369,20 +343,35 @@ static void curl_multi_check_completion(BDRVCURLState *s)
error_report("curl: further errors suppressed");
}
}
+ }
- for (i = 0; i < CURL_NUM_ACB; i++) {
- CURLAIOCB *acb = state->acb[i];
+ for (i = 0; i < CURL_NUM_ACB; i++) {
+ CURLAIOCB *acb = state->acb[i];
- if (acb == NULL) {
- continue;
- }
+ if (acb == NULL) {
+ continue;
+ }
+
+ if (!error) {
+ /* Assert that we have read all data */
+ assert(state->buf_off >= acb->end);
+
+ qemu_iovec_from_buf(acb->qiov, 0,
+ state->orig_buf + acb->start,
+ acb->end - acb->start);
- acb->ret = -EIO;
- state->acb[i] = NULL;
- qemu_mutex_unlock(&s->mutex);
- aio_co_wake(acb->co);
- qemu_mutex_lock(&s->mutex);
+ if (acb->end - acb->start < acb->bytes) {
+ size_t offset = acb->end - acb->start;
+ qemu_iovec_memset(acb->qiov, offset, 0,
+ acb->bytes - offset);
+ }
}
+
+ acb->ret = error ? -EIO : 0;
+ state->acb[i] = NULL;
+ qemu_mutex_unlock(&s->mutex);
+ aio_co_wake(acb->co);
+ qemu_mutex_lock(&s->mutex);
}
curl_clean_state(state);
--
2.21.0
next prev parent reply other threads:[~2019-09-16 14:53 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-16 14:22 [Qemu-devel] [PULL 00/16] Block patches Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 01/16] block: Use QEMU_IS_ALIGNED Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 02/16] block: Remove unused masks Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 03/16] tests/qemu-iotests/check: Replace "tests" with "iotests" in final status text Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 04/16] tests/Makefile: Do not print the name of the check-block.sh shell script Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 05/16] tests/qemu-iotests: Fix qemu-io related output in 026.out.nocache Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 06/16] curl: Keep pointer to the CURLState in CURLSocket Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 07/16] curl: Keep *socket until the end of curl_sock_cb() Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 08/16] curl: Check completion in curl_multi_do() Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 09/16] curl: Pass CURLSocket to curl_multi_do() Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 10/16] curl: Report only ready sockets Max Reitz
2019-09-16 14:22 ` Max Reitz [this message]
2019-09-16 14:22 ` [Qemu-devel] [PULL 12/16] curl: Check curl_multi_add_handle()'s return code Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 13/16] blockjob: update nodes head while removing all bdrv Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 14/16] block/qcow2: Fix corruption introduced by commit 8ac0f15f335 Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 15/16] block/qcow2: refactor encryption code Max Reitz
2019-09-16 14:22 ` [Qemu-devel] [PULL 16/16] qemu-iotests: Add test for bz #1745922 Max Reitz
2019-09-16 15:34 ` [Qemu-devel] [PULL 00/16] Block patches no-reply
2019-09-17 9:20 ` Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190916142246.31474-12-mreitz@redhat.com \
--to=mreitz@redhat.com \
--cc=kwolf@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).