* [Qemu-devel] [PATCHv5] rbd block driver fix race between aio completition and aio cancel
@ 2012-11-29 21:37 Stefan Priebe
2012-11-30 8:26 ` Stefan Hajnoczi
0 siblings, 1 reply; 3+ messages in thread
From: Stefan Priebe @ 2012-11-29 21:37 UTC (permalink / raw)
To: qemu-devel; +Cc: stefanha, ceph-devel, pbonzini, Stefan Priebe, josh.durgin
This one fixes a race which qemu had also in iscsi block driver
between cancellation and io completition.
qemu_rbd_aio_cancel was not synchronously waiting for the end of
the command.
To archieve this it introduces a new status flag which uses
-EINPROGRESS.
Changes since PATCHv4:
- removed unnecessary qemu_vfree of acb->bounce as BH will always
run
Changes since PATCHv3:
- removed unnecessary if condition in rbd_start_aio as we
haven't start io yet
- moved acb->status = 0 to rbd_aio_bh_cb so qemu_aio_wait always
waits until BH was executed
Changes since PATCHv2:
- fixed missing braces
- added vfree for bounce
Signed-off-by: Stefan Priebe <s.priebe@profihost.ag>
---
block/rbd.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/block/rbd.c b/block/rbd.c
index f3becc7..3bc9c7a 100644
--- a/block/rbd.c
+++ b/block/rbd.c
@@ -77,6 +77,7 @@ typedef struct RBDAIOCB {
int error;
struct BDRVRBDState *s;
int cancelled;
+ int status;
} RBDAIOCB;
typedef struct RADOSCB {
@@ -376,12 +377,6 @@ static void qemu_rbd_complete_aio(RADOSCB *rcb)
RBDAIOCB *acb = rcb->acb;
int64_t r;
- if (acb->cancelled) {
- qemu_vfree(acb->bounce);
- qemu_aio_release(acb);
- goto done;
- }
-
r = rcb->ret;
if (acb->cmd == RBD_AIO_WRITE ||
@@ -409,7 +404,6 @@ static void qemu_rbd_complete_aio(RADOSCB *rcb)
/* Note that acb->bh can be NULL in case where the aio was cancelled */
acb->bh = qemu_bh_new(rbd_aio_bh_cb, acb);
qemu_bh_schedule(acb->bh);
-done:
g_free(rcb);
}
@@ -568,6 +562,10 @@ static void qemu_rbd_aio_cancel(BlockDriverAIOCB *blockacb)
{
RBDAIOCB *acb = (RBDAIOCB *) blockacb;
acb->cancelled = 1;
+
+ while (acb->status == -EINPROGRESS) {
+ qemu_aio_wait();
+ }
}
static const AIOCBInfo rbd_aiocb_info = {
@@ -639,6 +637,7 @@ static void rbd_aio_bh_cb(void *opaque)
acb->common.cb(acb->common.opaque, (acb->ret > 0 ? 0 : acb->ret));
qemu_bh_delete(acb->bh);
acb->bh = NULL;
+ acb->status = 0;
qemu_aio_release(acb);
}
@@ -685,6 +684,7 @@ static BlockDriverAIOCB *rbd_start_aio(BlockDriverState *bs,
acb->s = s;
acb->cancelled = 0;
acb->bh = NULL;
+ acb->status = -EINPROGRESS;
if (cmd == RBD_AIO_WRITE) {
qemu_iovec_to_buf(acb->qiov, 0, acb->bounce, qiov->size);
--
1.7.10.4
^ permalink raw reply related [flat|nested] 3+ messages in thread* Re: [Qemu-devel] [PATCHv5] rbd block driver fix race between aio completition and aio cancel
2012-11-29 21:37 [Qemu-devel] [PATCHv5] rbd block driver fix race between aio completition and aio cancel Stefan Priebe
@ 2012-11-30 8:26 ` Stefan Hajnoczi
2012-11-30 8:57 ` Stefan Priebe - Profihost AG
0 siblings, 1 reply; 3+ messages in thread
From: Stefan Hajnoczi @ 2012-11-30 8:26 UTC (permalink / raw)
To: Stefan Priebe; +Cc: Josh Durgin, ceph-devel, qemu-devel, Paolo Bonzini
On Thu, Nov 29, 2012 at 10:37 PM, Stefan Priebe <s.priebe@profihost.ag> wrote:
> @@ -568,6 +562,10 @@ static void qemu_rbd_aio_cancel(BlockDriverAIOCB *blockacb)
> {
> RBDAIOCB *acb = (RBDAIOCB *) blockacb;
> acb->cancelled = 1;
> +
> + while (acb->status == -EINPROGRESS) {
> + qemu_aio_wait();
> + }
> }
>
> static const AIOCBInfo rbd_aiocb_info = {
> @@ -639,6 +637,7 @@ static void rbd_aio_bh_cb(void *opaque)
> acb->common.cb(acb->common.opaque, (acb->ret > 0 ? 0 : acb->ret));
> qemu_bh_delete(acb->bh);
> acb->bh = NULL;
> + acb->status = 0;
>
> qemu_aio_release(acb);
> }
We cannot release acb in rbd_aio_bh_cb() when acb->cancelled == 1
because qemu_rbd_aio_cancel() still accesses it. This was discussed
in an early version of the patch.
Stefan
^ permalink raw reply [flat|nested] 3+ messages in thread* Re: [Qemu-devel] [PATCHv5] rbd block driver fix race between aio completition and aio cancel
2012-11-30 8:26 ` Stefan Hajnoczi
@ 2012-11-30 8:57 ` Stefan Priebe - Profihost AG
0 siblings, 0 replies; 3+ messages in thread
From: Stefan Priebe - Profihost AG @ 2012-11-30 8:57 UTC (permalink / raw)
To: Stefan Hajnoczi; +Cc: Josh Durgin, ceph-devel, qemu-devel, Paolo Bonzini
fixed in V6
Am 30.11.2012 09:26, schrieb Stefan Hajnoczi:
> On Thu, Nov 29, 2012 at 10:37 PM, Stefan Priebe <s.priebe@profihost.ag> wrote:
>> @@ -568,6 +562,10 @@ static void qemu_rbd_aio_cancel(BlockDriverAIOCB *blockacb)
>> {
>> RBDAIOCB *acb = (RBDAIOCB *) blockacb;
>> acb->cancelled = 1;
>> +
>> + while (acb->status == -EINPROGRESS) {
>> + qemu_aio_wait();
>> + }
>> }
>>
>> static const AIOCBInfo rbd_aiocb_info = {
>> @@ -639,6 +637,7 @@ static void rbd_aio_bh_cb(void *opaque)
>> acb->common.cb(acb->common.opaque, (acb->ret > 0 ? 0 : acb->ret));
>> qemu_bh_delete(acb->bh);
>> acb->bh = NULL;
>> + acb->status = 0;
>>
>> qemu_aio_release(acb);
>> }
>
> We cannot release acb in rbd_aio_bh_cb() when acb->cancelled == 1
> because qemu_rbd_aio_cancel() still accesses it. This was discussed
> in an early version of the patch.
>
> Stefan
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-11-30 8:58 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-11-29 21:37 [Qemu-devel] [PATCHv5] rbd block driver fix race between aio completition and aio cancel Stefan Priebe
2012-11-30 8:26 ` Stefan Hajnoczi
2012-11-30 8:57 ` Stefan Priebe - Profihost AG
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).