From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47873) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Zr8kd-0004iT-CF for qemu-devel@nongnu.org; Tue, 27 Oct 2015 14:13:40 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Zr8kc-0005aL-7V for qemu-devel@nongnu.org; Tue, 27 Oct 2015 14:13:39 -0400 Sender: Paolo Bonzini References: <1445954986-13005-1-git-send-email-den@openvz.org> <1445954986-13005-5-git-send-email-den@openvz.org> From: Paolo Bonzini Message-ID: <562FBE8F.7040309@redhat.com> Date: Tue, 27 Oct 2015 19:12:31 +0100 MIME-Version: 1.0 In-Reply-To: <1445954986-13005-5-git-send-email-den@openvz.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 4/5] migration: add missed aio_context_acquire into hmp_savevm/hmp_delvm List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Denis V. Lunev" Cc: Amit Shah , qemu-stable@nongnu.org, qemu-devel@nongnu.org, Stefan Hajnoczi , Juan Quintela On 27/10/2015 15:09, Denis V. Lunev wrote: > aio_context should be locked in the similar way as was done in QMP > snapshot creation in the other case there are a lot of possible > troubles if native AIO mode is enabled for disk. > > - the command can hang (HMP thread) with missed wakeup (the operation is > actually complete) > io_submit > ioq_submit > laio_submit > raw_aio_submit > raw_aio_readv > bdrv_co_io_em > bdrv_co_readv_em > bdrv_aligned_preadv > bdrv_co_do_preadv > bdrv_co_do_readv > bdrv_co_readv > qcow2_co_readv > bdrv_aligned_preadv > bdrv_co_do_pwritev > bdrv_rw_co_entry > > - QEMU can assert in coroutine re-enter > __GI_abort > qemu_coroutine_enter > bdrv_co_io_em_complete > qemu_laio_process_completion > qemu_laio_completion_bh > aio_bh_poll > aio_dispatch > aio_poll > iothread_run > > AioContext lock is reqursive. Thus nested locking should not be a problem. > > Signed-off-by: Denis V. Lunev > CC: Stefan Hajnoczi > CC: Paolo Bonzini > CC: Juan Quintela > CC: Amit Shah > --- > block/snapshot.c | 5 +++++ > migration/savevm.c | 7 +++++++ > 2 files changed, 12 insertions(+) > > diff --git a/block/snapshot.c b/block/snapshot.c > index 89500f2..f6fa17a 100644 > --- a/block/snapshot.c > +++ b/block/snapshot.c > @@ -259,6 +259,9 @@ void bdrv_snapshot_delete_by_id_or_name(BlockDriverState *bs, > { > int ret; > Error *local_err = NULL; > + AioContext *aio_context = bdrv_get_aio_context(bs); > + > + aio_context_acquire(aio_context); > > ret = bdrv_snapshot_delete(bs, id_or_name, NULL, &local_err); > if (ret == -ENOENT || ret == -EINVAL) { > @@ -267,6 +270,8 @@ void bdrv_snapshot_delete_by_id_or_name(BlockDriverState *bs, > ret = bdrv_snapshot_delete(bs, NULL, id_or_name, &local_err); > } > > + aio_context_release(aio_context); Why here and not in hmp_delvm, for consistency? The call from hmp_savevm is already protected. Thanks for fixing the bug! Paolo > if (ret < 0) { > error_propagate(errp, local_err); > } > diff --git a/migration/savevm.c b/migration/savevm.c > index dbcc39a..83d2efa 100644 > --- a/migration/savevm.c > +++ b/migration/savevm.c > @@ -1289,6 +1289,7 @@ void hmp_savevm(Monitor *mon, const QDict *qdict) > struct tm tm; > const char *name = qdict_get_try_str(qdict, "name"); > Error *local_err = NULL; > + AioContext *aio_context; > > /* Verify if there is a device that doesn't support snapshots and is writable */ > bs = NULL; > @@ -1320,6 +1321,9 @@ void hmp_savevm(Monitor *mon, const QDict *qdict) > } > vm_stop(RUN_STATE_SAVE_VM); > > + aio_context = bdrv_get_aio_context(bs); > + aio_context_acquire(aio_context); > + > memset(sn, 0, sizeof(*sn)); > > /* fill auxiliary fields */ > @@ -1378,6 +1382,8 @@ void hmp_savevm(Monitor *mon, const QDict *qdict) > } > > the_end: > + aio_context_release(aio_context); > + > if (saved_vm_running) { > vm_start(); > } > >