From: Max Reitz <mreitz@redhat.com>
To: Kevin Wolf <kwolf@redhat.com>,
Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
Cc: qemu-devel <qemu-devel@nongnu.org>,
qemu block <qemu-block@nongnu.org>,
Denis Lunev <den@virtuozzo.com>
Subject: Re: qcow2 api not secured by mutex lock
Date: Thu, 19 Dec 2019 11:33:05 +0100 [thread overview]
Message-ID: <7604ffdd-69b5-5968-1736-bb20736be135@redhat.com> (raw)
In-Reply-To: <20191219100230.GC5230@linux.fritz.box>
[-- Attachment #1.1: Type: text/plain, Size: 1495 bytes --]
On 19.12.19 11:02, Kevin Wolf wrote:
> Am 18.12.2019 um 11:28 hat Vladimir Sementsov-Ogievskiy geschrieben:
[...]
>> qcow2_write_snapshots actually called unlocked from
>> qcow2_check_fix_snapshot_table.. It seems unsafe.
>
> This is curious, I'm not sure why you would drop the lock there. Max?
I don’t remember why but it may certainly have to do with the fact that
everything that calls qcow2_write_snapshots() (i.e., qcow2_snapshot_*)
does so without having taken the lock. I suppose I simply assumed this
would have to be how it’s done.
I don’t think it’s a problem right now because you can only check (and
repair) the image from qemu-img (or when it is opened with the dirty
flag set), so there shouldn’t be concurrent I/O.
Anyway. I tried to remove it and then 261 hangs. This is because
qcow2_write_snapshots() calls bdrv_flush(bs) twice. It would have to
drop the lock around those calls at least. I’m actually not sure
whether this is safe to do (in the sense of whether it’s fundamentally
safer than just not holding the lock at all and trusting that there are
no concurrent requests).
In any case, it’s also not purely trivial, because if we were to make
qcow2_write_snapshots() drop the locks around bdrv_flush(), all of its
callers would in turn need to take the lock around it. (I’m not saying
that is difficult, I’m just saying it’s more difficult than dropping
three lines in qcow2_write_snapshots()).
Max
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2019-12-19 10:34 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-18 10:28 qcow2 api not secured by mutex lock Vladimir Sementsov-Ogievskiy
2019-12-19 10:02 ` Kevin Wolf
2019-12-19 10:25 ` Vladimir Sementsov-Ogievskiy
2019-12-19 10:33 ` Max Reitz [this message]
2019-12-19 10:35 ` Max Reitz
2019-12-19 10:53 ` Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=7604ffdd-69b5-5968-1736-bb20736be135@redhat.com \
--to=mreitz@redhat.com \
--cc=den@virtuozzo.com \
--cc=kwolf@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=vsementsov@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).