From: Kevin Wolf <kwolf@redhat.com>
To: Fiona Ebner <f.ebner@proxmox.com>
Cc: qemu-block@nongnu.org, qemu-devel@nongnu.org, den@virtuozzo.com,
andrey.drobyshev@virtuozzo.com, hreitz@redhat.com,
stefanha@redhat.com, eblake@redhat.com, jsnow@redhat.com,
vsementsov@yandex-team.ru
Subject: Re: [PATCH 08/11] block: mark bdrv_drained_begin() as GRAPH_UNLOCKED
Date: Wed, 14 May 2025 19:50:03 +0200 [thread overview]
Message-ID: <aCTXy0mMCCmjMeNE@redhat.com> (raw)
In-Reply-To: <20250508140936.3344485-9-f.ebner@proxmox.com>
Am 08.05.2025 um 16:09 hat Fiona Ebner geschrieben:
> bdrv_drained_begin() polls and is not allowed to be called with the
> block graph lock held. Mark the function as such.
>
> Suggested-by: Kevin Wolf <kwolf@redhat.com>
> Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
> ---
>
> This does not catch the issue reported by Andrey, because there
> is a bdrv_graph_rdunlock_main_loop() before bdrv_drained_begin() in
> the function bdrv_change_aio_context(). That unlock is of course
> ineffective if the exclusive lock is held, but it seems to prevent TSA
> from finiding the issue.
Yes, GRAPH_UNLOCKED is weak. It doesn't actually prove that the graph is
unlocked, but just flags direct callers that are known to hold the lock.
So because bdrv_try_change_aio_context() and bdrv_change_aio_context()
don't have TSA annotations, it misses the problem. If they had an
annotation, it would find the problem. (If they were GRAPH_UNLOCKED,
because they can't be called, or if they were GRAPH_RDLOCK/WRLOCK
because of double locking.)
TSA does have negative requirements that would prove it, but that would
essentially mean annotating everything in QEMU, even outside the block
layer, down to main() as GRAPH_UNLOCKED. I don't think that's practical.
Hmm, or maybe it wouldn't be that bad if we could have something like
assume_graph_unlocked()...? Not for this series anyway.
> The next patch is concerned with that.
>
> include/block/block-io.h | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/include/block/block-io.h b/include/block/block-io.h
> index b49e0537dd..34b9f1cbfc 100644
> --- a/include/block/block-io.h
> +++ b/include/block/block-io.h
> @@ -429,7 +429,8 @@ bdrv_drain_poll(BlockDriverState *bs, BdrvChild *ignore_parent,
> *
> * This function can be recursive.
> */
> -void bdrv_drained_begin(BlockDriverState *bs);
> +void GRAPH_UNLOCKED
> +bdrv_drained_begin(BlockDriverState *bs);
No need for the line break, it fits easily on a single line.
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
next prev parent reply other threads:[~2025-05-14 17:51 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-08 14:09 [RFC 00/11] do not drain while holding the graph lock Fiona Ebner
2025-05-08 14:09 ` [PATCH 01/11] block: remove outdated comments about AioContext locking Fiona Ebner
2025-05-14 16:22 ` Kevin Wolf
2025-05-08 14:09 ` [PATCH 02/11] block: move drain outside of read-locked bdrv_reopen_queue_child() Fiona Ebner
2025-05-14 16:36 ` Kevin Wolf
2025-05-15 11:48 ` Fiona Ebner
2025-05-15 12:28 ` Kevin Wolf
2025-05-15 13:41 ` Fiona Ebner
2025-05-08 14:09 ` [PATCH 03/11] block/snapshot: move drain outside of read-locked bdrv_snapshot_delete() Fiona Ebner
2025-05-14 16:52 ` Kevin Wolf
2025-05-15 12:03 ` Fiona Ebner
2025-05-08 14:09 ` [PATCH 04/11] block: drain while unlocked in bdrv_reopen_parse_file_or_backing() Fiona Ebner
2025-05-14 16:59 ` Kevin Wolf
2025-05-08 14:09 ` [PATCH 05/11] block: move drain outside of read-locked bdrv_inactivate_recurse() Fiona Ebner
2025-05-14 17:06 ` Kevin Wolf
2025-05-08 14:09 ` [PATCH 06/11] blockdev: drain while unlocked in internal_snapshot_action() Fiona Ebner
2025-05-14 17:26 ` Kevin Wolf
2025-05-19 12:37 ` Fiona Ebner
2025-05-08 14:09 ` [PATCH 07/11] blockdev: drain while unlocked in external_snapshot_action() Fiona Ebner
2025-05-08 14:09 ` [PATCH 08/11] block: mark bdrv_drained_begin() as GRAPH_UNLOCKED Fiona Ebner
2025-05-14 17:50 ` Kevin Wolf [this message]
2025-05-08 14:09 ` [PATCH 09/11] block: move drain out of bdrv_change_aio_context() Fiona Ebner
2025-05-14 19:45 ` Kevin Wolf
2025-05-08 14:09 ` [PATCH 10/11] block/graph-lock: add drain flag to bdrv_graph_wr{, un}lock Fiona Ebner
2025-05-14 19:54 ` [PATCH 10/11] block/graph-lock: add drain flag to bdrv_graph_wr{,un}lock Kevin Wolf
2025-05-19 12:10 ` Fiona Ebner
2025-05-20 6:09 ` Fiona Ebner
2025-05-20 8:42 ` Kevin Wolf
2025-05-08 14:09 ` [PATCH 11/11] iotests/graph-changes-while-io: add test case with removal of lower snapshot Fiona Ebner
2025-05-14 20:14 ` Kevin Wolf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aCTXy0mMCCmjMeNE@redhat.com \
--to=kwolf@redhat.com \
--cc=andrey.drobyshev@virtuozzo.com \
--cc=den@virtuozzo.com \
--cc=eblake@redhat.com \
--cc=f.ebner@proxmox.com \
--cc=hreitz@redhat.com \
--cc=jsnow@redhat.com \
--cc=qemu-block@nongnu.org \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=vsementsov@yandex-team.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).