[Qemu-commits] [qemu/qemu] bc19a0: throttle-groups: fix restart coroutin

qemu-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-commits] [qemu/qemu] bc19a0: throttle-groups: fix restart coroutin

From:	GitHub
Subject:	[Qemu-commits] [qemu/qemu] bc19a0: throttle-groups: fix restart coroutine iothread ra...
Date:	Thu, 24 Jan 2019 07:38:45 -0800

  Branch: refs/heads/master
  Home:   https://github.com/qemu/qemu
  Commit: bc19a0a6e4505390f99d3c593ebaf11b7962cc59
      
https://github.com/qemu/qemu/commit/bc19a0a6e4505390f99d3c593ebaf11b7962cc59
  Author: Stefan Hajnoczi <address@hidden>
  Date:   2019-01-24 (Thu, 24 Jan 2019)

  Changed paths:
    M block/throttle-groups.c
    M include/block/throttle-groups.h

  Log Message:
  -----------
  throttle-groups: fix restart coroutine iothread race

The following QMP command leads to a crash when iothreads are used:

  { 'execute': 'device_del', 'arguments': {'id': 'data'} }

The backtrace involves the queue restart coroutine where
tgm->throttle_state is a NULL pointer because
throttle_group_unregister_tgm() has already been called:

  (gdb) bt full
  #0  0x00005585a7a3b378 in qemu_mutex_lock_impl (mutex=0xffffffffffffffd0, 
file=0x5585a7bb3d54 "block/throttle-groups.c", line=412) at 
util/qemu-thread-posix.c:64
  err = <optimized out>
  __PRETTY_FUNCTION__ = "qemu_mutex_lock_impl"
  __func__ = "qemu_mutex_lock_impl"
  #1  0x00005585a79be074 in throttle_group_restart_queue_entry 
(opaque=0x5585a9de4eb0) at block/throttle-groups.c:412
  _f = <optimized out>
  data = 0x5585a9de4eb0
  tgm = 0x5585a9079440
  ts = 0x0
  tg = 0xffffffffffffff98
  is_write = false
  empty_queue = 255

This coroutine should not execute in the iothread after the throttle
group member has been unregistered!

The root cause is that the device_del code path schedules the restart
coroutine in the iothread while holding the AioContext lock.  Therefore
the iothread cannot execute the coroutine until after device_del
releases the lock - by this time it's too late.

This patch adds a reference count to ThrottleGroupMember so we can
synchronously wait for restart coroutines to complete.  Once they are
done it is safe to unregister the ThrottleGroupMember.

Signed-off-by: Stefan Hajnoczi <address@hidden>
Reviewed-by: Alberto Garcia <address@hidden>
Message-id: address@hidden
Signed-off-by: Stefan Hajnoczi <address@hidden>


  Commit: 202277f43d544779b7a63123a51c54c3a16b74ad
      
https://github.com/qemu/qemu/commit/202277f43d544779b7a63123a51c54c3a16b74ad
  Author: Stefan Hajnoczi <address@hidden>
  Date:   2019-01-24 (Thu, 24 Jan 2019)

  Changed paths:
    A tests/qemu-iotests/238
    A tests/qemu-iotests/238.out
    M tests/qemu-iotests/group

  Log Message:
  -----------
  iotests: add 238 for throttling tgm unregister iothread segfault

Hot-unplug a scsi-hd using an iothread.  The previous patch fixes a
segfault in this scenario.

This patch adds a regression test.

Suggested-by: Alberto Garcia <address@hidden>
Suggested-by: Kevin Wolf <address@hidden>
Signed-off-by: Stefan Hajnoczi <address@hidden>
Reviewed-by: Alberto Garcia <address@hidden>
Message-id: address@hidden
Signed-off-by: Stefan Hajnoczi <address@hidden>


  Commit: 8595685986152334b1ec28c78cb0e5e855d56b54
      
https://github.com/qemu/qemu/commit/8595685986152334b1ec28c78cb0e5e855d56b54
  Author: Vladimir Sementsov-Ogievskiy <address@hidden>
  Date:   2019-01-24 (Thu, 24 Jan 2019)

  Changed paths:
    M util/qemu-coroutine-sleep.c

  Log Message:
  -----------
  qemu-coroutine-sleep: drop CoSleepCB

Drop CoSleepCB structure. It's actually unused.

Signed-off-by: Vladimir Sementsov-Ogievskiy <address@hidden>
Message-id: address@hidden
Signed-off-by: Stefan Hajnoczi <address@hidden>


  Commit: 8b7a3e1e5434b55d7710071b00af97c7086cab7a
      
https://github.com/qemu/qemu/commit/8b7a3e1e5434b55d7710071b00af97c7086cab7a
  Author: Peter Maydell <address@hidden>
  Date:   2019-01-24 (Thu, 24 Jan 2019)

  Changed paths:
    M block/throttle-groups.c
    M include/block/throttle-groups.h
    A tests/qemu-iotests/238
    A tests/qemu-iotests/238.out
    M tests/qemu-iotests/group
    M util/qemu-coroutine-sleep.c

  Log Message:
  -----------
  Merge remote-tracking branch 'remotes/stefanha/tags/block-pull-request' into 
staging

Pull request

Changelog: No user-visible changes.

# gpg: Signature made Thu 24 Jan 2019 10:28:53 GMT
# gpg:                using RSA key 9CA4ABB381AB73C8
# gpg: Good signature from "Stefan Hajnoczi <address@hidden>"
# gpg:                 aka "Stefan Hajnoczi <address@hidden>"
# Primary key fingerprint: 8695 A8BF D3F9 7CDA AC35  775A 9CA4 ABB3 81AB 73C8

* remotes/stefanha/tags/block-pull-request:
  qemu-coroutine-sleep: drop CoSleepCB
  iotests: add 238 for throttling tgm unregister iothread segfault
  throttle-groups: fix restart coroutine iothread race

Signed-off-by: Peter Maydell <address@hidden>


Compare: https://github.com/qemu/qemu/compare/b6b2308113f8...8b7a3e1e5434
      **NOTE:** GitHub Services has been marked for deprecation: 
https://developer.github.com/changes/2018-04-25-github-services-deprecation/

      We will provide an alternative path for the email notifications by 
January 31st, 2019.

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-commits] [qemu/qemu] bc19a0: throttle-groups: fix restart coroutine iothread ra..., GitHub <=

Prev by Date: [Qemu-commits] [qemu/qemu] 785243: Fix segmentation fault when qemu_signal_init fails
Next by Date: [Qemu-commits] [qemu/qemu] 265784: input-linux: customizable grab toggle keys
Previous by thread: [Qemu-commits] [qemu/qemu] 785243: Fix segmentation fault when qemu_signal_init fails
Next by thread: [Qemu-commits] [qemu/qemu] 265784: input-linux: customizable grab toggle keys
Index(es):
- Date
- Thread