[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race |
|
Date: |
Tue, 28 Jul 2015 14:18:24 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.0.1 |
On 28/07/2015 12:58, Cornelia Huck wrote:
> > > Thanks. I understand how to reproduce it now: use -drive aio=threads
> > > and do I/O during managedsave.
> > >
> > > I suspect there are more cases of this. We need to clean it up during
> > > QEMU 2.5.
> > >
> > > For now let's continue leaking these BHs as we've always done.
> >
> > Actually, this case can be fixed in the patch by moving
> > thread_pool_free() before the BH cleanup loop.
>
> Tried that, may have done it wrong, because the assertion still hits.
If you're doing savevm with a dataplane disk as the destination, that
cannot work; savevm doesn't attempt to acquire the AioContext so it is
not thread safe.
An even simpler reproducer for this bug, however, is to hot-unplug a
disk created with x-data-plane. It also shows another bug, fixed by
this patch:
diff --git a/hw/block/dataplane/virtio-blk.c b/hw/block/dataplane/virtio-blk.c
index 3db139b..6106e46 100644
--- a/hw/block/dataplane/virtio-blk.c
+++ b/hw/block/dataplane/virtio-blk.c
@@ -223,8 +223,8 @@ void virtio_blk_data_plane_destroy(VirtIOBlockDataPlane *s)
virtio_blk_data_plane_stop(s);
blk_op_unblock_all(s->conf->conf.blk, s->blocker);
error_free(s->blocker);
- object_unref(OBJECT(s->iothread));
qemu_bh_delete(s->bh);
+ object_unref(OBJECT(s->iothread));
g_free(s);
}
which I'll formally send shortly.
I would prefer to fix them all in 2.4 and risk regressions, because the
bugs are use-after-frees, i.e. pretty bad.
Paolo
- [Qemu-devel] [PATCH for-2.4 1/2] AioContext: avoid leaking BHs on cleanup, (continued)
- [Qemu-devel] [PATCH for-2.4 1/2] AioContext: avoid leaking BHs on cleanup, Stefan Hajnoczi, 2015/07/27
- [Qemu-devel] [PATCH for-2.4 2/2] AioContext: force event loop iteration using BH, Stefan Hajnoczi, 2015/07/27
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Cornelia Huck, 2015/07/28
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Cornelia Huck, 2015/07/28
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Stefan Hajnoczi, 2015/07/28
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Cornelia Huck, 2015/07/28
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Stefan Hajnoczi, 2015/07/28
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Stefan Hajnoczi, 2015/07/28
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Cornelia Huck, 2015/07/28
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race,
Paolo Bonzini <=
- Re: [Qemu-devel] [PATCH for-2.4 0/2] AioContext: fix deadlock after aio_context_acquire() race, Stefan Hajnoczi, 2015/07/28