[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 28/55] curl: Handle success in multi_check_completion
From: |
Michael Roth |
Subject: |
[PATCH 28/55] curl: Handle success in multi_check_completion |
Date: |
Tue, 5 Nov 2019 14:52:16 -0600 |
From: Max Reitz <address@hidden>
Background: As of cURL 7.59.0, it verifies that several functions are
not called from within a callback. Among these functions is
curl_multi_add_handle().
curl_read_cb() is a callback from cURL and not a coroutine. Waking up
acb->co will lead to entering it then and there, which means the current
request will settle and the caller (if it runs in the same coroutine)
may then issue the next request. In such a case, we will enter
curl_setup_preadv() effectively from within curl_read_cb().
Calling curl_multi_add_handle() will then fail and the new request will
not be processed.
Fix this by not letting curl_read_cb() wake up acb->co. Instead, leave
the whole business of settling the AIOCB objects to
curl_multi_check_completion() (which is called from our timer callback
and our FD handler, so not from any cURL callbacks).
Reported-by: Natalie Gavrielov <address@hidden>
Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1740193
Cc: address@hidden
Signed-off-by: Max Reitz <address@hidden>
Message-id: address@hidden
Reviewed-by: John Snow <address@hidden>
Reviewed-by: Maxim Levitsky <address@hidden>
Signed-off-by: Max Reitz <address@hidden>
(cherry picked from commit bfb23b480a49114315877aacf700b49453e0f9d9)
Signed-off-by: Michael Roth <address@hidden>
---
block/curl.c | 69 ++++++++++++++++++++++------------------------------
1 file changed, 29 insertions(+), 40 deletions(-)
diff --git a/block/curl.c b/block/curl.c
index fd70f1ebc4..c343c7ed3d 100644
--- a/block/curl.c
+++ b/block/curl.c
@@ -229,7 +229,6 @@ static size_t curl_read_cb(void *ptr, size_t size, size_t
nmemb, void *opaque)
{
CURLState *s = ((CURLState*)opaque);
size_t realsize = size * nmemb;
- int i;
trace_curl_read_cb(realsize);
@@ -245,32 +244,6 @@ static size_t curl_read_cb(void *ptr, size_t size, size_t
nmemb, void *opaque)
memcpy(s->orig_buf + s->buf_off, ptr, realsize);
s->buf_off += realsize;
- for(i=0; i<CURL_NUM_ACB; i++) {
- CURLAIOCB *acb = s->acb[i];
-
- if (!acb)
- continue;
-
- if ((s->buf_off >= acb->end)) {
- size_t request_length = acb->bytes;
-
- qemu_iovec_from_buf(acb->qiov, 0, s->orig_buf + acb->start,
- acb->end - acb->start);
-
- if (acb->end - acb->start < request_length) {
- size_t offset = acb->end - acb->start;
- qemu_iovec_memset(acb->qiov, offset, 0,
- request_length - offset);
- }
-
- acb->ret = 0;
- s->acb[i] = NULL;
- qemu_mutex_unlock(&s->s->mutex);
- aio_co_wake(acb->co);
- qemu_mutex_lock(&s->s->mutex);
- }
- }
-
read_end:
/* curl will error out if we do not return this value */
return size * nmemb;
@@ -351,13 +324,14 @@ static void curl_multi_check_completion(BDRVCURLState *s)
break;
if (msg->msg == CURLMSG_DONE) {
+ int i;
CURLState *state = NULL;
+ bool error = msg->data.result != CURLE_OK;
+
curl_easy_getinfo(msg->easy_handle, CURLINFO_PRIVATE,
(char **)&state);
- /* ACBs for successful messages get completed in curl_read_cb */
- if (msg->data.result != CURLE_OK) {
- int i;
+ if (error) {
static int errcount = 100;
/* Don't lose the original error message from curl, since
@@ -369,20 +343,35 @@ static void curl_multi_check_completion(BDRVCURLState *s)
error_report("curl: further errors suppressed");
}
}
+ }
- for (i = 0; i < CURL_NUM_ACB; i++) {
- CURLAIOCB *acb = state->acb[i];
+ for (i = 0; i < CURL_NUM_ACB; i++) {
+ CURLAIOCB *acb = state->acb[i];
- if (acb == NULL) {
- continue;
- }
+ if (acb == NULL) {
+ continue;
+ }
+
+ if (!error) {
+ /* Assert that we have read all data */
+ assert(state->buf_off >= acb->end);
+
+ qemu_iovec_from_buf(acb->qiov, 0,
+ state->orig_buf + acb->start,
+ acb->end - acb->start);
- acb->ret = -EIO;
- state->acb[i] = NULL;
- qemu_mutex_unlock(&s->mutex);
- aio_co_wake(acb->co);
- qemu_mutex_lock(&s->mutex);
+ if (acb->end - acb->start < acb->bytes) {
+ size_t offset = acb->end - acb->start;
+ qemu_iovec_memset(acb->qiov, offset, 0,
+ acb->bytes - offset);
+ }
}
+
+ acb->ret = error ? -EIO : 0;
+ state->acb[i] = NULL;
+ qemu_mutex_unlock(&s->mutex);
+ aio_co_wake(acb->co);
+ qemu_mutex_lock(&s->mutex);
}
curl_clean_state(state);
--
2.17.1
- [PATCH 26/55] curl: Pass CURLSocket to curl_multi_do(), (continued)
- [PATCH 26/55] curl: Pass CURLSocket to curl_multi_do(), Michael Roth, 2019/11/05
- [PATCH 18/55] target/arm: Free TCG temps in trans_VMOV_64_sp(), Michael Roth, 2019/11/05
- [PATCH 01/55] dma-helpers: ensure AIO callback is invoked after cancellation, Michael Roth, 2019/11/05
- [PATCH 19/55] target/arm: Don't abort on M-profile exception return in linux-user mode, Michael Roth, 2019/11/05
- [PATCH 30/55] block/qcow2: Fix corruption introduced by commit 8ac0f15f335, Michael Roth, 2019/11/05
- [PATCH 29/55] blockjob: update nodes head while removing all bdrv, Michael Roth, 2019/11/05
- [PATCH 24/55] curl: Keep *socket until the end of curl_sock_cb(), Michael Roth, 2019/11/05
- [PATCH 20/55] libvhost-user: fix SLAVE_SEND_FD handling, Michael Roth, 2019/11/05
- [PATCH 27/55] curl: Report only ready sockets, Michael Roth, 2019/11/05
- [PATCH 36/55] make-release: pull in edk2 submodules so we can build it from tarballs, Michael Roth, 2019/11/05
- [PATCH 28/55] curl: Handle success in multi_check_completion,
Michael Roth <=
- [PATCH 32/55] qcow2: Fix corruption bug in qcow2_detect_metadata_preallocation(), Michael Roth, 2019/11/05
- [PATCH 02/55] Revert "ide/ahci: Check for -ECANCELED in aio callbacks", Michael Roth, 2019/11/05
- [PATCH 22/55] block/nfs: tear down aio before nfs_close, Michael Roth, 2019/11/05
- [PATCH 31/55] coroutine: Add qemu_co_mutex_assert_locked(), Michael Roth, 2019/11/05
- [PATCH 33/55] block/backup: fix max_transfer handling for copy_range, Michael Roth, 2019/11/05
- [PATCH 34/55] block/backup: fix backup_cow_with_offload for last cluster, Michael Roth, 2019/11/05
- [PATCH 39/55] block/snapshot: Restrict set of snapshot nodes, Michael Roth, 2019/11/05
- [PATCH 03/55] s390x/tcg: Fix VERIM with 32/64 bit elements, Michael Roth, 2019/11/05
- [PATCH 38/55] s390: PCI: fix IOMMU region init, Michael Roth, 2019/11/05
- [PATCH 45/55] mirror: Do not dereference invalid pointers, Michael Roth, 2019/11/05