qemu/hw
Sergio Lopez 49b44549ac virtio-blk: On restart, process queued requests in the proper context
On restart, we were scheduling a BH to process queued requests, which
would run before starting up the data plane, leading to those requests
being assigned and started on coroutines on the main context.

This could cause requests to be wrongly processed in parallel from
different threads (the main thread and the iothread managing the data
plane), potentially leading to multiple issues.

For example, stopping and resuming a VM multiple times while the guest
is generating I/O on a virtio_blk device can trigger a crash with a
stack tracing looking like this one:

<------>
 Thread 2 (Thread 0x7ff736765700 (LWP 1062503)):
 #0  0x00005567a13b99d6 in iov_memset
     (iov=0x6563617073206f4e, iov_cnt=1717922848, offset=516096, fillc=0, bytes=7018105756081554803)
     at util/iov.c:69
 #1  0x00005567a13bab73 in qemu_iovec_memset
     (qiov=0x7ff73ec99748, offset=516096, fillc=0, bytes=7018105756081554803) at util/iov.c:530
 #2  0x00005567a12f411c in qemu_laio_process_completion (laiocb=0x7ff6512ee6c0) at block/linux-aio.c:86
 #3  0x00005567a12f42ff in qemu_laio_process_completions (s=0x7ff7182e8420) at block/linux-aio.c:217
 #4  0x00005567a12f480d in ioq_submit (s=0x7ff7182e8420) at block/linux-aio.c:323
 #5  0x00005567a12f43d9 in qemu_laio_process_completions_and_submit (s=0x7ff7182e8420)
     at block/linux-aio.c:236
 #6  0x00005567a12f44c2 in qemu_laio_poll_cb (opaque=0x7ff7182e8430) at block/linux-aio.c:267
 #7  0x00005567a13aed83 in run_poll_handlers_once (ctx=0x5567a2b58c70, timeout=0x7ff7367645f8)
     at util/aio-posix.c:520
 #8  0x00005567a13aee9f in run_poll_handlers (ctx=0x5567a2b58c70, max_ns=16000, timeout=0x7ff7367645f8)
     at util/aio-posix.c:562
 #9  0x00005567a13aefde in try_poll_mode (ctx=0x5567a2b58c70, timeout=0x7ff7367645f8)
     at util/aio-posix.c:597
 #10 0x00005567a13af115 in aio_poll (ctx=0x5567a2b58c70, blocking=true) at util/aio-posix.c:639
 #11 0x00005567a109acca in iothread_run (opaque=0x5567a2b29760) at iothread.c:75
 #12 0x00005567a13b2790 in qemu_thread_start (args=0x5567a2b694c0) at util/qemu-thread-posix.c:519
 #13 0x00007ff73eedf2de in start_thread () at /lib64/libpthread.so.0
 #14 0x00007ff73ec10e83 in clone () at /lib64/libc.so.6

 Thread 1 (Thread 0x7ff743986f00 (LWP 1062500)):
 #0  0x00005567a13b99d6 in iov_memset
     (iov=0x6563617073206f4e, iov_cnt=1717922848, offset=516096, fillc=0, bytes=7018105756081554803)
     at util/iov.c:69
 #1  0x00005567a13bab73 in qemu_iovec_memset
     (qiov=0x7ff73ec99748, offset=516096, fillc=0, bytes=7018105756081554803) at util/iov.c:530
 #2  0x00005567a12f411c in qemu_laio_process_completion (laiocb=0x7ff6512ee6c0) at block/linux-aio.c:86
 #3  0x00005567a12f42ff in qemu_laio_process_completions (s=0x7ff7182e8420) at block/linux-aio.c:217
 #4  0x00005567a12f480d in ioq_submit (s=0x7ff7182e8420) at block/linux-aio.c:323
 #5  0x00005567a12f4a2f in laio_do_submit (fd=19, laiocb=0x7ff5f4ff9ae0, offset=472363008, type=2)
     at block/linux-aio.c:375
 #6  0x00005567a12f4af2 in laio_co_submit
     (bs=0x5567a2b8c460, s=0x7ff7182e8420, fd=19, offset=472363008, qiov=0x7ff5f4ff9ca0, type=2)
     at block/linux-aio.c:394
 #7  0x00005567a12f1803 in raw_co_prw
     (bs=0x5567a2b8c460, offset=472363008, bytes=20480, qiov=0x7ff5f4ff9ca0, type=2)
     at block/file-posix.c:1892
 #8  0x00005567a12f1941 in raw_co_pwritev
     (bs=0x5567a2b8c460, offset=472363008, bytes=20480, qiov=0x7ff5f4ff9ca0, flags=0)
     at block/file-posix.c:1925
 #9  0x00005567a12fe3e1 in bdrv_driver_pwritev
     (bs=0x5567a2b8c460, offset=472363008, bytes=20480, qiov=0x7ff5f4ff9ca0, qiov_offset=0, flags=0)
     at block/io.c:1183
 #10 0x00005567a1300340 in bdrv_aligned_pwritev
     (child=0x5567a2b5b070, req=0x7ff5f4ff9db0, offset=472363008, bytes=20480, align=512, qiov=0x7ff72c0425b8, qiov_offset=0, flags=0) at block/io.c:1980
 #11 0x00005567a1300b29 in bdrv_co_pwritev_part
     (child=0x5567a2b5b070, offset=472363008, bytes=20480, qiov=0x7ff72c0425b8, qiov_offset=0, flags=0)
     at block/io.c:2137
 #12 0x00005567a12baba1 in qcow2_co_pwritev_task
     (bs=0x5567a2b92740, file_cluster_offset=472317952, offset=487305216, bytes=20480, qiov=0x7ff72c0425b8, qiov_offset=0, l2meta=0x0) at block/qcow2.c:2444
 #13 0x00005567a12bacdb in qcow2_co_pwritev_task_entry (task=0x5567a2b48540) at block/qcow2.c:2475
 #14 0x00005567a13167d8 in aio_task_co (opaque=0x5567a2b48540) at block/aio_task.c:45
 #15 0x00005567a13cf00c in coroutine_trampoline (i0=738245600, i1=32759) at util/coroutine-ucontext.c:115
 #16 0x00007ff73eb622e0 in __start_context () at /lib64/libc.so.6
 #17 0x00007ff6626f1350 in  ()
 #18 0x0000000000000000 in  ()
<------>

This is also known to cause crashes with this message (assertion
failed):

 aio_co_schedule: Co-routine was already scheduled in 'aio_co_schedule'

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1812765
Signed-off-by: Sergio Lopez <slp@redhat.com>
Message-Id: <20200603093240.40489-3-slp@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2020-06-17 14:53:39 +02:00
..
9pfs xen/9pfs: increase max ring order to 9 2020-05-25 11:45:40 +02:00
acpi pci: Convert uses of pci_create() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
adc hw/adc/stm32f2xx_adc: Correct memory region size and access size 2020-06-05 17:23:09 +01:00
alpha sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
arm * hw: arm: Set vendor property for IMX SDHCI emulations 2020-06-16 13:36:31 +01:00
audio qdev: Convert uses of qdev_create() with Coccinelle 2020-06-15 22:00:10 +02:00
block virtio-blk: On restart, process queued requests in the proper context 2020-06-17 14:53:39 +02:00
char qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
core Testing and plugin updates 2020-06-16 14:57:15 +01:00
cpu sysbus: Convert qdev_set_parent_bus() use with Coccinelle, part 3 2020-06-15 22:06:04 +02:00
cris sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
display sysbus: Convert qdev_set_parent_bus() use with Coccinelle, part 3 2020-06-15 22:06:04 +02:00
dma sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
gpio hw/unicore32/puv3: Use qemu_log_mask(ERROR) instead of debug printf() 2020-06-09 19:01:56 +02:00
hppa sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
hyperv qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
i2c qdev: Convert uses of qdev_create() with Coccinelle 2020-06-15 22:00:10 +02:00
i386 qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
ide hw/ide: Make IDEDMAOps handlers take a const IDEDMA pointer 2020-06-17 14:53:39 +02:00
input hw/input/pxa2xx_keypad: Replace hw_error() by qemu_log_mask() 2020-06-05 17:23:08 +01:00
intc qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
ipack qdev: Unrealize must not fail 2020-05-15 07:08:14 +02:00
ipmi various: Remove unnecessary OBJECT() cast 2020-05-15 07:08:14 +02:00
isa sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
lm32 sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
m68k sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
mem nvdimm: Plug memory leak in uuid property setter 2020-05-27 07:44:59 +02:00
microblaze qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
mips sysbus: Convert qdev_set_parent_bus() use with Coccinelle, part 1 2020-06-15 22:06:04 +02:00
misc * hw: arm: Set vendor property for IMX SDHCI emulations 2020-06-16 13:36:31 +01:00
moxie hw: Make MachineClass::is_default a boolean type 2020-02-28 14:57:19 -05:00
net * hw: arm: Set vendor property for IMX SDHCI emulations 2020-06-16 13:36:31 +01:00
nios2 sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
nubus hw: Remove unnecessary DEVICE() cast 2020-05-15 07:08:52 +02:00
nvram sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
openrisc sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
pci pci: pci_create(), pci_create_multifunction() are now unused, drop 2020-06-15 22:05:28 +02:00
pci-bridge sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
pci-host qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
pcmcia sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
ppc qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
rdma lockable: Replace locks with lock guard macros 2020-05-04 16:07:43 +01:00
riscv qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
rtc sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
s390x qdev: Convert bus-less devices to qdev_realize() with Coccinelle 2020-06-15 22:06:04 +02:00
scsi qdev: Convert uses of qdev_create() with Coccinelle 2020-06-15 22:00:10 +02:00
sd * hw: arm: Set vendor property for IMX SDHCI emulations 2020-06-16 13:36:31 +01:00
semihosting semihosting: remove the pthread include which seems unused 2020-06-10 11:29:44 +02:00
sh4 sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
smbios hw/smbios/smbios: Remove unused include 2020-02-06 10:38:57 +01:00
sparc sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
sparc64 sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
ssi ssi: ssi_create_slave_no_init() is now unused, drop 2020-06-15 22:05:28 +02:00
timer Trivial branch pull request 20200610 2020-06-11 19:22:52 +01:00
tpm hw/tpm: fix usage of bool in tpm-tis.c 2020-05-12 11:47:24 -04:00
tricore hw: Do not initialize MachineClass::is_default to 0 2020-02-28 14:57:19 -05:00
unicore32 hw/unicore32/puv3: Use qemu_log_mask(ERROR) instead of debug printf() 2020-06-09 19:01:56 +02:00
usb usb: Eliminate usb_try_create_simple() 2020-06-15 22:05:28 +02:00
vfio * Miscellaneous fixes and feature enablement (many) 2020-06-12 23:06:22 +01:00
virtio qom: Less verbose object_initialize_child() 2020-06-15 22:05:28 +02:00
watchdog hw/watchdog: Implement full i.MX watchdog support 2020-05-21 20:00:18 +01:00
xen sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
xenpv trivial: Remove xenfb_enabled from sysemu.h 2020-02-04 09:00:57 +01:00
xtensa sysbus: Convert to sysbus_realize() etc. with Coccinelle 2020-06-15 22:05:28 +02:00
Kconfig Remove the core bluetooth code 2019-12-17 09:01:14 +01:00
Makefile.objs xen: fix build without pci passthrough 2020-06-12 11:20:12 -04:00