mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
971bea8089
qemu/block
History
Hanna Reitz 4d378bbd83 block: Make bdrv_refresh_limits() non-recursive 
bdrv_refresh_limits() recurses down to the node's children.  That does
not seem necessary: When we refresh limits on some node, and then
recurse down and were to change one of its children's BlockLimits, then
that would mean we noticed the changed limits by pure chance.  The fact
that we refresh the parent's limits has nothing to do with it, so the
reason for the change probably happened before this point in time, and
we should have refreshed the limits then.

Consequently, we should actually propagate block limits changes upwards,
not downwards.  That is a separate and pre-existing issue, though, and
so will not be addressed in this patch.

The problem with recursing is that bdrv_refresh_limits() is not atomic.
It begins with zeroing BDS.bl, and only then sets proper, valid limits.
If we do not drain all nodes whose limits are refreshed, then concurrent
I/O requests can encounter invalid request_alignment values and crash
qemu.  Therefore, a recursing bdrv_refresh_limits() requires the whole
subtree to be drained, which is currently not ensured by most callers.

A non-recursive bdrv_refresh_limits() only requires the node in question
to not receive I/O requests, and this is done by most callers in some
way or another:
- bdrv_open_driver() deals with a new node with no parents yet
- bdrv_set_file_or_backing_noperm() acts on a drained node
- bdrv_reopen_commit() acts only on drained nodes
- bdrv_append() should in theory require the node to be drained; in
  practice most callers just lock the AioContext, which should at least
  be enough to prevent concurrent I/O requests from accessing invalid
  limits

So we can resolve the bug by making bdrv_refresh_limits() non-recursive.

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1879437
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
Message-Id: <20220216105355.30729-2-hreitz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
2022-03-04 18:18:26 +01:00
..
export block/export/fuse.c: allow writable exports to take RESIZE permission 2022-03-04 18:18:25 +01:00
monitor assertions for block_int global state API 2022-03-04 18:18:25 +01:00
accounting.c block/accounting: Use lock guard macros 2020-12-11 17:52:39 +01:00
aio_task.c block/aio_task: assert max_busy_tasks is greater than 0 2021-10-05 18:56:41 +02:00
amend.c crypto: perform permission checks under BQL 2022-03-04 18:14:39 +01:00
backup.c assertions for block_int global state API 2022-03-04 18:18:25 +01:00
blkdebug.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
blklogwrites.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
blkreplay.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
blkverify.c block: use int64_t instead of uint64_t in driver write handlers 2021-09-29 13:46:31 -05:00
block-backend.c block/coroutines: I/O and "I/O or GS" API 2022-03-04 18:18:25 +01:00
block-copy.c block/block-copy: block_copy_state_new(): drop extra arguments 2021-09-01 14:38:08 +02:00
block-gen.h scripts: add block-coroutine-wrapper.py 2020-10-05 10:59:06 +01:00
bochs.c block: use int64_t instead of uint64_t in driver read handlers 2021-09-29 13:46:31 -05:00
cloop.c block: use int64_t instead of uint64_t in driver read handlers 2021-09-29 13:46:31 -05:00
commit.c assertions for block_int global state API 2022-03-04 18:18:25 +01:00
copy-before-write.c block/copy-before-write.h: global state API + assertions 2022-03-04 18:18:25 +01:00
copy-before-write.h block/copy-before-write.h: global state API + assertions 2022-03-04 18:18:25 +01:00
copy-on-read.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
copy-on-read.h copy-on-read: add filter drop function 2021-01-26 11:26:54 +01:00
coroutines.h block/coroutines: I/O and "I/O or GS" API 2022-03-04 18:18:25 +01:00
create.c block_int-common.h: assertions in the callers of BlockDriver function pointers 2022-03-04 18:18:25 +01:00
crypto.c crypto: distinguish between main loop and I/O in block_crypto_amend_options_generic_luks 2022-03-04 18:14:40 +01:00
crypto.h nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
curl.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
dirty-bitmap.c IO_CODE and IO_OR_GS_CODE for block_int I/O API 2022-03-04 18:18:25 +01:00
dmg-bz2.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
dmg-lzfse.c block: Remove unused include 2020-11-09 15:44:21 +01:00
dmg.c block: use int64_t instead of uint64_t in driver read handlers 2021-09-29 13:46:31 -05:00
dmg.h Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
file-posix.c block/file-posix: Simplify the XFS_IOC_DIOINFO handling 2022-01-12 14:09:04 +01:00
file-win32.c block: use int64_t instead of uint64_t in driver write handlers 2021-09-29 13:46:31 -05:00
filter-compress.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
gluster.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
io_uring.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
io.c block: Make bdrv_refresh_limits() non-recursive 2022-03-04 18:18:26 +01:00
iscsi-opts.c modules: add block module annotations 2021-07-09 18:20:27 +02:00
iscsi.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
linux-aio.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
meson.build include/block/block: split header into I/O and global state API 2022-03-04 18:18:25 +01:00
mirror.c assertions for block_int global state API 2022-03-04 18:18:25 +01:00
nbd.c block/coroutines: I/O and "I/O or GS" API 2022-03-04 18:18:25 +01:00
nfs.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
null.c block: use int64_t instead of uint64_t in driver write handlers 2021-09-29 13:46:31 -05:00
nvme.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
parallels-ext.c parallels: support bitmap extension for read-only mode 2021-03-08 14:56:55 +01:00
parallels.c block: introduce bdrv_activate 2022-03-04 18:14:40 +01:00
parallels.h parallels: support bitmap extension for read-only mode 2021-03-08 14:56:55 +01:00
preallocate.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
progress_meter.c progressmeter: protect with a mutex 2021-06-25 14:24:24 +03:00
qapi-sysemu.c block: Move system emulator QMP commands to block/qapi-sysemu.c 2020-03-06 17:15:38 +01:00
qapi.c block: use GDateTime for formatting timestamp when dumping snapshot info 2021-06-14 13:28:50 +01:00
qcow2-bitmap.c nbd patches for 2021-03-09 2021-03-11 13:57:08 +00:00
qcow2-cache.c core: replace getpagesize() with qemu_real_host_page_size 2019-10-26 15:38:06 +02:00
qcow2-cluster.c qcow2: Silence clang -m32 compiler warning 2021-10-15 15:39:38 -05:00
qcow2-refcount.c qcow2-refcount: check_refblocks(): add separate message for reserved 2021-09-15 18:42:38 +02:00
qcow2-snapshot.c block: consistently use bdrv_is_read_only() 2021-06-02 14:23:20 +02:00
qcow2-threads.c qcow2: add zstd cluster compression 2020-05-13 14:20:31 +02:00
qcow2.c qcow2: simple case support for downgrading of qcow2 images with zstd 2022-02-01 10:51:39 +01:00
qcow2.h qcow2-refcount: check_refblocks(): add separate message for reserved 2021-09-15 18:42:38 +02:00
qcow.c block: use int64_t instead of uint64_t in driver write handlers 2021-09-29 13:46:31 -05:00
qed-check.c block/qed: add missed coroutine_fn markers 2019-04-30 15:29:00 +02:00
qed-cluster.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed-l2-cache.c qed: protect table cache with CoMutex 2017-07-17 11:34:11 +08:00
qed-table.c block/qed: add missed coroutine_fn markers 2019-04-30 15:29:00 +02:00
qed.c block: use int64_t instead of int in driver write_zeroes handlers 2021-09-29 13:46:32 -05:00
qed.h qed: Simplify backing reads 2020-07-06 10:34:14 +02:00
quorum.c block: use int64_t instead of int in driver write_zeroes handlers 2021-09-29 13:46:32 -05:00
raw-format.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
rbd.c block/rbd: workaround for ceph issue #53784 2022-02-01 15:16:32 +01:00
replication.c job: @force parameter for job_cancel_sync() 2021-10-07 10:42:09 +02:00
snapshot.c include/block/snapshot: global state API + assertions 2022-03-04 18:18:25 +01:00
ssh.c block: print the server key type and fingerprint on failure 2022-02-16 14:34:16 +00:00
stream.c assertions for block_int global state API 2022-03-04 18:18:25 +01:00
throttle-groups.c block/throttle-groups: throttle_group_co_io_limits_intercept(): 64bit bytes 2021-02-03 08:14:00 -06:00
throttle.c block: use int64_t instead of int in driver discard handlers 2021-09-29 13:46:32 -05:00
trace-events block/nvme: Display CQ/SQ pointer in nvme_free_queue_pair() 2021-11-02 15:49:12 +01:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vdi.c block: use int64_t instead of uint64_t in driver write handlers 2021-09-29 13:46:31 -05:00
vhdx-endian.c Include qemu-common.h exactly where needed 2019-06-12 13:20:20 +02:00
vhdx-log.c block: consistently use bdrv_is_read_only() 2021-06-02 14:23:20 +02:00
vhdx.c block/vhdx: Support vhdx image only with 512 bytes logical sector size 2020-09-15 11:05:13 +02:00
vhdx.h block/vhdx: Use IEC binary prefixes for size constants 2019-04-30 15:29:00 +02:00
vmdk.c vmdk: allow specification of tools version 2021-11-02 12:47:51 +01:00
vpc.c block/vpc: Add a sanity check that fixed-size images have the right type 2021-11-02 12:47:51 +01:00
vvfat.c vvfat: Fix vvfat_write() for writes before the root directory 2022-01-14 12:03:16 +01:00
win32-aio.c aio-posix: split poll check from ready handler 2022-01-12 17:09:39 +00:00
write-threshold.c write-threshold: deal with includes 2021-05-14 16:14:10 +02:00