ed795e95d8
- kvm-block-Lock-AioContext-for-drain_end-in-blockdev-reop.patch [bz#2046659] - kvm-iotests-Test-blockdev-reopen-with-iothreads-and-thro.patch [bz#2046659] - kvm-block-nbd-Delete-reconnect-delay-timer-when-done.patch [bz#2033626] - kvm-block-nbd-Assert-there-are-no-timers-when-closed.patch [bz#2033626] - kvm-iotests.py-Add-QemuStorageDaemon-class.patch [bz#2033626] - kvm-iotests-281-Test-lingering-timers.patch [bz#2033626] - kvm-block-nbd-Move-s-ioc-on-AioContext-change.patch [bz#2033626] - kvm-iotests-281-Let-NBD-connection-yield-in-iothread.patch [bz#2033626] - Resolves: bz#2046659 (qemu crash after execute blockdev-reopen with iothread) - Resolves: bz#2033626 (Qemu core dump when start guest with nbd node or do block jobs to nbd node)
53 lines
1.9 KiB
Diff
53 lines
1.9 KiB
Diff
From 76b03619435d0b2f0125ee7aa5c94f2b889247de Mon Sep 17 00:00:00 2001
|
|
From: Hanna Reitz <hreitz@redhat.com>
|
|
Date: Fri, 4 Feb 2022 12:10:08 +0100
|
|
Subject: [PATCH 4/8] block/nbd: Assert there are no timers when closed
|
|
|
|
RH-Author: Hanna Reitz <hreitz@redhat.com>
|
|
RH-MergeRequest: 74: block/nbd: Handle AioContext changes
|
|
RH-Commit: [2/6] 56903457ca35d9c596aeb6827a48f80e8eabd66a (hreitz/qemu-kvm-c-9-s)
|
|
RH-Bugzilla: 2033626
|
|
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
|
|
RH-Acked-by: Eric Blake <eblake@redhat.com>
|
|
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
|
|
|
|
Our two timers must not remain armed beyond nbd_clear_bdrvstate(), or
|
|
they will access freed data when they fire.
|
|
|
|
This patch is separate from the patches that actually fix the issue
|
|
(HEAD^^ and HEAD^) so that you can run the associated regression iotest
|
|
(281) on a configuration that reproducibly exposes the bug.
|
|
|
|
Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
|
|
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
|
|
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com>
|
|
(cherry picked from commit 8a39c381e5e407d2fe5500324323f90a8540fa90)
|
|
|
|
Conflict:
|
|
- block/nbd.c: open_timer was introduced after the 6.2 release (for
|
|
nbd's @open-timeout parameter), and has not been backported, so drop
|
|
the assertion that it is NULL
|
|
|
|
Signed-off-by: Hanna Reitz <hreitz@redhat.com>
|
|
---
|
|
block/nbd.c | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/block/nbd.c b/block/nbd.c
|
|
index b8e5a9b4cc..aab20125d8 100644
|
|
--- a/block/nbd.c
|
|
+++ b/block/nbd.c
|
|
@@ -108,6 +108,9 @@ static void nbd_clear_bdrvstate(BlockDriverState *bs)
|
|
|
|
yank_unregister_instance(BLOCKDEV_YANK_INSTANCE(bs->node_name));
|
|
|
|
+ /* Must not leave timers behind that would access freed data */
|
|
+ assert(!s->reconnect_delay_timer);
|
|
+
|
|
object_unref(OBJECT(s->tlscreds));
|
|
qapi_free_SocketAddress(s->saddr);
|
|
s->saddr = NULL;
|
|
--
|
|
2.27.0
|
|
|