| Message ID | 20170410150542.30376-11-famz@redhat.com |
|---|---|
| State | New |
| Headers | show |
On 10/04/2017 23:05, Fam Zheng wrote: > bdrv_inc_in_flight and bdrv_dec_in_flight are mandatory for > BDRV_POLL_WHILE to work, even for the shortcut case where flush is > unnecessary. Move the if block to below bdrv_dec_in_flight, and BTW fix > the variable declaration position. > > Signed-off-by: Fam Zheng <famz@redhat.com> > --- > block/io.c | 16 +++++++++------- > 1 file changed, 9 insertions(+), 7 deletions(-) > > diff --git a/block/io.c b/block/io.c > index 00e45ca..bae6947 100644 > --- a/block/io.c > +++ b/block/io.c > @@ -2278,16 +2278,17 @@ static void coroutine_fn bdrv_flush_co_entry(void *opaque) > > int coroutine_fn bdrv_co_flush(BlockDriverState *bs) > { > - int ret; > - > - if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || > - bdrv_is_sg(bs)) { > - return 0; > - } > + int current_gen; > + int ret = 0; > > bdrv_inc_in_flight(bs); > > - int current_gen = bs->write_gen; > + if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || > + bdrv_is_sg(bs)) { > + goto early_exit; > + } > + > + current_gen = bs->write_gen; > > /* Wait until any previous flushes are completed */ > while (bs->active_flush_req) { > @@ -2370,6 +2371,7 @@ out: > /* Return value is ignored - it's ok if wait queue is empty */ > qemu_co_queue_next(&bs->flush_queue); > > +early_exit: > bdrv_dec_in_flight(bs); > return ret; > } > Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Am 10.04.2017 um 17:05 hat Fam Zheng geschrieben: > bdrv_inc_in_flight and bdrv_dec_in_flight are mandatory for > BDRV_POLL_WHILE to work, even for the shortcut case where flush is > unnecessary. Move the if block to below bdrv_dec_in_flight, and BTW fix > the variable declaration position. > > Signed-off-by: Fam Zheng <famz@redhat.com> > --- > block/io.c | 16 +++++++++------- > 1 file changed, 9 insertions(+), 7 deletions(-) > > diff --git a/block/io.c b/block/io.c > index 00e45ca..bae6947 100644 > --- a/block/io.c > +++ b/block/io.c > @@ -2278,16 +2278,17 @@ static void coroutine_fn bdrv_flush_co_entry(void *opaque) > > int coroutine_fn bdrv_co_flush(BlockDriverState *bs) > { > - int ret; > - > - if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || > - bdrv_is_sg(bs)) { > - return 0; > - } > + int current_gen; > + int ret = 0; > > bdrv_inc_in_flight(bs); As Coverity points out, we're now using bs... > - int current_gen = bs->write_gen; > + if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || ...before doing the NULL check. I'm not sure if we even need to have a NULL check here, but we would have to check all callers to make sure that it's unnecessary. Before commit 29cdb251, it only checked bs->drv and I don't see how that commit introduced a NULL caller, but maybe one was added later. In any case, bdrv_co_flush() needs a fix, either remove the NULL check or do it first. > + bdrv_is_sg(bs)) { > + goto early_exit; > + } Kevin
On Tue, 04/25 17:16, Kevin Wolf wrote: > Am 10.04.2017 um 17:05 hat Fam Zheng geschrieben: > > bdrv_inc_in_flight and bdrv_dec_in_flight are mandatory for > > BDRV_POLL_WHILE to work, even for the shortcut case where flush is > > unnecessary. Move the if block to below bdrv_dec_in_flight, and BTW fix > > the variable declaration position. > > > > Signed-off-by: Fam Zheng <famz@redhat.com> > > --- > > block/io.c | 16 +++++++++------- > > 1 file changed, 9 insertions(+), 7 deletions(-) > > > > diff --git a/block/io.c b/block/io.c > > index 00e45ca..bae6947 100644 > > --- a/block/io.c > > +++ b/block/io.c > > @@ -2278,16 +2278,17 @@ static void coroutine_fn bdrv_flush_co_entry(void *opaque) > > > > int coroutine_fn bdrv_co_flush(BlockDriverState *bs) > > { > > - int ret; > > - > > - if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || > > - bdrv_is_sg(bs)) { > > - return 0; > > - } > > + int current_gen; > > + int ret = 0; > > > > bdrv_inc_in_flight(bs); > > As Coverity points out, we're now using bs... > > > - int current_gen = bs->write_gen; > > + if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || > > ...before doing the NULL check. > > I'm not sure if we even need to have a NULL check here, but we would have > to check all callers to make sure that it's unnecessary. Before commit > 29cdb251, it only checked bs->drv and I don't see how that commit > introduced a NULL caller, but maybe one was added later. > > In any case, bdrv_co_flush() needs a fix, either remove the NULL check > or do it first. After auditing the callers and knowing the fact that the above bdrv_inc_in_flight didn't cause a problem, I think removing the NULL check is fine. I'll send a patch. Thanks. Fam > > > + bdrv_is_sg(bs)) { > > + goto early_exit; > > + } > > Kevin
diff --git a/block/io.c b/block/io.c index 00e45ca..bae6947 100644 --- a/block/io.c +++ b/block/io.c @@ -2278,16 +2278,17 @@ static void coroutine_fn bdrv_flush_co_entry(void *opaque) int coroutine_fn bdrv_co_flush(BlockDriverState *bs) { - int ret; - - if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || - bdrv_is_sg(bs)) { - return 0; - } + int current_gen; + int ret = 0; bdrv_inc_in_flight(bs); - int current_gen = bs->write_gen; + if (!bs || !bdrv_is_inserted(bs) || bdrv_is_read_only(bs) || + bdrv_is_sg(bs)) { + goto early_exit; + } + + current_gen = bs->write_gen; /* Wait until any previous flushes are completed */ while (bs->active_flush_req) { @@ -2370,6 +2371,7 @@ out: /* Return value is ignored - it's ok if wait queue is empty */ qemu_co_queue_next(&bs->flush_queue); +early_exit: bdrv_dec_in_flight(bs); return ret; }
bdrv_inc_in_flight and bdrv_dec_in_flight are mandatory for BDRV_POLL_WHILE to work, even for the shortcut case where flush is unnecessary. Move the if block to below bdrv_dec_in_flight, and BTW fix the variable declaration position. Signed-off-by: Fam Zheng <famz@redhat.com> --- block/io.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-)