mirrors/qemu
0
0
Fork 0
mirror of https://github.com/qemu/qemu.git synced 2024-11-23 19:03:38 +08:00
Code Issues Packages Projects Releases Wiki Activity

qemu-img: fix in-flight count for qemu-img bench

Browse Source 
With aio=native (qemu-img bench -n) one or more requests can be completed
when a new request is submitted.  This in turn can cause bench_cb to
recurse before b->in_flight is updated.  This causes multiple I/Os
to be submitted with the same offset and, furthermore, the blk_aio_*
coroutines are never freed and qemu-img aborts.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: John Snow <jsnow@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit is contained in:
Paolo Bonzini 2016-12-07 16:08:27 +01:00 committed by Kevin Wolf
parent ffe22bf510
commit 4baaa8c3d8
1 changed files with 10 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
qemu-img.c
View File

@ -3559,20 +3559,23 @@ static void bench_cb(void *opaque, int ret)
}
while (b->n > b->in_flight && b->in_flight < b->nrreq) {
int64_t offset = b->offset;
/* blk_aio_* might look for completed I/Os and kick bench_cb
* again, so make sure this operation is counted by in_flight
* and b->offset is ready for the next submission.
*/
b->in_flight++;
b->offset += b->step;
b->offset %= b->image_size;
if (b->write) {
acb = blk_aio_pwritev(b->blk, b->offset, b->qiov, 0,
bench_cb, b);
acb = blk_aio_pwritev(b->blk, offset, b->qiov, 0, bench_cb, b);
} else {
acb = blk_aio_preadv(b->blk, b->offset, b->qiov, 0,
bench_cb, b);
acb = blk_aio_preadv(b->blk, offset, b->qiov, 0, bench_cb, b);
}
if (!acb) {
error_report("Failed to issue request");
exit(EXIT_FAILURE);
}
b->in_flight++;
b->offset += b->step;
b->offset %= b->image_size;
}
}