On 08/29/2017 07:27 AM, Stefan Hajnoczi wrote: > The following segfault is encountered if the NBD server closes the UNIX > domain socket immediately after negotiation: >
> > In the mean time blk_co_preadv() can be called and nbd_coroutine_end() > calls aio_wake() on read_reply_co. At this point in time > read_reply_co's ctx isn't set because it has never been entered yet. > > This patch simplifies the nbd_co_send_request() -> > nbd_co_receive_reply() -> nbd_coroutine_end() lifecycle to just > nbd_co_send_request() -> nbd_co_receive_reply(). The request is "ended" > if an error occurs at any point. Callers no longer have to invoke > nbd_coroutine_end(). Vladimir's work also eliminated a separate call to nbd_coroutine_end. There will be some interesting rebase issues to resolve between the two, but I think we'll get there. > > This cleanup also eliminates the segfault because we don't call > aio_co_schedule() to wake up s->read_reply_co if sending the request > failed. It is only necessary to wake up s->read_reply_co if a reply was > received. > > Note this only happens with UNIX domain sockets on Linux. It doesn't > seem possible to reproduce this with TCP sockets. > > Suggested-by: Paolo Bonzini <pbonz...@redhat.com> > Signed-off-by: Stefan Hajnoczi <stefa...@redhat.com> > --- > block/nbd-client.c | 25 +++++++++---------------- > 1 file changed, 9 insertions(+), 16 deletions(-) > Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature