From: Fiona Ebner Date: Thu, 19 Oct 2023 13:19:36 +0000 (+0200) Subject: blockdev: mirror: avoid potential deadlock when using iothread X-Git-Tag: v8.2.0~88^2~14 X-Git-Url: https://git.proxmox.com/?p=mirror_qemu.git;a=commitdiff_plain;h=302823854b078f0525cf1babcc4fc9ff7b7d5f71 blockdev: mirror: avoid potential deadlock when using iothread The bdrv_getlength() function is a generated co-wrapper and uses AIO_WAIT_WHILE() to wait for the spawned coroutine. AIO_WAIT_WHILE() expects the lock to be acquired exactly once. Fix a case where it may be acquired twice. This can happen when the source node is explicitly specified as the @replaces parameter or if the source node is a filter node. Signed-off-by: Fiona Ebner Message-ID: <20231019131936.414246-4-f.ebner@proxmox.com> Reviewed-by: Kevin Wolf Signed-off-by: Kevin Wolf --- diff --git a/blockdev.c b/blockdev.c index a01c62596b..877e3a26d4 100644 --- a/blockdev.c +++ b/blockdev.c @@ -2968,6 +2968,7 @@ static void blockdev_mirror_common(const char *job_id, BlockDriverState *bs, if (replaces) { BlockDriverState *to_replace_bs; + AioContext *aio_context; AioContext *replace_aio_context; int64_t bs_size, replace_size; @@ -2982,10 +2983,19 @@ static void blockdev_mirror_common(const char *job_id, BlockDriverState *bs, return; } + aio_context = bdrv_get_aio_context(bs); replace_aio_context = bdrv_get_aio_context(to_replace_bs); - aio_context_acquire(replace_aio_context); + /* + * bdrv_getlength() is a co-wrapper and uses AIO_WAIT_WHILE. Be sure not + * to acquire the same AioContext twice. + */ + if (replace_aio_context != aio_context) { + aio_context_acquire(replace_aio_context); + } replace_size = bdrv_getlength(to_replace_bs); - aio_context_release(replace_aio_context); + if (replace_aio_context != aio_context) { + aio_context_release(replace_aio_context); + } if (replace_size < 0) { error_setg_errno(errp, -replace_size,