ploop: don't forget to dec preq->io_count on a error path

Submitted by Andrei Vagin on Feb. 15, 2018, 1:27 a.m.

Details

Message ID 1518658033-3299-1-git-send-email-avagin@openvz.org
State New
Series "ploop: don't forget to dec preq->io_count on a error path"
Headers show

Commit Message

Andrei Vagin Feb. 15, 2018, 1:27 a.m.
[This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing]

preq->io_count is incrimented before calling aio_kernel_submit()
and it is decrimented in kaio_rw_aio_complete().

But if aio_kernel_submit() failed , preq->io_count has to be decrimented
before exiting from the function.
---
 drivers/block/ploop/io_kaio.c | 1 +
 1 file changed, 1 insertion(+)

--
1.8.3.1

Patch hide | download patch | download mbox

diff --git a/drivers/block/ploop/io_kaio.c b/drivers/block/ploop/io_kaio.c
index 2e48d13..6d922f5 100644
--- a/drivers/block/ploop/io_kaio.c
+++ b/drivers/block/ploop/io_kaio.c
@@ -686,6 +686,7 @@  kaio_io_page(struct ploop_io * io, int op, struct ploop_request * preq,
                       err, (op == IOCB_CMD_WRITE_ITER) ? "WRITE" : "READ",
                       preq->eng_state, preq->state, pos);
                PLOOP_REQ_SET_ERROR(preq, err);
+               ploop_complete_io_request(preq);
        }

 out:

Comments

Vasily Averin March 1, 2018, 10:19 a.m.
Andrey,
please take look at comment below.

On 2018-02-15 04:27, Andrei Vagin wrote:
> [This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing]
> 
> preq->io_count is incrimented before calling aio_kernel_submit()
> and it is decrimented in kaio_rw_aio_complete().
> 
> But if aio_kernel_submit() failed , preq->io_count has to be decrimented
> before exiting from the function.
> ---
>  drivers/block/ploop/io_kaio.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/drivers/block/ploop/io_kaio.c b/drivers/block/ploop/io_kaio.c
> index 2e48d13..6d922f5 100644
> --- a/drivers/block/ploop/io_kaio.c
> +++ b/drivers/block/ploop/io_kaio.c
> @@ -686,6 +686,7 @@ kaio_io_page(struct ploop_io * io, int op, struct ploop_request * preq,
>                        err, (op == IOCB_CMD_WRITE_ITER) ? "WRITE" : "READ",
>                        preq->eng_state, preq->state, pos);
>                 PLOOP_REQ_SET_ERROR(preq, err);
> +               ploop_complete_io_request(preq);

Kostja pointed me this patch for vz6.

vz6 seems is affected too,
however I think it's better to use atomic_dec(&preq->io_count) here:
it should balance atomic_inc called before aio_kernel_submit()
and should not double ploop_complete_io_request called below.

How do you think?

>         }
> 
>  out:
> --
> 1.8.3.1
> 
> 
> _______________________________________________
> Devel mailing list
> Devel@openvz.org
> https://lists.openvz.org/mailman/listinfo/devel
>
Andrey Vagin March 2, 2018, 11:15 p.m.
On Thu, Mar 01, 2018 at 01:19:10PM +0300, Vasily Averin wrote:
> Andrey,
> please take look at comment below.
> 
> On 2018-02-15 04:27, Andrei Vagin wrote:
> > [This sender failed our fraud detection checks and may not be who they appear to be. Learn about spoofing at http://aka.ms/LearnAboutSpoofing]
> > 
> > preq->io_count is incrimented before calling aio_kernel_submit()
> > and it is decrimented in kaio_rw_aio_complete().
> > 
> > But if aio_kernel_submit() failed , preq->io_count has to be decrimented
> > before exiting from the function.
> > ---
> >  drivers/block/ploop/io_kaio.c | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/drivers/block/ploop/io_kaio.c b/drivers/block/ploop/io_kaio.c
> > index 2e48d13..6d922f5 100644
> > --- a/drivers/block/ploop/io_kaio.c
> > +++ b/drivers/block/ploop/io_kaio.c
> > @@ -686,6 +686,7 @@ kaio_io_page(struct ploop_io * io, int op, struct ploop_request * preq,
> >                        err, (op == IOCB_CMD_WRITE_ITER) ? "WRITE" : "READ",
> >                        preq->eng_state, preq->state, pos);
> >                 PLOOP_REQ_SET_ERROR(preq, err);
> > +               ploop_complete_io_request(preq);
> 
> Kostja pointed me this patch for vz6.
> 
> vz6 seems is affected too,
> however I think it's better to use atomic_dec(&preq->io_count) here:
> it should balance atomic_inc called before aio_kernel_submit()
> and should not double ploop_complete_io_request called below.

There is nothing bad to call ploop_complete_io_request() twice. In a
success case, this reference is dropped by kaio_rw_kreq_complete(),
which calls ploop_complete_io_request() too.

> 
> How do you think?
> 
> >         }
> > 
> >  out:
> > --
> > 1.8.3.1
> > 
> > 
> > _______________________________________________
> > Devel mailing list
> > Devel@openvz.org
> > https://lists.openvz.org/mailman/listinfo/devel
> >