aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGreg Kurz <groug@kaod.org>2017-04-04 18:06:01 +0200
committerGreg Kurz <groug@kaod.org>2017-04-04 18:06:01 +0200
commit18adde86ddc6dbef865a3d360bf8e15dce85756d (patch)
tree0a38997e37cd35a6ef5d52ef3e5bdab0e3fbf402
parent87cc4c61020addea6a001b94b662596b1896d1b3 (diff)
downloadqemu-18adde86ddc6dbef865a3d360bf8e15dce85756d.zip
qemu-18adde86ddc6dbef865a3d360bf8e15dce85756d.tar.gz
qemu-18adde86ddc6dbef865a3d360bf8e15dce85756d.tar.bz2
9pfs: fix multiple flush for same request
If a client tries to flush the same outstanding request several times, only the first flush completes. Subsequent ones keep waiting for the request completion in v9fs_flush() and, therefore, leak a PDU. This will cause QEMU to hang when draining active PDUs the next time the device is reset. Let have each flush request wake up the next one if any. The last waiter frees the cancelled PDU. Signed-off-by: Greg Kurz <groug@kaod.org> Reviewed-by: Eric Blake <eblake@redhat.com>
-rw-r--r--hw/9pfs/9p.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c
index 48babce..ef47a0a 100644
--- a/hw/9pfs/9p.c
+++ b/hw/9pfs/9p.c
@@ -2387,8 +2387,10 @@ static void coroutine_fn v9fs_flush(void *opaque)
* Wait for pdu to complete.
*/
qemu_co_queue_wait(&cancel_pdu->complete, NULL);
- cancel_pdu->cancelled = 0;
- pdu_free(cancel_pdu);
+ if (!qemu_co_queue_next(&cancel_pdu->complete)) {
+ cancel_pdu->cancelled = 0;
+ pdu_free(cancel_pdu);
+ }
}
pdu_complete(pdu, 7);
}