[Devel] [PATCH VZ10] vhost-blk: fix in-flight request counter leakage

[Andrey Drobyshev]

Upon request completion, vhost_blk_handle_host_kick() pops the request from
the queue and writes one status byte into the guest's status iov via
vhost_blk_set_status().

If for whatever reason vhost_blk_set_status() fails (e.g. virtio device
reset/disable on that queue, or QEMU-driven device state changes like
block_resize) - we end up forgetting to call forget_request() and
decrease the in-flight counter.  Thus it remains > 0 forever.

Later upon guest shutdown, when flush happens, we end up forever waiting
in D state in vhost_blk_flush() on this operation:

  wait_event(blk->flush_wait, !atomic_read(&blk->req_inflight[flush_bin]));

So that even SIGKILL can't reap the QEMU process.  That's exactly what
we observed in hci-volumes test after block_resize.

Fix by adjusting the loop body so that forget_request() is always called
unconditionally.

https://virtuozzo.atlassian.net/browse/VSTOR-132571
Fixes: 40a5928ec730 ("drivers/vhost: vhost-blk accelerator for virtio-blk guests")
Signed-off-by: Andrey Drobyshev <andrey.drobyshev at virtuozzo.com>
---
 drivers/vhost/blk.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/drivers/vhost/blk.c b/drivers/vhost/blk.c
index 5acdf973ac71..b11f08f878f4 100644
--- a/drivers/vhost/blk.c
+++ b/drivers/vhost/blk.c
@@ -586,11 +586,10 @@ static void vhost_blk_handle_host_kick(struct vhost_work *work)
 
 		status = req->bio_err == 0 ?  VIRTIO_BLK_S_OK : VIRTIO_BLK_S_IOERR;
 		ret = vhost_blk_set_status(req, status);
-		if (unlikely(ret))
-			continue;
-
-		vhost_add_used(vq, req->head, req->len);
-		added = true;
+		if (likely(!ret)) {
+			vhost_add_used(vq, req->head, req->len);
+			added = true;
+		}
 
 		forget_request(req);
 	}
-- 
2.47.1