nvme_driver: admin aer handler should respond with proper failure and status messages when in a failed state (#2658) #2688
+94
−14
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… status messages when in a failed state (microsoft#2658) When the `AdminAerHandler` enters a failed state, it stops responding to `get_next_aen` requests. As a result, the driver’s `handle_asynchronous_events` loop becomes stuck—no errors are surfaced, the function never fails, and we lose both the original failure context and any indication that AER processing has halted. This PR introduces clearer failure semantics for the `AdminAerHandler`. When the handler fails, it now records the most recent error and returns that error for any in‑flight or future AEN requests. This ensures that the handle async event loop receives a definitive failure signal instead of waiting indefinitely. With this change, it becomes the responsibility of `handle_asynchronous_events` loop to avoid repeatedly issuing AEN requests once a failure is reported. Longer term, this structure sets us up for a more robust AER‑restart strategy—where the handler may fail but can be restarted under specific conditions, with the async event task deciding when a restart is appropriate. Current:  Updated:  (cherry picked from commit e23b493)
github-actions
bot
added
the
release_1.7.2511
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes a critical issue in the NVMe driver's Asynchronous Event Request (AER) handler where failed completions would cause the handler to silently stop responding, leaving the handle_asynchronous_events loop indefinitely waiting. The fix introduces proper failure semantics: when the AdminAerHandler encounters a failed completion, it now records the error status and returns that error for any in-flight or future AEN requests, allowing the driver's async event loop to detect the failure and exit gracefully.
Changes:
- Modified
AdminAerHandlerto track failure status and propagate errors to waiting AEN requests - Updated RPC signatures throughout the AER handling chain to support error results
- Added comprehensive unit test to verify correct failure handling behavior
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| vm/devices/storage/disk_nvme/nvme_driver/src/tests.rs | Adds unit test verifying that failed AER completions are properly reported and prevent further AER issuance |
| vm/devices/storage/disk_nvme/nvme_driver/src/queue_pair.rs | Updates AER handler to store failure status, propagate errors through RPC channels, and stop issuing AERs after failures |
mattkur
approved these changes
Jan 24, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Clean cherry pick of PR #2658
When the
AdminAerHandlerenters a failed state, it stops responding toget_next_aenrequests. As a result, the driver’shandle_asynchronous_eventsloop becomes stuck—no errors are surfaced, the function never fails, and we lose both the original failure context and any indication that AER processing has halted.This PR introduces clearer failure semantics for the
AdminAerHandler. When the handler fails, it now records the most recent error and returns that error for any in‑flight or future AEN requests. This ensures that the handle async event loop receives a definitive failure signal instead of waiting indefinitely.With this change, it becomes the responsibility of
handle_asynchronous_eventsloop to avoid repeatedly issuing AEN requests once a failure is reported. Longer term, this structure sets us up for a more robust AER‑restart strategy—where the handler may fail but can be restarted under specific conditions, with the async event task deciding when a restart is appropriate.Current:
Updated:
