On Thu, 08/21 17:52, Stefan Hajnoczi wrote:
> On Thu, Aug 21, 2014 at 07:56:53PM +0800, Fam Zheng wrote:
> > @@ -446,12 +439,25 @@ static void error_callback_bh(void *opaque)
> > qemu_aio_release(acb);
> > }
> >
> > +static void blkdebug_aio_cancel_async(BlockDriverAIOCB *blockacb)
> > +{
> > + BlkdebugAIOCB *acb = container_of(blockacb, BlkdebugAIOCB, common);
> > + blockacb->cb(blockacb->opaque, -ECANCELED);
> > + qemu_aio_release(acb);
> > +}
> > +
> > static void blkdebug_aio_cancel(BlockDriverAIOCB *blockacb)
> > {
> > BlkdebugAIOCB *acb = container_of(blockacb, BlkdebugAIOCB, common);
> > qemu_aio_release(acb);
> > }
>
> Both blkdebug_aio_cancel() and blkdebug_aio_cancel_async() look
> incorrect. It is not safe to release acb because the
> error_callback_bh() BH may still be scheduled.
>
> I guess we don't hit this problem because the error injection happens
> within the same event loop iteration. In practice no one ever calls
> blkdebug_aio_cancel()?
>
I'll drop this patch and send a separate fix for blkdebug_aio_cancel.
Fam
