On 09/09/2011 03:34 PM, Kevin Wolf wrote:
So the release that we avoid is the release in the callback that may or
may not be called indirectly by bdrv_aio_cancel. We always call
dma_complete at the end of dma_aio_cancel so that it will be properly freed.
In fact it may be worse than just the qemu_aio_release: if the driver is
waiting for the request to complete, it will write over the bounce
buffer after dma_bdrv_unmap has been called.
How that? dma_bdrv_unmap is called only afterwards, isn't it?
I had missed your point completely. :) Yes, the above should work.
Paolo
