On Thu, Nov 29, 2012 at 10:37 PM, Stefan Priebe <[email protected]> wrote: > @@ -568,6 +562,10 @@ static void qemu_rbd_aio_cancel(BlockDriverAIOCB > *blockacb) > { > RBDAIOCB *acb = (RBDAIOCB *) blockacb; > acb->cancelled = 1; > + > + while (acb->status == -EINPROGRESS) { > + qemu_aio_wait(); > + } > } > > static const AIOCBInfo rbd_aiocb_info = { > @@ -639,6 +637,7 @@ static void rbd_aio_bh_cb(void *opaque) > acb->common.cb(acb->common.opaque, (acb->ret > 0 ? 0 : acb->ret)); > qemu_bh_delete(acb->bh); > acb->bh = NULL; > + acb->status = 0; > > qemu_aio_release(acb); > }
We cannot release acb in rbd_aio_bh_cb() when acb->cancelled == 1 because qemu_rbd_aio_cancel() still accesses it. This was discussed in an early version of the patch. Stefan
