We cannot access the buffer of the canceled I/O request because its AIOCB callback is already called and the buffer is not valid.
Signed-off-by: MORITA Kazutaka <[email protected]> --- block/sheepdog.c | 12 ++++++++++-- 1 files changed, 10 insertions(+), 2 deletions(-) diff --git a/block/sheepdog.c b/block/sheepdog.c index ed98701..6f60721 100644 --- a/block/sheepdog.c +++ b/block/sheepdog.c @@ -79,6 +79,7 @@ #define SD_DATA_OBJ_SIZE (UINT64_C(1) << 22) #define SD_MAX_VDI_SIZE (SD_DATA_OBJ_SIZE * MAX_DATA_OBJS) #define SECTOR_SIZE 512 +#define BUF_SIZE 4096 #define SD_INODE_SIZE (sizeof(SheepdogInode)) #define CURRENT_VDI_ID 0 @@ -900,8 +901,15 @@ static void aio_read_response(void *opaque) } conn_state = C_IO_DATA; case C_IO_DATA: - ret = do_readv(fd, acb->qiov->iov, aio_req->data_len - done, - aio_req->iov_offset + done); + if (acb->canceled) { + char tmp_buf[BUF_SIZE]; + int len = MIN(aio_req->data_len - done, sizeof(tmp_buf)); + + ret = do_read(fd, tmp_buf, len, 0); + } else { + ret = do_readv(fd, acb->qiov->iov, aio_req->data_len - done, + aio_req->iov_offset + done); + } if (ret < 0) { error_report("failed to get the data, %s\n", strerror(errno)); conn_state = C_IO_CLOSED; -- 1.5.6.5
