From: Paolo Bonzini <pbonzini@redhat.com>
To: Fam Zheng <famz@redhat.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH v2 4/4] dma-helpers: Move reschedule_dma BH to blk's AioContext
Date: Fri, 13 Mar 2015 13:33:46 +0100 [thread overview]
Message-ID: <5502D92A.5070907@redhat.com> (raw)
In-Reply-To: <5502C074.2060807@redhat.com>
On 13/03/2015 11:48, Paolo Bonzini wrote:
> > The other possibility is grab a reference for the cpu_register_map_client call,
> > and release it in reschedule_dma. This way the atomics can keep, but we'll need
> > a "finished" flag in DMAAIOCB to avoid double completion.
> Considering this is a slow path, a lock seems preferrable.
And another problem...
You need to be careful about dma_aio_cancel running together with the
continue_after_map_failure, because continue_after_map_failure can be
called by another thread. You could have
continue_after_map_failure dma_aio_cancel
------------------------------------------------------------------
aio_bh_new
qemu_bh_delete
qemu_bh_schedule (use after free)
To fix this, my suggestion is to pass a BH directly to
cpu_register_map_client (possibly to cpu_unregister_map_client as well?
seems to have pros and cons). Then cpu_notify_clients can run entirely
with the lock taken, and not race against cpu_unregister_map_client.
dma_aio_cancel can just do cpu_unregister_map_client followed by
qemu_bh_delete.
Paolo
prev parent reply other threads:[~2015-03-13 12:33 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-13 1:38 [Qemu-devel] [PATCH v2 0/4] exec: Make bounce buffer thread safe Fam Zheng
2015-03-13 1:38 ` [Qemu-devel] [PATCH v2 1/4] exec: Atomic access to bounce buffer Fam Zheng
2015-03-13 8:09 ` Paolo Bonzini
2015-03-13 8:16 ` Fam Zheng
2015-03-13 8:32 ` Paolo Bonzini
2015-03-13 8:38 ` Fam Zheng
2015-03-13 8:41 ` Paolo Bonzini
2015-03-13 1:38 ` [Qemu-devel] [PATCH v2 2/4] exec: Atomic access to map_client_list Fam Zheng
2015-03-13 8:11 ` Paolo Bonzini
2015-03-13 1:38 ` [Qemu-devel] [PATCH v2 3/4] exec: Notify cpu_register_map_client caller if the bounce buffer is available Fam Zheng
2015-03-13 8:12 ` Paolo Bonzini
2015-03-13 1:38 ` [Qemu-devel] [PATCH v2 4/4] dma-helpers: Move reschedule_dma BH to blk's AioContext Fam Zheng
2015-03-13 8:13 ` Paolo Bonzini
2015-03-13 8:58 ` Fam Zheng
2015-03-13 10:48 ` Paolo Bonzini
2015-03-13 12:33 ` Paolo Bonzini [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5502D92A.5070907@redhat.com \
--to=pbonzini@redhat.com \
--cc=famz@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.