* [Qemu-devel] [PATCH] AIO deletion race fix
@ 2009-05-06 0:58 alex
0 siblings, 0 replies; only message in thread
From: alex @ 2009-05-06 0:58 UTC (permalink / raw)
To: qemu-devel; +Cc: Alexander Graf
From: Alexander Graf <alex@csgraf.de>
When deleting an fd event there is a chance the object doesn't get
deleted, but only ->deleted set positive and deleted somewhere later.
Now, if we create a handler for the fd again before the actual
deletion occurs, we end up writing data into an object that has
->deleted set, which is obviously wrong.
I see two ways to fix this:
1. Don't return ->deleted objects in the search
2. Unset ->deleted in the search
This patch implements 1. which feels safer to do. It fixes AIO issues
I've seen with curl, as libcurl unsets fd event listeners pretty
frequently.
Signed-off-by: Alexander Graf <alex@csgraf.de>
---
aio.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/aio.c b/aio.c
index 200320c..11fbb6c 100644
--- a/aio.c
+++ b/aio.c
@@ -44,7 +44,8 @@ static AioHandler *find_aio_handler(int fd)
LIST_FOREACH(node, &aio_handlers, node) {
if (node->fd == fd)
- return node;
+ if (!node->deleted)
+ return node;
}
return NULL;
--
1.6.0.2
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2009-05-06 0:58 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-05-06 0:58 [Qemu-devel] [PATCH] AIO deletion race fix alex
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).