From: Anthony Liguori <anthony@codemonkey.ws>
To: qemu-devel@nongnu.org
Cc: Christoph Hellwig <hch@infradead.org>
Subject: Re: [Qemu-devel] [PATCH 3/5] push down vector linearization to posix-aio-compat.c
Date: Sun, 29 Mar 2009 16:44:31 -0500 [thread overview]
Message-ID: <49CFEBBF.4030408@codemonkey.ws> (raw)
In-Reply-To: <20090329212152.GA4498@lst.de>
Christoph Hellwig wrote:
> On Sun, Mar 29, 2009 at 04:01:26PM -0500, Anthony Liguori wrote:
>
>> This bug is not limited to win32 though. It has to do with having a
>> backend disk format that does not provide a proper aio implement (which
>> suggests your new brv_aio_{readv,writev}_em at fault). You can
>> reproduce on a normal Linux build by converting an existing image to a
>> format like vmdk and then testing with that. It's not 100% reliable but
>> 9 times out of 10 I don't get past the grub loader with this patch applied.
>>
>
> This bug? I did test cow, vmdk and vpc and can't reproduce it. By
> inspection I can find a use after free in bdrv_aio_bh_cb, though
>
I assume you mean this. I've confirmed that with this fix, it now works
with win32 and vmdk on Linux. It doesn't get triggered unless you're
bouncing in block.c which won't happen unless you have a driver that
doesn't support the aio functions. That's why I couldn't reproduce it
without vmdk on Linux.
diff --git a/block.c b/block.c
index b41e421..49c38c1 100644
--- a/block.c
+++ b/block.c
@@ -1334,12 +1334,12 @@ static void bdrv_aio_bh_cb(void *opaque)
{
BlockDriverAIOCBSync *acb = opaque;
- qemu_vfree(acb->bounce);
-
if (!acb->is_write)
qemu_iovec_from_buffer(acb->qiov, acb->bounce, acb->qiov->size);
acb->common.cb(acb->common.opaque, acb->ret);
+ qemu_vfree(acb->bounce);
+
qemu_aio_release(acb);
}
> Will repost the whole series, the win32 aio removal and some
> recent scsi-disk commits caused a whole lot of rejects..
>
Just two and I've fixed them locally but I can wait for you to resubmit
if you'd like.
Regards,
Anthony Liguori
next prev parent reply other threads:[~2009-03-29 21:44 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-03-29 19:53 [Qemu-devel] [PATCH 0/5] add real vectored block I/O support Christoph Hellwig
2009-03-29 19:54 ` [Qemu-devel] [PATCH 1/5] more BlockDriver C99 initializers Christoph Hellwig
2009-03-29 19:54 ` [Qemu-devel] [PATCH 2/5] remove bdrv_aio_read/bdrv_aio_write Christoph Hellwig
2009-03-29 19:54 ` [Qemu-devel] [PATCH 3/5] push down vector linearization to posix-aio-compat.c Christoph Hellwig
2009-03-29 21:01 ` Anthony Liguori
2009-03-29 21:21 ` Christoph Hellwig
2009-03-29 21:44 ` Anthony Liguori [this message]
2009-03-30 6:57 ` Christoph Hellwig
2009-03-29 19:55 ` [Qemu-devel] [PATCH 4/5] native preadv/pwritev support Christoph Hellwig
2009-03-29 19:55 ` [Qemu-devel] [PATCH 5/5] experimental native preadv/pwritev support for Linux Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=49CFEBBF.4030408@codemonkey.ws \
--to=anthony@codemonkey.ws \
--cc=hch@infradead.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).