diff options
| author | Paolo Bonzini <pbonzini@redhat.com> | 2011-10-25 12:53:33 +0200 |
|---|---|---|
| committer | Kevin Wolf <kwolf@redhat.com> | 2011-10-28 19:25:52 +0200 |
| commit | e88c591d63ed1bc8520f4f276bebd77c22e4ec72 (patch) | |
| tree | 5c12cbd48d40a4f27a7ea04dd4a2b04ef1485e8a | |
| parent | 63db0f0eee3c0b2cc3a06b36daf50c4e7801ea1b (diff) | |
scsi: do not call transfer_data after canceling a request
Otherwise, if cancellation is "faked" by the AIO layer and goes
through qemu_aio_flush, the whole request is completed synchronously
during scsi_req_cancel.
Using the enqueued flag would work here, but not in the next patches,
so I'm introducing a new io_canceled flag. That's because scsi_req_data
is a synchronous callback and the enqueued flag might be reset by the
time it returns. scsi-disk cannot unref the request until after calling
scsi_req_data.
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
| -rw-r--r-- | hw/scsi-bus.c | 23 | ||||
| -rw-r--r-- | hw/scsi.h | 1 | ||||
| -rw-r--r-- | trace-events | 1 |
3 files changed, 21 insertions, 4 deletions
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c index 3cf571eea4..dfce5fbeeb 100644 --- a/hw/scsi-bus.c +++ b/hw/scsi-bus.c @@ -1107,8 +1107,12 @@ void scsi_req_continue(SCSIRequest *req) Once it completes, calling scsi_req_continue will restart I/O. */ void scsi_req_data(SCSIRequest *req, int len) { - trace_scsi_req_data(req->dev->id, req->lun, req->tag, len); - req->bus->info->transfer_data(req, len); + if (req->io_canceled) { + trace_scsi_req_data_canceled(req->dev->id, req->lun, req->tag, len); + } else { + trace_scsi_req_data(req->dev->id, req->lun, req->tag, len); + req->bus->info->transfer_data(req, len); + } } void scsi_req_print(SCSIRequest *req) @@ -1173,11 +1177,15 @@ void scsi_req_complete(SCSIRequest *req, int status) void scsi_req_cancel(SCSIRequest *req) { - if (req->ops->cancel_io) { - req->ops->cancel_io(req); + if (!req->enqueued) { + return; } scsi_req_ref(req); scsi_req_dequeue(req); + req->io_canceled = true; + if (req->ops->cancel_io) { + req->ops->cancel_io(req); + } if (req->bus->info->cancel) { req->bus->info->cancel(req); } @@ -1186,10 +1194,17 @@ void scsi_req_cancel(SCSIRequest *req) void scsi_req_abort(SCSIRequest *req, int status) { + if (!req->enqueued) { + return; + } + scsi_req_ref(req); + scsi_req_dequeue(req); + req->io_canceled = true; if (req->ops->cancel_io) { req->ops->cancel_io(req); } scsi_req_complete(req, status); + scsi_req_unref(req); } void scsi_device_purge_requests(SCSIDevice *sdev, SCSISense sense) @@ -51,6 +51,7 @@ struct SCSIRequest { uint8_t sense[SCSI_SENSE_BUF_SIZE]; uint32_t sense_len; bool enqueued; + bool io_canceled; void *hba_private; QTAILQ_ENTRY(SCSIRequest) next; }; diff --git a/trace-events b/trace-events index a8880550b2..56443af727 100644 --- a/trace-events +++ b/trace-events @@ -278,6 +278,7 @@ usb_host_claim_port(int bus, int hub, int port) "bus %d, hub addr %d, port %d" # hw/scsi-bus.c scsi_req_alloc(int target, int lun, int tag) "target %d lun %d tag %d" scsi_req_data(int target, int lun, int tag, int len) "target %d lun %d tag %d len %d" +scsi_req_data_canceled(int target, int lun, int tag, int len) "target %d lun %d tag %d len %d" scsi_req_dequeue(int target, int lun, int tag) "target %d lun %d tag %d" scsi_req_continue(int target, int lun, int tag) "target %d lun %d tag %d" scsi_req_parsed(int target, int lun, int tag, int cmd, int mode, int xfer) "target %d lun %d tag %d command %d dir %d length %d" |