On 5/23/22 18:04, Vladimir Sementsov-Ogievskiy wrote:
I have a doubt about how aio_wait_bh_oneshot() works. Exactly, I see
that data->done is not accessed atomically, and doesn't have any barrier
protecting it..
Is following possible:
main-loop iothread
|
aio_wait_bh_oneshot() |
aio_bh_schedule_oneshot() |
| handle bh:
| 1. set data->done = true
| 2. call aio_wait_kick(), inserting the
| dummy bh into main context
|
... in AIO_WAIT_WHILE():
handle dummy bh, go to next
iteration, but still read
data->done=false due to some
processor data reordering,
go to next iteration of polling
and hang
Yes, barriers are missing:
https://lore.kernel.org/qemu-devel/You6FburTi7gVyxy@stefanha-x1.localdomain/T/#md97146c6eae1fce2ddd687fdc3f2215eee03f6f4
It seems like the issue was never observed, at least on x86.
Paolo
