On Tue, Nov 22, 2022 at 09:13:44AM +0100, Klaus Jensen wrote:
> There are several bugs in the async cancel code for the Format command.
>
> Firstly, cancelling a format operation neglects to set iocb->ret as well
> as clearing the iocb->aiocb after cancelling the underlying aiocb which
> causes the aio callback to ignore the cancellation. Trivial fix.
>
> Secondly, and worse, because the request is queued up for posting to the
> CQ in a bottom half, if the cancellation is due to the submission queue
> being deleted (which calls blk_aio_cancel), the req structure is
> deallocated in nvme_del_sq prior to the bottom half being schedulued.
>
> Fix this by simply removing the bottom half, there is no reason to defer
> it anyway.
I thought for sure I'd find a reason defered execution was needed, but
hey, it looks perfectly fine with this change!
> diff --git a/hw/nvme/ctrl.c b/hw/nvme/ctrl.c
> index ac3885ce5079..26b53469328f 100644
> --- a/hw/nvme/ctrl.c
> +++ b/hw/nvme/ctrl.c
> @@ -5756,14 +5756,15 @@ typedef struct NvmeFormatAIOCB {
> uint8_t pil;
> } NvmeFormatAIOCB;
I think you can remove the QEMUBH member from the above struct with this
patch.
Otherwise looks good.
Reviewed-by: Keith Busch <kbu...@kernel.org>
