On 2020/6/2 下午1:01, Michael S. Tsirkin wrote:
On Fri, May 29, 2020 at 04:02:58PM +0800, Jason Wang wrote:
diff --git a/drivers/vhost/vhost.c b/drivers/vhost/vhost.c
index d450e16c5c25..70105e045768 100644
--- a/drivers/vhost/vhost.c
+++ b/drivers/vhost/vhost.c
@@ -166,11 +166,16 @@ static int vhost_poll_wakeup(wait_queue_entry_t *wait, unsigned mode, int sync,
void *key)
{
struct vhost_poll *poll = container_of(wait, struct vhost_poll, wait);
+ struct vhost_work *work = &poll->work;
if (!(key_to_poll(key) & poll->mask))
return 0;
- vhost_poll_queue(poll);
+ if (!poll->dev->use_worker)
+ work->fn(work);
+ else
+ vhost_poll_queue(poll);
+
return 0;
}
So a wakeup function wakes up eventfd directly.
What if user supplies e.g. the same eventfd as ioeventfd?
Won't this cause infinite loops?
I'm not sure I get this.
This basically calls handle_vq directly when eventfd is woken up. The
infinite loops can only happen when handle_vq() tries to write to
ioeventfd itslef which should be a bug of the device.
Thanks
