diff options
| author | John Snow <jsnow@redhat.com> | 2016-09-26 14:33:37 -0400 |
|---|---|---|
| committer | John Snow <jsnow@redhat.com> | 2016-09-29 15:50:29 -0400 |
| commit | df403bc58859c893ebd0accda07678e84d15dc5d (patch) | |
| tree | e4956eeeacb379cf3bc58a60c811bbfa8fb59bb1 | |
| parent | 9da82227caa74fb6fbea224dad91fe5b7cc115a5 (diff) | |
| download | focaccia-qemu-df403bc58859c893ebd0accda07678e84d15dc5d.tar.gz focaccia-qemu-df403bc58859c893ebd0accda07678e84d15dc5d.zip | |
ahci: clear aiocb in ncq_cb
Similar to existing fixes for IDE (87ac25fd) and ATAPI (7f951b2d), the AIOCB must be cleared in the callback. Otherwise, we may accidentally try to reset a dangling pointer in bdrv_aio_cancel() from a port reset. Signed-off-by: John Snow <jsnow@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-id: 1474575040-32079-2-git-send-email-jsnow@redhat.com Signed-off-by: John Snow <jsnow@redhat.com>
| -rw-r--r-- | hw/ide/ahci.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c index f3438ad78a..63ead21047 100644 --- a/hw/ide/ahci.c +++ b/hw/ide/ahci.c @@ -948,6 +948,7 @@ static void ncq_cb(void *opaque, int ret) NCQTransferState *ncq_tfs = (NCQTransferState *)opaque; IDEState *ide_state = &ncq_tfs->drive->port.ifs[0]; + ncq_tfs->aiocb = NULL; if (ret == -ECANCELED) { return; } |