From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MJ5uf-0005mH-4l
	for qemu-devel@nongnu.org; Tue, 23 Jun 2009 09:19:49 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MJ5ua-0005dc-7V
	for qemu-devel@nongnu.org; Tue, 23 Jun 2009 09:19:48 -0400
Received: from [199.232.76.173] (port=42484 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MJ5uZ-0005dJ-Rs
	for qemu-devel@nongnu.org; Tue, 23 Jun 2009 09:19:43 -0400
Received: from mx2.redhat.com ([66.187.237.31]:60767)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <avi@redhat.com>) id 1MJ5uZ-0006Xw-FK
	for qemu-devel@nongnu.org; Tue, 23 Jun 2009 09:19:43 -0400
Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26])
	by mx2.redhat.com (8.13.8/8.13.8) with ESMTP id n5NDJg92013194
	for <qemu-devel@nongnu.org>; Tue, 23 Jun 2009 09:19:42 -0400
From: Avi Kivity <avi@redhat.com>
Date: Tue, 23 Jun 2009 16:20:36 +0300
Message-Id: <1245763236-23464-1-git-send-email-avi@redhat.com>
Subject: [Qemu-devel] [PATCH] block: Clean up after deleting BHs
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Commit 6a7ad299 ("Call qemu_bh_delete at bdrv_aio_bh_cb") deletes emulated
aio bottom halves to prevent endless accumulation.  However, it leaves a
stale ->bh pointer, which is then waited on when the aio is reused.

Zeroing the pointer fixes the issue, allowing vmdk format images to be used.

Signed-off-by: Avi Kivity <avi@redhat.com>
---
 block.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/block.c b/block.c
index aca5a6d..cefbe77 100644
--- a/block.c
+++ b/block.c
@@ -1374,6 +1374,7 @@ static void bdrv_aio_cancel_em(BlockDriverAIOCB *blockacb)
 {
     BlockDriverAIOCBSync *acb = (BlockDriverAIOCBSync *)blockacb;
     qemu_bh_delete(acb->bh);
+    acb->bh = NULL;
     qemu_aio_release(acb);
 }
 
@@ -1391,6 +1392,7 @@ static void bdrv_aio_bh_cb(void *opaque)
     qemu_vfree(acb->bounce);
     acb->common.cb(acb->common.opaque, acb->ret);
     qemu_bh_delete(acb->bh);
+    acb->bh = NULL;
     qemu_aio_release(acb);
 }
 
-- 
1.6.2.2