From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36498) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1boajI-0001zB-8w for qemu-devel@nongnu.org; Mon, 26 Sep 2016 14:34:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1boajG-0003ns-72 for qemu-devel@nongnu.org; Mon, 26 Sep 2016 14:34:15 -0400 References: <1474575040-32079-1-git-send-email-jsnow@redhat.com> <20160926161040.GA26155@stefanha-x1.localdomain> From: John Snow Message-ID: <40e01e5d-31ff-47c5-a881-7c0d1af57f3d@redhat.com> Date: Mon, 26 Sep 2016 14:34:06 -0400 MIME-Version: 1.0 In-Reply-To: <20160926161040.GA26155@stefanha-x1.localdomain> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [Qemu-block] [PATCH 0/1] ahci: fix ncq aiocb-related segfault List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Stefan Hajnoczi Cc: kwolf@redhat.com, pbonzini@redhat.com, qemu-stable@nongnu.org, qemu-block@nongnu.org, qemu-devel@nongnu.org On 09/26/2016 12:10 PM, Stefan Hajnoczi wrote: > On Thu, Sep 22, 2016 at 04:10:39PM -0400, John Snow wrote: >> Fix ncq_cb to prevent a segfault on sys_reset. >> >> John Snow (1): >> ahci: clear aiocb in ncq_cb >> >> hw/ide/ahci.c | 1 + >> 1 file changed, 1 insertion(+) >> >> -- >> 2.7.4 > > Maybe worth adding as a clarification: > > The issue is when bdrv_aio_cancel() is called after ncq_cb() was already > invoked. The aiocb will be a dangling pointer. > Done. > Reviewed-by: Stefan Hajnoczi > Thanks, applied to my IDE tree: https://github.com/jnsnow/qemu/commits/ide https://github.com/jnsnow/qemu.git --js