From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([208.118.235.92]:58030) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SyN8n-0000G6-L6 for qemu-devel@nongnu.org; Mon, 06 Aug 2012 09:14:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SyN8i-0003W6-75 for qemu-devel@nongnu.org; Mon, 06 Aug 2012 09:14:37 -0400 Received: from mx1.redhat.com ([209.132.183.28]:28229) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SyN8h-0003W0-W8 for qemu-devel@nongnu.org; Mon, 06 Aug 2012 09:14:32 -0400 Message-ID: <501FC333.1020309@redhat.com> Date: Mon, 06 Aug 2012 16:14:27 +0300 From: Avi Kivity MIME-Version: 1.0 References: <1344257343-11298-1-git-send-email-avi@redhat.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH master/stable] virtio-mlk: fix use-after-free while handling scsi commands List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Stefan Hajnoczi Cc: Kevin Wolf , qemu-devel@nongnu.org On 08/06/2012 04:11 PM, Stefan Hajnoczi wrote: > On Mon, Aug 6, 2012 at 1:49 PM, Avi Kivity wrote: >> The scsi passthrough handler falls through after completing a >> request into the failure path, resulting in a use after free. >> >> Reprducible by running a guest with aio=native on a block device. >> >> Reported-by: Stefan Priebe >> Signed-off-by: Avi Kivity >> --- >> hw/virtio-blk.c | 1 + >> 1 file changed, 1 insertion(+) > > It would be nice to fix up the commit message: > s/virtio-mlk/virtio-blk/ Sorry, an off-by-two. Presumably Kevin will fix it up. > > Reviewed-by: Stefan Hajnoczi > Thanks. -- error compiling committee.c: too many arguments to function