[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [regression] qemu-system-arm: segfault in lsi_do_comman
|
From: |
Paolo Bonzini |
|
Subject: |
Re: [Qemu-devel] [regression] qemu-system-arm: segfault in lsi_do_command |
|
Date: |
Mon, 16 May 2011 18:26:40 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110428 Fedora/3.1.10-1.fc14 Lightning/1.0b3pre Mnenhy/0.8.3 Thunderbird/3.1.10 |
On 05/16/2011 05:58 PM, Kevin Wolf wrote:
> Thanks. Still doesn't make much sense to me, the patch shouldn't change
> anything with respect to a malloc, but I can reproduce a segfault now. I
> think I'll have a closer look tomorrow.
This fixes it on top of my SCSI refactoring series. Should I send v3
with this one squashed in appropriately? Or should this be sent later?
Paolo
diff --git a/hw/scsi-bus.c b/hw/scsi-bus.c
index 2f0ffda..57cfc87 100644
--- a/hw/scsi-bus.c
+++ b/hw/scsi-bus.c
@@ -167,11 +167,17 @@ int scsi_req_get_sense(SCSIRequest *req, uint8_t *buf,
int len)
int32_t scsi_req_enqueue(SCSIRequest *req, uint8_t *buf)
{
+ int32_t rc;
assert(!req->enqueued);
scsi_req_ref(req);
req->enqueued = true;
QTAILQ_INSERT_TAIL(&req->dev->requests, req, next);
- return req->dev->info->send_command(req, buf);
+
+ /* Make sure the request doesn't disappear under send_command's feet. */
+ scsi_req_ref(req);
+ rc = req->dev->info->send_command(req, buf);
+ scsi_req_unref(req);
+ return rc;
}
static void scsi_req_dequeue(SCSIRequest *req)