Commit df403bc5 authored by John Snow's avatar John Snow
Browse files

ahci: clear aiocb in ncq_cb 



Similar to existing fixes for IDE (87ac25fd) and ATAPI (7f951b2d), the
AIOCB must be cleared in the callback. Otherwise, we may accidentally
try to reset a dangling pointer in bdrv_aio_cancel() from a port reset.

Signed-off-by: default avatarJohn Snow <jsnow@redhat.com>
Reviewed-by: default avatarStefan Hajnoczi <stefanha@redhat.com>
Message-id: 1474575040-32079-2-git-send-email-jsnow@redhat.com
Signed-off-by: default avatarJohn Snow <jsnow@redhat.com>
parent 9da82227

hw/ide/ahci.c

+1 −0
Original line number Diff line number Diff line
@@ -948,6 +948,7 @@ static void ncq_cb(void *opaque, int ret) 
    NCQTransferState *ncq_tfs = (NCQTransferState *)opaque;

    IDEState *ide_state = &ncq_tfs->drive->port.ifs[0];



    ncq_tfs->aiocb = NULL;

    if (ret == -ECANCELED) {

        return;

    }