From patchwork Tue May  4 12:21:00 2010
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [2/5] scsi-disk: Clear aiocb on read completion
Date: Tue, 04 May 2010 02:21:00 -0000
From: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 51600
Message-Id: <64ac8e0ff33ae4162b4b3e5f0e8a7ad035f4e364.1272975660.git.jan.kiszka@siemens.com>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: qemu-devel@nongnu.org, Gerd Hoffmann <kraxel@redhat.com>

Once the I/O completion callback returned, aiocb will be released by the
controller. So we have to clear the reference not only in
scsi_write_complete, but also in scsi_read_complete. Otherwise we risk
inconsistencies when a reset hits us before the related request is
released.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>

---
hw/scsi-disk.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index b8d805f..4d20919 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -125,6 +125,8 @@ static void scsi_read_complete(void * opaque, int ret)
 {
     SCSIDiskReq *r = (SCSIDiskReq *)opaque;
 
+    r->req.aiocb = NULL;
+
     if (ret) {
         DPRINTF("IO error\n");
         r->req.bus->complete(r->req.bus, SCSI_REASON_DATA, r->req.tag, 0);