|
| From: | Alexander Graf |
| Subject: | Re: [Qemu-devel] ahci: crash after duplicate bh registration |
| Date: | Mon, 09 May 2011 16:12:56 +0200 |
| User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101206 SUSE/3.1.7 Thunderbird/3.1.7 |
On 05/08/2011 09:10 PM, Jan Kiszka wrote:
Hi Alex, I've seen crashes caused by ahci_check_cmd_bh unregistering a NULL bh. It looks like ahci_dma_set_inactive can a called while there is already a bh hanging around. Patch below cures the issue, but I have no clue if such an invocation order is valid at all.
It's certainly guest triggerable, so yes, let's check here. Acked-by: Alexander Graf <address@hidden> Alex
Jan
---
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index e2ed2ad..7870030 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -1066,9 +1066,11 @@ static int ahci_dma_set_inactive(IDEDMA *dma)
ad->dma_cb = NULL;
- /* maybe we still have something to process, check later */
- ad->check_bh = qemu_bh_new(ahci_check_cmd_bh, ad);
- qemu_bh_schedule(ad->check_bh);
+ if (!ad->check_bh) {
+ /* maybe we still have something to process, check later */
+ ad->check_bh = qemu_bh_new(ahci_check_cmd_bh, ad);
+ qemu_bh_schedule(ad->check_bh);
+ }
return 0;
}
| [Prev in Thread] | Current Thread | [Next in Thread] |