Hi Alex, I've seen crashes caused by ahci_check_cmd_bh unregistering a NULL bh. It looks like ahci_dma_set_inactive can a called while there is already a bh hanging around. Patch below cures the issue, but I have no clue if such an invocation order is valid at all.
Jan
---
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index e2ed2ad..7870030 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -1066,9 +1066,11 @@ static int ahci_dma_set_inactive(IDEDMA *dma)
ad->dma_cb = NULL;
- /* maybe we still have something to process, check later */
- ad->check_bh = qemu_bh_new(ahci_check_cmd_bh, ad);
- qemu_bh_schedule(ad->check_bh);
+ if (!ad->check_bh) {
+ /* maybe we still have something to process, check later */
+ ad->check_bh = qemu_bh_new(ahci_check_cmd_bh, ad);
+ qemu_bh_schedule(ad->check_bh);
+ }
return 0;
}
signature.asc
Description: OpenPGP digital signature
