On 210317 2302, Mark Cave-Ayland wrote: > After issuing a SCSI command the SCSI layer can call the SCSIBusInfo .cancel > callback which resets both current_req and current_dev to NULL. If any data > is left in the transfer buffer (async_len != 0) then the next TI (Transfer > Information) command will attempt to reference the NULL pointer causing a > segfault. > > Buglink: https://bugs.launchpad.net/qemu/+bug/1910723 > Buglink: https://bugs.launchpad.net/qemu/+bug/1909247 > Signed-off-by: Mark Cave-Ayland <mark.cave-ayl...@ilande.co.uk> > ---
Tested-by: Alexander Bulekov <alx...@bu.edu>
