On Fri, Feb 10, 2023 at 09:32:36AM -0500, Stefan Hajnoczi wrote: > If requests are being processed in the IOThread when a SCSIDevice is > unplugged, scsi_device_purge_requests() -> scsi_req_cancel_async() races > with I/O completion callbacks. Both threads load and store req->aiocb. > This can lead to assert(r->req.aiocb == NULL) failures and undefined > behavior. > > Protect r->req.aiocb with the AioContext lock to prevent the race.
I understand that we're trying to get rid of this lock down the road, but until then, properly using it to guard things is appropriate. Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
