On Thu, Nov 10, 2016 at 04:27:50PM +0100, Paolo Bonzini wrote:
> Commit 8cc4678 ("megasas: remove useless check for cmd->frame", 2016-07-17)
> was
> wrong because I trusted Coverity too much. It turns out that there _is_ a
> path through which cmd->frame can become NULL. After megasas_handle_frame's
> switch (md->frame->header.frame_cmd), megasas_init_firmware can be called.
> From there, megasas_reset_frames will call megasas_unmap_frame which resets
> cmd->frame = NULL.
>
> However, there is another bug to fix in there, because megasas_unmap_frame
> is called again after setting the command status. In this case QEMU should
> not do anything, instead it calls pci_dma_unmap again. Harmless, but
> better fix it.
>
> Signed-off-by: Paolo Bonzini <[email protected]>
> ---
> hw/scsi/megasas.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)Reviewed-by: Stefan Hajnoczi <[email protected]>
signature.asc
Description: PGP signature
