| Message ID | 20230830114942.449060-6-stefanha@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [PULL,v3,1/5] block-migration: Ensure we don't crash during migration cleanup | expand |
diff --git a/util/fdmon-io_uring.c b/util/fdmon-io_uring.c index 17ec18b7bd..16054c5ede 100644 --- a/util/fdmon-io_uring.c +++ b/util/fdmon-io_uring.c @@ -184,6 +184,7 @@ static void add_poll_remove_sqe(AioContext *ctx, AioHandler *node) #else io_uring_prep_poll_remove(sqe, node); #endif + io_uring_sqe_set_data(sqe, NULL); } /* Add a timeout that self-cancels when another cqe becomes ready */ @@ -197,6 +198,7 @@ static void add_timeout_sqe(AioContext *ctx, int64_t ns) sqe = get_sqe(ctx); io_uring_prep_timeout(sqe, &ts, 1, 0); + io_uring_sqe_set_data(sqe, NULL); } /* Add sqes from ctx->submit_list for submission */
liburing does not clear sqe->user_data. We must do it ourselves to avoid undefined behavior in process_cqe() when user_data is used. Note that fdmon-io_uring is currently disabled, so this is a latent bug that does not affect users. Let's merge this fix now to make it easier to enable fdmon-io_uring in the future (and I'm working on that). Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> Message-ID: <20230426212639.82310-1-stefanha@redhat.com> --- util/fdmon-io_uring.c | 2 ++ 1 file changed, 2 insertions(+)