From f64ca42ce16a0df89d4abba838d00ea7bc7e4da9 Mon Sep 17 00:00:00 2001
From: Jeffrey Cody <jcody@redhat.com>
Date: Thu, 30 Nov 2017 22:49:11 +0100
Subject: [PATCH 07/21] blockjob: Remove the job from the list earlier in
 block_job_unref()

RH-Author: Jeffrey Cody <jcody@redhat.com>
Message-id: <8fc0c61d51c41fdde7d809502e5025371f89c4c7.1511985875.git.jcody@redhat.com>
Patchwork-id: 78045
O-Subject: [RHV7.5 qemu-kvm-rhev PATCH 07/11] blockjob: Remove the job from the list earlier in block_job_unref()
Bugzilla: 1506531
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
RH-Acked-by: Stefan Hajnoczi <stefanha@redhat.com>
RH-Acked-by: John Snow <jsnow@redhat.com>

From: Alberto Garcia <berto@igalia.com>

When destroying a block job in block_job_unref() we should remove it
from the job list before calling block_job_remove_all_bdrv().

This is because removing the BDSs can trigger an aio_poll() and wake
up other jobs that might attempt to use the block job list. If that
happens the job we're currently destroying should not be in that list
anymore.

Signed-off-by: Alberto Garcia <berto@igalia.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
(cherry picked from commit 0a3e155f3f5ec9b6f12d00894c7701b3cbb66590)
Signed-off-by: Jeff Cody <jcody@redhat.com>
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
 blockjob.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/blockjob.c b/blockjob.c
index c3cf9a2..2509bba 100644
--- a/blockjob.c
+++ b/blockjob.c
@@ -152,6 +152,7 @@ void block_job_unref(BlockJob *job)
 {
     if (--job->refcnt == 0) {
         BlockDriverState *bs = blk_bs(job->blk);
+        QLIST_REMOVE(job, job_list);
         bs->job = NULL;
         block_job_remove_all_bdrv(job);
         blk_remove_aio_context_notifier(job->blk,
@@ -160,7 +161,6 @@ void block_job_unref(BlockJob *job)
         blk_unref(job->blk);
         error_free(job->blocker);
         g_free(job->id);
-        QLIST_REMOVE(job, job_list);
         g_free(job);
     }
 }
-- 
1.8.3.1