> -void scsi_req_enqueue(SCSIRequest *req)
> +int32_t scsi_req_enqueue(SCSIRequest *req, uint8_t *buf)
> {
> + int32_t rc;
> assert(!req->enqueued);
> scsi_req_ref(req);
> req->enqueued = true;
> QTAILQ_INSERT_TAIL(&req->dev->requests, req, next);
> +
> + /* Make sure the request doesn't disappear under send_command's feet. */
> + scsi_req_ref(req);
> + rc = req->dev->info->send_command(req, buf);
> + scsi_req_unref(req);
> + return rc;
How would it disappear given that we grabbed another reference just before?
That probably needs a bit more documentation here. Also why not move
the two scsi_req_ref calls together?
