From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:59523)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rjones@redhat.com>) id 1XbnNL-0007Ii-8N
	for qemu-devel@nongnu.org; Wed, 08 Oct 2014 05:17:43 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <rjones@redhat.com>) id 1XbnNG-0000BX-II
	for qemu-devel@nongnu.org; Wed, 08 Oct 2014 05:17:39 -0400
Received: from mx1.redhat.com ([209.132.183.28]:2200)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <rjones@redhat.com>) id 1XbnNG-0000BP-BM
	for qemu-devel@nongnu.org; Wed, 08 Oct 2014 05:17:34 -0400
Received: from int-mx13.intmail.prod.int.phx2.redhat.com
	(int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26])
	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id s989HXnn025426
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256
	verify=FAIL)
	for <qemu-devel@nongnu.org>; Wed, 8 Oct 2014 05:17:33 -0400
Date: Wed, 8 Oct 2014 10:17:32 +0100
From: "Richard W.M. Jones" <rjones@redhat.com>
Message-ID: <20141008091731.GC1349@redhat.com>
References: <20141007223616.4736.27907.malonedeb@wampee.canonical.com>
	<20141007223616.4736.27907.malonedeb@wampee.canonical.com>
	<543474AC.2050502@redhat.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <543474AC.2050502@redhat.com>
Subject: Re: [Qemu-devel] [Bug 1378554] [NEW] qemu segfault in
 virtio_scsi_handle_cmd_req_submit on ARM 32 bit
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: qemu-devel@nongnu.org

On Wed, Oct 08, 2014 at 01:18:04AM +0200, Paolo Bonzini wrote:
> Does this work:
> 
> diff --git a/hw/scsi/virtio-scsi.c b/hw/scsi/virtio-scsi.c
> index 203e624..c6d4f2e 100644
> --- a/hw/scsi/virtio-scsi.c
> +++ b/hw/scsi/virtio-scsi.c
> @@ -545,11 +545,12 @@ bool virtio_scsi_handle_cmd_req_prepare(VirtIOSCSI *s, VirtIOSCSIReq *req)
>  
>  void virtio_scsi_handle_cmd_req_submit(VirtIOSCSI *s, VirtIOSCSIReq *req)
>  {
> -    if (scsi_req_enqueue(req->sreq)) {
> -        scsi_req_continue(req->sreq);
> +    SCSIRequest *sreq = req->sreq;
> +    bdrv_io_unplug(sreq->dev->conf.bs);
> +    if (scsi_req_enqueue(sreq)) {
> +        scsi_req_continue(sreq);
>      }
> -    bdrv_io_unplug(req->sreq->dev->conf.bs);
> -    scsi_req_unref(req->sreq);
> +    scsi_req_unref(sreq);
>  }
>  
>  static void virtio_scsi_handle_cmd(VirtIODevice *vdev, VirtQueue *vq)
> 
> ?

Yes, that fixes it.

Tested-by: Richard W.M. Jones <rjones@redhat.com>

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW