From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:37451)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1TVMCc-0002lN-0x
	for qemu-devel@nongnu.org; Mon, 05 Nov 2012 07:54:59 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1TVMCa-0000ym-UO
	for qemu-devel@nongnu.org; Mon, 05 Nov 2012 07:54:53 -0500
Received: from mail-wi0-f181.google.com ([209.85.212.181]:60261)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <paolo.bonzini@gmail.com>) id 1TVMCa-0000yR-NN
	for qemu-devel@nongnu.org; Mon, 05 Nov 2012 07:54:52 -0500
Received: by mail-wi0-f181.google.com with SMTP id hq12so2335049wib.10
	for <qemu-devel@nongnu.org>; Mon, 05 Nov 2012 04:54:51 -0800 (PST)
Sender: Paolo Bonzini <paolo.bonzini@gmail.com>
Message-ID: <5097B719.9040504@redhat.com>
Date: Mon, 05 Nov 2012 13:54:49 +0100
From: Paolo Bonzini <pbonzini@redhat.com>
MIME-Version: 1.0
References: <5096415A.2000202@wiesinger.com>
In-Reply-To: <5096415A.2000202@wiesinger.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] XP install cores with SCSI LSI 53C895A disks -
	follow up
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Gerhard Wiesinger <lists@wiesinger.com>
Cc: qemu-devel@nongnu.org

Il 04/11/2012 11:20, Gerhard Wiesinger ha scritto:
> Hello,
> 
> Clean XP install cores with SCSI LSI 53C89A disk when copying files.
> Isn't on the same file, so looks like a timing problem. Reproduceable.
> Driver used is sym_hi. Details are below.

Hmm, why is XP resetting the HBA while copying files?  Can you get
logging output when compiling with hw/lsi53c895a.c with DEBUG_LSI defined?

> See also:
> https://lists.gnu.org/archive/html/qemu-devel/2012-03/msg00523.html
> 
> Looks like problem is from Paolo's commit:
> 2f0772c5b4818d4b2078be9dace0036d1030faee
> qemu-system-x86_64: hw/lsi53c895a.c:351: lsi_soft_reset: Assertion
> `((&s->queue)->tqh_first == ((void *)0))' failed.
> 
> So SCSI queue isn't empty (was an assumption and asserted), so
> qdev_reset_all(&s->dev.qdev); might not work or some other timing
> related issues.

Even before that commit, it probably would result in a use-after-free or
similar problem.

Thanks!

Paolo