From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:53127)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jsnow@redhat.com>) id 1bSPr4-0001cH-94
	for qemu-devel@nongnu.org; Wed, 27 Jul 2016 10:30:42 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jsnow@redhat.com>) id 1bSPr3-0005q7-97
	for qemu-devel@nongnu.org; Wed, 27 Jul 2016 10:30:38 -0400
References: <1469570853-19770-1-git-send-email-jsnow@redhat.com>
	<1469570853-19770-2-git-send-email-jsnow@redhat.com>
	<24b05955-3a46-5af9-6c49-2870a3cbad89@redhat.com>
From: John Snow <jsnow@redhat.com>
Message-ID: <7ae5475d-dd2f-a794-3f08-a897e5765411@redhat.com>
Date: Wed, 27 Jul 2016 10:30:25 -0400
MIME-Version: 1.0
In-Reply-To: <24b05955-3a46-5af9-6c49-2870a3cbad89@redhat.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH for-2.7 1/1] ide: fix halted IO segfault at
 reset
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Laszlo Ersek <lersek@redhat.com>, qemu-block@nongnu.org
Cc: pbonzini@redhat.com, mreitz@redhat.com, qemu-devel@nongnu.org, armbru@redhat.com



On 07/27/2016 09:04 AM, Laszlo Ersek wrote:
> On 07/27/16 00:07, John Snow wrote:
>> If one attempts to perform a system_reset after a failed IO request
>> that causes the VM to enter a paused state, QEMU will segfault trying
>> to free up the pending IO requests.
>>
>> These requests have already been completed and freed, though, so all
>> we need to do is free them before we enter the paused state.
>>

s|free them|null them| ... will fix on commit.

>> Existing AHCI tests verify that halted requests are still resumed
>> successfully after a STOP event.
>>
>> Signed-off-by: John Snow <jsnow@redhat.com>
>> ---
>>  hw/ide/core.c | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/hw/ide/core.c b/hw/ide/core.c
>> index 081c9eb..d117b7c 100644
>> --- a/hw/ide/core.c
>> +++ b/hw/ide/core.c
>> @@ -823,6 +823,7 @@ static void ide_dma_cb(void *opaque, int ret)
>>      }
>>      if (ret < 0) {
>>          if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) {
>> +            s->bus->dma->aiocb = NULL;
>>              return;
>>          }
>>      }
>>
> 
> Reviewed-by: Laszlo Ersek <lersek@redhat.com>
> 
> Should this be a candidate for 2.6 stable?
> 
> Thanks
> Laszlo
> 

You're right. I'll do a [RESEND] to -stable, thanks.

And since I neglected to mention it in the commit message, thanks to
Laszlo Ersek here for an excellent diagnostic on the cause of the segfault.

--js