Message ID | 1470690267-31454-57-git-send-email-mdroth@linux.vnet.ibm.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Definitely add this one: 7f951b2d7765f68ae1e563c2fed44071ca774790 atapi: fix halted DMA reset And maybe these: 16275edb342342625cd7e7ac2048436474465b50 macio: set res_count value to 0 after non-block ATAPI DMA transfers 5839df7b71540a2af2580bb53ad1e2005bb175e6 ahci: fix sglist leak on retry 9d324b0e67c2b570df389c1361f591b95a4e4278 ahci: free irqs array On 08/08/2016 05:04 PM, Michael Roth wrote: > From: John Snow <jsnow@redhat.com> > > If one attempts to perform a system_reset after a failed IO request > that causes the VM to enter a paused state, QEMU will segfault trying > to free up the pending IO requests. > > These requests have already been completed and freed, though, so all > we need to do is NULL them before we enter the paused state. > > Existing AHCI tests verify that halted requests are still resumed > successfully after a STOP event. > > Analyzed-by: Laszlo Ersek <lersek@redhat.com> > Reviewed-by: Laszlo Ersek <lersek@redhat.com> > Signed-off-by: John Snow <jsnow@redhat.com> > Message-id: 1469635201-11918-2-git-send-email-jsnow@redhat.com > Signed-off-by: John Snow <jsnow@redhat.com> > (cherry picked from commit 87ac25fd1fed05a30a93d27dbeb2a4c4b83ec95f) > Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com> > --- > hw/ide/core.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/hw/ide/core.c b/hw/ide/core.c > index 41e6a2d..e87dc57 100644 > --- a/hw/ide/core.c > +++ b/hw/ide/core.c > @@ -806,6 +806,7 @@ static void ide_dma_cb(void *opaque, int ret) > } > if (ret < 0) { > if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) { > + s->bus->dma->aiocb = NULL; > return; > } > } >
diff --git a/hw/ide/core.c b/hw/ide/core.c index 41e6a2d..e87dc57 100644 --- a/hw/ide/core.c +++ b/hw/ide/core.c @@ -806,6 +806,7 @@ static void ide_dma_cb(void *opaque, int ret) } if (ret < 0) { if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) { + s->bus->dma->aiocb = NULL; return; } }