From 4d3c9646213bdf992af4e28eaf0d57610eb79fec Mon Sep 17 00:00:00 2001

From: John Snow <jsnow@redhat.com>

Date: Thu, 29 Sep 2016 00:02:14 +0200

Subject: [PATCH 1/3] ide: fix halted IO segfault at reset

RH-Author: John Snow <jsnow@redhat.com>

Message-id: <1475107334-14972-2-git-send-email-jsnow@redhat.com>

Patchwork-id: 72436

O-Subject: [RHEL-7.3.z qemu-kvm PATCH 1/1] ide: fix halted IO segfault at reset

Bugzilla: 1393042

RH-Acked-by: Laszlo Ersek <lersek@redhat.com>

RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>

RH-Acked-by: Markus Armbruster <armbru@redhat.com>

If one attempts to perform a system_reset after a failed IO request

that causes the VM to enter a paused state, QEMU will segfault trying

to free up the pending IO requests.

These requests have already been completed and freed, though, so all

we need to do is NULL them before we enter the paused state.

Existing AHCI tests verify that halted requests are still resumed

successfully after a STOP event.

Analyzed-by: Laszlo Ersek <lersek@redhat.com>

Reviewed-by: Laszlo Ersek <lersek@redhat.com>

Signed-off-by: John Snow <jsnow@redhat.com>

Message-id: 1469635201-11918-2-git-send-email-jsnow@redhat.com

Signed-off-by: John Snow <jsnow@redhat.com>

(cherry picked from commit 87ac25fd1fed05a30a93d27dbeb2a4c4b83ec95f)

Signed-off-by: John Snow <jsnow@redhat.com>

Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>

Conflicts:

  hw/ide/core.c: Context and formatting of handle_rw_error

---

 hw/ide/core.c | 1 +

 1 file changed, 1 insertion(+)

diff --git a/hw/ide/core.c b/hw/ide/core.c

index 5d40093..5c33735 100644

--- a/hw/ide/core.c

+++ b/hw/ide/core.c

@@ -658,6 +658,7 @@ void ide_dma_cb(void *opaque, int ret)

             op |= BM_STATUS_RETRY_TRIM;

         if (ide_handle_rw_error(s, -ret, op)) {

+            s->bus->dma->aiocb = NULL;

             return;

         }

     }

-- 

1.8.3.1