On Tue, Aug 08, 2017 at 01:57:07PM -0400, John Snow wrote: > Patches one and two here are a 2.10 bandaid that avoids a crash. > Patches three and four are a more comprehensive fix as written by > Kevin in another discussion and are being posted here for the sake > of a discussion. > > Patch three as written causes hangs in iotests 20, 39, 97, 98, 129, > 153, 176, and 185. 124 actually segfaults. > > For the purposes of 2.10, we'll likely just want patches 1 and 2 > for now. > > The problem in a nutshell: incrementing the in-flight counter of the > BDS from the BB layer assumes that every BB always has a BDS. That's > not true; and some devices like IDE have not in the past checked to > see if a given blk_ operation WOULD fail. > > This culminates in a new regression where issuing a cache flush to a > CDROM (which is, for some reason, specification valid) will crash QEMU > due to a null dereference when attempting to atomically increment that > backend's in-flight counter. > > John Snow (1): > IDE: Do not flush empty CDROM drives > > Kevin Wolf (3): > IDE: test flush on empty CDROM > block-backend: shift in-flight counter to BB from BDS > block-backend: test flush op on empty backend > > block.c | 2 +- > block/block-backend.c | 40 +++++++++++++++++++++++++----- > hw/ide/core.c | 11 +++++--- > tests/Makefile.include | 2 ++ > tests/ide-test.c | 19 ++++++++++++++ > tests/test-block-backend.c | 62 > ++++++++++++++++++++++++++++++++++++++++++++++ > 6 files changed, 125 insertions(+), 11 deletions(-) > create mode 100644 tests/test-block-backend.c
John will be offline until Monday. I'm sending a new patch series for 2.10 with updated versions of Patch 1 & 2. Stefan
signature.asc
Description: PGP signature