the blk_drain_all() that is executed if the guest issues a DMA cancel leads to a stuck main loop if the storage backend (e.g. a NFS share) is unresponsive.
This scenario is a common case for CDROM images mounted from an NFS share. In this case a broken NFS server can take down the whole VM even if the mounted CDROM is not used and was just not unmounted after usage. This approach avoids the blk_drain_all for read-only media and cancelles the AIO locally and makes the callback a NOP if the original request is completed after the NFS share is responsive again. Peter Lieven (2): block/io: allow AIOCB without callback ide/atapi: partially avoid deadlock if the storage backend is dead block/io.c | 8 ++++++-- hw/ide/pci.c | 32 ++++++++++++++++++-------------- 2 files changed, 24 insertions(+), 16 deletions(-) -- 1.9.1