Re: [Qemu-devel] [Qemu-block] [PATCH] Fix Guest VM crash due to iSCSI Sense Key error

[John Snow]

On 7/11/19 8:24 AM, Stefan Hajnoczi wrote:
> On Sun, Jul 07, 2019 at 07:55:03PM -0700, address@hidden wrote:
> 
> Reviewed-by: Stefan Hajnoczi <address@hidden>
> 
> CCing John Snow, IDE maintainer.
> 
> You can use scripts/get_maintainer.pl -f hw/ide/core.c to find out who
> to send patches to.
> 
> Stefan
> 

ACK, I'll investigate this for the next rc.

--js

>> From: Shaju Abraham <address@hidden>
>>
>> During the  IDE DMA transfer for a ISCSI target,when libiscsi encounters
>> a SENSE KEY error, it sets the task->sense to  the value "COMMAND ABORTED".
>> The function iscsi_translate_sense() later translaters this error to 
>> -ECANCELED
>> and this value is passed to the callback function. In the case of  IDE DMA 
>> read
>> or write, the callback function returns immediately if the value of the ret
>> argument is -ECANCELED.
>> Later when ide_cancel_dma_sync() function is invoked  the assertion
>> "s->bus->dma->aiocb == ((void *)0)" fails and the qemu process gets 
>> terminated.
>> Fix the issue by making the value of s->bus->dma->aiocb = NULL when
>> -ECANCELED is passed to the callback.
>>
>> Signed-off-by: Shaju Abraham <address@hidden>
>> ---
>>  hw/ide/core.c | 1 +
>>  1 file changed, 1 insertion(+)
>>
>> diff --git a/hw/ide/core.c b/hw/ide/core.c
>> index 6afadf8..78ea357 100644
>> --- a/hw/ide/core.c
>> +++ b/hw/ide/core.c
>> @@ -841,6 +841,7 @@ static void ide_dma_cb(void *opaque, int ret)
>>      bool stay_active = false;
>>  
>>      if (ret == -ECANCELED) {
>> +        s->bus->dma->aiocb = NULL;
>>          return;
>>      }
>>  
>> -- 
>> 1.9.4
>>
>>

-- 
—js