From: John Snow <jsnow@redhat.com>
To: qemu-devel@nongnu.org
Cc: jsnow@redhat.com, peter.maydell@linaro.org,
qemu-stable <qemu-stable@nongnu.org>
Subject: [Qemu-devel] [PULL 02/30] ahci: fix PxCI register race
Date: Fri, 8 Jun 2018 13:47:05 -0400 [thread overview]
Message-ID: <20180608174733.4936-3-jsnow@redhat.com> (raw)
In-Reply-To: <20180608174733.4936-1-jsnow@redhat.com>
Fixes: https://bugs.launchpad.net/qemu/+bug/1769189
AHCI presently signals completion prior to the PxCI register being
cleared to indicate completion. If a guest driver attempts to issue
a new command in its IRQ handler, it might be surprised to learn there
is still a command pending.
In the case of Windows 10's boot driver, it will actually poll the IRQ
register hoping to find out when the command is done running -- which
will never happen, as there isn't a command running.
Fix this: clear PxCI in ahci_cmd_done and not in the asynchronous BH.
Because it now runs synchronously, we don't need to check if the command
is actually done by spying on the ATA registers. We know it's done.
CC: qemu-stable <qemu-stable@nongnu.org>
Reported-by: François Guerraz <kubrick@fgv6.net>
Tested-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: John Snow <jsnow@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Jeff Cody <jcody@redhat.com>
Message-id: 20180531004323.4611-3-jsnow@redhat.com
Signed-off-by: John Snow <jsnow@redhat.com>
---
hw/ide/ahci.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/hw/ide/ahci.c b/hw/ide/ahci.c
index 66f55aecb3..b11640ddbb 100644
--- a/hw/ide/ahci.c
+++ b/hw/ide/ahci.c
@@ -532,13 +532,6 @@ static void ahci_check_cmd_bh(void *opaque)
qemu_bh_delete(ad->check_bh);
ad->check_bh = NULL;
- if ((ad->busy_slot != -1) &&
- !(ad->port.ifs[0].status & (BUSY_STAT|DRQ_STAT))) {
- /* no longer busy */
- ad->port_regs.cmd_issue &= ~(1 << ad->busy_slot);
- ad->busy_slot = -1;
- }
-
check_cmd(ad->hba, ad->port_no);
}
@@ -1425,6 +1418,12 @@ static void ahci_cmd_done(IDEDMA *dma)
trace_ahci_cmd_done(ad->hba, ad->port_no);
+ /* no longer busy */
+ if (ad->busy_slot != -1) {
+ ad->port_regs.cmd_issue &= ~(1 << ad->busy_slot);
+ ad->busy_slot = -1;
+ }
+
/* update d2h status */
ahci_write_fis_d2h(ad);
--
2.14.3
next prev parent reply other threads:[~2018-06-08 17:47 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-06-08 17:47 [Qemu-devel] [PULL 00/30] Ide patches John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 01/30] ahci: trim signatures on raise/lower John Snow
2018-06-08 17:47 ` John Snow [this message]
2018-06-08 17:47 ` [Qemu-devel] [PULL 03/30] ahci: don't schedule unnecessary BH John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 04/30] ahci: add port register enumeration John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 05/30] ahci: modify ahci_port_read to use register numbers John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 06/30] ahci: make port read traces more descriptive John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 07/30] ahci: fix spacing damage on ahci_port_write John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 08/30] ahci: combine identical clauses in port write John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 09/30] ahci: modify ahci_port_write to use register numbers John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 10/30] ahci: make port write traces more descriptive John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 11/30] ahci: delete old port register address definitions John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 12/30] ahci: add host register enumeration John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 13/30] ahci: fix host register max address John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 14/30] ahci: modify ahci_mem_read_32 to work on register numbers John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 15/30] ahci: make mem_read_32 traces more descriptive John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 16/30] ahci: fix spacing damage on ahci_mem_write John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 17/30] ahci: adjust ahci_mem_write to work on registers John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 18/30] ahci: delete old host register address definitions John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 19/30] ahci: make ahci_mem_write traces more descriptive John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 20/30] tests/boot-sector: Add magic bytes to s390x boot code header John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 21/30] tests/cdrom-test: Test booting from CD-ROM ISO image file John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 22/30] tests/cdrom-test: Test that -cdrom parameter is working John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 23/30] MAINTAINERS: Add the cdrom-test to John's section John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 24/30] libqos/ahci: track sector size John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 25/30] ahci: move PIO Setup FIS before transfer, fix it for ATAPI commands John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 26/30] ide: push end_transfer_func out of start_transfer callback, rename callback John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 27/30] ide: call ide_cmd_done from ide_transfer_stop John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 28/30] ide: make ide_transfer_stop idempotent John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 29/30] atapi: call ide_set_irq before ide_transfer_start John Snow
2018-06-08 17:47 ` [Qemu-devel] [PULL 30/30] ide: introduce ide_transfer_start_norecurse John Snow
2018-06-11 11:46 ` [Qemu-devel] [PULL 00/30] Ide patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180608174733.4936-3-jsnow@redhat.com \
--to=jsnow@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=qemu-stable@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.