diff options
| author | Guenter Roeck <linux@roeck-us.net> | 2018-11-29 09:17:42 -0800 |
|---|---|---|
| committer | Paolo Bonzini <pbonzini@redhat.com> | 2019-01-11 13:57:24 +0100 |
| commit | ea84a44250f79566484692bb000e97776ac66047 (patch) | |
| tree | 438608bd3b63f32142e711889f730de90b5ac9b9 /hw/scsi/esp-pci.c | |
| parent | c2d6eeda016887f5d11401cd20281a356e226b51 (diff) | |
| download | focaccia-qemu-ea84a44250f79566484692bb000e97776ac66047.tar.gz focaccia-qemu-ea84a44250f79566484692bb000e97776ac66047.zip | |
scsi: esp: Defer command completion until previous interrupts have been handled
The guest OS reads RSTAT, RSEQ, and RINTR, and expects those registers to reflect a consistent state. However, it is possible that the registers can change after RSTAT was read, but before RINTR is read, when esp_command_complete() is called. Guest OS qemu -------- ---- [handle interrupt] Read RSTAT esp_command_complete() RSTAT = STAT_ST esp_dma_done() RSTAT |= STAT_TC RSEQ = 0 RINTR = INTR_BS Read RSEQ Read RINTR RINTR = 0 RSTAT &= ~STAT_TC RSEQ = SEQ_CD The guest OS would then try to handle INTR_BS combined with an old value of RSTAT. This sometimes resulted in lost events, spurious interrupts, guest OS confusion, and stalled SCSI operations. A typical guest error log (observed with various versions of Linux) looks as follows. scsi host1: Spurious irq, sreg=13. ... scsi host1: Aborting command [84531f10:2a] scsi host1: Current command [f882eea8:35] scsi host1: Queued command [84531f10:2a] scsi host1: Active command [f882eea8:35] scsi host1: Dumping command log scsi host1: ent[15] CMD val[44] sreg[90] seqreg[00] sreg2[00] ireg[20] ss[00] event[0c] scsi host1: ent[16] CMD val[01] sreg[90] seqreg[00] sreg2[00] ireg[20] ss[02] event[0c] scsi host1: ent[17] CMD val[43] sreg[90] seqreg[00] sreg2[00] ireg[20] ss[02] event[0c] scsi host1: ent[18] EVENT val[0d] sreg[92] seqreg[04] sreg2[00] ireg[18] ss[00] event[0c] ... Defer handling command completion until previous interrupts have been handled to fix the problem. Signed-off-by: Guenter Roeck <linux@roeck-us.net>
Diffstat (limited to 'hw/scsi/esp-pci.c')
| -rw-r--r-- | hw/scsi/esp-pci.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/hw/scsi/esp-pci.c b/hw/scsi/esp-pci.c index d956909186..6b0bbb9b7f 100644 --- a/hw/scsi/esp-pci.c +++ b/hw/scsi/esp-pci.c @@ -313,8 +313,8 @@ static void esp_pci_hard_reset(DeviceState *dev) static const VMStateDescription vmstate_esp_pci_scsi = { .name = "pciespscsi", - .version_id = 0, - .minimum_version_id = 0, + .version_id = 1, + .minimum_version_id = 1, .fields = (VMStateField[]) { VMSTATE_PCI_DEVICE(parent_obj, PCIESPState), VMSTATE_BUFFER_UNSAFE(dma_regs, PCIESPState, 0, 8 * sizeof(uint32_t)), |