* [PATCH 0/2] Fix the assert failure in scsi_dma_complete
@ 2020-08-15 14:19 Li Qiang
2020-08-15 14:19 ` [PATCH 1/2] hw: megasas: return -1 when 'megasas_map_sgl' fails Li Qiang
` (2 more replies)
0 siblings, 3 replies; 6+ messages in thread
From: Li Qiang @ 2020-08-15 14:19 UTC (permalink / raw)
To: hare, pbonzini, fam; +Cc: Li Qiang, liq3ea, qemu-devel, qemu-block
Currently in 'megasas_map_sgl' when 'iov_count=0' will just return
success however the 'cmd' doens't contain any iov. This will cause
the assert in 'scsi_dma_complete' failed. This is because in
'dma_blk_cb' the 'dbs->sg_cur_index == dbs->sg->nsg' will be true
and just call 'dma_complete'. However now there is no aiocb returned.
This is the LP#1878263:
-->https://bugs.launchpad.net/qemu/+bug/1878263
To solve this we will consider the 'iov_count=0' is an error.
In the first patch, I uses -1 to indicate an error and in the second
patch I consider 'iov_count=0' is an error.
Li Qiang (2):
hw: megasas: return -1 when 'megasas_map_sgl' fails
hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl
hw/scsi/megasas.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--
2.17.1
^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH 1/2] hw: megasas: return -1 when 'megasas_map_sgl' fails
2020-08-15 14:19 [PATCH 0/2] Fix the assert failure in scsi_dma_complete Li Qiang
@ 2020-08-15 14:19 ` Li Qiang
2020-08-15 14:19 ` [PATCH 2/2] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl Li Qiang
2020-08-17 17:05 ` [PATCH 0/2] Fix the assert failure in scsi_dma_complete Paolo Bonzini
2 siblings, 0 replies; 6+ messages in thread
From: Li Qiang @ 2020-08-15 14:19 UTC (permalink / raw)
To: hare, pbonzini, fam; +Cc: Li Qiang, liq3ea, qemu-devel, qemu-block
The caller of 'megasas_map_sgl' will only check if the return
is zero or not. If it return 0 it means success, as in the next
patch we will consider 'iov_count=0' is an error, so let's
return -1 to indicate a failure.
Signed-off-by: Li Qiang <liq3ea@163.com>
---
hw/scsi/megasas.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index 5cfd1bf22e..d6c9680c36 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -281,7 +281,7 @@ static int megasas_map_sgl(MegasasState *s, MegasasCmd *cmd, union mfi_sgl *sgl)
if (iov_count > MEGASAS_MAX_SGE) {
trace_megasas_iovec_sgl_overflow(cmd->index, iov_count,
MEGASAS_MAX_SGE);
- return iov_count;
+ return -1;
}
pci_dma_sglist_init(&cmd->qsg, PCI_DEVICE(s), iov_count);
for (i = 0; i < iov_count; i++) {
@@ -311,7 +311,7 @@ static int megasas_map_sgl(MegasasState *s, MegasasCmd *cmd, union mfi_sgl *sgl)
return 0;
unmap:
qemu_sglist_destroy(&cmd->qsg);
- return iov_count - i;
+ return -1;
}
/*
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH 2/2] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl
2020-08-15 14:19 [PATCH 0/2] Fix the assert failure in scsi_dma_complete Li Qiang
2020-08-15 14:19 ` [PATCH 1/2] hw: megasas: return -1 when 'megasas_map_sgl' fails Li Qiang
@ 2020-08-15 14:19 ` Li Qiang
2020-08-15 14:22 ` Li Qiang
2020-08-17 17:05 ` [PATCH 0/2] Fix the assert failure in scsi_dma_complete Paolo Bonzini
2 siblings, 1 reply; 6+ messages in thread
From: Li Qiang @ 2020-08-15 14:19 UTC (permalink / raw)
To: hare, pbonzini, fam; +Cc: Li Qiang, liq3ea, qemu-devel, qemu-block
Currently in 'megasas_map_sgl' when 'iov_count=0' will just return
success however the 'cmd' doens't contain any iov. This will cause
the assert in 'scsi_dma_complete' failed. This is because in
'dma_blk_cb' the 'dbs->sg_cur_index == dbs->sg->nsg' will be true
and just call 'dma_complete'. However now there is no aiocb returned.
This fixes the LP#1878263:
-->https://bugs.launchpad.net/qemu/+bug/1878263
Reported-by: Alexander Bulekov <alxndr@bu.edu>
Signed-off-by: Li Qiang <liq3ea@163.com>
---
hw/scsi/megasas.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
index d6c9680c36..9562c58a2d 100644
--- a/hw/scsi/megasas.c
+++ b/hw/scsi/megasas.c
@@ -278,7 +278,7 @@ static int megasas_map_sgl(MegasasState *s, MegasasCmd *cmd, union mfi_sgl *sgl)
cmd->flags = le16_to_cpu(cmd->frame->header.flags);
iov_count = cmd->frame->header.sge_count;
- if (iov_count > MEGASAS_MAX_SGE) {
+ if (!iov_count || iov_count > MEGASAS_MAX_SGE) {
trace_megasas_iovec_sgl_overflow(cmd->index, iov_count,
MEGASAS_MAX_SGE);
return -1;
--
2.17.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH 2/2] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl
2020-08-15 14:19 ` [PATCH 2/2] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl Li Qiang
@ 2020-08-15 14:22 ` Li Qiang
0 siblings, 0 replies; 6+ messages in thread
From: Li Qiang @ 2020-08-15 14:22 UTC (permalink / raw)
To: Li Qiang, Alexander Bulekov
Cc: Fam Zheng, Paolo Bonzini, hare, Qemu Developers, qemu-block
Oh, sorry to forget to CC Alexander Bulekov.
Thanks,
Li Qiang
Li Qiang <liq3ea@163.com> 于2020年8月15日周六 下午10:20写道:
>
> Currently in 'megasas_map_sgl' when 'iov_count=0' will just return
> success however the 'cmd' doens't contain any iov. This will cause
> the assert in 'scsi_dma_complete' failed. This is because in
> 'dma_blk_cb' the 'dbs->sg_cur_index == dbs->sg->nsg' will be true
> and just call 'dma_complete'. However now there is no aiocb returned.
>
> This fixes the LP#1878263:
>
> -->https://bugs.launchpad.net/qemu/+bug/1878263
>
> Reported-by: Alexander Bulekov <alxndr@bu.edu>
> Signed-off-by: Li Qiang <liq3ea@163.com>
> ---
> hw/scsi/megasas.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
> index d6c9680c36..9562c58a2d 100644
> --- a/hw/scsi/megasas.c
> +++ b/hw/scsi/megasas.c
> @@ -278,7 +278,7 @@ static int megasas_map_sgl(MegasasState *s, MegasasCmd *cmd, union mfi_sgl *sgl)
>
> cmd->flags = le16_to_cpu(cmd->frame->header.flags);
> iov_count = cmd->frame->header.sge_count;
> - if (iov_count > MEGASAS_MAX_SGE) {
> + if (!iov_count || iov_count > MEGASAS_MAX_SGE) {
> trace_megasas_iovec_sgl_overflow(cmd->index, iov_count,
> MEGASAS_MAX_SGE);
> return -1;
> --
> 2.17.1
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 0/2] Fix the assert failure in scsi_dma_complete
2020-08-15 14:19 [PATCH 0/2] Fix the assert failure in scsi_dma_complete Li Qiang
2020-08-15 14:19 ` [PATCH 1/2] hw: megasas: return -1 when 'megasas_map_sgl' fails Li Qiang
2020-08-15 14:19 ` [PATCH 2/2] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl Li Qiang
@ 2020-08-17 17:05 ` Paolo Bonzini
2020-08-18 0:46 ` Li Qiang
2 siblings, 1 reply; 6+ messages in thread
From: Paolo Bonzini @ 2020-08-17 17:05 UTC (permalink / raw)
To: Li Qiang, hare, fam; +Cc: liq3ea, qemu-devel, qemu-block
On 15/08/20 16:19, Li Qiang wrote:
> Currently in 'megasas_map_sgl' when 'iov_count=0' will just return
> success however the 'cmd' doens't contain any iov. This will cause
> the assert in 'scsi_dma_complete' failed. This is because in
> 'dma_blk_cb' the 'dbs->sg_cur_index == dbs->sg->nsg' will be true
> and just call 'dma_complete'. However now there is no aiocb returned.
>
> This is the LP#1878263:
>
> -->https://bugs.launchpad.net/qemu/+bug/1878263
>
> To solve this we will consider the 'iov_count=0' is an error.
> In the first patch, I uses -1 to indicate an error and in the second
> patch I consider 'iov_count=0' is an error.
>
> Li Qiang (2):
> hw: megasas: return -1 when 'megasas_map_sgl' fails
> hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl
>
> hw/scsi/megasas.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
Queued, thanks. But do you have a qtest for this?
Paolo
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH 0/2] Fix the assert failure in scsi_dma_complete
2020-08-17 17:05 ` [PATCH 0/2] Fix the assert failure in scsi_dma_complete Paolo Bonzini
@ 2020-08-18 0:46 ` Li Qiang
0 siblings, 0 replies; 6+ messages in thread
From: Li Qiang @ 2020-08-18 0:46 UTC (permalink / raw)
To: Paolo Bonzini; +Cc: Fam Zheng, hare, Li Qiang, Qemu Developers, qemu-block
[-- Attachment #1: Type: text/plain, Size: 1173 bytes --]
Paolo Bonzini <pbonzini@redhat.com> 于2020年8月18日周二 上午1:05写道:
> On 15/08/20 16:19, Li Qiang wrote:
> > Currently in 'megasas_map_sgl' when 'iov_count=0' will just return
> > success however the 'cmd' doens't contain any iov. This will cause
> > the assert in 'scsi_dma_complete' failed. This is because in
> > 'dma_blk_cb' the 'dbs->sg_cur_index == dbs->sg->nsg' will be true
> > and just call 'dma_complete'. However now there is no aiocb returned.
> >
> > This is the LP#1878263:
> >
> > -->https://bugs.launchpad.net/qemu/+bug/1878263
> >
> > To solve this we will consider the 'iov_count=0' is an error.
> > In the first patch, I uses -1 to indicate an error and in the second
> > patch I consider 'iov_count=0' is an error.
> >
> > Li Qiang (2):
> > hw: megasas: return -1 when 'megasas_map_sgl' fails
> > hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl
> >
> > hw/scsi/megasas.c | 6 +++---
> > 1 file changed, 3 insertions(+), 3 deletions(-)
> >
>
> Queued, thanks. But do you have a qtest for this?
>
Okay, I will cook a qtest for this recently.
Thanks,
Li Qiang
>
> Paolo
>
>
[-- Attachment #2: Type: text/html, Size: 1996 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-08-18 0:48 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-08-15 14:19 [PATCH 0/2] Fix the assert failure in scsi_dma_complete Li Qiang
2020-08-15 14:19 ` [PATCH 1/2] hw: megasas: return -1 when 'megasas_map_sgl' fails Li Qiang
2020-08-15 14:19 ` [PATCH 2/2] hw: megasas: consider 'iov_count=0' is an error in megasas_map_sgl Li Qiang
2020-08-15 14:22 ` Li Qiang
2020-08-17 17:05 ` [PATCH 0/2] Fix the assert failure in scsi_dma_complete Paolo Bonzini
2020-08-18 0:46 ` Li Qiang
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.