From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59524) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Upr9W-0006FK-1U for qemu-devel@nongnu.org; Thu, 20 Jun 2013 22:32:43 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Upr9U-0001XW-VZ for qemu-devel@nongnu.org; Thu, 20 Jun 2013 22:32:41 -0400 Received: from mail-pb0-x22a.google.com ([2607:f8b0:400e:c01::22a]:62165) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Upr9U-0001XN-Py for qemu-devel@nongnu.org; Thu, 20 Jun 2013 22:32:40 -0400 Received: by mail-pb0-f42.google.com with SMTP id un1so7044210pbc.1 for ; Thu, 20 Jun 2013 19:32:40 -0700 (PDT) From: Ronnie Sahlberg Date: Thu, 20 Jun 2013 19:32:34 -0700 Message-Id: <1371781955-2745-1-git-send-email-ronniesahlberg@gmail.com> Subject: [Qemu-devel] [PATCH] iSCSI fix crash when using virtio and libiscsi List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: stefanha@gmail.com, 1191606@bugs.launchpad.net, lersek@redhat.com Stefan, List Please find a patch that fixes the crashes for using virtio with libiscsi. The problem was that block/iscsi.c always assumed we got a plain buffer to read data into, and when we got an iovector array instead we would overwrite pointers with garbage and crash. Since we can get iovectors for the write case as well I have added a fix for when the guest is writing data to the target to handle the iovector case as well. The new calls added are not protected with (LIBISCSI_FEATURE_IOVECTOR) checks since anyone building a new/current version of qemu should probably also build against a current libiscsi. I will send patches later to remove the current (LIBISCSI_FEATURE_IOVECTOR) checks in the rest of the file. regards ronnie sahlberg