From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:33678)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kwolf@redhat.com>) id 1X1wMH-0001jR-14
	for qemu-devel@nongnu.org; Tue, 01 Jul 2014 07:36:25 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kwolf@redhat.com>) id 1X1wMB-0005gU-QV
	for qemu-devel@nongnu.org; Tue, 01 Jul 2014 07:36:20 -0400
Received: from mx1.redhat.com ([209.132.183.28]:28084)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kwolf@redhat.com>) id 1X1wMB-0005gC-JJ
	for qemu-devel@nongnu.org; Tue, 01 Jul 2014 07:36:15 -0400
Date: Tue, 1 Jul 2014 13:36:12 +0200
From: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20140701113612.GF4587@noname.str.redhat.com>
References: <1404213207-89115-1-git-send-email-reza.jelveh@tuhh.de>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1404213207-89115-1-git-send-email-reza.jelveh@tuhh.de>
Subject: Re: [Qemu-devel] [PATCH_v2] ahci.c: mask unused flags when reading
 size PRDT DBC
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: reza.jelveh@tuhh.de
Cc: pbonzini@redhat.com, jsnow@redhat.com, qemu-devel@nongnu.org, stefanha@redhat.com, agraf@suse.de

Am 01.07.2014 um 13:13 hat reza.jelveh@tuhh.de geschrieben:
> From: Reza Jelveh <reza.jelveh@tuhh.de>
> 
> The data byte count(DBC) read from the description information is defined for
> bits 21:00. Bits 30:22 are reserved and bit 31 is the Interrupt on Completion
> (I) flag.
> 
> Completion interrupts are triggered after every transaction instead of on
> I-flag in QEMU. tbl_entry_size is a signed integer and improperly reading the
> DBC leads to a negative offset that causes sglist allocation to fail.
> 
> Signed-off-by: Reza Jelveh <reza.jelveh@tuhh.de>
> ---
> This requires a custom ovmf image with sata controller for testing:
> 
> http://reza.jelveh.me/assets/OVMF.fd.bz2
> 
> Signed-off-by: Reza Jelveh <reza.jelveh@tuhh.de>

Reviewed-by: Kevin Wolf <kwolf@redhat.com>

The spec also seems to require an even byte count, which we don't seem
to check. Do we want to add this? (In a separate patch, of course.)

We'll also want a qtest case to verify the fix and for regression
testing. John?

And finally, please don't forget to CC the block maintainers (Stefan and
me) for any AHCI patches.

Kevin