From: Marcel Apfelbaum <marcel@redhat.com>
To: Markus Armbruster <armbru@redhat.com>,
Cao jin <caoj.fnst@cn.fujitsu.com>
Cc: qemu-devel@nongnu.org, mst@redhat.com, jasowang@redhat.com,
alex.williamson@redhat.com, hare@suse.de, dmitry@daynix.com,
pbonzini@redhat.com, jsnow@redhat.com, kraxel@redhat.com
Subject: Re: [Qemu-devel] [PATCH v4 3/5] megasas: bugfix
Date: Sun, 10 Apr 2016 10:40:07 +0300 [thread overview]
Message-ID: <570A0357.9030106@redhat.com> (raw)
In-Reply-To: <87a8l4tvry.fsf@dusky.pond.sub.org>
On 04/08/2016 10:16 AM, Markus Armbruster wrote:
> Please use a more descriptive title. Suggest "megasas: Fix
>
> Cao jin <caoj.fnst@cn.fujitsu.com> writes:
>
>> msi_init returns non-zero value on both failure and success
>
> This is a sentence, should end with a period.
>
> Bug's impact? Here's my guess.
>
> msi_init() either succeeds and returns 0x50, or fails and returns a
> negative errno. If it succeeds, we mistakenly clear
> MEGASAS_MASK_USE_MSI. Its only use is in megasas_scsi_uninit(), via
> megasas_use_msi(). There, we fail to msi_uninit() on unrealize due to
> the bug.
>
> I figure that's harmless if we destroy the device next. This is the
> common case.
>
> If we don't destroy it, and then realize it again, msi_init() fails,
> because there's no space at 0x50: the MSI capability we neglected to
> delete is still there. We report the problem to the user, then realize
> the device anyway (I hate that, but it's a separate issue).
>
> Marcel, can you confirm my analysis?
Your analysis is accurate, I didn't even look so hard at consequences,
this is a clear bug that needs to be fixed.
However, now I looked into it and your explanation shows why it even works...
>
>> Signed-off-by: Cao jin <caoj.fnst@cn.fujitsu.com>
>> CC: Hannes Reinecke <hare@suse.de>
>> CC: Paolo Bonzini <pbonzini@redhat.com>
>> ---
>> hw/scsi/megasas.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
>> index a63a581..56fb645 100644
>> --- a/hw/scsi/megasas.c
>> +++ b/hw/scsi/megasas.c
>> @@ -2348,7 +2348,7 @@ static void megasas_scsi_realize(PCIDevice *dev, Error **errp)
>> "megasas-queue", 0x40000);
>>
>> if (megasas_use_msi(s) &&
>> - msi_init(dev, 0x50, 1, true, false)) {
>> + msi_init(dev, 0x50, 1, true, false) < 0) {
>> s->flags &= ~MEGASAS_MASK_USE_MSI;
>> }
>> if (megasas_use_msix(s) &&
> msix_init(dev, 15, &s->mmio_io, b->mmio_bar, 0x2000,
> &s->mmio_io, b->mmio_bar, 0x3800, 0x68)) {
> s->flags &= ~MEGASAS_MASK_USE_MSIX;
> }
>
> This looks like the same bug, but it's actually okay, since msix_init()
> returns 0 on success. Suggest to test < 0 anyway so that future readers
> don't get misled into thinking there's a bug like I was.
>
I agree we should follow the same convention.
> Marcel, this difference between msi_init() and msix_init() is just mean.
It keeps us alert :)
> Please clean it up.
Sure, I'll take care of it.
Thanks,
Marcel
>
next prev parent reply other threads:[~2016-04-10 7:40 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-05 11:26 [Qemu-devel] [PATCH v4 0/5] Add param Error ** for msi_init() Cao jin
2016-04-05 11:26 ` [Qemu-devel] [PATCH v4 1/5] fix some coding style problems Cao jin
2016-04-08 6:29 ` Markus Armbruster
2016-04-09 8:49 ` Cao jin
2016-04-05 11:26 ` [Qemu-devel] [PATCH v4 2/5] change pvscsi_init_msi() type to void Cao jin
2016-04-06 7:19 ` Dmitry Fleytman
2016-04-10 7:41 ` Marcel Apfelbaum
2016-04-05 11:26 ` [Qemu-devel] [PATCH v4 3/5] megasas: bugfix Cao jin
2016-04-08 7:16 ` Markus Armbruster
2016-04-09 13:07 ` Cao jin
2016-04-10 7:40 ` Marcel Apfelbaum [this message]
2016-04-05 11:26 ` [Qemu-devel] [PATCH v4 4/5] mptsas: change .realize function name Cao jin
2016-04-10 7:43 ` Marcel Apfelbaum
2016-04-05 11:26 ` [Qemu-devel] [PATCH v4 5/5] Add param Error ** for msi_init() Cao jin
2016-04-08 8:44 ` Markus Armbruster
2016-04-09 12:19 ` Cao jin
2016-04-09 13:00 ` Cao jin
2016-04-10 8:20 ` Marcel Apfelbaum
2016-04-10 9:38 ` Cao jin
2016-04-11 10:00 ` Marcel Apfelbaum
2016-04-11 12:02 ` Cao jin
2016-04-12 11:50 ` Markus Armbruster
2016-04-29 9:28 ` Cao jin
2016-04-29 12:46 ` Markus Armbruster
2016-04-12 8:34 ` Markus Armbruster
2016-04-05 11:27 ` [Qemu-devel] [PATCH v4 0/5] " Michael S. Tsirkin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=570A0357.9030106@redhat.com \
--to=marcel@redhat.com \
--cc=alex.williamson@redhat.com \
--cc=armbru@redhat.com \
--cc=caoj.fnst@cn.fujitsu.com \
--cc=dmitry@daynix.com \
--cc=hare@suse.de \
--cc=jasowang@redhat.com \
--cc=jsnow@redhat.com \
--cc=kraxel@redhat.com \
--cc=mst@redhat.com \
--cc=pbonzini@redhat.com \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).