[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 0/2] ide: Fix incorrect handling of some PRDTs and add the
From: |
Alexander Popov |
Subject: |
Re: [PATCH v3 0/2] ide: Fix incorrect handling of some PRDTs and add the corresponding unit-test |
Date: |
Thu, 23 Jan 2020 13:52:33 +0300 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 |
On 23.01.2020 02:14, John Snow wrote:
> On 12/23/19 12:51 PM, Alexander Popov wrote:
>> Fuzzing the Linux kernel with syzkaller allowed to find how to crash qemu
>> using a special SCSI_IOCTL_SEND_COMMAND. It hits the assertion in
>> ide_dma_cb() introduced in the commit a718978ed58a in July 2015.
>>
>> This patch series fixes incorrect handling of some PRDTs in ide_dma_cb()
>> and improves the ide-test to cover more PRDT cases (including one
>> that causes that particular qemu crash).
>>
>> Changes from v2 (thanks to Kevin Wolf for the feedback):
>> - the assertion about prepare_buf() return value is improved;
>> - the patch order is reversed to keep the tree bisectable;
>> - the unit-test performance is improved -- now it runs 8 seconds
>> instead of 3 minutes on my laptop.
>>
>> Alexander Popov (2):
>> ide: Fix incorrect handling of some PRDTs in ide_dma_cb()
>> tests/ide-test: Create a single unit-test covering more PRDT cases
>>
>> hw/ide/core.c | 30 +++++---
>> tests/ide-test.c | 174 ++++++++++++++++++++---------------------------
>> 2 files changed, 96 insertions(+), 108 deletions(-)
>>
>
> Thanks, applied to my IDE tree:
>
> https://github.com/jnsnow/qemu/commits/ide
> https://github.com/jnsnow/qemu.git
Happy end!
Thanks a lot!
Best regards,
Alexander