qemu/hw
Philippe Mathieu-Daudé 4051a1f062 hw/scsi/lsi53c895a: Do not abort when DMA requested and no data queued
If asked for DMA request and no data is available, simply wait
for data to be queued, do not abort. This fixes:

  $ cat << EOF | \
    qemu-system-i386 -nographic -M q35,accel=qtest -serial none \
      -monitor none -qtest stdio -trace lsi* \
      -drive if=none,id=drive0,file=null-co://,file.read-zeroes=on,format=raw \
      -device lsi53c895a,id=scsi0 -device scsi-hd,drive=drive0,bus=scsi0.0,channel=0,scsi-id=0,lun=0
  lsi_reset Reset
  lsi_reg_write Write reg DSP2 0x2e = 0xff
  lsi_reg_write Write reg DSP3 0x2f = 0xff
  lsi_execute_script SCRIPTS dsp=0xffff0000 opcode 0x184a3900 arg 0x4a8b2d75
  qemu-system-i386: hw/scsi/lsi53c895a.c:624: lsi_do_dma: Assertion `s->current' failed.

  (gdb) bt
  #5  0x00007ffff4e8a3a6 in __GI___assert_fail
      (assertion=0x5555560accbc "s->current", file=0x5555560acc28 "hw/scsi/lsi53c895a.c", line=624, function=0x5555560adb18 "lsi_do_dma") at assert.c:101
  #6  0x0000555555aa33b9 in lsi_do_dma (s=0x555557805ac0, out=1) at hw/scsi/lsi53c895a.c:624
  #7  0x0000555555aa5042 in lsi_execute_script (s=0x555557805ac0) at hw/scsi/lsi53c895a.c:1250
  #8  0x0000555555aa757a in lsi_reg_writeb (s=0x555557805ac0, offset=47, val=255 '\377') at hw/scsi/lsi53c895a.c:1984
  #9  0x0000555555aa875b in lsi_mmio_write (opaque=0x555557805ac0, addr=47, val=255, size=1) at hw/scsi/lsi53c895a.c:2095

Cc: qemu-stable@nongnu.org
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Vadim Rozenfeld <vrozenfe@redhat.com>
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Reported-by: Jérôme Poulin <jeromepoulin@gmail.com>
Reported-by: Ruhr-University <bugs-syssec@rub.de>
Reported-by: Gaoning Pan <pgn@zju.edu.cn>
Reported-by: Cheolwoo Myung <cwmyung@snu.ac.kr>
Fixes: b96a0da06b ("lsi: move dma_len+dma_buf into lsi_request")
BugLink: https://bugs.launchpad.net/qemu/+bug/697510
BugLink: https://bugs.launchpad.net/qemu/+bug/1905521
BugLink: https://bugs.launchpad.net/qemu/+bug/1908515
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/84
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/305
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/552
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Laurent Vivier <lvivier@redhat.com>
Message-Id: <20211123111732.83137-2-philmd@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2021-11-30 22:25:58 +01:00
..
9pfs 9pfs: use P9Array in v9fs_walk() 2021-10-27 14:45:22 +02:00
acpi failover: fix unplug pending detection 2021-11-28 17:03:52 -05:00
adc hw/adc: Add basic Aspeed ADC model 2021-10-12 08:20:08 +02:00
alpha hw/alpha: Provide a PCI-ISA bridge device node 2021-06-28 07:27:32 -07:00
arm hw/arm/virt: Extend nested and mte checks to hvf 2021-11-26 16:51:21 +00:00
audio qbus: Rename qbus_create_inplace() to qbus_init() 2021-09-30 13:42:10 +01:00
avr hw/avr/atmega.c: use the avr51 cpu for atmega1280 2021-05-13 19:11:42 +02:00
block qbus: Rename qbus_create_inplace() to qbus_init() 2021-09-30 13:42:10 +01:00
char escc: update the R_SPEC register SPEC_ALLSENT bit when writing to W_TXCTRL1 2021-11-21 09:56:52 +00:00
core hw/nvme: change nvme-ns 'shared' default 2021-11-19 07:31:56 +01:00
cpu cpu/core: Fix "help" of CPU core device types 2021-04-09 16:05:16 -04:00
cris Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
display macfb: fix a memory leak (CID 1465231) 2021-11-09 16:42:49 +01:00
dma hw/dma: sifive_pdma: Don't run DMA when channel is disclaimed 2021-10-07 08:41:33 +10:00
gpio hw: aspeed_gpio: Fix GPIO array indexing 2021-10-12 08:20:08 +02:00
hppa docs: fix references to docs/devel/tracing.rst 2021-06-02 06:51:09 +02:00
hyperv qbus: Rename qbus_create() to qbus_new() 2021-09-30 13:44:08 +01:00
i2c aspeed/i2c: QOMify AspeedI2CBus 2021-10-12 08:20:08 +02:00
i386 intel-iommu: ignore leaf SNP bit in scalable mode 2021-11-29 08:49:36 -05:00
ide ide: Cap LBA28 capacity announcement to 2^28-1 2021-11-02 13:02:46 +01:00
input hw/input/lasips2: Fix typos in function names 2021-10-31 21:05:40 +01:00
intc hw/intc/arm_gicv3: fix handling of LPIs in list registers 2021-11-29 10:10:21 +00:00
ipack qbus: Rename qbus_create_inplace() to qbus_init() 2021-09-30 13:42:10 +01:00
ipmi ipmi/sim: fix watchdog_expired data type error in IPMIBmcSim struct 2021-07-08 14:15:01 -05:00
isa vt82c686: Add a method to VIA_ISA to raise ISA interrupts 2021-10-18 00:41:36 +02:00
m68k m68k pull request 20211109 2021-11-09 13:16:56 +01:00
mem hw/mem/pc-dimm: Restrict NUMA-specific code to NUMA machines 2021-11-11 03:13:05 -05:00
microblaze Do not include sysemu/sysemu.h if it's not really necessary 2021-05-02 17:24:50 +02:00
mips hw/mips/boston: Add FDT generator 2021-10-18 00:41:36 +02:00
misc hw/misc/sifive_u_otp: Do not reset OTP content on hardware reset 2021-11-22 10:46:22 +10:00
net net: vmxnet3: validate configuration values during activate (CVE-2021-20203) 2021-11-19 11:43:47 +08:00
nios2 Do not include cpu.h if it's not really necessary 2021-05-02 17:24:51 +02:00
nubus qbus: Rename qbus_create_inplace() to qbus_init() 2021-09-30 13:42:10 +01:00
nvme hw/nvme: fix buffer overrun in nvme_changed_nslist (CVE-2021-3947) 2021-11-19 07:32:19 +01:00
nvram hw/nvram: Fix Memory Leak in Xilinx ZynqMP eFuse device 2021-10-23 18:50:33 +02:00
openrisc Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
pci Fix bad overflow check in hw/pci/pcie.c 2021-11-29 08:49:36 -05:00
pci-bridge qdev: Make DeviceState.id independent of QemuOpts 2021-10-15 16:06:35 +02:00
pci-host hw/sh4: Coding style: White space fixes 2021-10-30 11:46:40 +02:00
pcmcia hw/pcmcia: Do not register PCMCIA type if not required 2021-05-02 17:24:50 +02:00
ppc target/ppc: fix Hash64 MMU update of PTE bit R 2021-11-29 21:00:08 +01:00
rdma qapi: introduce x-query-rdma QMP command 2021-11-02 15:55:14 +00:00
remote hw/remote/proxy: Categorize Wireless devices as 'Network' ones 2021-10-04 09:47:26 +02:00
riscv hw/riscv: opentitan: Fixup the PLIC context addresses 2021-10-28 14:39:23 +10:00
rtc hw/rtc/pl031: Send RTC_CHANGE QMP event 2021-11-15 18:53:00 +00:00
rx hw/rx/rx-gdbsim: Do not accept invalid memory size 2021-05-03 10:07:41 +02:00
s390x pci: Export pci_for_each_device_under_bus*() 2021-11-01 19:36:11 -04:00
scsi hw/scsi/lsi53c895a: Do not abort when DMA requested and no data queued 2021-11-30 22:25:58 +01:00
sd hw/sd: add nuvoton MMC 2021-11-02 14:14:55 -04:00
sensor hw/misc: Add Infineon DPS310 sensor model 2021-09-20 08:50:59 +02:00
sh4 hw/intc/sh_intc: Inline and drop sh_intc_source() function 2021-10-30 18:39:37 +02:00
smbios hw/smbios: support for type 41 (onboard devices extended information) 2021-05-14 10:26:18 -04:00
sparc sun4m: fix setting CPU id when more than one CPU is present 2021-09-08 11:09:45 +01:00
sparc64 hw/block/fdc: Extract ISA floppy controllers to fdc-isa.c 2021-06-25 08:53:28 -04:00
ssi aspeed/smc: Use a container for the flash mmio address space 2021-10-22 09:52:17 +02:00
timer hw/timer/sh_timer: Remove use of hw_error 2021-10-30 18:39:37 +02:00
tpm tpm: mark correct memory region range dirty when clearing RAM 2021-10-02 08:43:21 +02:00
tricore hw/tricore: fix inclusion of tricore_testboard 2021-07-20 20:10:21 +02:00
usb Initial conversion of HMP debugging commands to QMP 2021-11-03 08:04:32 -04:00
vfio vfio: Fix memory leak of hostwin 2021-11-17 11:25:55 -07:00
virtio virtio-balloon: correct used length 2021-11-29 08:49:36 -05:00
watchdog watchdog: remove select_watchdog_action 2021-11-02 15:57:27 +01:00
xen pci: Export pci_for_each_device_under_bus*() 2021-11-01 19:36:11 -04:00
xenpv meson: convert hw/arch* 2020-08-21 06:30:33 -04:00
xtensa Do not include exec/address-spaces.h if it's not really necessary 2021-05-02 17:24:51 +02:00
Kconfig hw/arm: xlnx-zcu102: Add Xilinx eFUSE device 2021-09-30 13:42:10 +01:00
meson.build sensor: Move hardware sensors from misc to a sensor directory 2021-06-17 07:10:32 -05:00