When a discard I/O fails, dasd_fba_dump_sense() will crash as it
tries to print out the CCW, and failing to take into account that
for discard I/O we have only one data pointer, not one per sg.
As the data pointer will always point to the zero page this patch
replaces the data pointer output with '00000000' to avoid the crash.
Signed-off-by: Hannes Reinecke <[email protected]>
[sparschauer: replaced "ccw" with "act", "snprintf" with "sprintf"]
[sparschauer v2: added missing curly braces to for loops]
Signed-off-by: Sebastian Parschauer <[email protected]>
---
drivers/s390/block/dasd_fba.c | 21 ++++++++++++++++++---
1 file changed, 18 insertions(+), 3 deletions(-)
diff --git a/drivers/s390/block/dasd_fba.c b/drivers/s390/block/dasd_fba.c
index cbb770824226..4b867bd6b164 100644
--- a/drivers/s390/block/dasd_fba.c
+++ b/drivers/s390/block/dasd_fba.c
@@ -717,10 +717,15 @@ dasd_fba_dump_sense(struct dasd_device *device, struct dasd_ccw_req * req,
" CCW %p: %08X %08X DAT:",
act, ((int *) act)[0], ((int *) act)[1]);
for (count = 0; count < 32 && count < act->count;
- count += sizeof(int))
+ count += sizeof(int)) {
+ if (act->flags & CCW_FLAG_SLI) {
+ len += sprintf(page + len, " 00000000");
+ break;
+ }
len += sprintf(page + len, " %08X",
((int *) (addr_t) act->cda)
[(count>>2)]);
+ }
len += sprintf(page + len, "\n");
act++;
}
@@ -739,10 +744,15 @@ dasd_fba_dump_sense(struct dasd_device *device, struct dasd_ccw_req * req,
" CCW %p: %08X %08X DAT:",
act, ((int *) act)[0], ((int *) act)[1]);
for (count = 0; count < 32 && count < act->count;
- count += sizeof(int))
+ count += sizeof(int)) {
+ if (act->flags & CCW_FLAG_SLI) {
+ len += sprintf(page + len, " 00000000");
+ break;
+ }
len += sprintf(page + len, " %08X",
((int *) (addr_t) act->cda)
[(count>>2)]);
+ }
len += sprintf(page + len, "\n");
act++;
}
@@ -757,10 +767,15 @@ dasd_fba_dump_sense(struct dasd_device *device, struct dasd_ccw_req * req,
" CCW %p: %08X %08X DAT:",
act, ((int *) act)[0], ((int *) act)[1]);
for (count = 0; count < 32 && count < act->count;
- count += sizeof(int))
+ count += sizeof(int)) {
+ if (act->flags & CCW_FLAG_SLI) {
+ len += sprintf(page + len, " 00000000");
+ break;
+ }
len += sprintf(page + len, " %08X",
((int *) (addr_t) act->cda)
[(count>>2)]);
+ }
len += sprintf(page + len, "\n");
act++;
}
--
2.16.4
On 11/18/19 12:12 PM, Hannes Reinecke wrote:
> When a discard I/O fails, dasd_fba_dump_sense() will crash as it
> tries to print out the CCW, and failing to take into account that
> for discard I/O we have only one data pointer, not one per sg.
> As the data pointer will always point to the zero page this patch
> replaces the data pointer output with '00000000' to avoid the crash.
>
> Signed-off-by: Hannes Reinecke <[email protected]>
> [sparschauer: replaced "ccw" with "act", "snprintf" with "sprintf"]
> [sparschauer v2: added missing curly braces to for loops]
> Signed-off-by: Sebastian Parschauer <[email protected]>
> ---
> drivers/s390/block/dasd_fba.c | 21 ++++++++++++++++++---
> 1 file changed, 18 insertions(+), 3 deletions(-)
>
Hi Hannes,
thanks for the patch. However,
> diff --git a/drivers/s390/block/dasd_fba.c b/drivers/s390/block/dasd_fba.c
> index cbb770824226..4b867bd6b164 100644
> --- a/drivers/s390/block/dasd_fba.c
> +++ b/drivers/s390/block/dasd_fba.c
> @@ -717,10 +717,15 @@ dasd_fba_dump_sense(struct dasd_device *device, struct dasd_ccw_req * req,
> " CCW %p: %08X %08X DAT:",
> act, ((int *) act)[0], ((int *) act)[1]);
> for (count = 0; count < 32 && count < act->count;
> - count += sizeof(int))
> + count += sizeof(int)) {
> + if (act->flags & CCW_FLAG_SLI) {
I'm not quite happy with the usage of CCW_FLAG_SLI here.
We're currently looking into this issue in more detail to fully
understand the problem.
I'll let you know the outcome and possible improvements for the
patch as soon as possible.
regards,
Jan