On 8/19/24 19:19, Michael Ellerman wrote:
> The overflow/underflow conditions in pata_macio_qc_prep() should never
> happen. But if they do there's no need to kill the system entirely, a
> WARN and failing the IO request should be sufficient and might allow the
> system to keep running.
>
> Signed-off-by: Michael Ellerman <[email protected]>
> ---
> drivers/ata/pata_macio.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> Not sure if AC_ERR_OTHER is the right error code to use?
Given that this would trigger if the command split has is buggy, I think that
AC_ERR_SYSTEM would be better. Can you resend with the change and no "RFC" ?
>
> diff --git a/drivers/ata/pata_macio.c b/drivers/ata/pata_macio.c
> index eaffa510de49..552e3ac0d391 100644
> --- a/drivers/ata/pata_macio.c
> +++ b/drivers/ata/pata_macio.c
> @@ -554,7 +554,8 @@ static enum ata_completion_errors
> pata_macio_qc_prep(struct ata_queued_cmd *qc)
>
> while (sg_len) {
> /* table overflow should never happen */
> - BUG_ON (pi++ >= MAX_DCMDS);
> + if (WARN_ON_ONCE(pi >= MAX_DCMDS))
> + return AC_ERR_OTHER;
>
> len = (sg_len < MAX_DBDMA_SEG) ? sg_len : MAX_DBDMA_SEG;
> table->command = cpu_to_le16(write ? OUTPUT_MORE:
> INPUT_MORE);
> @@ -566,11 +567,13 @@ static enum ata_completion_errors
> pata_macio_qc_prep(struct ata_queued_cmd *qc)
> addr += len;
> sg_len -= len;
> ++table;
> + ++pi;
> }
> }
>
> /* Should never happen according to Tejun */
> - BUG_ON(!pi);
> + if (WARN_ON_ONCE(!pi))
> + return AC_ERR_OTHER;
>
> /* Convert the last command to an input/output */
> table--;
--
Damien Le Moal
Western Digital Research
