Am 22.01.2020 um 12:53 hat Alexander Popov geschrieben: > On 23.12.2019 20:51, Alexander Popov wrote: > > Fuzzing the Linux kernel with syzkaller allowed to find how to crash qemu > > using a special SCSI_IOCTL_SEND_COMMAND. It hits the assertion in > > ide_dma_cb() introduced in the commit a718978ed58a in July 2015. > > > > This patch series fixes incorrect handling of some PRDTs in ide_dma_cb() > > and improves the ide-test to cover more PRDT cases (including one > > that causes that particular qemu crash). > > > > Changes from v2 (thanks to Kevin Wolf for the feedback): > > - the assertion about prepare_buf() return value is improved; > > - the patch order is reversed to keep the tree bisectable; > > - the unit-test performance is improved -- now it runs 8 seconds > > instead of 3 minutes on my laptop. > > > > Alexander Popov (2): > > ide: Fix incorrect handling of some PRDTs in ide_dma_cb() > > tests/ide-test: Create a single unit-test covering more PRDT cases > > > > hw/ide/core.c | 30 +++++--- > > tests/ide-test.c | 174 ++++++++++++++++++++--------------------------- > > 2 files changed, 96 insertions(+), 108 deletions(-) > > Hello! > > Pinging again about this fix and unit-test... > > It's ready. Kevin Wolf has reviewed this (thanks a lot!). > > What is next?
I asked John about it just yesterday (if he will merge it or if he would prefer me to take it through my tree) and he promised to take a look very soon. Kevin
