OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
3a69cadbef
qemu-e2k/hw
History
Klaus Jensen 3a69cadbef hw/block/nvme: fix ref counting in nvme_format_ns 
Max noticed that since blk_aio_pwrite_zeroes() may invoke the callback
before returning, the callbacks will never see *count == 0 and thus
never free the count variable or decrement num_formats causing a CQE to
never be posted.

Coverity (CID 1451082) also picked up on the fact that count would not
be free'ed if the namespace was of zero size.

Fix both of these issues by explicitly checking *count and finalize for
the given namespace if --(*count) is zero. Enqueing a CQE if there are
no AIOs outstanding after this case is already handled by nvme_format()
by inspecting *num_formats.

Reported-by: Max Reitz <mreitz@redhat.com>
Reported-by: Coverity (CID 1451082)
Fixes: dc04d25e2f ("hw/block/nvme: add support for the format nvm command")
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Gollu Appalanaidu <anaidu.gollu@samsung.com>
2021-03-29 18:46:57 +02:00
..
9pfs hw/9pfs/9p-synth: Replaced qemu_mutex_lock with QEMU_LOCK_GUARD 2021-03-16 11:41:49 +01:00
acpi acpi: Set proper maximum size for "etc/acpi/rsdp" blob 2021-03-22 18:58:19 -04:00
adc
alpha
arm acpi: Move maximum size logic into acpi_add_rom_blob() 2021-03-22 18:58:19 -04:00
audio hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
avr
block hw/block/nvme: fix ref counting in nvme_format_ns 2021-03-29 18:46:57 +02:00
char target-arm queue: 2021-03-23 21:15:17 +00:00
core hw/core/loader: Add new function rom_ptr_for_as() 2021-03-23 11:47:31 +00:00
cpu
cris hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
display edid: prefer standard timings 2021-03-23 12:37:13 +01:00
dma
gpio
hppa
hyperv
i2c
i386 acpi: Move setters/getters of oem fields to X86MachineState 2021-03-22 18:58:19 -04:00
ide hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
input
intc * fixes for i386 TCG paging 2021-03-19 18:01:17 +00:00
ipack
ipmi
isa hw/southbridge: Add missing Kconfig dependency VT82C686 on USB_UHCI 2021-03-15 17:00:59 +01:00
lm32
m68k m68k: add Virtual M68k Machine 2021-03-15 21:03:06 +01:00
mem memory: add a sparse memory device for fuzzing 2021-03-16 14:30:30 -04:00
microblaze hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
mips
misc hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
moxie
net hw/net: virtio-net: Initialize nc->do_not_pad to true 2021-03-22 17:34:31 +08:00
nios2
nubus
nvram
openrisc
pci pci: introduce acpi-index property for PCI device 2021-03-22 18:58:19 -04:00
pci-bridge
pci-host
pcmcia
ppc hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
rdma pvrdma: wean code off pvrdma_ring.h kernel header 2021-03-15 16:41:22 +08:00
remote
riscv hw/riscv: microchip_pfsoc: Map EMMC/SD mux register 2021-03-22 21:54:40 -04:00
rtc
rx
s390x s390x: modularize virtio-gpu-ccw 2021-03-26 09:33:50 +01:00
scsi hw/scsi: remove 'scsi-disk' device 2021-03-18 09:22:55 +00:00
sd hw/sd: sdhci: Reset the data pointer of s->fifo_buffer[] when a different block size is programmed 2021-03-22 16:56:22 +01:00
sh4
smbios
sparc hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
sparc64 hw/ide: remove 'ide-drive' device 2021-03-18 09:22:55 +00:00
ssi
timer hw: Replace anti-social QOM type names 2021-03-19 15:18:43 +01:00
tpm
tricore
unicore32
usb hw/usb/hcd-ehci: Fix crash when showing help of EHCI devices 2021-03-26 11:10:49 +01:00
vfio vfio/migrate: Move switch of dirty tracking into vfio_memory_listener 2021-03-16 10:06:44 -06:00
virtio virtio-pmem: fix virtio_pmem_resp assign problem 2021-03-22 10:17:53 -04:00
watchdog
xen
xenpv
xtensa
Kconfig
meson.build