Date: Mon, 11 Nov 2019 17:36:57 +0000 (UTC) From: Warner Losh <imp@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r354623 - head/sys/cam/scsi Message-ID: <201911111736.xABHavhQ099101@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: imp Date: Mon Nov 11 17:36:57 2019 New Revision: 354623 URL: https://svnweb.freebsd.org/changeset/base/354623 Log: Add asserts for some state transitions For the PROBEWP and PROBERC* states, add assertiosn that both the da device state is in the right state, as well as the ccb state is the right one when we enter dadone_probe{wp,rc}. This will ensure that we don't sneak through when we're re-probing the size and write protection status of the device and thereby leak a reference which can later lead to an invalidated peripheral going away before all references are released (and resulting panic). Reviewed by: scottl, ken Differential Revision: https://reviews.freebsd.org/D22295 Modified: head/sys/cam/scsi/scsi_da.c Modified: head/sys/cam/scsi/scsi_da.c ============================================================================== --- head/sys/cam/scsi/scsi_da.c Mon Nov 11 17:36:52 2019 (r354622) +++ head/sys/cam/scsi/scsi_da.c Mon Nov 11 17:36:57 2019 (r354623) @@ -4613,6 +4613,14 @@ dadone_probewp(struct cam_periph *periph, union ccb *d cam_periph_assert(periph, MA_OWNED); + KASSERT(softc->state == DA_STATE_PROBE_WP, + ("State (%d) not PROBE_WP in dadone_probewp, periph %p ccb %p", + softc->state, periph, done_ccb)); + KASSERT((csio->ccb_h.ccb_state & DA_CCB_TYPE_MASK) == DA_CCB_PROBE_WP, + ("CCB State (%lu) not PROBE_WP in dadone_probewp, periph %p ccb %p", + (unsigned long)csio->ccb_h.ccb_state & DA_CCB_TYPE_MASK, periph, + done_ccb)); + if (softc->minimum_cmd_size > 6) { mode_hdr10 = (struct scsi_mode_header_10 *)csio->data_ptr; dev_spec = mode_hdr10->dev_spec; @@ -4672,6 +4680,13 @@ dadone_proberc(struct cam_periph *periph, union ccb *d priority = done_ccb->ccb_h.pinfo.priority; csio = &done_ccb->csio; state = csio->ccb_h.ccb_state & DA_CCB_TYPE_MASK; + + KASSERT(softc->state == DA_STATE_PROBE_RC || softc->state == DA_STATE_PROBE_RC16, + ("State (%d) not PROBE_RC* in dadone_proberc, periph %p ccb %p", + softc->state, periph, done_ccb)); + KASSERT(state == DA_CCB_PROBE_RC || state == DA_CCB_PROBE_RC16, + ("CCB State (%lu) not PROBE_RC* in dadone_probewp, periph %p ccb %p", + (unsigned long)state, periph, done_ccb)); lbp = 0; rdcap = NULL;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201911111736.xABHavhQ099101>