1. Patchew
  2. QEMU
  3. View series

[PATCH] pci/msix: Fix msix pba read vector poll end calculation

Nicholas Piggin posted 1 patch 1 year, 1 month ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20241212120402.1475053-1-npiggin@gmail.com
Maintainers: "Michael S. Tsirkin" <mst@redhat.com>, Marcel Apfelbaum <marcel.apfelbaum@gmail.com>
hw/pci/msix.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] pci/msix: Fix msix pba read vector poll end calculation
Posted by Nicholas Piggin 1 year, 1 month ago 
The end vector calculation has a bug that results in polling fewer
than required vectors when reading at a non-zero offset in PBA memory.

Fixes: bbef882cc193 ("msi: add API to get notified about pending bit poll")
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
---
Taking closer look at my msix pba mmio write patch, it looks like there
might be a bug in the calculation from the code I copied? I haven't
looked into how to test these poll notifiers though.

Thanks,
Nick

 hw/pci/msix.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/pci/msix.c b/hw/pci/msix.c
index 487e49834ee..cc6e79ec678 100644
--- a/hw/pci/msix.c
+++ b/hw/pci/msix.c
@@ -250,7 +250,7 @@ static uint64_t msix_pba_mmio_read(void *opaque, hwaddr addr,
     PCIDevice *dev = opaque;
     if (dev->msix_vector_poll_notifier) {
         unsigned vector_start = addr * 8;
-        unsigned vector_end = MIN(addr + size * 8, dev->msix_entries_nr);
+        unsigned vector_end = MIN((addr + size) * 8, dev->msix_entries_nr);
         dev->msix_vector_poll_notifier(dev, vector_start, vector_end);
     }
 
-- 
2.45.2
Re: [PATCH] pci/msix: Fix msix pba read vector poll end calculation
Posted by Michael Tokarev 1 year ago 
12.12.2024 15:04, Nicholas Piggin wrote:
> The end vector calculation has a bug that results in polling fewer
> than required vectors when reading at a non-zero offset in PBA memory.
> 
> Fixes: bbef882cc193 ("msi: add API to get notified about pending bit poll")
> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>

This smells like a qemu-stable material?
Though given the bug age, maybe not?

Thanks,

/mjt

> diff --git a/hw/pci/msix.c b/hw/pci/msix.c
> index 487e49834ee..cc6e79ec678 100644
> --- a/hw/pci/msix.c
> +++ b/hw/pci/msix.c
> @@ -250,7 +250,7 @@ static uint64_t msix_pba_mmio_read(void *opaque, hwaddr addr,
>       PCIDevice *dev = opaque;
>       if (dev->msix_vector_poll_notifier) {
>           unsigned vector_start = addr * 8;
> -        unsigned vector_end = MIN(addr + size * 8, dev->msix_entries_nr);
> +        unsigned vector_end = MIN((addr + size) * 8, dev->msix_entries_nr);
>           dev->msix_vector_poll_notifier(dev, vector_start, vector_end);
>       }
>
Re: [PATCH] pci/msix: Fix msix pba read vector poll end calculation
Posted by Philippe Mathieu-Daudé 1 year, 1 month ago 
On 12/12/24 13:04, Nicholas Piggin wrote:
> The end vector calculation has a bug that results in polling fewer
> than required vectors when reading at a non-zero offset in PBA memory.
> 
> Fixes: bbef882cc193 ("msi: add API to get notified about pending bit poll")
> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
> ---
> Taking closer look at my msix pba mmio write patch, it looks like there
> might be a bug in the calculation from the code I copied? I haven't
> looked into how to test these poll notifiers though.
> 
> Thanks,
> Nick
> 
>   hw/pci/msix.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.