As reported by Sitsofe Wheeler, the WRITE SAME commands with zero blocks are
only issued if WSNZ == 0. WSNZ == 0 means that zero in the NUMBER OF LOGICAL
BLOCKS field means that all logical blocks until the end are affected. In
other words, the original code was fine. Hence revert commit dfff7e9d16.
Reported-by: Sitsofe Wheeler <sitsofe@yahoo.com>
As iser_pdu->desc->data_dir is not initialised when sending a PDU.
The value remains what it was when it was used last time. Thus
a PDU could be considered to have data if it previously had and
might cause segmentation fault.
For example if a pdu is a reset task management task with no data
to transfer and the pdu is previously used as a read task. Thus
it would cause fault like below:
> struct scsi_iovector *iovector_in = &task->iovector_in;
0 0x00007ffff7bcb2d1 in iser_rcv_completion (rx_desc=0x555555b79e48, iser_conn=0x555555b573a0) at iser.c:1349
1 0x00007ffff7bcb53e in iser_handle_wc (wc=0x7fffffffdc00, iser_conn=0x555555b573a0) at iser.c:1426
2 0x00007ffff7bcb685 in cq_event_handler (iser_conn=0x555555b573a0) at iser.c:1468
3 0x00007ffff7bcb81b in cq_handle (iser_conn=0x555555b573a0) at iser.c:1516
4 0x00007ffff7bc8b28 in iscsi_iser_service (iscsi=0x555555b58710, revents=1) at iser.c:118
5 0x00007ffff7bc3862 in iscsi_service (iscsi=0x555555b58710, revents=1) at socket.c:1016
6 0x00007ffff7bc3f6c in event_loop (iscsi=0x555555b58710, state=0x7fffffffe000) at sync.c:71
7 0x00007ffff7bc4605 in iscsi_task_mgmt_sync (iscsi=0x555555b58710, lun=0, function=ISCSI_TM_LUN_RESET, ritt=4294967295, rcmdsn=0) at sync.c:281
8 0x00007ffff7bc46cf in iscsi_task_mgmt_lun_reset_sync (iscsi=0x555555b58710, lun=0) at sync.c:312
9 0x000055555555500d in iscsi_lun_reset_sync (iscsi=0x555555b58710) at iscsiclient_lun_reset.c:34
10 0x0000555555555680 in main (argc=7, argv=0x7fffffffe1c8) at iscsiclient_lun_reset.c:211
Signed-off-by: Hou Pu <houpu@bytedance.com>
The target sometimes sends a logout request to libiscsi
in case it is going down or for some other reason.
The opcode of such a request is ISCSI_PDU_ASYNC_MSG.
On receiving these kinds of PDU, there is no related pdu on the
list of iscsi->waitpdu. Just skip finding them from iscsi->waitpdu.
Or segment fault might happen.
Also rename nop_target label to no_waitpdu to be more clear.
Signed-off-by: Hou Pu <houpu@bytedance.com>
This test checks regular sense/ascq values on miscompare as well as
the Information sense field, which should be set as follows:
sense key set to MISCOMPARE and the additional sense code set to
MISCOMPARE DURING VERIFY OPERATION. In the sense data (see 4.18 and
SPC-5) the offset from the start of the Data-Out Buffer to the first
byte of data that was not equal shall be reported in the INFORMATION
field.
Signed-off-by: David Disseldorp <ddiss@suse.de>
This field is documented in SPC-5 (r17 4.4.3). Unlike the descriptor
type, the fixed Information field is four bytes wide.
Signed-off-by: David Disseldorp <ddiss@suse.de>
The Information descriptor type is defined in SPC-5 (r17 4.4.2.2) and
may be used to provide the data offset on COMPARE_AND_WRITE miscompare.
Signed-off-by: David Disseldorp <ddiss@suse.de>
Explicitly check that the sense data descriptor ADDITIONAL LENGTH field
matches the expected value for sense key specific sense data
descriptors.
Signed-off-by: David Disseldorp <ddiss@suse.de>
According to SPC-5 (r17), the sense data descriptor format follows:
byte field
---- -----
0: DESCRIPTOR TYPE
1: ADDITIONAL LENGTH
2-n: Sense data descriptor specific
The VALID bit is a sense data descriptor specific flag, and is not
present in the only sense data descriptor supported by libiscsi -
Sense key specific sense data descriptors.
Drop the generic VALID bit check, in preparation for handling it on
a sense data descriptor specific basis.
Suggested-by: Bart Van Assche <bvanassche@acm.org>
Signed-off-by: David Disseldorp <ddiss@suse.de>
If device claims SBC-3 version in its version descriptors it won't be marked as SBC-3 compliant.
This commit adds checks for:
* SBC-3 T10/BSR INCITS 514 revision 35
* SBC-3 T10/BSR INCITS 514 revision 36
* SBC-3 ANSI INCITS 514-2014
After commit 10868c491d CmdSN tests no
longer work because iscsi->cmdsn is incremented during the second test
phase (sending "good" TUR after "bad" TUR), so the resulting CmdSN is
not ExpCmdSN, but ExpCmdSN + 1 that is not acknowledged by the target.
This commit fixes the issue by setting iscsi->cmdsn to iscsi->expcmdsn - 1.
Affected tests:
* iSCSI.iSCSIcmdsn.iSCSICmdSnTooLow
* iSCSI.iSCSIcmdsn.iSCSICmdSnTooHigh
In the test iSCSI.iSCSITMF.LUNResetSimpleAsync
CU_ASSERT_EQUAL(reconnect_succeeded, 1) must be called after the async
TMF command completes. Hence move that assert into the TMF completion
callback.
This patch fixes a race condition.
[bvanassche: edited commit message]
This attempts to reproduce upstream LIO reports of a use after free bug
when logout occurs alongside concurrent I/O.
Signed-off-by: David Disseldorp <ddiss@suse.de>
Libiscsi supports to parse two iscsi url schemes: 'iscsi://' and 'iser://'.
Fix the missing iser parsing, introduced from 12222077.
Signed-off-by: Han Han <hhan@redhat.com>
Remove a bunch of duplicate code by sharing a function for source and
destination endpoint initialization.
Signed-off-by: David Disseldorp <ddiss@suse.de>
I don't see any problems that calling the callback
during connect/login in iscsi_cancel_pdus(). So let's
remove this check. Otherwise, we have no way to be aware
of a cancellation during login and cause something like
iscsi_login_sync() hangs.
Signed-off-by: Xie Yongji <xieyongji@bytedance.com>
We should plug the cmdsn gap in order to continue
to use the session when the pdus is cancelled before
sending out.
Signed-off-by: Xie Yongji <xieyongji@bytedance.com>
Since the NUMBER OF LOGICAL BLOCKS field in the COMPARE AND WRITE command
is an 8 bit field, the maximum value that can be encoded is 255.
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Assign the NUMBER OF LOGICAL BLOCKS field in the COMPARE AND WRITE PDU
directly. Use the terminology from SBC-4, namely NUMBER OF LOGICAL BLOCKS
instead of TL.
Signed-off-by: Bart Van Assche <bvanassche@acm.org>
Cmdsn of a data-out pdu struct is less than `expcmdsn` since it's from its
cmd pdu. A data-out pdu doesn't carray a cmdsn on the wire actually, so it
doesn't matter to itself, but if we rewrite the cmdsn of a immediate pdu with
it, it will cause an error.
Related error logs:
libiscsi: iscsi_write_to_socket: outqueue[0]->cmdsn < expcmdsn (3648bab5 < 3648bab9) opcode 00 [iqn.2003-01.org.linux-iscsi.tgt0]
libiscsi: reconnect initiated [iqn.2003-01.org.linux-iscsi.tgt0]
libiscsi: connecting to portal 127.0.0.1 [iqn.2003-01.org.linux-iscsi.tgt0]
libiscsi: connection established (127.0.0.1:62404 -> 127.0.0.1) [iqn.2003-01.org.linux-iscsi.tgt0]
Signed-off-by: wanghonghao <wanghonghao@bytedance.com>
