summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2013-01-10 15:08:05 +0100
committerPaolo Bonzini <pbonzini@redhat.com>2013-01-22 15:07:03 +0100
commit0369f06f7464e7fb023f103aff889d28e99c43c4 (patch)
tree262e3df065b83a248c40a1a3fa85fbf6780429ac
parent5b5d34ec9882b29b757f6808693308e52a8e8ba7 (diff)
downloadfocaccia-qemu-0369f06f7464e7fb023f103aff889d28e99c43c4.tar.gz
focaccia-qemu-0369f06f7464e7fb023f103aff889d28e99c43c4.zip
scsi: fix segfault with 0-byte disk
When a 0-sized disk is found, READ CAPACITY will return a
LUN NOT READY error.  However, because it returns -1 instead
of zero, the HBA will call scsi_req_continue.  This will
typically cause a segmentation fault or an assertion failure.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat
-rw-r--r--hw/scsi-disk.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c
index f8d7ef3374..658e315660 100644
--- a/hw/scsi-disk.c
+++ b/hw/scsi-disk.c
@@ -1682,7 +1682,7 @@ static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
         bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
         if (!nb_sectors) {
             scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
-            return -1;
+            return 0;
         }
         if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
             goto illegal_request;
@@ -1751,7 +1751,7 @@ static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
             bdrv_get_geometry(s->qdev.conf.bs, &nb_sectors);
             if (!nb_sectors) {
                 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
-                return -1;
+                return 0;
             }
             if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
                 goto illegal_request;