On Tue, 2010-12-21 at 12:49 +1100, Benjamin Herrenschmidt wrote: > > Yep, so it appears that commit 89c0f6438d16 did introduce the bogus > > 'double complete' in scsi_read_complete, which I think was intended to > > handle residual counts for TYPE_TYPE... > > > > /* Cancel a pending data transfer. */ > > @@ -251,6 +257,8 @@ static void scsi_read_complete(void * opaque, int ret) > > > > r->len = -1; > > s->completion(s->opaque, SCSI_REASON_DATA, r->tag, len); > > + if (len == 0) > > + scsi_command_complete(r, 0); > > } > > > > I am currently under the assumption for this and bsg_read_complete that > > s->completion(..., len) is handling the residual count back to block. > > > > Is this correct..? > > So I just debugged a crash where loading my vscsi driver kills qemu > (segfault) after trying to complete a command twice with scsi-generic. > > Removing the above hunk fixes it. So this is a genuine fix that should > be applied (asap even :-) >
Hi Ben, Thanks for verifying this one. Kevin, please make sure this original patch to drop the bogus double complete gets picked up. Best Regards, --nab > I still have an odd problem with scsi-disk.c where reading from an > empty cdrom drive crashes it, I'll debug that later. > > Cheers, > Ben. > >
