From: Li Qiang <liq...@gmail.com>
When fetching request, it should read sizeof(*hdr), not the
pointer hdr.
Signed-off-by: Li Qiang <liqiang...@360.cn>
Message-Id: <1489488980-130668-1-git-send-email-liqiang...@360.cn>
Cc: qemu-sta...@nongnu.org
Signed-off-by: Paolo Bonzini <pbonz...@redhat.com>
(cherry picked from commit b01a2d07c963e96dbd151f0db1eaa06f273acf34)
Signed-off-by: Michael Roth <mdr...@linux.vnet.ibm.com>
---
hw/scsi/mptsas.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c
index ad87e78..421955b 100644
--- a/hw/scsi/mptsas.c
+++ b/hw/scsi/mptsas.c
@@ -756,7 +756,7 @@ static void mptsas_fetch_request(MPTSASState *s)
/* Read the message header from the guest first. */
addr = s->host_mfa_high_addr | MPTSAS_FIFO_GET(s, request_post);
- pci_dma_read(pci, addr, req, sizeof(hdr));
+ pci_dma_read(pci, addr, req, sizeof(*hdr));
if (hdr->Function < ARRAY_SIZE(mpi_request_sizes) &&
mpi_request_sizes[hdr->Function]) {
@@ -766,8 +766,8 @@ static void mptsas_fetch_request(MPTSASState *s)
*/
size = mpi_request_sizes[hdr->Function];
assert(size <= MPTSAS_MAX_REQUEST_SIZE);
- pci_dma_read(pci, addr + sizeof(hdr), &req[sizeof(hdr)],
- size - sizeof(hdr));
+ pci_dma_read(pci, addr + sizeof(*hdr), &req[sizeof(*hdr)],
+ size - sizeof(*hdr));
}
if (hdr->Function == MPI_FUNCTION_SCSI_IO_REQUEST) {
--
2.7.4
