In case the guest sends a SYNCHRONIZE_CACHE command scsi_req_complete() is called twice: Once because there is no data to transfer and scsi-disk thinks it is done with the command, and once when the flush is actually finished ...
Signed-off-by: Gerd Hoffmann <kra...@redhat.com> --- hw/scsi-disk.c | 5 +++-- 1 files changed, 3 insertions(+), 2 deletions(-) diff --git a/hw/scsi-disk.c b/hw/scsi-disk.c index 62f538f..f3c75b3 100644 --- a/hw/scsi-disk.c +++ b/hw/scsi-disk.c @@ -291,7 +291,7 @@ static void scsi_write_complete(void * opaque, int ret) scsi_req_complete(&r->req, GOOD); } else { scsi_init_iovec(r); - DPRINTF("Write complete tag=0x%x more=%d\n", r->req.tag, r->qiov.size); + DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size); scsi_req_data(&r->req, r->qiov.size); } @@ -1421,7 +1421,8 @@ static int32_t scsi_send_command(SCSIRequest *req, uint8_t *buf) scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE)); return 0; } - if (r->sector_count == 0 && r->iov.iov_len == 0) { + if (r->sector_count == 0 && r->iov.iov_len == 0 && + command != SYNCHRONIZE_CACHE) { scsi_req_complete(&r->req, GOOD); } len = r->sector_count * 512 + r->iov.iov_len; -- 1.7.1