Little fix for usb packet handling on i/o cancelation. The
usb packet pointer (s->packet) is cleared at the wrong place:
The scsi request cancel handler does it. When a usb packet
is canceled the usb-storage emulation canceles the scsi request
if present. In most cases there is one, so usually s->packet
is cleared as needed even with the code sitting at the wrong
place.
If there is no scsi request in flight s->packet is not cleared
though. The usb-storage emulation will then try to complete an
usb packet which is not in flight any more and thereby trigger
an assert() in the usb core.
Fix this by clearing s->packet at the correct place, which is
the usb packet cancel header.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
if (req == s->req) {
scsi_req_unref(s->req);
s->req = NULL;
- s->packet = NULL;
s->scsi_len = 0;
}
}
{
MSDState *s = DO_UPCAST(MSDState, dev, dev);
+ assert(s->packet == p);
+ s->packet = NULL;
+
if (s->req) {
scsi_req_cancel(s->req);
}