On 1/29/19 12:40 AM, Christoph Hellwig wrote:
On Wed, Jan 23, 2019 at 11:12:37AM -0800, Bart Van Assche wrote:
diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
index 4e69f182a1e5..b0eb83526c54 100644
--- a/drivers/scsi/sd.c
+++ b/drivers/scsi/sd.c
@@ -1129,6 +1129,10 @@ static blk_status_t sd_setup_rw6_cmnd(struct scsi_cmnd *cmd, bool write,
sector_t lba, unsigned int nr_blocks,
unsigned char flags)
{
+ /* Avoid that 0 blocks gets translated into 256 blocks. */
+ if (WARN_ON_ONCE(nr_blocks == 0))
+ return BLK_STS_IOERR;
+
While the WARN_ON here looks helpful shouldn't we instead ensure that
sd_setup_rw6_cmnd never gets called with a 0 argument instead of bailing
out like this?
Hi Christoph,
Before I posted this patch I searched for code that submits read or
write requests with length 0 but I haven't found any. do_iter_read() and
do_iter_write() in fs/read_write.c do not submit any block layer
requests if tot_len == 0. Are you perhaps aware of kernel code that can
submit zero-length read or write requests?
Thanks,
Bart.
