From d5cdc9898b5589acc77db91a1e9c0feb9f32abef Mon Sep 17 00:00:00 2001 From: FUJITA Tomonori Date: Tue, 25 Mar 2008 17:04:46 +0900 Subject: [PATCH] [SCSI] scsi_debug: fix lba and data length calculation bugs For example, `modprobe scsi_debug virtual_gb=1100` gives: scsi7 : scsi_debug, version 1.81 [20070104], dev_size_mb=8, opts=0x0 scsi 7:0:0:0: Direct-Access Linux scsi_debug 0004 PQ: 0 ANSI: 5 sd 7:0:0:0: [sdc] 2306867200 512-byte hardware sectors (1181116 MB) sd 7:0:0:0: [sdc] Write Protect is off sd 7:0:0:0: [sdc] Mode Sense: 73 00 10 08 sd 7:0:0:0: [sdc] Write cache: enabled, read cache: enabled, supports DPO and FUA sd 7:0:0:0: [sdc] 2306867200 512-byte hardware sectors (1181116 MB) sd 7:0:0:0: [sdc] Write Protect is off sd 7:0:0:0: [sdc] Mode Sense: 73 00 10 08 sd 7:0:0:0: [sdc] Write cache: enabled, read cache: enabled, supports DPO and FUA sdc: unknown partition table sd 7:0:0:0: [sdc] Attached SCSI disk sd 7:0:0:0: Attached scsi generic sg6 type 0 end_request: I/O error, dev sdc, sector 2306867072 Buffer I/O error on device sdc, logical block 288358384 end_request: I/O error, dev sdc, sector 2306867072 Buffer I/O error on device sdc, logical block 288358384 end_request: I/O error, dev sdc, sector 2306867192 (snip) Note that this converts all the calculations (including the correct calculations) for unification. Signed-off-by: FUJITA Tomonori Acked-by: Douglas Gilbert Signed-off-by: James Bottomley --- drivers/scsi/scsi_debug.c | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c index 5f348e7b1184..65c88dde72b4 100644 --- a/drivers/scsi/scsi_debug.c +++ b/drivers/scsi/scsi_debug.c @@ -252,33 +252,37 @@ static struct bus_type pseudo_lld_bus; static void get_data_transfer_info(unsigned char *cmd, unsigned long long *lba, unsigned int *num) { - int i; - switch (*cmd) { case WRITE_16: case READ_16: - for (*lba = 0, i = 0; i < 8; ++i) { - if (i > 0) - *lba <<= 8; - *lba += cmd[2 + i]; - } - *num = cmd[13] + (cmd[12] << 8) + - (cmd[11] << 16) + (cmd[10] << 24); + *lba = (u64)cmd[9] | (u64)cmd[8] << 8 | + (u64)cmd[7] << 16 | (u64)cmd[6] << 24 | + (u64)cmd[5] << 32 | (u64)cmd[4] << 40 | + (u64)cmd[3] << 48 | (u64)cmd[2] << 56; + + *num = (u32)cmd[13] | (u32)cmd[12] << 8 | (u32)cmd[11] << 16 | + (u32)cmd[10] << 24; break; case WRITE_12: case READ_12: - *lba = cmd[5] + (cmd[4] << 8) + (cmd[3] << 16) + (cmd[2] << 24); - *num = cmd[9] + (cmd[8] << 8) + (cmd[7] << 16) + (cmd[6] << 24); + *lba = (u32)cmd[5] | (u32)cmd[4] << 8 | (u32)cmd[3] << 16 | + (u32)cmd[2] << 24; + + *num = (u32)cmd[9] | (u32)cmd[8] << 8 | (u32)cmd[7] << 16 | + (u32)cmd[6] << 24; break; case WRITE_10: case READ_10: case XDWRITEREAD_10: - *lba = cmd[5] + (cmd[4] << 8) + (cmd[3] << 16) + (cmd[2] << 24); - *num = cmd[8] + (cmd[7] << 8); + *lba = (u32)cmd[5] | (u32)cmd[4] << 8 | (u32)cmd[3] << 16 | + (u32)cmd[2] << 24; + + *num = (u32)cmd[8] | (u32)cmd[7] << 8; break; case WRITE_6: case READ_6: - *lba = cmd[3] + (cmd[2] << 8) + ((cmd[1] & 0x1f) << 16); + *lba = (u32)cmd[3] | (u32)cmd[2] << 8 | + (u32)(cmd[1] & 0x1f) << 16; *num = (0 == cmd[4]) ? 256 : cmd[4]; break; default: -- 2.34.1