From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LRqE2-0004Im-Nh for qemu-devel@nongnu.org; Tue, 27 Jan 2009 10:51:42 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LRqDx-0004Gp-Sl for qemu-devel@nongnu.org; Tue, 27 Jan 2009 10:51:41 -0500 Received: from [199.232.76.173] (port=56326 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LRqDx-0004Gj-Ly for qemu-devel@nongnu.org; Tue, 27 Jan 2009 10:51:37 -0500 Received: from mx2.redhat.com ([66.187.237.31]:39934) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LRqDx-0003Ta-7C for qemu-devel@nongnu.org; Tue, 27 Jan 2009 10:51:37 -0500 Received: from int-mx2.corp.redhat.com (int-mx2.corp.redhat.com [172.16.27.26]) by mx2.redhat.com (8.13.8/8.13.8) with ESMTP id n0RFpab4026322 for ; Tue, 27 Jan 2009 10:51:36 -0500 Received: from ns3.rdu.redhat.com (ns3.rdu.redhat.com [10.11.255.199]) by int-mx2.corp.redhat.com (8.13.1/8.13.1) with ESMTP id n0RFpamJ000481 for ; Tue, 27 Jan 2009 10:51:36 -0500 Received: from bree.surriel.com (vpn-10-44.bos.redhat.com [10.16.10.44]) by ns3.rdu.redhat.com (8.13.8/8.13.8) with ESMTP id n0RFpa6T014619 for ; Tue, 27 Jan 2009 10:51:36 -0500 Date: Tue, 27 Jan 2009 10:51:32 -0500 From: Rik van Riel Message-ID: <20090127105132.60750b84@bree.surriel.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] [PATCH] fix sector overflow for scsi disks >1TB large Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Sector numbers can overflow on a virtual scsi disk of over 1TB in size. Qemu's bdrv_read expects an int64_t, so fix the overflow by going to that data type. Also clip capacity to 2TB instead of returning capacity modulo 2TB. Signed-off-by: Rik van Riel Index: trunk/hw/scsi-disk.c =================================================================== --- trunk/hw/scsi-disk.c (revision 6451) +++ trunk/hw/scsi-disk.c (working copy) @@ -47,10 +47,10 @@ typedef struct SCSIRequest { SCSIDeviceState *dev; uint32_t tag; - /* ??? We should probably keep track of whether the data trasfer is + /* ??? We should probably keep track of whether the data transfer is a read or a write. Currently we rely on the host getting it right. */ /* Both sector and sector_count are in terms of qemu 512 byte blocks. */ - int sector; + uint64_t sector; int sector_count; /* The amounnt of data in the buffer. */ int buf_len; @@ -731,6 +731,9 @@ /* Returned value is the address of the last sector. */ if (nb_sectors) { nb_sectors--; + /* Clip to 2TB, instead of returning capacity modulo 2TB. */ + if (nb_sectors > UINT32_MAX) + nb_sectors = UINT32_MAX; outbuf[0] = (nb_sectors >> 24) & 0xff; outbuf[1] = (nb_sectors >> 16) & 0xff; outbuf[2] = (nb_sectors >> 8) & 0xff;