On 3/7/22 03:17, peter.wang@xxxxxxxxxxxx wrote:
When ufs init without scmd->device->sector_size set, scsi_get_lba will get a wrong shift number and ubsan error. shift exponent 4294967286 is too large for 64-bit type 'sector_t' (aka 'unsigned long long') Call scsi_get_lba only when opcode is READ_10/WRITE_10/UNMAP.
Hmm ... how can it happen that sector_size has not been set? I think that can only happen for LUNs of type SCSI DISK if sd_read_capacity() fails? If sd_read_capacity() fails I think the sd driver is expected to set the capacity to zero?
rq->__sector == -1 for flush requests and the type of that member (sector_t) is unsigned. I think that it is allowed for a shift left of an unsigned type to overflow. From the C standard: "The result of E1 << E2 is E1 left-shifted E2 bit positions; vacated bits are filled with zeros. If E1 has an unsigned type, the value of the result is E1 × 2E2 , reduced modulo one more than the maximum value representable in the result type."
Thanks, Bart.
