blockcmd.c: Prevent unaligned access crash on PA-RISC

The cdbcmd pointer given to scsi_fill_cmd() can point to
an unaligned address. On x86 writing a 64-bit value to an
unaligned address will succeed, while on PA-RISC the machine
will stop with an unaligned access error (esp. since the
fault handlers are not implemented in the firmware).

Work around that issue by using a temporary variable and
copy it to the destination when finished.

Signed-off-by: Helge Deller <deller@gmx.de>

1 files changed, 8 insertions, 5 deletions

diff --git a/src/hw/blockcmd.c b/src/hw/blockcmd.c
index 6b6fea9..1b447ac 100644
--- a/src/hw/blockcmd.c
+++ b/src/hw/blockcmd.c
@@ -111,12 +111,15 @@ scsi_fill_cmd(struct disk_op_s *op, void *cdbcmd, int maxcdb)
     switch (op->command) {
     case CMD_READ:
     case CMD_WRITE: ;
-        struct cdb_rwdata_10 *cmd = cdbcmd;
-        memset(cmd, 0, maxcdb);
-        cmd->command = (op->command == CMD_READ ? CDB_CMD_READ_10
+        // PA-RISC: Beware alignment: do not write u64 to unaligned address.
+        struct cdb_rwdata_10 cmd;
+        memset(cdbcmd, 0, maxcdb);
+        memset(&cmd, 0, sizeof(cmd));
+        cmd.command = (op->command == CMD_READ ? CDB_CMD_READ_10
                         : CDB_CMD_WRITE_10);
-        cmd->lba = cpu_to_be32(op->lba);
-        cmd->count = cpu_to_be16(op->count);
+        cmd.lba = cpu_to_be32(op->lba);
+        cmd.count = cpu_to_be16(op->count);
+        memcpy(cdbcmd, &cmd, sizeof(cmd));
         return GET_FLATPTR(op->drive_fl->blksize);
     case CMD_SCSI:
         if (MODESEGMENT)