It looks like adw(4) has never correctly supported >12 byte SCSI
requests. It wants to copy from 12 bytes past the start of the CDB,
but &xs->cmd[12] is actually 192 bytes past (and pointing at who knows
what).
However, I don't have any adw(4) hardware nor know off hand how to
force a >12 byte SCSI request to test if this fixes anything.
Index: dev/ic/adw.c
===================================================================
RCS file: /cvs/src/sys/dev/ic/adw.c,v
retrieving revision 1.44
diff -u -p dev/ic/adw.c
--- dev/ic/adw.c 20 May 2010 00:55:17 -0000 1.44
+++ dev/ic/adw.c 21 Jun 2010 19:36:34 -0000
@@ -690,10 +690,10 @@ adw_build_req(xs, ccb, flags)
* For wide boards a CDB length maximum of 16 bytes
* is supported.
*/
- bcopy(xs->cmd, &scsiqp->cdb, ((scsiqp->cdb_len = xs->cmdlen) <= 12)?
- xs->cmdlen : 12 );
- if(xs->cmdlen > 12)
- bcopy(&(xs->cmd[12]), &scsiqp->cdb16, xs->cmdlen - 12);
+ bcopy(xs->cmd, &scsiqp->cdb, MIN(xs->cmdlen, 12));
+ if (xs->cmdlen > 12)
+ bcopy((caddr_t)xs->cmd + 12, &scsiqp->cdb16, xs->cmdlen - 12);
+ scsiqp->cdb_len = xs->cmdlen;
scsiqp->target_id = sc_link->target;
scsiqp->target_lun = sc_link->lun;
