From: Dan Carpenter <dan.carpenter@oracle.com>
To: kbuild@01.org
Cc: James.Bottomley@HansenPartnership.com,
himanshu.madhani@cavium.com, kbuild-all@01.org,
martin.petersen@oracle.com, linux-scsi@vger.kernel.org
Subject: Re: [PATCH 4/6] qla2xxx_nvmet: Add FC-NVMe Target handling
Date: Thu, 20 Sep 2018 12:57:14 +0300 [thread overview]
Message-ID: <20180920095713.o7wqmeb4nwricksp@mwanda> (raw)
In-Reply-To: <20180914212811.11463-5-himanshu.madhani@cavium.com>
Hi Anil,
I love your patch! Perhaps something to improve:
url: https://github.com/0day-ci/linux/commits/Himanshu-Madhani/qla2xxx-Add-FC-NVMe-Target-support/20180916-090108
base: https://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi.git for-next
smatch warnings:
drivers/scsi/qla2xxx/qla_target.c:891 qlt_queue_purex() warn: taking sizeof binop
drivers/scsi/qla2xxx/qla_target.c:902 qlt_queue_purex() error: memcpy() 'p->purex_pyld' too small (4 vs 44)
# https://github.com/0day-ci/linux/commit/51867b7ad96cb9b1d5a96effc476a2e5a48293ae
git remote add linux-review https://github.com/0day-ci/linux
git remote update linux-review
git checkout 51867b7ad96cb9b1d5a96effc476a2e5a48293ae
vim +891 drivers/scsi/qla2xxx/qla_target.c
51867b7a Anil Gurumurthy 2018-09-14 868
51867b7a Anil Gurumurthy 2018-09-14 869 static void qlt_queue_purex(scsi_qla_host_t *vha,
51867b7a Anil Gurumurthy 2018-09-14 870 struct atio_from_isp *atio)
51867b7a Anil Gurumurthy 2018-09-14 871 {
51867b7a Anil Gurumurthy 2018-09-14 872 struct qla_tgt_purex_op *p;
51867b7a Anil Gurumurthy 2018-09-14 873 unsigned long flags;
51867b7a Anil Gurumurthy 2018-09-14 874 struct purex_entry_24xx *purex =
51867b7a Anil Gurumurthy 2018-09-14 875 (struct purex_entry_24xx *)&atio->u.raw;
51867b7a Anil Gurumurthy 2018-09-14 876 uint16_t len = purex->frame_size;
51867b7a Anil Gurumurthy 2018-09-14 877 uint8_t *purex_pyld_tmp;
51867b7a Anil Gurumurthy 2018-09-14 878
51867b7a Anil Gurumurthy 2018-09-14 879 p = kzalloc(sizeof(*p), GFP_ATOMIC);
51867b7a Anil Gurumurthy 2018-09-14 880 if (p == NULL)
51867b7a Anil Gurumurthy 2018-09-14 881 goto out;
51867b7a Anil Gurumurthy 2018-09-14 882
51867b7a Anil Gurumurthy 2018-09-14 883 p->vha = vha;
51867b7a Anil Gurumurthy 2018-09-14 884 memcpy(&p->atio, atio, sizeof(*atio));
51867b7a Anil Gurumurthy 2018-09-14 885
51867b7a Anil Gurumurthy 2018-09-14 886 ql_dbg(ql_dbg_disc + ql_dbg_buffer, vha, 0xff11,
51867b7a Anil Gurumurthy 2018-09-14 887 "Dumping the Purex IOCB received\n");
51867b7a Anil Gurumurthy 2018-09-14 888 ql_dump_buffer(ql_dbg_disc + ql_dbg_buffer, vha, 0xe012,
51867b7a Anil Gurumurthy 2018-09-14 889 (uint8_t *)purex, 64);
51867b7a Anil Gurumurthy 2018-09-14 890
51867b7a Anil Gurumurthy 2018-09-14 @891 p->purex_pyld = kzalloc(sizeof(purex->entry_count * 64), GFP_ATOMIC);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The parens are wrong so
51867b7a Anil Gurumurthy 2018-09-14 892 if (p->purex_pyld == NULL) {
51867b7a Anil Gurumurthy 2018-09-14 893 kfree(p);
51867b7a Anil Gurumurthy 2018-09-14 894 goto out;
51867b7a Anil Gurumurthy 2018-09-14 895 }
51867b7a Anil Gurumurthy 2018-09-14 896 purex_pyld_tmp = (uint8_t *)p->purex_pyld;
51867b7a Anil Gurumurthy 2018-09-14 897 p->purex_pyld_len = len;
51867b7a Anil Gurumurthy 2018-09-14 898
51867b7a Anil Gurumurthy 2018-09-14 899 if (len < PUREX_PYLD_SIZE)
51867b7a Anil Gurumurthy 2018-09-14 900 len = PUREX_PYLD_SIZE;
51867b7a Anil Gurumurthy 2018-09-14 901
51867b7a Anil Gurumurthy 2018-09-14 @902 memcpy(p->purex_pyld, &purex->d_id, PUREX_PYLD_SIZE);
^^^^^^^^^^^^^
it leads to a memory corruption warning as well.
51867b7a Anil Gurumurthy 2018-09-14 903 purex_pyld_tmp += PUREX_PYLD_SIZE;
51867b7a Anil Gurumurthy 2018-09-14 904 len -= PUREX_PYLD_SIZE;
51867b7a Anil Gurumurthy 2018-09-14 905
parent reply other threads:[~2018-09-20 9:57 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <20180914212811.11463-5-himanshu.madhani@cavium.com>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180920095713.o7wqmeb4nwricksp@mwanda \
--to=dan.carpenter@oracle.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=himanshu.madhani@cavium.com \
--cc=kbuild-all@01.org \
--cc=kbuild@01.org \
--cc=linux-scsi@vger.kernel.org \
--cc=martin.petersen@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.