very odd code in stex.c

public inbox for linux-scsi@vger.kernel.org
 help / color / mirror / Atom feed

* very odd code in stex.c
@ 2006-09-25  4:08 Al Viro
  0 siblings, 0 replies; only message in thread
From: Al Viro @ 2006-09-25  4:08 UTC (permalink / raw)
  To: linux-scsi

        REQ_VARIABLE_LEN                        = 1024,
...
struct req_msg {
        __le16 tag;
        u8 lun;
        u8 target;
        u8 task_attr;
        u8 task_manage;
        u8 prd_entry;
        u8 payload_sz;          /* payload size in 4-byte */
        u8 cdb[STEX_CDB_LENGTH];
        u8 variable[REQ_VARIABLE_LEN];
};
...
static void
stex_send_cmd(struct st_hba *hba, struct req_msg *req, u16 tag)
{
        req->tag = cpu_to_le16(tag);
        req->task_attr = TASK_ATTRIBUTE_SIMPLE;
        req->task_manage = 0; /* not supported yet */
        req->payload_sz = (u8)(sizeof(struct req_msg)/sizeof(u32));

And of course, sizeof(struct req_msg) is greater than REQ_VARIABLE_LEN,
aka 1024, aka 256 * sizeof(u32).

What the hell is going on here?  Misspellt
        req->payload_sz = offsetof(struct req_msg, variable)/sizeof(u32);
relying on the fact that the last field is exactly 256*sizeof(u32) and thus
its contribution to sizeof(struct req_msg) will be killed by cast to u8?

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2006-09-25  4:08 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-25  4:08 very odd code in stex.c Al Viro

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox