From: Douglas Gilbert <dgilbert@interlog.com>
To: Tomas Winkler <tomas.winkler@intel.com>,
"James E.J. Bottomley\"" <JBottomley@parallels.com>
Cc: linux-scsi@vger.kernel.org
Subject: Re: [scsi 1/2] scsi_debug: schedule_resp fix input variable check
Date: Mon, 23 Feb 2015 09:49:17 -0500 [thread overview]
Message-ID: <54EB3DED.8080103@interlog.com> (raw)
In-Reply-To: <1424690001-2482-1-git-send-email-tomas.winkler@intel.com>
On 15-02-23 06:13 AM, Tomas Winkler wrote:
> The function should never be called with cmnd NULL so
> put a fat WARN there.
> Fix also smatch wraning:
> schedule_resp() warn: variable dereferenced before check 'cmnd'
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> ---
> drivers/scsi/scsi_debug.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c
> index ccbe1282e975..f032aac75997 100644
> --- a/drivers/scsi/scsi_debug.c
> +++ b/drivers/scsi/scsi_debug.c
> @@ -3947,11 +3947,18 @@ schedule_resp(struct scsi_cmnd *cmnd, struct sdebug_dev_info *devip,
> struct sdebug_queued_cmd *sqcp = NULL;
> struct scsi_device *sdp = cmnd->device;
This patch seems incorrect because it still dereferences
cmnd (in the above line) before it checks it for NULL.
> - if (NULL == cmnd || NULL == devip) {
> - pr_warn("called with NULL cmnd or devip pointer\n");
> + /* this should never happend */
happen?
The scsi_debug driver was written by Eric Youngdale to test
the original Linux SCSI subsystem (or a subsequent rewrite
of same). Remnants of its "trust nobody" style remain and
may have been of use to more recent tinkerers.
> + if (WARN_ON(!cmnd))
> + return SCSI_MLQUEUE_HOST_BUSY;
> +
> + if (NULL == devip) {
if (unlikely(NULL == devip)) {
> + pr_warn("called devip == NULL\n");
> /* no particularly good error to report back */
> return SCSI_MLQUEUE_HOST_BUSY;
> }
> +
> + sdp = cmnd->device;
> +
> if ((scsi_result) && (SCSI_DEBUG_OPT_NOISE & scsi_debug_opts))
> sdev_printk(KERN_INFO, sdp, "%s: non-zero result=0x%x\n",
> __func__, scsi_result);
>
next prev parent reply other threads:[~2015-02-23 14:49 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-23 11:13 [scsi 1/2] scsi_debug: schedule_resp fix input variable check Tomas Winkler
2015-02-23 11:13 ` [scsi 2/2] scsi_debug: fix REPORT LUNS Well Known LU Tomas Winkler
2015-02-23 18:28 ` Douglas Gilbert
2015-05-12 7:56 ` Winkler, Tomas
2015-02-23 14:49 ` Douglas Gilbert [this message]
2015-02-23 15:14 ` [scsi 1/2] scsi_debug: schedule_resp fix input variable check Winkler, Tomas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54EB3DED.8080103@interlog.com \
--to=dgilbert@interlog.com \
--cc=JBottomley@parallels.com \
--cc=linux-scsi@vger.kernel.org \
--cc=tomas.winkler@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox