On Fri, Apr 24, 2015 at 04:33:55PM -0700, K. Y. Srinivasan wrote:
> Set the SRB flags correctly when there is no data transfer.
>
What are the user visible effects of this bug? We transfer bogus data?
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubs
* Error everything on the txq since these iocbs have
not been
9369 * given to the FW yet.
9370 */
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
set the error code" bugs so I can
never be positive.
Could you take a look at the other "goto cleanup;" places in this
function and maybe add a comment, change it to something more clear like
"return 0;" or fix the error code?
regards,
dan carpenter
--
To unsubscribe from
On Fri, May 29, 2015 at 01:29:14PM -0700, K. Y. Srinivasan wrote:
> From: keith.ma...@microsoft.com
Keith's name is wrong.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
M
The string "cmd %d RESET FAILED, new lockup detected" is not quite
large enough so the sprintf() will overflow. I have increased the size
of the buffer and also changed the sprintf calls to snprintf.
Fixes: 73153fe533bc ('hpsa: use block layer tag for command allocation'
if ((beacon->lcb_type != LPFC_LCB_GREEN) &&
5222 (beacon->lcb_type != LPFC_LCB_AMBER)) {
Also:
drivers/scsi/lpfc/lpfc_els.c:5261 lpfc_els_rcv_lcb()
warn: possible memory leak of 'lcb_context'
regards,
dan carpenter
--
To unsubscribe from
lpfc_sli4_mbox_cmd_free(phba, mbox);
2310 rdp_context->cmpl(phba, rdp_context, FAILURE);
2311 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
lpfc_nlp_put(ndlp);
3905 rdata->pnode = NULL;
Unchecked dereference.
3906 /* drop reference for earlier registeration */
3907 put_device(&rport->dev);
regards,
dan carpenter
--
> I am thinking that I need to post these three patches linux-scsi.
>
> Is that correct?
Yes. That's right.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More maj
ing this I was thinking that instead of 1040 the
upper limit was 32. I got that from hpsa_get_max_perf_mode_cmds().
The only negative number was -1, I think.
But either way, we both agree that 48 is probably safe.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsu
aware that Markus auto generates his patches and he
doesn't even do a cursory review.
"I find it acceptable that some of my update suggestions do not fit
to your quality expectations at the moment." -- Markus Elfring
(https://lkml.org/lkml/2015/1/22/446)
regards,
dan carpenter
--
To
consider that the "sz" calculations can have integer overflows.
Signed-off-by: Dan Carpenter
---
During my QC process, I realized that I sent a similar patch last year,
but never received a response.
http://permalink.gmane.org/gmane.linux.kernel.janitors/32590
Looking at both of
it's necessary, but it seems
reasonable to me.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
sp_len - 1] == ' ')
255 sp_len--;
256
257 sp_model[sp_len] = '\0';
258
259 out:
260 return sp_model;
261 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
, buf);
> ahd_set_name(ahd, new_name);
> }
Remove the curly braces. And below as well.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On 64 bit CPUs there is a memory corruption bug on probe(). It should
be a u32 pointer instead of an unsigned long pointer or we write past
the end of the setupdata[] array.
Signed-off-by: Dan Carpenter
---
Someone reported in 2003 that probe has a NULL deref so maybe it's
related to
is giving me bad object on that
> id.
>
It's in Greg's char-misc-next tree. I like to have the commit id so I
can look at buggy patches.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to m
The > should be >= or we read one element past the end of the array.
Fixes: c21e0bbfc485 ('cxlflash: Base support for IBM CXL Flash Adapter')
Signed-off-by: Dan Carpenter
Fixes: c21e0bbfc485 ('cxlflash: Base support for IBM CXL Flash Adapter')
diff --git a/drivers/scsi
These casts are wrong and unnecessary. They annoy static checkers
because they imply we are planning to write sizeof(long) bytes to a
sizeof(u32) buffer which would corrupt memory.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/qla4xxx/ql4_init.c b/drivers/scsi/qla4xxx/ql4_init.c
index
On Mon, Aug 17, 2015 at 09:45:45PM -0700, Bart Van Assche wrote:
> On 08/17/2015 07:36 AM, Dan Carpenter wrote:
> >These casts are wrong and unnecessary. They annoy static checkers
> >because they imply we are planning to write sizeof(long) bytes to a
> >sizeof(u32) buffe
"port_sel" is a u64 so the shifting should also be a 64 bit shift.
Fixes: c21e0bbfc485 ('cxlflash: Base support for IBM CXL Flash Adapter')
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/cxlflash/main.c b/drivers/scsi/cxlflash/main.c
index 0720d2f..f97421d 10064
We recently did some cleanup here and now the static checkers notice
that there is a missing error code when ioremap() fails. Let's set it
to -ENOMEM.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/aic94xx/aic94xx_init.c
b/drivers/scsi/aic94xx/aic94xx_init.c
index 140cb8e..f6
Ping?
regards,
dan carpenter
On Fri, Jul 03, 2015 at 11:53:03AM +0300, Dan Carpenter wrote:
> These are signed values the come from the user, we put a cap on the
> upper bounds but not on the lower bounds.
>
> We use "karg.dataSgeOffset" to calculate "sz". We
^
slot dereferenced without checking.
849
850 hisi_sas_internal_task_abort(hisi_hba, device,
851 HISI_SAS_INT_ABT_CMD, tag);
852 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, Oct 13, 2016 at 12:49:18PM +0200, Steffen Maier wrote:
> Dan, many thanks for catching this! Sparse did not notice, is there
> other tooling that would find such things?
This was a Smatch warning.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubs
timeout_msecs -= msecs_blocked;
3468 }
3469 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
We accidentally allocate sizeof(u32) instead of sizeof(struct
be_cmd_get_session_resp).
Fixes: 50a4b824be9e ("scsi: be2iscsi: Fix to make boot discovery non-blocking")
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/be2iscsi/be_mgmt.c b/drivers/scsi/be2iscsi/be_mgmt.c
ind
We verified that resp_code is FC_SPP_RESP_ACK earlier so we don't need
to check again here.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/libfc/fc_rport.c b/drivers/scsi/libfc/fc_rport.c
index 110a707..c991f3b 100644
--- a/drivers/scsi/libfc/fc_rport.c
+++ b/drivers/scsi/
rate. What's going on with
that?
Could you send your follow on patch as a reply to the thread?
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
gs yet. So keep the current style with casting.
Ugh... No. This is not code to emulate. Use 1ULL << i. Even if we
did the cast, you would only need one:
if (err_warn_bit_map & ((u64)1 << i)) {
regards,
dan carpenter
--
To unsubscribe from this list
There are some typos where we intended "<<" but have "<". Seems likely
to cause a bunch of problems.
Fixes: d3b688d3c69d ("scsi: hisi_sas: add v2 hw support for ECC and AXI bus
fatal error")
Signed-off-by: Dan Carpenter
---
There is anothe
free() and left the new one.
Fixes: 021e2927586d ("scsi: dpt_i2o: Add a missing call to kfree")
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/dpt_i2o.c b/drivers/scsi/dpt_i2o.c
index f88b3d2..27c0dce 100644
--- a/drivers/scsi/dpt_i2o.c
+++ b/drivers/scsi/dpt_i2o.c
@@ -651,7
This issue was found with Hector.
> >
> > Signed-off-by: Quentin Lambert
>
> Nice catch. I think this will need some more work, I'll do a
> follow-on patch.
>
The error handling is really weird. Could you send your follow on to
this thread?
regards,
dan carpenter
--
To uns
Oops. Sorry for the noise.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
There are two places where adpt_i2o_online_hba() is called. Both
callers call adpt_i2o_delete_hba(pHba) if adpt_i2o_online_hba() fails
and since we also free it here that causes a double free bug.
Signed-off-by: Dan Carpenter
---
This bug pre-dates git.
diff --git a/drivers/scsi/dpt_i2o.c b
pr_info("discovery_status(0x%08x)",
619 le32_to_cpu(event_data->DiscoveryStatus));
620 pr_info("\n");
The indenting is messed up here and also this should be using pr_cont()
because pr_info() will put a bunch of crap in the middle of
Oops... This one is really old. I didn't look carefully at it before I
hit send. Sorry about that.
regards,
dan carpenter
On Wed, Jan 04, 2017 at 04:33:16PM +0300, Dan Carpenter wrote:
> Hello Sreekanth Reddy,
>
> The patch f92363d12359: "[SCSI] mpt3sas: add new driver su
init_fw() warn:
inconsistent indenting
drivers/scsi/megaraid/megaraid_sas_fusion.c:4060 megasas_reset_fusion() warn:
inconsistent indenting
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
49 }
2050 } else {
Wow... You guys are probably already discussed this code, but I'm not
on the linux-scsi list. Do we have a process issue where we are merging
code that we shouldn't be? What's going on here?
regards,
dan carpenter
--
To unsubscri
= phba->cfg_soft_wwnn;
2163
2164 dev_printk(KERN_NOTICE, &phba->pcidev->dev,
2165 "lpfc%d: Reinitializing to use soft_wwpn\n",
phba->brd_no);
2166
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe l
re aren't
we? Shouldn't this be "return DRIVER_ERROR << 24;" like how
scsi_execute_req() does it? I don't think the callers care.
118 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a me
t by LD\n ");
5261 for (j = 0; j < i; ++j)
5262
kfree(fusion->stream_detect_by_ld[j]);
5263 kfree(fusion->stream_detect_by_ld);
5264 fusion->stream_detect_by_ld = NULL;
5265 goto fail_get_ld_pd_list;
5266 }
5267 fusion->stream_detect_by_ld[i]->mru_bit_map
5268 = MR_STREAM_BITMAP;
5269 }
5270 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
emplate = fc_attach_transport(&fc_transport_functions);
> if (!fc_transport_template)
> return -ENODEV;
> -
> - /*
> - * Install Hyper-V specific timeout handler.
> - */
> - fc_transport_template->eh_timed_out = storvsc_eh_timed_out;
I don't undesta
On Thu, Jan 19, 2017 at 12:55:27PM -0500, Cathy Avery wrote:
>
>
> On 01/18/2017 06:15 PM, Dan Carpenter wrote:
> >On Wed, Jan 18, 2017 at 03:28:58PM -0500, Cathy Avery wrote:
> >>Enable FC lightweight host option so that the luns exposed by
> >>t
re related (I'm a total newbie with this code
so that's probably part of the confusion). Since you're resend the code
anyway, could you just add this information to the commit message?
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi&qu
to allocate ct_sns request.\n");
3923 kfree(fcport);
3924 fcport = NULL;
3925 }
3926 INIT_WORK(&fcport->del_work, qla24xx_delete_sess_fn);
3927 INIT_LIST_HEAD(&fcport->gnl_entry);
3928 INIT_LIST_HEAD(&fcport->list);
3929
3930 return fcport;
3931 }
regards,
dan carpenter
848,7 +1848,7 @@ int aac_report_phys_luns(struct aac_dev *dev, struct
> fib *fibptr, int rescan)
> FsaNormal, 1, 1, NULL, NULL);
>
> /* analyse data */
> - if (rcode >= 0 && phys_luns->resp_flag == 2) {
The original code is buggy. rcode should be an int.
regards,
dan carpenter
(char *) h->ctlr->array_name, h->ctlr->index,
556 (retry_cnt == RDAC_RETRY_COUNT) ? "queueing" :
"retrying");
557
regards,
dan carpenter
0, GFP_KERNEL);
It could theoretically go up to 0x800 so we need space for 10
digits.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/qedi/qedi_main.c b/drivers/scsi/qedi/qedi_main.c
index 5eda21d903e9..0dcf3b08230c 100644
--- a/drivers/scsi/qedi/qedi_main.c
+++ b/drivers/scsi/qedi/qedi
The aac_srb_reply struct ends in a 2 byte hole so we end up leaking a
bit of information to user space.
Fixes: 423400e64d37 ("scsi: aacraid: Include HBA direct interface")
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/aacraid/commctrl.c b/drivers/scsi/aacraid/commct
fibptr->event_lock, flags);
771 WARN_ON(fibptr->done == 0);
772
773 if (unlikely(fibptr->flags &
FIB_CONTEXT_FLAG_TIMED_OUT))
774 return -ETIMEDOUT;
775
776 return 0;
777 }
regards,
dan carpenter
*/
2242 t_lock = dev->queues->queue[HostNormCmdQueue].lock;
2243 spin_unlock_irqrestore(t_lock, flags);
Otherwise it is a double unlock bug.
2244 }
regards,
dan carpenter
On Mon, Feb 13, 2017 at 07:39:15PM +, Raghava Aditya Renukunta wrote:
> Hi Don,
>
> > -Original Message-
> > From: Dan Carpenter [mailto:dan.carpen...@oracle.com]
> > Sent: Monday, February 13, 2017 10:47 AM
> > To: Raghava Aditya Renukunta
> >
__func__, host->testbus.select_minor);
1535 return false;
1536 }
1537
1538 return true;
1539 }
regards,
dan carpenter
[(instance->pd_seq_map_id - 1) & 1];
1794 mr_device_priv_data->is_tm_capable =
1795 pd_sync->seq[pd_index].capability.tmCapable;
1796 }
1797 }
regards,
dan carpenter
The "sz" variable is in terms of bytes, but we're treating the buffer as
an array of __le32 so we have to divide by 4.
Fixes: def0eab3af86 ("scsi: megaraid_sas: enhance debug logs in OCR context")
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/megaraid/megar
We accidentally return an uninitialized variable on success.
Fixes: b6ff1b14cdf4 ("[SCSI] scsi_dh: Update EMC handler")
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/device_handler/scsi_dh_emc.c
b/drivers/scsi/device_handler/scsi_dh_emc.c
index 4a7679f6c73d..f1578832ec7a 10
po.
472 }
Issue #2: The caller checks for if the return is greater than 2. It
never is. We can remove this dead code.
Issue #3: The caller passes "bled" to aac_send_iop_reset() which
ignores it. What's up with that? Either it's a bug or we
fc_wq_list, wq_list) {
4606 pring = qp->pring;
4607 if (!pring)
4608 continue;
4609 spin_lock_irq(&pring->ring_lock);
4610 __lpfc_dequeue_nport_iocbs(phba, ndlp, pring,
dequeue_list);
4611 spin_unlock_irq(&pring->ring_lock);
spin_lock_irq() is not nestable. It should just be
spin_lock(&pring->ring_lock); and we leave the IRQs as-is (locked).
4612 }
4613 spin_unlock_irq(&phba->hbalock);
4614 }
regards,
dan carpenter
ot;,
1794 ndlp->nlp_state);
^^^^^^^
Potential Oops.
1795
1796 /* No failure to an ABTS request. */
1797 return 0;
1798 }
regards,
dan carpenter
scsi_host_put(vn_port->host);
1567
regards,
dan carpenter
650 if (!dma_buf->iocbq) {
^^
Check.
651 kfree(dma_buf->context);
652 pci_pool_free(phba->lpfc_drb_pool, dma_buf->dbuf.virt,
regards,
dan carpenter
}
15192
15193 /* sanity check on queue memory */
15194 if (!hrq || !drq || !cq) {
^^^
Too late.
15195 status = -ENODEV;
15196 goto out;
regards,
dan carpenter
1022 goto out;
1023 }
1024
1025 QEDF_INFO(&(qedf->dbg_ctx), QEDF_LOG_CONN, "portid=%06x "
1026 "fw_cid=%08x handle=%d.\n",
fcport->rdata->ids.port_id,
1027 fcport->fw_cid, fcport->handle);
1028
1029 memset(&conn_info, 0, sizeof(struct qed_fcoe_params_offload));
1030
regards,
dan carpenter
p->wlun) {
4153 switch (*cmd) {
Unchecked dereference.
4154 case INQUIRY:
4155 case REQUEST_SENSE:
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
ply the patch with `cat email.txt | git am` and review
the changelog using the `git log` command.
https://www.google.com/search?q=how+to+send+a+v2+patch
Also the Signed-off-by line is wrong. It should have your full name.
There needs to be a space between the name and the email address.
regard
ne thread?
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
I never heard back on this. It still looks like a very serious bug
with security implications etc.
regards,
dan carpenter
On Mon, Jun 24, 2013 at 06:46:31PM +0300, Dan Carpenter wrote:
> My static checker complains about a possible array overflow in
> __iscsi_conn_send_pdu().
>
>
if_info->ip_addr.subnet_mask, ip_param->len);
957 }
These memcpy()s can overflow. It seems root only but it makes the
static checker complain.
One call tree is:
beiscsi_set_static_ip() <- gets iface_ip.
-> mgmt_set_ip()
-> m
This function is only called with a spin_lock held and IRQs disabled.
The allocation is not allowed to sleep and NOIO is not sufficient, it
has to be ATOMIC.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/xen-scsifront.c b/drivers/scsi/xen-scsifront.c
index 0aceb70..7e88659 100644
--- a
This code was confusing because we had an unsigned long and then we
compared it to UINT_MAX and then we stored it in a u16. How many bytes
is this supposed to have: 2, 4 or 16???
I've made it a u16 throughout.
Signed-off-by: Dan Carpenter
diff --git a/drivers/xen/xen-scsiback.c b/driver
1488
ioctl->data.ioctl_vda.data_length);
^
These additions have integer overflow bugs. It seems harmless to me,
but hopefully static checkers will eventually start complaining about
them.
1489 }
1490
1491
(eiter->a.host_name, sizeof(eiter->a.host_name),
2196 "%s", p_sysid->nodename);
We're chopping most of the hostname off. That seems bad.
2197 } else {
2198 snprintf(eiter->a.host_name, sizeof(eiter->a.host_name),
ame %s\n",
"freq-table-hz",
134 clki->min_freq, clki->max_freq,
clki->name);
135 list_add_tail(&clki->list, &hba->clk_list_head);
136 }
137 free_clkfreq:
138 kfree(clkfreq);
sage.
Don't use a goto out.
Don't forget to set an error code.
168 }
169
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
sure that
4755 * controller is reset
4756 */
4757 ufshcd_set_link_off(hba);
4758 }
4759
4760 out:
4761 return ret;
4762 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe l
s);
4476 hba->clk_gating.state = CLKS_ON;
4477 spin_unlock_irqrestore(hba->host->host_lock, flags);
4478 }
4479 return ret;
4480 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of
SYSTEM_PM);
5116 out:
5117 if (!ret)
5118 hba->is_sys_suspended = true;
^
New unchecked dereference. This is a One Err Bug caused by "out" label
style error handling.
5119 return ret;
5120 }
rega
We dereference "tl_nexus" to get the error code.
Fixes: 1b418a8fcbc0 ('target: Convert demo-mode only drivers to
target_alloc_session')
Signed-off-by: Dan Carpenter
diff --git a/drivers/target/loopback/tcm_loop.c
b/drivers/target/loopback/tcm_loop.c
index 0216c75..e0ffb03
^
597 bfa_trc(port->fcs, rport->pwwn);
598 return NULL;
599 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kern
The pg_updated variable is support to be set to zero at the start but
it is uninitialized.
Fixes: cb0a168cb6b8 ('scsi_dh_alua: update 'access_state' field')
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/device_handler/scsi_dh_alua.c
b/drivers/scsi/device_handler/
The pg_updated variable is support to be set to false at the start but
it is uninitialized.
Fixes: cb0a168cb6b8 ('scsi_dh_alua: update 'access_state' field')
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/device_handler/scsi_dh_alua.c
b/drivers/scsi/device_handler/
On Fri, Mar 11, 2016 at 11:50:30AM +0100, Hannes Reinecke wrote:
> On 03/11/2016 11:17 AM, Dan Carpenter wrote:
> > The pg_updated variable is support to be set to zero at the start but
> > it is uninitialized.
> >
> > Fixes: cb0a168cb6b8 ('scsi_dh_alua: update &
}
456
457 if (rport) {
^
The patch adds a check but too late. Probably just delete the check?
458 struct fc_rport_libfc_priv *rp = rport->dd_data;
459
regards,
dan carpenter
--
To unsubscribe from this list: send the line &q
The caller assumes that "itnim" is NULL on error and non-NULL on
success but really "itnim" is uninitialized on error. This
function should just use normal error handling where it returns zero on
success and negative on failure.
Signed-off-by: Dan Carpenter
---
Static checke
The caller assumes that "itnim" is NULL on error and non-NULL on
success but really "itnim" is uninitialized on error. This
function should just use normal error handling where it returns zero on
success and negative on failure.
Signed-off-by: Dan Carpenter
---
v2: fix u
pm8001_ha, circularQ, opc, &payload,
0);
4564 if (rc)
4565 pm8001_tag_free(pm8001_ha, tag);
4566 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
ptr, sizeof(struct
qla_mt_iocb_rsp_fx00));
2259
2260 res = bsg_job->reply->result = DID_OK << 16;
2261 bsg_job->reply->reply_payload_rcv_len =
2262 bsg_job->reply_payload.payload_len;
2263 }
2264 sp-&g
ILLEGAL_REQUEST, 0x10,
ascq);
856 scsi_set_sense_information(sc->sense_buffer,
857
SCSI_SENSE_BUFFERSIZE,
858 sector);
859
tion (although it's not needed by no means)?
It looks for if there is any possible way that it could be uninitialized
so that would solve the problem.
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
I'm getting a static checker warning:
drivers/target/target_core_sbc.c:1150 sbc_parse_cdb()
error: uninitialized variable 'size'.
It looks like a possible bug but wouldn't it have shown up in testing?
Anyway let's just silence it by setting size to zero.
Sig
This has only called from show_sas_rphy_enclosure_identifier(). The
caller expects that we set an identifier, otherwise it uses an
unintialized variable.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/hpsa.c b/drivers/scsi/hpsa.c
index 5be944c..25aa219 100644
--- a/drivers/scsi/hpsa.c
If ufshcd_dme_get() fails then "tx_lanes" can be uninitialized. I've
initialized it to zero so that the rest of the function turns into a
no-op in that situation.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/ufs/ufshcd.c b/drivers/scsi/ufs/ufshcd.c
index f8fa72c..6741d
Presumably it isn't possible to have empty lists here, but my static
checker doesn't know that and complains that "ep" can be used
uninitialized.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/bnx2i/bnx2i_iscsi.c b/drivers/scsi/bnx2i/bnx2i_iscsi.c
index 7289437..
It's possible to use "err" without initializing it. If it happens to be
a 2 which is SCSI_DH_RETRY then that could cause a bug.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/device_handler/scsi_dh_alua.c
b/drivers/scsi/device_handler/scsi_dh_alua.c
index 8eaed05..f3c99
It's possible to use "err" without initializing it. If it happens to be
a 2 which is SCSI_DH_RETRY then that could cause a bug. Bart Van Assche
pointed out that we should probably re-initialize it for every iteration
through the retry loop.
Signed-off-by: Dan Carpenter
--
On Thu, Apr 14, 2016 at 08:45:18AM -0700, Bart Van Assche wrote:
> On 04/14/2016 02:39 AM, Dan Carpenter wrote:
> >It's possible to use "err" without initializing it. If it happens to be
> >a 2 which is SCSI_DH_RETRY then that could cause a bug.
> >
> >
"ddb" is a number between 0-64. It can't ever be >= 0x. But the
static checker complains that since we're capping the upper bound, we
may as well cap the lower bound and disallow negatives as well.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/aic94xx/a
1016 if (!sh)
1017 return -ENODEV;
1018
1019 pnp_set_drvdata(pdev, sh);
1020 return 0;
1021 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-scsi" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
This missing break statement bug predates git. It's a very minor thing,
it means that we print a '?' instead of a 'z' in dmesg.
Signed-off-by: Dan Carpenter
diff --git a/drivers/scsi/eata_pio.c b/drivers/scsi/eata_pio.c
index ca8003f..4299fa4 100644
--- a/drivers/scsi
1 - 100 of 470 matches
Mail list logo
