[bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload

linux-scsi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload
@ 2020-07-10 14:14 dan.carpenter
  2020-07-13 16:25 ` Varun Prakash
  0 siblings, 1 reply; 6+ messages in thread
From: dan.carpenter @ 2020-07-10 14:14 UTC (permalink / raw)
  To: varun; +Cc: linux-scsi

Hello Varun Prakash,

This is a semi-automatic email about new static checker warnings.

The patch e33c2482289b: "scsi: cxgb4i: Add support for iSCSI
segmentation offload" from Jun 29, 2020, leads to the following
Smatch complaint:

    drivers/scsi/cxgbi/libcxgbi.c:1892 cxgbi_conn_alloc_pdu()
    warn: variable dereferenced before check 'cconn' (see line 1891)

drivers/scsi/cxgbi/libcxgbi.c
  1890		struct cxgbi_conn *cconn = tcp_conn->dd_data;
  1891		struct cxgbi_device *cdev = cconn->chba->cdev;
                                            ^^^^^^^^^^^
Unchecked dereference in old code.

  1892		struct cxgbi_sock *csk = (cconn && cconn->cep) ? cconn->cep->csk : NULL;
                                          ^^^^^
New code adds a check for NULL but it's too late.

  1893		struct iscsi_tcp_task *tcp_task = task->dd_data;
  1894		struct cxgbi_task_data *tdata = iscsi_task_cxgbi_data(task);

regards,
dan carpenter

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload
  2020-07-10 14:14 [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload dan.carpenter
@ 2020-07-13 16:25 ` Varun Prakash
  0 siblings, 0 replies; 6+ messages in thread
From: Varun Prakash @ 2020-07-13 16:25 UTC (permalink / raw)
  To: dan.carpenter; +Cc: linux-scsi, varun

On Fri, Jul 10, 2020 at 05:14:54PM +0300, dan.carpenter@oracle.com wrote:
> Hello Varun Prakash,
> 
> This is a semi-automatic email about new static checker warnings.
> 
> The patch e33c2482289b: "scsi: cxgb4i: Add support for iSCSI
> segmentation offload" from Jun 29, 2020, leads to the following
> Smatch complaint:
> 
>     drivers/scsi/cxgbi/libcxgbi.c:1892 cxgbi_conn_alloc_pdu()
>     warn: variable dereferenced before check 'cconn' (see line 1891)
> 
> drivers/scsi/cxgbi/libcxgbi.c
>   1890		struct cxgbi_conn *cconn = tcp_conn->dd_data;
>   1891		struct cxgbi_device *cdev = cconn->chba->cdev;
>                                             ^^^^^^^^^^^
> Unchecked dereference in old code.
> 
>   1892		struct cxgbi_sock *csk = (cconn && cconn->cep) ? cconn->cep->csk : NULL;
>                                           ^^^^^
> New code adds a check for NULL but it's too late.

cconn will never be NULL, I will post a patch to remove this NULL check.

> 
>   1893		struct iscsi_tcp_task *tcp_task = task->dd_data;
>   1894		struct cxgbi_task_data *tdata = iscsi_task_cxgbi_data(task);

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload
@ 2020-07-20 10:28 dan.carpenter
  0 siblings, 0 replies; 6+ messages in thread
From: dan.carpenter @ 2020-07-20 10:28 UTC (permalink / raw)
  To: varun; +Cc: linux-scsi

Hello Varun Prakash,

The patch e33c2482289b: "scsi: cxgb4i: Add support for iSCSI
segmentation offload" from Jun 29, 2020, leads to the following
static checker warning:

drivers/scsi/cxgbi/libcxgbi.c:1902 cxgbi_conn_alloc_pdu() warn: 'tdata' can't be NULL.
drivers/scsi/cxgbi/libcxgbi.c:2158 cxgbi_conn_init_pdu() warn: 'tdata' can't be NULL.
drivers/scsi/cxgbi/libcxgbi.c:2374 cxgbi_conn_xmit_pdu() warn: 'tdata' can't be NULL.

drivers/scsi/cxgbi/libcxgbi.c
  1885  int cxgbi_conn_alloc_pdu(struct iscsi_task *task, u8 op)
  1886  {
  1887          struct iscsi_conn *conn = task->conn;
  1888          struct iscsi_session *session = task->conn->session;
  1889          struct iscsi_tcp_conn *tcp_conn = conn->dd_data;
  1890          struct cxgbi_conn *cconn = tcp_conn->dd_data;
  1891          struct cxgbi_device *cdev = cconn->chba->cdev;
  1892          struct cxgbi_sock *csk = cconn->cep ? cconn->cep->csk : NULL;
  1893          struct iscsi_tcp_task *tcp_task = task->dd_data;
  1894          struct cxgbi_task_data *tdata = iscsi_task_cxgbi_data(task);
                                        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
#define iscsi_task_cxgbi_data(task) \
        ((task)->dd_data + sizeof(struct iscsi_tcp_task))

  1895          struct scsi_cmnd *sc = task->sc;
  1896          u32 headroom = SKB_TX_ISCSI_PDU_HEADER_MAX;
  1897          u32 max_txdata_len = conn->max_xmit_dlength;
  1898          u32 iso_tx_rsvd = 0, local_iso_info = 0;
  1899          u32 last_tdata_offset, last_tdata_count;
  1900          int err = 0;
  1901  
  1902          if (!tcp_task || !tdata) {
                                 ^^^^^^
If ->dd_data is negative sizeof(struct iscsi_tcp_task) then we are
toasted.  That's an error pointer.  These sorts of extra NULL checking
generate a warning because maybe we intended to check a different
variable or IS_ERR(task->dd_data) or something.  The checker can't know.

  1903                  pr_err("task 0x%p, tcp_task 0x%p, tdata 0x%p.\n",
  1904                         task, tcp_task, tdata);
  1905                  return -ENOMEM;
  1906          }

regards,
dan carpenter

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload
  2020-07-10 14:29 ` Dan Carpenter
@ 2020-07-13 16:41   ` Varun Prakash
  0 siblings, 0 replies; 6+ messages in thread
From: Varun Prakash @ 2020-07-13 16:41 UTC (permalink / raw)
  To: Dan Carpenter; +Cc: linux-scsi, varun

On Fri, Jul 10, 2020 at 05:29:03PM +0300, Dan Carpenter wrote:
> On Fri, Jul 10, 2020 at 05:17:29PM +0300, dan.carpenter@oracle.com wrote:
> > Hello Varun Prakash,
> > 
> > This is a semi-automatic email about new static checker warnings.
> > 
> > The patch e33c2482289b: "scsi: cxgb4i: Add support for iSCSI 
> > segmentation offload" from Jun 29, 2020, leads to the following 
> > Smatch complaint:
> > 
> >     drivers/scsi/cxgbi/libcxgbi.c:2158 cxgbi_conn_init_pdu()
> >     warn: variable dereferenced before check 'tdata' (see line 2150)
> > 
> 
> Same issue in cxgbi_conn_xmit_pdu() as well.
> 
> drivers/scsi/cxgbi/libcxgbi.c:2374 cxgbi_conn_xmit_pdu() warn: variable dereferenced before check 'tdata' (see line 2368)

Patch is already posted for this issue
https://patchwork.kernel.org/patch/11654403/

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload
  2020-07-10 14:17 dan.carpenter
@ 2020-07-10 14:29 ` Dan Carpenter
  2020-07-13 16:41   ` Varun Prakash
  0 siblings, 1 reply; 6+ messages in thread
From: Dan Carpenter @ 2020-07-10 14:29 UTC (permalink / raw)
  To: varun; +Cc: linux-scsi

On Fri, Jul 10, 2020 at 05:17:29PM +0300, dan.carpenter@oracle.com wrote:
> Hello Varun Prakash,
> 
> This is a semi-automatic email about new static checker warnings.
> 
> The patch e33c2482289b: "scsi: cxgb4i: Add support for iSCSI 
> segmentation offload" from Jun 29, 2020, leads to the following 
> Smatch complaint:
> 
>     drivers/scsi/cxgbi/libcxgbi.c:2158 cxgbi_conn_init_pdu()
>     warn: variable dereferenced before check 'tdata' (see line 2150)
> 

Same issue in cxgbi_conn_xmit_pdu() as well.

drivers/scsi/cxgbi/libcxgbi.c:2374 cxgbi_conn_xmit_pdu() warn: variable dereferenced before check 'tdata' (see line 2368)

regards,
dan carpenter


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload
@ 2020-07-10 14:17 dan.carpenter
  2020-07-10 14:29 ` Dan Carpenter
  0 siblings, 1 reply; 6+ messages in thread
From: dan.carpenter @ 2020-07-10 14:17 UTC (permalink / raw)
  To: varun; +Cc: linux-scsi

Hello Varun Prakash,

This is a semi-automatic email about new static checker warnings.

The patch e33c2482289b: "scsi: cxgb4i: Add support for iSCSI 
segmentation offload" from Jun 29, 2020, leads to the following 
Smatch complaint:

    drivers/scsi/cxgbi/libcxgbi.c:2158 cxgbi_conn_init_pdu()
    warn: variable dereferenced before check 'tdata' (see line 2150)

drivers/scsi/cxgbi/libcxgbi.c
  2149		struct cxgbi_task_data *tdata = iscsi_task_cxgbi_data(task);
  2150		struct sk_buff *skb = tdata->skb;
                                      ^^^^^^^^^^
The old code doesn't check for NULL.

  2151		struct scsi_cmnd *sc = task->sc;
  2152		u32 expected_count, expected_offset;
  2153		u32 datalen = count, dlimit = 0;
  2154		u32 i, padlen = iscsi_padding(count);
  2155		struct page *pg;
  2156		int err;
  2157	
  2158		if (!tcp_task || !tdata || tcp_task->dd_data != tdata) {
                                 ^^^^^^
The new check is too late.

  2159			pr_err("task 0x%p,0x%p, tcp_task 0x%p, tdata 0x%p/0x%p.\n",
  2160			       task, task->sc, tcp_task,

regards,
dan carpenter

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2020-07-20 10:28 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-10 14:14 [bug report] scsi: cxgb4i: Add support for iSCSI segmentation offload dan.carpenter
2020-07-13 16:25 ` Varun Prakash
2020-07-10 14:17 dan.carpenter
2020-07-10 14:29 ` Dan Carpenter
2020-07-13 16:41   ` Varun Prakash
2020-07-20 10:28 dan.carpenter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).