| Message ID | 1469647047-7544-3-git-send-email-jarod@redhat.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
On 7/27/2016 10:17 PM, Jarod Wilson wrote: > In set_umr_data_seg, there's a union between a 16-byte struct and a > 64-byte array, named data. The code then makes a memset() call on the > struct that is sizeof(array) - sizeof(struct) long, which results in > writing 48 bytes to a 16 byte container. Technically, we know this is > actually fine, because of the union, but to silence the warning, we can > just do the memset on the array instead. Same address, same result, but no > warning spew from coverity. > > CC: Yishai Hadas <yishaih@mellanox.com> > Signed-off-by: Jarod Wilson <jarod@redhat.com> > --- > src/qp.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/src/qp.c b/src/qp.c > index 51e1176..8bb66be 100644 > --- a/src/qp.c > +++ b/src/qp.c > @@ -426,7 +426,7 @@ static void set_umr_data_seg(struct mlx5_qp *qp, enum ibv_mw_type type, > data->klm.mkey = htonl(bind_info->mr->lkey); > data->klm.address = htonll(bind_info->addr); > > - memset(&data->klm + 1, 0, sizeof(data->reserved) - > + memset(&data->reserved + 1, 0, sizeof(data->reserved) - > sizeof(data->klm)); As you pointed out this is false alarm, code is correct. Your suggestion seems wrong as it skipped size of 'reserved' instead of size of 'klm' (i.e. 16 bytes), isn't it ? > *seg += sizeof(*data); > -- To unsubscribe from this list: send the line "unsubscribe linux-rdma" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/src/qp.c b/src/qp.c index 51e1176..8bb66be 100644 --- a/src/qp.c +++ b/src/qp.c @@ -426,7 +426,7 @@ static void set_umr_data_seg(struct mlx5_qp *qp, enum ibv_mw_type type, data->klm.mkey = htonl(bind_info->mr->lkey); data->klm.address = htonll(bind_info->addr); - memset(&data->klm + 1, 0, sizeof(data->reserved) - + memset(&data->reserved + 1, 0, sizeof(data->reserved) - sizeof(data->klm)); *seg += sizeof(*data);
In set_umr_data_seg, there's a union between a 16-byte struct and a 64-byte array, named data. The code then makes a memset() call on the struct that is sizeof(array) - sizeof(struct) long, which results in writing 48 bytes to a 16 byte container. Technically, we know this is actually fine, because of the union, but to silence the warning, we can just do the memset on the array instead. Same address, same result, but no warning spew from coverity. CC: Yishai Hadas <yishaih@mellanox.com> Signed-off-by: Jarod Wilson <jarod@redhat.com> --- src/qp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)