drivers/scsi/sd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The return value from the call to scsi_execute_cmd() is int. However, the
return value is being assigned to an unsigned int variable 'the_result',
so making 'the_result' an int.
./drivers/scsi/sd.c:2333:6-16: WARNING: Unsigned expression compared with zero: the_result > 0.
Reported-by: Abaci Robot <abaci@linux.alibaba.com>
Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=9463
Signed-off-by: Jiapeng Chong <jiapeng.chong@linux.alibaba.com>
---
drivers/scsi/sd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
index 979795dad62b..ade8c6cca295 100644
--- a/drivers/scsi/sd.c
+++ b/drivers/scsi/sd.c
@@ -2396,7 +2396,7 @@ sd_spinup_disk(struct scsi_disk *sdkp)
static const u8 cmd[10] = { TEST_UNIT_READY };
unsigned long spintime_expire = 0;
int spintime, sense_valid = 0;
- unsigned int the_result;
+ int the_result;
struct scsi_sense_hdr sshdr;
struct scsi_failure failure_defs[] = {
/* Do not retry Medium Not Present */
--
2.20.1.7.g153144cThis title should really be more precise, like "Fix unsigned expression
compared with zero in sd_spinup_disk()"
On 01/07/2024 10:06, Jiapeng Chong wrote:
+ Mike
> The return value from the call to scsi_execute_cmd() is int. However, the
> return value is being assigned to an unsigned int variable 'the_result',
> so making 'the_result' an int.
an "so making 'the_result' effectively an unsigned int", right?
>
> ./drivers/scsi/sd.c:2333:6-16: WARNING: Unsigned expression compared with zero: the_result > 0.
>
> Reported-by: Abaci Robot <abaci@linux.alibaba.com>
> Closes: https://urldefense.com/v3/__https://bugzilla.openanolis.cn/show_bug.cgi?id=9463__;!!ACWV5N9M2RV99hQ!MVk0tuPkuuYZTeD-oVg7RYLVba7HwHVUjWCL2CLavSPrJmuO4MSCUNQ0vqjbCSIKBN8eonwTlU4FxKD3vmHQQhN2YUhbLcnJ$
> Signed-off-by: Jiapeng Chong <jiapeng.chong@linux.alibaba.com>
Looks ok, but Mike can hopefully double-check:
Reviewed-by: John Garry <john.g.garry@oracle.com>
> ---
> drivers/scsi/sd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
> index 979795dad62b..ade8c6cca295 100644
> --- a/drivers/scsi/sd.c
> +++ b/drivers/scsi/sd.c
> @@ -2396,7 +2396,7 @@ sd_spinup_disk(struct scsi_disk *sdkp)
> static const u8 cmd[10] = { TEST_UNIT_READY };
> unsigned long spintime_expire = 0;
> int spintime, sense_valid = 0;
> - unsigned int the_result;
> + int the_result;
> struct scsi_sense_hdr sshdr;
> struct scsi_failure failure_defs[] = {
> /* Do not retry Medium Not Present */
On 7/1/24 2:06 AM, Jiapeng Chong wrote: > The return value from the call to scsi_execute_cmd() is int. However, the > return value is being assigned to an unsigned int variable 'the_result', > so making 'the_result' an int. Please explain the full effect of this patch in the patch description. I think this patch causes a potential read of uninitialized data (sshdr) to be skipped if scsi_execute_cmd() returns a negative value. Do you agree with this? Thanks, Bart.
On 7/1/24 2:06 AM, Jiapeng Chong wrote: > The return value from the call to scsi_execute_cmd() is int. However, the > return value is being assigned to an unsigned int variable 'the_result', > so making 'the_result' an int. > > ./drivers/scsi/sd.c:2333:6-16: WARNING: Unsigned expression compared with zero: the_result > 0. Since this is a bug fix, please add Cc: stable and Fixes: tags. Thanks, Bart.
© 2016 - 2025 Red Hat, Inc.