1. Patchew
  2. linux
  3. View series

[PATCH v3] scsi: scsi_debug: fix one-partition tape setup bounds

Samuel Moelius posted 1 patch 3 days, 6 hours ago 
drivers/scsi/scsi_debug.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH v3] scsi: scsi_debug: fix one-partition tape setup bounds
Posted by Samuel Moelius 3 days, 6 hours ago 
The tape setup path uses one tape_block entry as the end-of-data marker
after the usable tape blocks. For the one-partition layout, partition 0
uses all TAPE_UNITS data slots and partition 1's marker is written at
tape_blocks[0] + TAPE_UNITS.

Only TAPE_UNITS entries are allocated, so that marker write is one
element past the allocation during device initialization before any
command is issued.

Allocate one extra tape_block entry for the marker. This keeps the
existing partitioning paths unchanged while providing backing storage for
the sentinel.

Assisted-by: Codex:gpt-5.5-cyber-preview
Signed-off-by: Samuel Moelius <sam.moelius@trailofbits.com>
---
Changes in v3
  - Use TAPE_UNITS + 1 approach
Changes in v2
  - Fixed handling of part_1_size == 0 case

 drivers/scsi/scsi_debug.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/scsi/scsi_debug.c b/drivers/scsi/scsi_debug.c
index 1515495fd9ea..38fedfa3cefe 100644
--- a/drivers/scsi/scsi_debug.c
+++ b/drivers/scsi/scsi_debug.c
@@ -6648,7 +6648,7 @@ static int scsi_debug_sdev_configure(struct scsi_device *sdp,
 	if (sdebug_ptype == TYPE_TAPE) {
 		if (!devip->tape_blocks[0]) {
 			devip->tape_blocks[0] =
-				kzalloc_objs(struct tape_block, TAPE_UNITS);
+				kzalloc_objs(struct tape_block, TAPE_UNITS + 1);
 			if (!devip->tape_blocks[0])
 				return 1;
 		}
-- 
2.43.0
Re: [PATCH v3] scsi: scsi_debug: fix one-partition tape setup bounds
Posted by "Kai Mäkisara (Kolumbus)" 3 days ago 

> On 5. Jun 2026, at 2.43, Samuel Moelius <sam.moelius@trailofbits.com> wrote:
> 
> The tape setup path uses one tape_block entry as the end-of-data marker
> after the usable tape blocks. For the one-partition layout, partition 0
> uses all TAPE_UNITS data slots and partition 1's marker is written at
> tape_blocks[0] + TAPE_UNITS.
> 
> Only TAPE_UNITS entries are allocated, so that marker write is one
> element past the allocation during device initialization before any
> command is issued.
> 
> Allocate one extra tape_block entry for the marker. This keeps the
> existing partitioning paths unchanged while providing backing storage for
> the sentinel.
> 
> Assisted-by: Codex:gpt-5.5-cyber-preview
> Signed-off-by: Samuel Moelius <sam.moelius@trailofbits.com>
> ---
> Changes in v3
>  - Use TAPE_UNITS + 1 approach

Reviewed-by: Kai Mäkisara <Kai.Makisara@kolumbus.fi <mailto:Kai.Makisara@kolumbus.fi>>

Thanks, Kai

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.