2021-12-07 13:55:49

by Guo Zhengkui

[permalink] [raw]
Subject: [PATCH] usb: core: hcd: fix bug: application of sizeof to pointer

Fix following error:
./drivers/usb/core/hcd.c:1284:38-44: ERROR:
application of sizeof to pointer.

Use sizeof(*vaddr) instead.

Signed-off-by: Guo Zhengkui <[email protected]>
---
drivers/usb/core/hcd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
index 4d326ee12c36..996d5273cf60 100644
--- a/drivers/usb/core/hcd.c
+++ b/drivers/usb/core/hcd.c
@@ -1281,7 +1281,7 @@ static int hcd_alloc_coherent(struct usb_bus *bus,
return -EFAULT;
}

- vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
+ vaddr = hcd_buffer_alloc(bus, size + sizeof(*vaddr),
mem_flags, dma_handle);
if (!vaddr)
return -ENOMEM;
--
2.20.1



2021-12-07 14:40:46

by Greg Kroah-Hartman

[permalink] [raw]
Subject: Re: [PATCH] usb: core: hcd: fix bug: application of sizeof to pointer

On Tue, Dec 07, 2021 at 09:53:47PM +0800, Guo Zhengkui wrote:
> Fix following error:
> ./drivers/usb/core/hcd.c:1284:38-44: ERROR:
> application of sizeof to pointer.

What generated this error?

>
> Use sizeof(*vaddr) instead.
>
> Signed-off-by: Guo Zhengkui <[email protected]>
> ---
> drivers/usb/core/hcd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
> index 4d326ee12c36..996d5273cf60 100644
> --- a/drivers/usb/core/hcd.c
> +++ b/drivers/usb/core/hcd.c
> @@ -1281,7 +1281,7 @@ static int hcd_alloc_coherent(struct usb_bus *bus,
> return -EFAULT;
> }
>
> - vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
> + vaddr = hcd_buffer_alloc(bus, size + sizeof(*vaddr),

I think you just broke the code.

Look at this closer and see what the function is doing with this buffer
and if you still think your patch is correct, please rewrite the
changelog text to explain why it is so (hint, just using the output of
coccinelle isn't ok.)

thanks,

greg k-h

2021-12-07 22:21:08

by Alan Stern

[permalink] [raw]
Subject: Re: [PATCH] usb: core: hcd: fix bug: application of sizeof to pointer

On Tue, Dec 07, 2021 at 03:40:37PM +0100, Greg Kroah-Hartman wrote:
> On Tue, Dec 07, 2021 at 09:53:47PM +0800, Guo Zhengkui wrote:
> > Fix following error:
> > ./drivers/usb/core/hcd.c:1284:38-44: ERROR:
> > application of sizeof to pointer.
>
> What generated this error?
>
> >
> > Use sizeof(*vaddr) instead.
> >
> > Signed-off-by: Guo Zhengkui <[email protected]>
> > ---
> > drivers/usb/core/hcd.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
> > index 4d326ee12c36..996d5273cf60 100644
> > --- a/drivers/usb/core/hcd.c
> > +++ b/drivers/usb/core/hcd.c
> > @@ -1281,7 +1281,7 @@ static int hcd_alloc_coherent(struct usb_bus *bus,
> > return -EFAULT;
> > }
> >
> > - vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
> > + vaddr = hcd_buffer_alloc(bus, size + sizeof(*vaddr),
>
> I think you just broke the code.
>
> Look at this closer and see what the function is doing with this buffer
> and if you still think your patch is correct, please rewrite the
> changelog text to explain why it is so (hint, just using the output of
> coccinelle isn't ok.)

Although the patch is definitely wrong, the code could stand to be
improved. The value stored at the end of the buffer is *vaddr_handle
converted to an unsigned long, but the space reserved for this value is
sizeof(vaddr) -- which doesn't make much sense since vaddr is a pointer
to unsigned char. The code implicitly relies on the fact that unsigned
long takes up the same amount of space as a pointer.

Readers wouldn't have to stop and figure this out if the amount of
reserved space was simply set to sizeof(unsigned long) rather than
sizeof(vaddr).

Alan Stern

2021-12-08 03:00:52

by Guo Zhengkui

[permalink] [raw]
Subject: Re: [PATCH] usb: core: hcd: fix bug: application of sizeof to pointer

On 2021/12/8 6:21, Alan Stern wrote:
> On Tue, Dec 07, 2021 at 03:40:37PM +0100, Greg Kroah-Hartman wrote:
>> On Tue, Dec 07, 2021 at 09:53:47PM +0800, Guo Zhengkui wrote:
>>> Fix following error:
>>> ./drivers/usb/core/hcd.c:1284:38-44: ERROR:
>>> application of sizeof to pointer.
>>
>> What generated this error?
>>
>>>
>>> Use sizeof(*vaddr) instead.
>>>
>>> Signed-off-by: Guo Zhengkui <[email protected]>
>>> ---
>>> drivers/usb/core/hcd.c | 2 +-
>>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
>>> index 4d326ee12c36..996d5273cf60 100644
>>> --- a/drivers/usb/core/hcd.c
>>> +++ b/drivers/usb/core/hcd.c
>>> @@ -1281,7 +1281,7 @@ static int hcd_alloc_coherent(struct usb_bus *bus,
>>> return -EFAULT;
>>> }
>>>
>>> - vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
>>> + vaddr = hcd_buffer_alloc(bus, size + sizeof(*vaddr),
>>
>> I think you just broke the code.
>>
>> Look at this closer and see what the function is doing with this buffer
>> and if you still think your patch is correct, please rewrite the
>> changelog text to explain why it is so (hint, just using the output of
>> coccinelle isn't ok.)
>

Sorry for my carelessness. It should be sizeof(vaddr).

> Although the patch is definitely wrong, the code could stand to be
> improved. The value stored at the end of the buffer is *vaddr_handle
> converted to an unsigned long, but the space reserved for this value is
> sizeof(vaddr) -- which doesn't make much sense since vaddr is a pointer
> to unsigned char. The code implicitly relies on the fact that unsigned
> long takes up the same amount of space as a pointer.
>
> Readers wouldn't have to stop and figure this out if the amount of
> reserved space was simply set to sizeof(unsigned long) rather than
> sizeof(vaddr).

OK, I will commit another patch to fix this problem. Do you mind I add a
"Suggested-by" tag of your name (Alan Stern) in this new patch?

Zhengkui

>
> Alan Stern
>

2021-12-08 05:44:08

by Greg Kroah-Hartman

[permalink] [raw]
Subject: Re: [PATCH] usb: core: hcd: fix bug: application of sizeof to pointer

On Tue, Dec 07, 2021 at 05:21:05PM -0500, Alan Stern wrote:
> On Tue, Dec 07, 2021 at 03:40:37PM +0100, Greg Kroah-Hartman wrote:
> > On Tue, Dec 07, 2021 at 09:53:47PM +0800, Guo Zhengkui wrote:
> > > Fix following error:
> > > ./drivers/usb/core/hcd.c:1284:38-44: ERROR:
> > > application of sizeof to pointer.
> >
> > What generated this error?
> >
> > >
> > > Use sizeof(*vaddr) instead.
> > >
> > > Signed-off-by: Guo Zhengkui <[email protected]>
> > > ---
> > > drivers/usb/core/hcd.c | 2 +-
> > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
> > > index 4d326ee12c36..996d5273cf60 100644
> > > --- a/drivers/usb/core/hcd.c
> > > +++ b/drivers/usb/core/hcd.c
> > > @@ -1281,7 +1281,7 @@ static int hcd_alloc_coherent(struct usb_bus *bus,
> > > return -EFAULT;
> > > }
> > >
> > > - vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
> > > + vaddr = hcd_buffer_alloc(bus, size + sizeof(*vaddr),
> >
> > I think you just broke the code.
> >
> > Look at this closer and see what the function is doing with this buffer
> > and if you still think your patch is correct, please rewrite the
> > changelog text to explain why it is so (hint, just using the output of
> > coccinelle isn't ok.)
>
> Although the patch is definitely wrong, the code could stand to be
> improved. The value stored at the end of the buffer is *vaddr_handle
> converted to an unsigned long, but the space reserved for this value is
> sizeof(vaddr) -- which doesn't make much sense since vaddr is a pointer
> to unsigned char. The code implicitly relies on the fact that unsigned
> long takes up the same amount of space as a pointer.

Linux requires that an unsigned long is the same size as a pointer, so
this is not a new requirement that is unique to this function :)

thanks,

greg k-h

2021-12-08 21:36:58

by Alan Stern

[permalink] [raw]
Subject: Re: [PATCH] usb: core: hcd: fix bug: application of sizeof to pointer

On Wed, Dec 08, 2021 at 11:00:41AM +0800, Guo Zhengkui wrote:
> On 2021/12/8 6:21, Alan Stern wrote:
> > On Tue, Dec 07, 2021 at 03:40:37PM +0100, Greg Kroah-Hartman wrote:
> > > On Tue, Dec 07, 2021 at 09:53:47PM +0800, Guo Zhengkui wrote:
> > > > Fix following error:
> > > > ./drivers/usb/core/hcd.c:1284:38-44: ERROR:
> > > > application of sizeof to pointer.
> > >
> > > What generated this error?
> > >
> > > >
> > > > Use sizeof(*vaddr) instead.
> > > >
> > > > Signed-off-by: Guo Zhengkui <[email protected]>
> > > > ---
> > > > drivers/usb/core/hcd.c | 2 +-
> > > > 1 file changed, 1 insertion(+), 1 deletion(-)
> > > >
> > > > diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
> > > > index 4d326ee12c36..996d5273cf60 100644
> > > > --- a/drivers/usb/core/hcd.c
> > > > +++ b/drivers/usb/core/hcd.c
> > > > @@ -1281,7 +1281,7 @@ static int hcd_alloc_coherent(struct usb_bus *bus,
> > > > return -EFAULT;
> > > > }
> > > > - vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
> > > > + vaddr = hcd_buffer_alloc(bus, size + sizeof(*vaddr),
> > >
> > > I think you just broke the code.
> > >
> > > Look at this closer and see what the function is doing with this buffer
> > > and if you still think your patch is correct, please rewrite the
> > > changelog text to explain why it is so (hint, just using the output of
> > > coccinelle isn't ok.)
> >
>
> Sorry for my carelessness. It should be sizeof(vaddr).
>
> > Although the patch is definitely wrong, the code could stand to be
> > improved. The value stored at the end of the buffer is *vaddr_handle
> > converted to an unsigned long, but the space reserved for this value is
> > sizeof(vaddr) -- which doesn't make much sense since vaddr is a pointer
> > to unsigned char. The code implicitly relies on the fact that unsigned
> > long takes up the same amount of space as a pointer.
> >
> > Readers wouldn't have to stop and figure this out if the amount of
> > reserved space was simply set to sizeof(unsigned long) rather than
> > sizeof(vaddr).
>
> OK, I will commit another patch to fix this problem. Do you mind I add a
> "Suggested-by" tag of your name (Alan Stern) in this new patch?

That's fine.

Alan Stern

2021-12-09 06:26:09

by Guo Zhengkui

[permalink] [raw]
Subject: [PATCH] usb: core: hcd: change sizeof(vaddr) to sizeof(unsigned long)

`vaddr` is a pointer to unsigned char. sizeof(vaddr) here intends
to get the size of a pointer. But readers may get confused. Change
sizeof(vaddr) to sizeof(unsigned long) makes more sense.

Suggested-by: Alan Stern <[email protected]>
Signed-off-by: Guo Zhengkui <[email protected]>
---
drivers/usb/core/hcd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c
index 4d326ee12c36..9ffc63ae65ac 100644
--- a/drivers/usb/core/hcd.c
+++ b/drivers/usb/core/hcd.c
@@ -1281,7 +1281,7 @@ static int hcd_alloc_coherent(struct usb_bus *bus,
return -EFAULT;
}

- vaddr = hcd_buffer_alloc(bus, size + sizeof(vaddr),
+ vaddr = hcd_buffer_alloc(bus, size + sizeof(unsigned long),
mem_flags, dma_handle);
if (!vaddr)
return -ENOMEM;
--
2.20.1