On 5/1/19 1:01 PM, Bruce Rogers wrote:
> While investigating link-time-optimization, the compiler complained as
> follows:
> In function ‘scsi_disk_new_request_dump’,
> inlined from ‘scsi_new_request.part.24’ at hw/scsi/scsi-disk.c:2549:9,
> inlined from ‘scsi_new_request’ at hw/scsi/scsi-disk.c:2533:21:
> hw/scsi/scsi-disk.c:2523:19: error: argument 1 value ‘18446744073709551612’
> exceeds maximum object size 9223372036854775807
> [-Werror=alloc-size-larger-than=]
> hw/scsi/scsi-disk.c: In function ‘scsi_new_request’:
> /usr/include/glib-2.0/glib/gmem.h:78:10: note: in a call to allocation
> function ‘g_malloc’ declared here
> gpointer g_malloc (gsize n_bytes) G_GNUC_MALLOC
> G_GNUC_ALLOC_SIZE(1);
>
> Asserting that len is positive avoids this diagnostic. This assert is
> reasonable since the error case of scsi_cdb_length() has already been
> handled by a previous call to that function.
>
> Signed-off-by: Bruce Rogers <brog...@suse.com>
> ---
> hw/scsi/scsi-disk.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
> index e7e865ab3b..ac180fdddf 100644
> --- a/hw/scsi/scsi-disk.c
> +++ b/hw/scsi/scsi-disk.c
> @@ -2520,6 +2520,7 @@ static void scsi_disk_new_request_dump(uint32_t lun,
> uint32_t tag, uint8_t *buf)
> int len = scsi_cdb_length(buf);
> char *line_buffer, *p;
>
> + assert(len > 0);
> line_buffer = g_malloc(len * 5 + 1);
>
> for (i = 0, p = line_buffer; i < len; i++) {
>
Reviewed-by: John Snow <js...@redhat.com>