Hello Ursula Braun, The patch 0cfdd8f92cac: "smc: connection and link group creation" from Jan 9, 2017, leads to the following static checker warning: net/smc/smc_clc.c:202 smc_clc_send_confirm() error: __memcpy() '&cclc.lcl.mac' too small (6 vs 12) net/smc/smc_clc.c 181 /* send CLC CONFIRM message across internal TCP socket */ 182 int smc_clc_send_confirm(struct smc_sock *smc) 183 { 184 struct smc_connection *conn = &smc->conn; 185 struct smc_clc_msg_accept_confirm cclc; 186 struct smc_link *link; 187 int reason_code = 0; 188 struct msghdr msg; 189 struct kvec vec; 190 int len; 191 192 link = &conn->lgr->lnk[SMC_SINGLE_LINK]; 193 /* send SMC Confirm CLC msg */ 194 memset(&cclc, 0, sizeof(cclc)); 195 memcpy(cclc.hdr.eyecatcher, SMC_EYECATCHER, sizeof(SMC_EYECATCHER)); 196 cclc.hdr.type = SMC_CLC_CONFIRM; 197 cclc.hdr.length = htons(sizeof(cclc)); 198 cclc.hdr.version = SMC_CLC_V1; /* SMC version */ 199 memcpy(cclc.lcl.id_for_peer, local_systemid, sizeof(local_systemid)); 200 memcpy(&cclc.lcl.gid, &link->smcibdev->gid[link->ibport - 1], 201 SMC_GID_SIZE); 202 memcpy(&cclc.lcl.mac, &link->smcibdev->mac[link->ibport - 1], 203 sizeof(link->smcibdev->mac)); We are corrupting the top bits of link here. Or maybe there is padding? 204 hton24(cclc.qpn, link->roce_qp->qp_num); 205 cclc.rmb_rkey = 206 htonl(conn->rmb_desc->mr_rx[SMC_SINGLE_LINK]->rkey); regards, dan carpenter -- To unsubscribe from this list: send the line "unsubscribe linux-s390" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html