If it's possible to turn on all the optional attributes, there are more attributes than the length of array i->private_host_attrs[], so the last one will be out-of-bounds. (There is a BUG_ON there, but it's after the write, rather than before). Signed-off-by: Roel Kluin <roel.kluin@xxxxxxxxx> --- Found with Parfait, http://research.sun.com/projects/parfait/ in fc_attach_transport() ... count=0; 14 x SETUP_HOST_ATTRIBUTE_RD() if (ft->vport_create) 2 x SETUP_HOST_ATTRIBUTE_RD_NS() 1 x SETUP_HOST_ATTRIBUTE_RW() 1 - 4 x SETUP_PRIVATE_HOST_ATTRIBUTE_RW() all these definitions set private_host_attrs[count] (21 elements) and increase the index count thereafter. diff --git a/drivers/scsi/scsi_transport_fc.c b/drivers/scsi/scsi_transport_fc.c index 292c02f..8092e56 100644 --- a/drivers/scsi/scsi_transport_fc.c +++ b/drivers/scsi/scsi_transport_fc.c @@ -2123,8 +2123,12 @@ fc_attach_transport(struct fc_function_template *ft) SETUP_PRIVATE_HOST_ATTRIBUTE_RW(issue_lip); if (ft->vport_create) SETUP_PRIVATE_HOST_ATTRIBUTE_RW(vport_create); - if (ft->vport_delete) - SETUP_PRIVATE_HOST_ATTRIBUTE_RW(vport_delete); + if (ft->vport_delete) { + if(count < FC_HOST_NUM_ATTRS) + SETUP_PRIVATE_HOST_ATTRIBUTE_RW(vport_delete); + else + count++; + } BUG_ON(count > FC_HOST_NUM_ATTRS); -- To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
