Re: BUG: KASAN: global-out-of-bounds in ata_exec_internal_sg+0x50f/0xc70

From: Steven Rostedt
Date: Tue Jul 16 2019 - 14:57:21 EST

Next message: Peter Zijlstra: "Re: [PATCH] locking/rwsem: use read_acquire in read_slowpath exit when queue is empty"
Previous message: Pavel Machek: "Re: [PATCH v2] PM: QoS: Get rid of unused flags"
In reply to: Nick Desaulniers: "Re: BUG: KASAN: global-out-of-bounds in ata_exec_internal_sg+0x50f/0xc70"
Next in thread: Nick Desaulniers: "Re: BUG: KASAN: global-out-of-bounds in ata_exec_internal_sg+0x50f/0xc70"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 16 Jul 2019 11:28:29 -0700
Nick Desaulniers <ndesaulniers@xxxxxxxxxx> wrote:

> The cited code looks like a check comparing that the pointer distance
> is greater than the size of bytes being passed in. I'd wager
> someone's calling memmove with overlapping memory regions when they
> really wanted memcpy. Maybe a better question, is why was memmove
> ever used; if there was some invariant that the memory regions
> overlapped, why is that invariant no longer holding.

I'm confused by the above statement as memmove() allows overlapping of
src and dest, where as memcpy() does not.

-- Steve

Next message: Peter Zijlstra: "Re: [PATCH] locking/rwsem: use read_acquire in read_slowpath exit when queue is empty"
Previous message: Pavel Machek: "Re: [PATCH v2] PM: QoS: Get rid of unused flags"
In reply to: Nick Desaulniers: "Re: BUG: KASAN: global-out-of-bounds in ata_exec_internal_sg+0x50f/0xc70"
Next in thread: Nick Desaulniers: "Re: BUG: KASAN: global-out-of-bounds in ata_exec_internal_sg+0x50f/0xc70"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]