drivers/tty/goldfish.c:95:12-13: WARNING opportunity for min()
by kernel test robot
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Denis Efremov <efremov(a)linux.com>
CC: Julia Lawall <Julia.Lawall(a)inria.fr>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 74164d284b2909de0ba13518cc063e9ea9334749
commit: 5f66f73b9ff4dcabd4e2405ba9c32e80e02f9408 coccinelle: misc: add minmax script
date: 11 months ago
:::::: branch date: 8 hours ago
:::::: commit date: 11 months ago
config: x86_64-randconfig-c022 (https://download.01.org/0day-ci/archive/20220331/202203310917.O9uawonS-lk...)
compiler: gcc-9 (Ubuntu 9.4.0-1ubuntu1~20.04.1) 9.4.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
Reported-by: Julia Lawall <julia.lawall(a)lip6.fr>
cocci warnings: (new ones prefixed by >>)
>> drivers/tty/goldfish.c:95:12-13: WARNING opportunity for min()
Please review and possibly fold the followup patch.
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 1
net/bluetooth/hci_sock.c:1792 hci_sock_sendmsg() warn: potential spectre issue 'hci_sec_filter.ocf_mask' [w] (local cap)
by kernel test robot
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd(a)arndb.de>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: d888c83fcec75194a8a48ccd283953bdba7b2550
commit: 803f4e1eab7a8938ba3a3c30dd4eb5e9eeef5e63 asm-generic: simplify asm/unaligned.h
date: 11 months ago
:::::: branch date: 13 hours ago
:::::: commit date: 11 months ago
config: powerpc64-randconfig-m031-20220330 (https://download.01.org/0day-ci/archive/20220331/202203310305.hSXN1Aax-lk...)
compiler: powerpc64-linux-gcc (GCC) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
New smatch warnings:
net/bluetooth/hci_sock.c:1792 hci_sock_sendmsg() warn: potential spectre issue 'hci_sec_filter.ocf_mask' [w] (local cap)
Old smatch warnings:
net/bluetooth/hci_sock.c:1518 hci_mgmt_cmd() warn: is 'buf' large enough for 'struct mgmt_hdr'? s32min
arch/powerpc/include/asm/mmu.h:264 mmu_has_feature() warn: bitwise AND condition is false here
vim +1792 net/bluetooth/hci_sock.c
ac71494934c475 Marcel Holtmann 2015-11-08 1700
1b784140474e4f Ying Xue 2015-03-02 1701 static int hci_sock_sendmsg(struct socket *sock, struct msghdr *msg,
1b784140474e4f Ying Xue 2015-03-02 1702 size_t len)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1703 {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1704 struct sock *sk = sock->sk;
801c1e8da57499 Johan Hedberg 2015-03-06 1705 struct hci_mgmt_chan *chan;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1706 struct hci_dev *hdev;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1707 struct sk_buff *skb;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1708 int err;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1709
^1da177e4c3f41 Linus Torvalds 2005-04-16 1710 BT_DBG("sock %p sk %p", sock, sk);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1711
^1da177e4c3f41 Linus Torvalds 2005-04-16 1712 if (msg->msg_flags & MSG_OOB)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1713 return -EOPNOTSUPP;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1714
ab89f0bdd63a37 Szymon Janc 2017-04-24 1715 if (msg->msg_flags & ~(MSG_DONTWAIT|MSG_NOSIGNAL|MSG_ERRQUEUE|
ab89f0bdd63a37 Szymon Janc 2017-04-24 1716 MSG_CMSG_COMPAT))
^1da177e4c3f41 Linus Torvalds 2005-04-16 1717 return -EINVAL;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1718
^1da177e4c3f41 Linus Torvalds 2005-04-16 1719 if (len < 4 || len > HCI_MAX_FRAME_SIZE)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1720 return -EINVAL;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1721
^1da177e4c3f41 Linus Torvalds 2005-04-16 1722 lock_sock(sk);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1723
0381101fd6a73c Johan Hedberg 2010-12-08 1724 switch (hci_pi(sk)->channel) {
0381101fd6a73c Johan Hedberg 2010-12-08 1725 case HCI_CHANNEL_RAW:
23500189d7e03a Marcel Holtmann 2013-08-26 1726 case HCI_CHANNEL_USER:
0381101fd6a73c Johan Hedberg 2010-12-08 1727 break;
cd82e61c110a36 Marcel Holtmann 2012-02-20 1728 case HCI_CHANNEL_MONITOR:
cd82e61c110a36 Marcel Holtmann 2012-02-20 1729 err = -EOPNOTSUPP;
cd82e61c110a36 Marcel Holtmann 2012-02-20 1730 goto done;
ac71494934c475 Marcel Holtmann 2015-11-08 1731 case HCI_CHANNEL_LOGGING:
ac71494934c475 Marcel Holtmann 2015-11-08 1732 err = hci_logging_frame(sk, msg, len);
ac71494934c475 Marcel Holtmann 2015-11-08 1733 goto done;
0381101fd6a73c Johan Hedberg 2010-12-08 1734 default:
801c1e8da57499 Johan Hedberg 2015-03-06 1735 mutex_lock(&mgmt_chan_list_lock);
801c1e8da57499 Johan Hedberg 2015-03-06 1736 chan = __hci_mgmt_chan_find(hci_pi(sk)->channel);
801c1e8da57499 Johan Hedberg 2015-03-06 1737 if (chan)
fa4335d71a1408 Johan Hedberg 2015-03-17 1738 err = hci_mgmt_cmd(chan, sk, msg, len);
801c1e8da57499 Johan Hedberg 2015-03-06 1739 else
0381101fd6a73c Johan Hedberg 2010-12-08 1740 err = -EINVAL;
801c1e8da57499 Johan Hedberg 2015-03-06 1741
801c1e8da57499 Johan Hedberg 2015-03-06 1742 mutex_unlock(&mgmt_chan_list_lock);
0381101fd6a73c Johan Hedberg 2010-12-08 1743 goto done;
0381101fd6a73c Johan Hedberg 2010-12-08 1744 }
0381101fd6a73c Johan Hedberg 2010-12-08 1745
70f23020e6d891 Andrei Emeltchenko 2010-12-01 1746 hdev = hci_pi(sk)->hdev;
70f23020e6d891 Andrei Emeltchenko 2010-12-01 1747 if (!hdev) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1748 err = -EBADFD;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1749 goto done;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1750 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1751
7e21addcd0ad87 Marcel Holtmann 2009-11-18 1752 if (!test_bit(HCI_UP, &hdev->flags)) {
7e21addcd0ad87 Marcel Holtmann 2009-11-18 1753 err = -ENETDOWN;
7e21addcd0ad87 Marcel Holtmann 2009-11-18 1754 goto done;
7e21addcd0ad87 Marcel Holtmann 2009-11-18 1755 }
7e21addcd0ad87 Marcel Holtmann 2009-11-18 1756
70f23020e6d891 Andrei Emeltchenko 2010-12-01 1757 skb = bt_skb_send_alloc(sk, len, msg->msg_flags & MSG_DONTWAIT, &err);
70f23020e6d891 Andrei Emeltchenko 2010-12-01 1758 if (!skb)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1759 goto done;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1760
6ce8e9ce5989ae Al Viro 2014-04-06 1761 if (memcpy_from_msg(skb_put(skb, len), msg, len)) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1762 err = -EFAULT;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1763 goto drop;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1764 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1765
8528d3f7383867 Marcel Holtmann 2015-11-08 1766 hci_skb_pkt_type(skb) = skb->data[0];
^1da177e4c3f41 Linus Torvalds 2005-04-16 1767 skb_pull(skb, 1);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1768
1bc5ad168f441f Marcel Holtmann 2013-12-17 1769 if (hci_pi(sk)->channel == HCI_CHANNEL_USER) {
1bc5ad168f441f Marcel Holtmann 2013-12-17 1770 /* No permission check is needed for user channel
1bc5ad168f441f Marcel Holtmann 2013-12-17 1771 * since that gets enforced when binding the socket.
1bc5ad168f441f Marcel Holtmann 2013-12-17 1772 *
1bc5ad168f441f Marcel Holtmann 2013-12-17 1773 * However check that the packet type is valid.
1bc5ad168f441f Marcel Holtmann 2013-12-17 1774 */
d79f34e32b833c Marcel Holtmann 2015-11-05 1775 if (hci_skb_pkt_type(skb) != HCI_COMMAND_PKT &&
d79f34e32b833c Marcel Holtmann 2015-11-05 1776 hci_skb_pkt_type(skb) != HCI_ACLDATA_PKT &&
cc974003615afa Marcel Holtmann 2020-01-25 1777 hci_skb_pkt_type(skb) != HCI_SCODATA_PKT &&
cc974003615afa Marcel Holtmann 2020-01-25 1778 hci_skb_pkt_type(skb) != HCI_ISODATA_PKT) {
1bc5ad168f441f Marcel Holtmann 2013-12-17 1779 err = -EINVAL;
1bc5ad168f441f Marcel Holtmann 2013-12-17 1780 goto drop;
1bc5ad168f441f Marcel Holtmann 2013-12-17 1781 }
1bc5ad168f441f Marcel Holtmann 2013-12-17 1782
1bc5ad168f441f Marcel Holtmann 2013-12-17 1783 skb_queue_tail(&hdev->raw_q, skb);
1bc5ad168f441f Marcel Holtmann 2013-12-17 1784 queue_work(hdev->workqueue, &hdev->tx_work);
d79f34e32b833c Marcel Holtmann 2015-11-05 1785 } else if (hci_skb_pkt_type(skb) == HCI_COMMAND_PKT) {
83985319393973 Harvey Harrison 2008-05-02 1786 u16 opcode = get_unaligned_le16(skb->data);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1787 u16 ogf = hci_opcode_ogf(opcode);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1788 u16 ocf = hci_opcode_ocf(opcode);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1789
^1da177e4c3f41 Linus Torvalds 2005-04-16 1790 if (((ogf > HCI_SFLT_MAX_OGF) ||
3bb3c7551c2f10 Gustavo Padovan 2012-05-17 1791 !hci_test_bit(ocf & HCI_FLT_OCF_BITS,
3bb3c7551c2f10 Gustavo Padovan 2012-05-17 @1792 &hci_sec_filter.ocf_mask[ogf])) &&
^1da177e4c3f41 Linus Torvalds 2005-04-16 1793 !capable(CAP_NET_RAW)) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1794 err = -EPERM;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1795 goto drop;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1796 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1797
1982162bbe2067 Marcel Holtmann 2015-11-06 1798 /* Since the opcode has already been extracted here, store
1982162bbe2067 Marcel Holtmann 2015-11-06 1799 * a copy of the value for later use by the drivers.
1982162bbe2067 Marcel Holtmann 2015-11-06 1800 */
1982162bbe2067 Marcel Holtmann 2015-11-06 1801 hci_skb_opcode(skb) = opcode;
1982162bbe2067 Marcel Holtmann 2015-11-06 1802
fee746b0babf12 Marcel Holtmann 2014-06-29 1803 if (ogf == 0x3f) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1804 skb_queue_tail(&hdev->raw_q, skb);
3eff45eaf81780 Gustavo Padovan 2011-12-15 1805 queue_work(hdev->workqueue, &hdev->tx_work);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1806 } else {
49c922bb1ec01a Stephen Hemminger 2014-10-27 1807 /* Stand-alone HCI commands must be flagged as
11714b3d7acee5 Johan Hedberg 2013-03-05 1808 * single-command requests.
11714b3d7acee5 Johan Hedberg 2013-03-05 1809 */
44d271377479c4 Johan Hedberg 2015-11-05 1810 bt_cb(skb)->hci.req_flags |= HCI_REQ_START;
11714b3d7acee5 Johan Hedberg 2013-03-05 1811
^1da177e4c3f41 Linus Torvalds 2005-04-16 1812 skb_queue_tail(&hdev->cmd_q, skb);
c347b765fe70d7 Gustavo Padovan 2011-12-14 1813 queue_work(hdev->workqueue, &hdev->cmd_work);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1814 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1815 } else {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1816 if (!capable(CAP_NET_RAW)) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1817 err = -EPERM;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1818 goto drop;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1819 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1820
d79f34e32b833c Marcel Holtmann 2015-11-05 1821 if (hci_skb_pkt_type(skb) != HCI_ACLDATA_PKT &&
cc974003615afa Marcel Holtmann 2020-01-25 1822 hci_skb_pkt_type(skb) != HCI_SCODATA_PKT &&
cc974003615afa Marcel Holtmann 2020-01-25 1823 hci_skb_pkt_type(skb) != HCI_ISODATA_PKT) {
bb77543ebd2e38 Marcel Holtmann 2015-10-09 1824 err = -EINVAL;
bb77543ebd2e38 Marcel Holtmann 2015-10-09 1825 goto drop;
bb77543ebd2e38 Marcel Holtmann 2015-10-09 1826 }
bb77543ebd2e38 Marcel Holtmann 2015-10-09 1827
^1da177e4c3f41 Linus Torvalds 2005-04-16 1828 skb_queue_tail(&hdev->raw_q, skb);
3eff45eaf81780 Gustavo Padovan 2011-12-15 1829 queue_work(hdev->workqueue, &hdev->tx_work);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1830 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1831
^1da177e4c3f41 Linus Torvalds 2005-04-16 1832 err = len;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1833
^1da177e4c3f41 Linus Torvalds 2005-04-16 1834 done:
^1da177e4c3f41 Linus Torvalds 2005-04-16 1835 release_sock(sk);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1836 return err;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1837
^1da177e4c3f41 Linus Torvalds 2005-04-16 1838 drop:
^1da177e4c3f41 Linus Torvalds 2005-04-16 1839 kfree_skb(skb);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1840 goto done;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1841 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1842
:::::: The code at line 1792 was first introduced by commit
:::::: 3bb3c7551c2f1083263aee8312b3db1e751ca0fb Bluetooth: Fix coding style in hci_sock.c
:::::: TO: Gustavo Padovan <gustavo.padovan(a)collabora.co.uk>
:::::: CC: Johan Hedberg <johan.hedberg(a)intel.com>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
lib/test_scanf.c:41:8: warning: Call to function 'vsscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides bound...
by kernel test robot
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd(a)arndb.de>
CC: Masahiro Yamada <masahiroy(a)kernel.org>
CC: Alex Shi <alexs(a)kernel.org>
CC: Nick Desaulniers <ndesaulniers(a)google.com>
CC: Miguel Ojeda <ojeda(a)kernel.org>
CC: Nathan Chancellor <nathan(a)kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 965181d7ef7e1a863477536dc328c23a7ebc8a1d
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 2 weeks ago
:::::: branch date: 7 hours ago
:::::: commit date: 2 weeks ago
config: arm-randconfig-c002-20220327 (https://download.01.org/0day-ci/archive/20220330/202203301618.s9w2CHCf-lk...)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
fs/notify/fsnotify.c:204:18: note: Calling 'fsnotify_event_needs_parent'
parent_needed = fsnotify_event_needs_parent(inode, mnt, mask);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/notify/fsnotify.c:152:6: note: Assuming the condition is true
if (mask & FS_ISDIR)
^~~~~~~~~~~~~~~
fs/notify/fsnotify.c:152:2: note: Taking true branch
if (mask & FS_ISDIR)
^
fs/notify/fsnotify.c:153:3: note: Returning zero, which participates in a condition later
return false;
^~~~~~~~~~~~
fs/notify/fsnotify.c:204:18: note: Returning from 'fsnotify_event_needs_parent'
parent_needed = fsnotify_event_needs_parent(inode, mnt, mask);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/notify/fsnotify.c:205:6: note: Assuming 'parent_watched' is true
if (!parent_watched && !parent_needed)
^~~~~~~~~~~~~~~
fs/notify/fsnotify.c:205:22: note: Left side of '&&' is false
if (!parent_watched && !parent_needed)
^
fs/notify/fsnotify.c:212:15: note: 'parent_watched' is true
if (unlikely(parent_watched && !p_mask))
^
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
fs/notify/fsnotify.c:212:15: note: Left side of '&&' is true
if (unlikely(parent_watched && !p_mask))
^
fs/notify/fsnotify.c:212:33: note: Assuming 'p_mask' is not equal to 0
if (unlikely(parent_watched && !p_mask))
^
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
fs/notify/fsnotify.c:212:2: note: Taking false branch
if (unlikely(parent_watched && !p_mask))
^
fs/notify/fsnotify.c:220:6: note: 'parent_needed' is false
if (parent_needed || parent_interested) {
^~~~~~~~~~~~~
fs/notify/fsnotify.c:220:6: note: Left side of '||' is false
fs/notify/fsnotify.c:220:23: note: Assuming 'parent_interested' is true
if (parent_needed || parent_interested) {
^~~~~~~~~~~~~~~~~
fs/notify/fsnotify.c:220:2: note: Taking true branch
if (parent_needed || parent_interested) {
^
fs/notify/fsnotify.c:222:45: note: Passing null pointer value via 1st parameter 'data'
WARN_ON_ONCE(inode != fsnotify_data_inode(data, data_type));
^
include/asm-generic/bug.h:179:41: note: expanded from macro 'WARN_ON_ONCE'
#define WARN_ON_ONCE(condition) WARN_ON(condition)
^~~~~~~~~
include/asm-generic/bug.h:166:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
fs/notify/fsnotify.c:222:25: note: Calling 'fsnotify_data_inode'
WARN_ON_ONCE(inode != fsnotify_data_inode(data, data_type));
^
include/asm-generic/bug.h:179:41: note: expanded from macro 'WARN_ON_ONCE'
#define WARN_ON_ONCE(condition) WARN_ON(condition)
^~~~~~~~~
include/asm-generic/bug.h:166:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
include/linux/fsnotify_backend.h:273:2: note: Control jumps to 'case FSNOTIFY_EVENT_PATH:' at line 278
switch (data_type) {
^
include/linux/fsnotify_backend.h:279:18: note: Access to field 'dentry' results in a dereference of a null pointer (loaded from variable 'data')
return d_inode(((const struct path *)data)->dentry);
^ ~~~~
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
45 warnings generated.
fs/fuse/xattr.c:25:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&inarg, 0, sizeof(inarg));
^~~~~~
fs/fuse/xattr.c:25:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&inarg, 0, sizeof(inarg));
^~~~~~
fs/fuse/xattr.c:63:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&inarg, 0, sizeof(inarg));
^~~~~~
fs/fuse/xattr.c:63:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&inarg, 0, sizeof(inarg));
^~~~~~
fs/fuse/xattr.c:127:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&inarg, 0, sizeof(inarg));
^~~~~~
fs/fuse/xattr.c:127:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&inarg, 0, sizeof(inarg));
^~~~~~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
160 warnings generated.
>> lib/test_scanf.c:41:8: warning: Call to function 'vsscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'vsscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = vsscanf(string, fmt, ap_copy);
^~~~~~~
lib/test_scanf.c:41:8: note: Call to function 'vsscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'vsscanf_s' in case of C11
ret = vsscanf(string, fmt, ap_copy);
^~~~~~~
lib/test_scanf.c:219:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
simple_numbers_loop(unsigned long long, "%llu", "llu", check_ull);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:219:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
simple_numbers_loop(unsigned long long, "%llu", "llu", check_ull);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:220:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
simple_numbers_loop(long long, "%lld", "lld", check_ll);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:220:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
simple_numbers_loop(long long, "%lld", "lld", check_ll);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:221:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
simple_numbers_loop(long long, "%lld", "lli", check_ll);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:221:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
simple_numbers_loop(long long, "%lld", "lli", check_ll);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:222:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
simple_numbers_loop(unsigned long long, "%llx", "llx", check_ull);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:222:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
simple_numbers_loop(unsigned long long, "%llx", "llx", check_ull);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:223:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
simple_numbers_loop(long long, "%llx", "llx", check_ll);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:223:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
simple_numbers_loop(long long, "%llx", "llx", check_ll);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
lib/test_scanf.c:198:2: note: expanded from macro 'test_one_number'
snprintf(test_buffer, BUF_SIZE, gen_fmt, expect_val); \
^~~~~~~~
lib/test_scanf.c:224:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
simple_numbers_loop(long long, "0x%llx", "lli", check_ll);
^
lib/test_scanf.c:208:4: note: expanded from macro 'simple_numbers_loop'
test_one_number(T, gen_fmt, scan_fmt, \
--
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
43 warnings generated.
drivers/gpio/gpio-adnp.c:385:28: warning: The result of the left shift is undefined due to shifting by '4294967292', which is greater or equal to the width of type 'int' [clang-analyzer-core.UndefinedBinaryOperatorResult]
unsigned int num_regs = 1 << adnp->reg_shift, i;
^
drivers/gpio/gpio-adnp.c:497:6: note: 'err' is >= 0
if (err < 0)
^~~
drivers/gpio/gpio-adnp.c:497:2: note: Taking false branch
if (err < 0)
^
drivers/gpio/gpio-adnp.c:501:6: note: Assuming field 'irq' is not equal to 0
if (!client->irq)
^~~~~~~~~~~~
drivers/gpio/gpio-adnp.c:501:2: note: Taking false branch
if (!client->irq)
^
drivers/gpio/gpio-adnp.c:505:6: note: Assuming 'adnp' is non-null
if (!adnp)
^~~~~
drivers/gpio/gpio-adnp.c:505:2: note: Taking false branch
if (!adnp)
^
drivers/gpio/gpio-adnp.c:508:2: note: Loop condition is false. Exiting loop
mutex_init(&adnp->i2c_lock);
^
include/linux/mutex.h:101:32: note: expanded from macro 'mutex_init'
#define mutex_init(mutex) \
^
drivers/gpio/gpio-adnp.c:511:8: note: Calling 'adnp_gpio_setup'
err = adnp_gpio_setup(adnp, num_gpios,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpio/gpio-adnp.c:446:2: note: The value 4294967292 is assigned to field 'reg_shift'
adnp->reg_shift = get_count_order(num_gpios) - 3;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpio/gpio-adnp.c:454:2: note: Taking true branch
if (IS_ENABLED(CONFIG_DEBUG_FS))
^
drivers/gpio/gpio-adnp.c:463:6: note: 'is_irq_controller' is true
if (is_irq_controller) {
^~~~~~~~~~~~~~~~~
drivers/gpio/gpio-adnp.c:463:2: note: Taking true branch
if (is_irq_controller) {
^
drivers/gpio/gpio-adnp.c:466:9: note: Calling 'adnp_irq_setup'
err = adnp_irq_setup(adnp);
^~~~~~~~~~~~~~~~~~~~
drivers/gpio/gpio-adnp.c:385:28: note: The result of the left shift is undefined due to shifting by '4294967292', which is greater or equal to the width of type 'int'
unsigned int num_regs = 1 << adnp->reg_shift, i;
^ ~~~~~~~~~~~~~~~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
39 warnings generated.
>> drivers/bus/fsl-mc/fsl-mc-bus.c:159:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "fsl-mc:v%08Xd%s\n", mc_dev->obj_desc.vendor,
^~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:159:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "fsl-mc:v%08Xd%s\n", mc_dev->obj_desc.vendor,
^~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:203:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(buf, PAGE_SIZE, "%s\n", mc_dev->driver_override);
^~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:203:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(buf, PAGE_SIZE, "%s\n", mc_dev->driver_override);
^~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:281:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(buf, "%d\n", get_dprc_irq_state(root_mc_dev));
^~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:281:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(buf, "%d\n", get_dprc_irq_state(root_mc_dev));
^~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:599:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(attr, 0, sizeof(struct dprc_attributes));
^~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:599:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(attr, 0, sizeof(struct dprc_attributes));
^~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:871:18: warning: Access to field 'icid' results in a dereference of a null pointer (loaded from variable 'parent_mc_dev') [clang-analyzer-core.NullDereference]
mc_dev->icid = parent_mc_dev->icid;
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1120:6: note: Assuming 'mc' is non-null
if (!mc)
^~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1120:2: note: Taking false branch
if (!mc)
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1126:6: note: Assuming 'plat_res' is null
if (plat_res) {
^~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1126:2: note: Taking false branch
if (plat_res) {
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1132:6: note: Assuming field 'fsl_mc_regs' is null
if (mc->fsl_mc_regs) {
^~~~~~~~~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1132:2: note: Taking false branch
if (mc->fsl_mc_regs) {
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1178:6: note: Assuming 'error' is >= 0
if (error < 0)
^~~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1178:2: note: Taking false branch
if (error < 0)
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1182:6: note: 'error' is equal to 0
if (error != 0) {
^~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1182:2: note: Taking false branch
if (error != 0) {
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1188:2: note: Loop condition is false. Exiting loop
dev_info(&pdev->dev, "MC firmware version: %u.%u.%u\n",
^
include/linux/dev_printk.h:150:2: note: expanded from macro 'dev_info'
dev_printk_index_wrap(_dev_info, KERN_INFO, dev, dev_fmt(fmt), ##__VA_ARGS__)
^
include/linux/dev_printk.h:109:3: note: expanded from macro 'dev_printk_index_wrap'
dev_printk_index_emit(level, fmt); \
^
include/linux/dev_printk.h:105:2: note: expanded from macro 'dev_printk_index_emit'
printk_index_subsys_emit("%s %s: ", level, fmt)
^
include/linux/printk.h:413:2: note: expanded from macro 'printk_index_subsys_emit'
__printk_index_emit(fmt, level, subsys_fmt_prefix)
^
include/linux/printk.h:392:34: note: expanded from macro '__printk_index_emit'
#define __printk_index_emit(...) do {} while (0)
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1191:6: note: Assuming the condition is false
if (dev_of_node(&pdev->dev)) {
^~~~~~~~~~~~~~~~~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1191:2: note: Taking false branch
if (dev_of_node(&pdev->dev)) {
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1200:6: note: Assuming 'error' is >= 0
if (error < 0) {
^~~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1200:2: note: Taking false branch
if (error < 0) {
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1210:6: note: Assuming 'error' is >= 0
if (error < 0)
^~~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:1210:2: note: Taking false branch
if (error < 0)
^
drivers/bus/fsl-mc/fsl-mc-bus.c:1219:10: note: Calling 'fsl_mc_device_add'
error = fsl_mc_device_add(&obj_desc, mc_io, &pdev->dev, &mc_bus_dev);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/bus/fsl-mc/fsl-mc-bus.c:793:6: note: Assuming the condition is false
if (dev_is_fsl_mc(parent_dev))
^
include/linux/fsl/mc.h:353:30: note: expanded from macro 'dev_is_fsl_mc'
#define dev_is_fsl_mc(_dev) ((_dev)->bus == &fsl_mc_bus_type)
--
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:31: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
include/linux/spinlock_api_up.h:31:3: note: expanded from macro '__LOCK'
do { preempt_disable(); ___LOCK(lock); } while (0)
^
drivers/crypto/img-hash.c:504:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&hdev->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:3: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
drivers/crypto/img-hash.c:504:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&hdev->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:262:2: note: expanded from macro 'raw_spin_lock_irqsave'
do { \
^
drivers/crypto/img-hash.c:504:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&hdev->lock, flags);
^
include/linux/spinlock.h:377:43: note: expanded from macro 'spin_lock_irqsave'
#define spin_lock_irqsave(lock, flags) \
^
drivers/crypto/img-hash.c:506:6: note: 'req' is non-null
if (req)
^~~
drivers/crypto/img-hash.c:506:2: note: Taking true branch
if (req)
^
drivers/crypto/img-hash.c:509:26: note: Access to field 'flags' results in a dereference of a null pointer (loaded from variable 'hdev')
if (DRIVER_FLAGS_BUSY & hdev->flags) {
^~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
drivers/dma/qcom/bam_dma.c:638:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&bchan->slave, cfg, sizeof(*cfg));
^~~~~~
drivers/dma/qcom/bam_dma.c:638:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&bchan->slave, cfg, sizeof(*cfg));
^~~~~~
drivers/dma/qcom/bam_dma.c:1092:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&fifo[bchan->tail], desc,
^~~~~~
drivers/dma/qcom/bam_dma.c:1092:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&fifo[bchan->tail], desc,
^~~~~~
drivers/dma/qcom/bam_dma.c:1094:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(fifo, &desc[partial],
^~~~~~
drivers/dma/qcom/bam_dma.c:1094:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(fifo, &desc[partial],
^~~~~~
drivers/dma/qcom/bam_dma.c:1098:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&fifo[bchan->tail], desc,
^~~~~~
drivers/dma/qcom/bam_dma.c:1098:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&fifo[bchan->tail], desc,
^~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
40 warnings generated.
drivers/usb/usbip/stub_main.c:36:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(busid_table, 0, sizeof(busid_table));
^~~~~~
drivers/usb/usbip/stub_main.c:36:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(busid_table, 0, sizeof(busid_table));
^~~~~~
drivers/usb/usbip/stub_main.c:136:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(busid_table[idx].name, 0, BUSID_SIZE);
^~~~~~
drivers/usb/usbip/stub_main.c:136:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(busid_table[idx].name, 0, BUSID_SIZE);
^~~~~~
>> drivers/usb/usbip/stub_main.c:158:11: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
out += sprintf(out, "%s ", busid_table[i].name);
^~~~~~~
drivers/usb/usbip/stub_main.c:158:11: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
out += sprintf(out, "%s ", busid_table[i].name);
^~~~~~~
drivers/usb/usbip/stub_main.c:162:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
out += sprintf(out, "\n");
^~~~~~~
drivers/usb/usbip/stub_main.c:162:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
out += sprintf(out, "\n");
^~~~~~~
Suppressed 36 warnings (36 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
32 warnings generated.
drivers/mailbox/mailbox-test.c:178:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret = snprintf(touser, 20, "<NO RX CAPABILITY>\n");
^~~~~~~~
drivers/mailbox/mailbox-test.c:178:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
ret = snprintf(touser, 20, "<NO RX CAPABILITY>\n");
^~~~~~~~
drivers/mailbox/mailbox-test.c:220:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tdev->rx_buffer, 0, MBOX_MAX_MSG_LEN);
^~~~~~
drivers/mailbox/mailbox-test.c:220:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tdev->rx_buffer, 0, MBOX_MAX_MSG_LEN);
^~~~~~
drivers/mailbox/mailbox-test.c:289:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(tdev->rx_buffer, message, MBOX_MAX_MSG_LEN);
^~~~~~
drivers/mailbox/mailbox-test.c:289:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(tdev->rx_buffer, message, MBOX_MAX_MSG_LEN);
^~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
31 warnings generated.
drivers/mailbox/mtk-cmdq-mailbox.c:429:2: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
list_for_each_entry_safe(task, tmp, &thread->task_busy_list,
^
include/linux/list.h:726:7: note: expanded from macro 'list_for_each_entry_safe'
n = list_next_entry(pos, member); \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:564:2: note: expanded from macro 'list_next_entry'
list_entry((pos)->member.next, typeof(*(pos)), member)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:520:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/container_of.h:18:25: note: expanded from macro 'container_of'
void *__mptr = (void *)(ptr); \
^~~~~
drivers/mailbox/mtk-cmdq-mailbox.c:418:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&thread->chan->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:8: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
include/linux/irqflags.h:244:36: note: expanded from macro 'local_irq_save'
#define local_irq_save(flags) do { raw_local_irq_save(flags); } while (0)
^
include/linux/irqflags.h:176:2: note: expanded from macro 'raw_local_irq_save'
do { \
^
drivers/mailbox/mtk-cmdq-mailbox.c:418:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&thread->chan->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:8: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
include/linux/irqflags.h:244:31: note: expanded from macro 'local_irq_save'
#define local_irq_save(flags) do { raw_local_irq_save(flags); } while (0)
^
drivers/mailbox/mtk-cmdq-mailbox.c:418:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave(&thread->chan->lock, flags);
--
^~~
include/linux/dev_printk.h:110:11: note: expanded from macro 'dev_printk_index_wrap'
_p_func(dev, fmt, ##__VA_ARGS__); \
^~~
Suppressed 44 warnings (44 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
52 warnings generated.
fs/quota/quota.c:134:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&uinfo, 0, sizeof(uinfo));
^~~~~~
fs/quota/quota.c:134:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&uinfo, 0, sizeof(uinfo));
^~~~~~
fs/quota/quota.c:158:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&qinfo, 0, sizeof(qinfo));
^~~~~~
fs/quota/quota.c:158:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&qinfo, 0, sizeof(qinfo));
^~~~~~
fs/quota/quota.c:189:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(dst, 0, sizeof(*dst));
^~~~~~
fs/quota/quota.c:189:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(dst, 0, sizeof(*dst));
^~~~~~
fs/quota/quota.c:360:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&state, 0, sizeof (struct qc_state));
^~~~~~
fs/quota/quota.c:360:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&state, 0, sizeof (struct qc_state));
^~~~~~
fs/quota/quota.c:365:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(fqs, 0, sizeof(*fqs));
^~~~~~
fs/quota/quota.c:365:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(fqs, 0, sizeof(*fqs));
^~~~~~
fs/quota/quota.c:458:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&state, 0, sizeof (struct qc_state));
^~~~~~
fs/quota/quota.c:458:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&state, 0, sizeof (struct qc_state));
^~~~~~
fs/quota/quota.c:463:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(fqs, 0, sizeof(*fqs));
^~~~~~
fs/quota/quota.c:463:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(fqs, 0, sizeof(*fqs));
^~~~~~
fs/quota/quota.c:505:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&fqs, 0, sizeof(fqs));
^~~~~~
fs/quota/quota.c:505:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&fqs, 0, sizeof(fqs));
^~~~~~
fs/quota/quota.c:603:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(dst, 0, sizeof(*dst));
^~~~~~
fs/quota/quota.c:603:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(dst, 0, sizeof(*dst));
^~~~~~
fs/quota/quota.c:673:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(dst, 0, sizeof(*dst));
^~~~~~
fs/quota/quota.c:673:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(dst, 0, sizeof(*dst));
^~~~~~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
45 warnings generated.
drivers/iio/adc/mcp3422.c:277:10: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "240 60 15\n");
^~~~~~~
drivers/iio/adc/mcp3422.c:277:10: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "240 60 15\n");
^~~~~~~
drivers/iio/adc/mcp3422.c:279:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "240 60 15 3\n");
^~~~~~~
drivers/iio/adc/mcp3422.c:279:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "240 60 15 3\n");
^~~~~~~
drivers/iio/adc/mcp3422.c:288:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "0.%09u 0.%09u 0.%09u 0.%09u\n",
^~~~~~~
drivers/iio/adc/mcp3422.c:288:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "0.%09u 0.%09u 0.%09u 0.%09u\n",
^~~~~~~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
15 warnings generated.
Suppressed 15 warnings (15 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
48 warnings generated.
drivers/usb/musb/musb_dsps.c:351:6: warning: Value stored to 'devctl' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
u8 devctl = musb_readb(mregs, MUSB_DEVCTL);
^~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/musb/musb_dsps.c:351:6: note: Value stored to 'devctl' during its initialization is never read
u8 devctl = musb_readb(mregs, MUSB_DEVCTL);
^~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> drivers/usb/musb/musb_dsps.c:414:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(buf, "%s.dsps", dev_name(musb->controller));
^~~~~~~
drivers/usb/musb/musb_dsps.c:414:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(buf, "%s.dsps", dev_name(musb->controller));
^~~~~~~
drivers/usb/musb/musb_dsps.c:637:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dst, &val, len);
^~~~~~
drivers/usb/musb/musb_dsps.c:637:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dst, &val, len);
^~~~~~
drivers/usb/musb/musb_dsps.c:735:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(resources, 0, sizeof(resources));
^~~~~~
drivers/usb/musb/musb_dsps.c:735:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(resources, 0, sizeof(resources));
^~~~~~
Suppressed 44 warnings (44 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
52 warnings generated.
drivers/usb/musb/tusb6010.c:185:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&val, buf, 4);
^~~~~~
drivers/usb/musb/tusb6010.c:185:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&val, buf, 4);
^~~~~~
drivers/usb/musb/tusb6010.c:194:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&val, buf, len);
^~~~~~
drivers/usb/musb/tusb6010.c:194:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&val, buf, len);
^~~~~~
drivers/usb/musb/tusb6010.c:208:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(buf, &val, 4);
^~~~~~
drivers/usb/musb/tusb6010.c:208:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(buf, &val, 4);
^~~~~~
drivers/usb/musb/tusb6010.c:216:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(buf, &val, len);
^~~~~~
drivers/usb/musb/tusb6010.c:216:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(buf, &val, len);
^~~~~~
drivers/usb/musb/tusb6010.c:222:15: warning: Value stored to 'musb' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct musb *musb = hw_ep->musb;
^~~~ ~~~~~~~~~~~
drivers/usb/musb/tusb6010.c:222:15: note: Value stored to 'musb' during its initialization is never read
struct musb *musb = hw_ep->musb;
^~~~ ~~~~~~~~~~~
drivers/usb/musb/tusb6010.c:272:15: warning: Value stored to 'musb' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct musb *musb = hw_ep->musb;
^~~~ ~~~~~~~~~~~
drivers/usb/musb/tusb6010.c:272:15: note: Value stored to 'musb' during its initialization is never read
struct musb *musb = hw_ep->musb;
^~~~ ~~~~~~~~~~~
drivers/usb/musb/tusb6010.c:633:2: warning: Value stored to 'otg_stat' is never read [clang-analyzer-deadcode.DeadStores]
otg_stat = musb_readl(tbase, TUSB_DEV_OTG_STAT);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/musb/tusb6010.c:633:2: note: Value stored to 'otg_stat' is never read
otg_stat = musb_readl(tbase, TUSB_DEV_OTG_STAT);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/musb/tusb6010.c:1226:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(musb_resources, 0x00, sizeof(*musb_resources) *
^~~~~~
drivers/usb/musb/tusb6010.c:1226:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(musb_resources, 0x00, sizeof(*musb_resources) *
^~~~~~
Suppressed 44 warnings (44 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
48 warnings generated.
drivers/gpu/drm/bridge/tc358767.c:308:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(auxwdata, data, size);
^~~~~~
drivers/gpu/drm/bridge/tc358767.c:308:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(auxwdata, data, size);
^~~~~~
drivers/gpu/drm/bridge/tc358767.c:326:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(data, auxrdata, size);
^~~~~~
drivers/gpu/drm/bridge/tc358767.c:326:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(data, auxrdata, size);
^~~~~~
drivers/gpu/drm/bridge/tc358767.c:678:2: warning: Value stored to 'revision' is never read [clang-analyzer-deadcode.DeadStores]
revision = tc->link.dpcd[DP_DPCD_REV];
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpu/drm/bridge/tc358767.c:678:2: note: Value stored to 'revision' is never read
revision = tc->link.dpcd[DP_DPCD_REV];
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpu/drm/bridge/tc358767.c:820:2: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores]
ret = regmap_write(tc->regmap, DP0_VIDSYNCDELAY,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpu/drm/bridge/tc358767.c:820:2: note: Value stored to 'ret' is never read
ret = regmap_write(tc->regmap, DP0_VIDSYNCDELAY,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpu/drm/bridge/tc358767.c:946:2: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores]
ret = regmap_write(tc->regmap, DP_PHY_CTRL, dp_phy_ctrl);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpu/drm/bridge/tc358767.c:946:2: note: Value stored to 'ret' is never read
ret = regmap_write(tc->regmap, DP_PHY_CTRL, dp_phy_ctrl);
--
^~~~~~
drivers/staging/fieldbus/anybuss/host.c:854:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(msg_in, pd->msg, msg_in_sz);
^~~~~~
drivers/staging/fieldbus/anybuss/host.c:854:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(msg_in, pd->msg, msg_in_sz);
^~~~~~
drivers/staging/fieldbus/anybuss/host.c:1074:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(buf, t->area_pd.buf, count);
^~~~~~
drivers/staging/fieldbus/anybuss/host.c:1074:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(buf, t->area_pd.buf, count);
^~~~~~
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
drivers/iio/accel/adxl372.c:606:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(axis_sample, 0, 3 * sizeof(__be16));
^~~~~~
drivers/iio/accel/adxl372.c:606:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(axis_sample, 0, 3 * sizeof(__be16));
^~~~~~
drivers/iio/accel/adxl372.c:614:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(sample, axis_sample, 3 * sizeof(__be16));
^~~~~~
drivers/iio/accel/adxl372.c:614:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(sample, axis_sample, 3 * sizeof(__be16));
^~~~~~
drivers/iio/accel/adxl372.c:988:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%d\n", st->fifo_mode);
^~~~~~~
drivers/iio/accel/adxl372.c:988:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%d\n", st->fifo_mode);
^~~~~~~
drivers/iio/accel/adxl372.c:998:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%d\n", st->watermark);
^~~~~~~
drivers/iio/accel/adxl372.c:998:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%d\n", st->watermark);
^~~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
31 warnings generated.
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
50 warnings generated.
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:114:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(cet, 0, sizeof(struct ce_task));
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:114:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(cet, 0, sizeof(struct ce_task));
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:169:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(rctx->bounce_iv, areq->iv, ivsize);
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:169:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(rctx->bounce_iv, areq->iv, ivsize);
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:259:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(areq->iv, rctx->backup_iv, ivsize);
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:259:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(areq->iv, rctx->backup_iv, ivsize);
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:322:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(areq->iv, rctx->backup_iv, ivsize);
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:322:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(areq->iv, rctx->backup_iv, ivsize);
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:383:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(op, 0, sizeof(struct sun8i_cipher_tfm_ctx));
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:383:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(op, 0, sizeof(struct sun8i_cipher_tfm_ctx));
^~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:431:23: warning: Value stored to 'ce' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct sun8i_ce_dev *ce = op->ce;
^~ ~~~~~~
drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c:431:23: note: Value stored to 'ce' during its initialization is never read
struct sun8i_ce_dev *ce = op->ce;
^~ ~~~~~~
Suppressed 44 warnings (44 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
45 warnings generated.
>> drivers/usb/mtu3/mtu3_debugfs.c:135:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(mregs->name, "%s", name);
^~~~~~~
drivers/usb/mtu3/mtu3_debugfs.c:135:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(mregs->name, "%s", name);
^~~~~~~
Suppressed 44 warnings (44 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
56 warnings generated.
include/linux/log2.h:67:13: warning: The result of the left shift is undefined due to shifting by '4294967295', which is greater or equal to the width of type 'unsigned long' [clang-analyzer-core.UndefinedBinaryOperatorResult]
return 1UL << (fls_long(n) - 1);
^
drivers/usb/host/ehci-hcd.c:888:2: note: Control jumps to the 'default' case at line 897
switch (usb_pipetype (urb->pipe)) {
^
drivers/usb/host/ehci-hcd.c:898:3: note: Taking false branch
if (!qh_urb_transaction (ehci, urb, &qtd_list, mem_flags))
^
drivers/usb/host/ehci-hcd.c:900:10: note: Calling 'submit_async'
return submit_async(ehci, urb, &qtd_list, mem_flags);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/host/ehci-q.c:1128:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave (&ehci->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:8: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
include/linux/irqflags.h:244:36: note: expanded from macro 'local_irq_save'
#define local_irq_save(flags) do { raw_local_irq_save(flags); } while (0)
^
include/linux/irqflags.h:176:2: note: expanded from macro 'raw_local_irq_save'
do { \
^
drivers/usb/host/ehci-q.c:1128:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave (&ehci->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:8: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
include/linux/irqflags.h:244:31: note: expanded from macro 'local_irq_save'
#define local_irq_save(flags) do { raw_local_irq_save(flags); } while (0)
^
drivers/usb/host/ehci-q.c:1128:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave (&ehci->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:31: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
include/linux/spinlock_api_up.h:31:27: note: expanded from macro '__LOCK'
do { preempt_disable(); ___LOCK(lock); } while (0)
^
include/linux/spinlock_api_up.h:28:3: note: expanded from macro '___LOCK'
do { __acquire(lock); (void)(lock); } while (0)
^
drivers/usb/host/ehci-q.c:1128:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave (&ehci->lock, flags);
^
include/linux/spinlock.h:379:2: note: expanded from macro 'spin_lock_irqsave'
raw_spin_lock_irqsave(spinlock_check(lock), flags); \
^
include/linux/spinlock.h:264:3: note: expanded from macro 'raw_spin_lock_irqsave'
_raw_spin_lock_irqsave(lock, flags); \
^
include/linux/spinlock_api_up.h:69:45: note: expanded from macro '_raw_spin_lock_irqsave'
#define _raw_spin_lock_irqsave(lock, flags) __LOCK_IRQSAVE(lock, flags)
^
include/linux/spinlock_api_up.h:40:31: note: expanded from macro '__LOCK_IRQSAVE'
do { local_irq_save(flags); __LOCK(lock); } while (0)
^
include/linux/spinlock_api_up.h:31:3: note: expanded from macro '__LOCK'
do { preempt_disable(); ___LOCK(lock); } while (0)
^
drivers/usb/host/ehci-q.c:1128:2: note: Loop condition is false. Exiting loop
spin_lock_irqsave (&ehci->lock, flags);
--
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2111:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = drvdata_to_dev(ctx->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2119:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ctx->ctr_nonce, key + keylen, 4);
^~~~~~
drivers/crypto/ccree/cc_aead.c:2119:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ctx->ctr_nonce, key + keylen, 4);
^~~~~~
drivers/crypto/ccree/cc_aead.c:2128:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = drvdata_to_dev(ctx->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2128:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = drvdata_to_dev(ctx->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2136:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ctx->ctr_nonce, key + keylen, 4);
^~~~~~
drivers/crypto/ccree/cc_aead.c:2136:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ctx->ctr_nonce, key + keylen, 4);
^~~~~~
drivers/crypto/ccree/cc_aead.c:2164:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = drvdata_to_dev(ctx->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2164:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = drvdata_to_dev(ctx->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2184:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = drvdata_to_dev(ctx->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2184:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = drvdata_to_dev(ctx->drvdata);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/crypto/ccree/cc_aead.c:2203:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2203:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2227:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2227:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2254:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2254:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2278:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2278:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(areq_ctx, 0, sizeof(*areq_ctx));
^~~~~~
drivers/crypto/ccree/cc_aead.c:2572:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(alg->base.cra_name, CRYPTO_MAX_ALG_NAME, "%s", tmpl->name);
^~~~~~~~
drivers/crypto/ccree/cc_aead.c:2572:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(alg->base.cra_name, CRYPTO_MAX_ALG_NAME, "%s", tmpl->name);
^~~~~~~~
drivers/crypto/ccree/cc_aead.c:2573:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(alg->base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s",
^~~~~~~~
drivers/crypto/ccree/cc_aead.c:2573:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(alg->base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s",
^~~~~~~~
Suppressed 67 warnings (67 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
45 warnings generated.
drivers/input/touchscreen/cy8ctmg110_ts.c:71:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(i2c_data + 1, value, len);
^~~~~~
drivers/input/touchscreen/cy8ctmg110_ts.c:71:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(i2c_data + 1, value, len);
^~~~~~
drivers/input/touchscreen/cy8ctmg110_ts.c:115:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(reg_p, 0, CY8CTMG110_REG_MAX);
^~~~~~
drivers/input/touchscreen/cy8ctmg110_ts.c:115:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(reg_p, 0, CY8CTMG110_REG_MAX);
^~~~~~
drivers/input/touchscreen/cy8ctmg110_ts.c:193:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(ts->phys, sizeof(ts->phys),
^~~~~~~~
drivers/input/touchscreen/cy8ctmg110_ts.c:193:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(ts->phys, sizeof(ts->phys),
^~~~~~~~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
45 warnings generated.
>> drivers/staging/fieldbus/anybuss/arcx-anybus.c:169:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%s\n", cd->version);
^~~~~~~
drivers/staging/fieldbus/anybuss/arcx-anybus.c:169:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%s\n", cd->version);
^~~~~~~
drivers/staging/fieldbus/anybuss/arcx-anybus.c:178:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%d\n", cd->design_no);
^~~~~~~
drivers/staging/fieldbus/anybuss/arcx-anybus.c:178:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%d\n", cd->design_no);
^~~~~~~
drivers/staging/fieldbus/anybuss/arcx-anybus.c:256:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(cd->version, sizeof(cd->version), "%c%d",
^~~~~~~~
drivers/staging/fieldbus/anybuss/arcx-anybus.c:256:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(cd->version, sizeof(cd->version), "%c%d",
^~~~~~~~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
drivers/staging/fieldbus/anybuss/hms-profinet.c:69:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(buf, max_size, "%pM\n", response.addr);
^~~~~~~~
drivers/staging/fieldbus/anybuss/hms-profinet.c:69:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(buf, max_size, "%pM\n", response.addr);
^~~~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
103 warnings generated.
net/ipv4/fib_frontend.c:474:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(cfg, 0, sizeof(*cfg));
^~~~~~
net/ipv4/fib_frontend.c:474:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(cfg, 0, sizeof(*cfg));
^~~~~~
net/ipv4/fib_frontend.c:735:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(cfg, 0, sizeof(*cfg));
^~~~~~
net/ipv4/fib_frontend.c:735:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(cfg, 0, sizeof(*cfg));
^~~~~~
net/ipv4/fib_frontend.c:1021:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&cb->args[2], 0, sizeof(cb->args) -
^~~~~~
net/ipv4/fib_frontend.c:1021:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&cb->args[2], 0, sizeof(cb->args) -
^~~~~~
Suppressed 100 warnings (99 in non-user code, 1 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
103 warnings generated.
include/linux/list.h:88:24: warning: Access to field 'next' results in a dereference of a null pointer (loaded from variable 'head') [clang-analyzer-core.NullDereference]
__list_add(new, head, head->next);
^
net/ipv4/fib_semantics.c:1395:2: note: 'nh' initialized to a null pointer value
struct nexthop *nh = NULL;
^~~~~~~~~~~~~~~~~~
net/ipv4/fib_semantics.c:1400:6: note: Assuming the condition is false
if (cfg->fc_type > RTN_MAX)
^~~~~~~~~~~~~~~~~~~~~~
net/ipv4/fib_semantics.c:1400:2: note: Taking false branch
if (cfg->fc_type > RTN_MAX)
^
net/ipv4/fib_semantics.c:1404:6: note: Assuming field 'scope' is <= field 'fc_scope'
if (fib_props[cfg->fc_type].scope > cfg->fc_scope) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ipv4/fib_semantics.c:1404:2: note: Taking false branch
if (fib_props[cfg->fc_type].scope > cfg->fc_scope) {
^
net/ipv4/fib_semantics.c:1409:6: note: Assuming the condition is false
if (cfg->fc_flags & (RTNH_F_DEAD | RTNH_F_LINKDOWN)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ipv4/fib_semantics.c:1409:2: note: Taking false branch
if (cfg->fc_flags & (RTNH_F_DEAD | RTNH_F_LINKDOWN)) {
^
net/ipv4/fib_semantics.c:1415:6: note: Assuming field 'fc_nh_id' is 0
if (cfg->fc_nh_id) {
^~~~~~~~~~~~~
net/ipv4/fib_semantics.c:1415:2: note: Taking false branch
if (cfg->fc_nh_id) {
^
net/ipv4/fib_semantics.c:1433:6: note: Assuming field 'fc_mp' is null
if (cfg->fc_mp) {
^~~~~~~~~~
net/ipv4/fib_semantics.c:1433:2: note: Taking false branch
if (cfg->fc_mp) {
^
net/ipv4/fib_semantics.c:1443:6: note: Left side of '||' is false
if (READ_ONCE(fib_info_cnt) >= fib_info_hash_size) {
^
include/asm-generic/rwonce.h:49:2: note: expanded from macro 'READ_ONCE'
compiletime_assert_rwonce_type(x); \
^
include/asm-generic/rwonce.h:36:21: note: expanded from macro 'compiletime_assert_rwonce_type'
compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \
^
include/linux/compiler_types.h:313:3: note: expanded from macro '__native_word'
(sizeof(t) == sizeof(char) || sizeof(t) == sizeof(short) || \
vim +41 lib/test_scanf.c
50f530e176eac8 Richard Fitzgerald 2021-05-14 26
50f530e176eac8 Richard Fitzgerald 2021-05-14 27 typedef int (*check_fn)(const void *check_data, const char *string,
50f530e176eac8 Richard Fitzgerald 2021-05-14 28 const char *fmt, int n_args, va_list ap);
50f530e176eac8 Richard Fitzgerald 2021-05-14 29
50f530e176eac8 Richard Fitzgerald 2021-05-14 30 static void __scanf(4, 6) __init
50f530e176eac8 Richard Fitzgerald 2021-05-14 31 _test(check_fn fn, const void *check_data, const char *string, const char *fmt,
50f530e176eac8 Richard Fitzgerald 2021-05-14 32 int n_args, ...)
50f530e176eac8 Richard Fitzgerald 2021-05-14 33 {
50f530e176eac8 Richard Fitzgerald 2021-05-14 34 va_list ap, ap_copy;
50f530e176eac8 Richard Fitzgerald 2021-05-14 35 int ret;
50f530e176eac8 Richard Fitzgerald 2021-05-14 36
50f530e176eac8 Richard Fitzgerald 2021-05-14 37 total_tests++;
50f530e176eac8 Richard Fitzgerald 2021-05-14 38
50f530e176eac8 Richard Fitzgerald 2021-05-14 39 va_start(ap, n_args);
50f530e176eac8 Richard Fitzgerald 2021-05-14 40 va_copy(ap_copy, ap);
50f530e176eac8 Richard Fitzgerald 2021-05-14 @41 ret = vsscanf(string, fmt, ap_copy);
50f530e176eac8 Richard Fitzgerald 2021-05-14 42 va_end(ap_copy);
50f530e176eac8 Richard Fitzgerald 2021-05-14 43
50f530e176eac8 Richard Fitzgerald 2021-05-14 44 if (ret != n_args) {
50f530e176eac8 Richard Fitzgerald 2021-05-14 45 pr_warn("vsscanf(\"%s\", \"%s\", ...) returned %d expected %d\n",
50f530e176eac8 Richard Fitzgerald 2021-05-14 46 string, fmt, ret, n_args);
50f530e176eac8 Richard Fitzgerald 2021-05-14 47 goto fail;
50f530e176eac8 Richard Fitzgerald 2021-05-14 48 }
50f530e176eac8 Richard Fitzgerald 2021-05-14 49
50f530e176eac8 Richard Fitzgerald 2021-05-14 50 ret = (*fn)(check_data, string, fmt, n_args, ap);
50f530e176eac8 Richard Fitzgerald 2021-05-14 51 if (ret)
50f530e176eac8 Richard Fitzgerald 2021-05-14 52 goto fail;
50f530e176eac8 Richard Fitzgerald 2021-05-14 53
50f530e176eac8 Richard Fitzgerald 2021-05-14 54 va_end(ap);
50f530e176eac8 Richard Fitzgerald 2021-05-14 55
50f530e176eac8 Richard Fitzgerald 2021-05-14 56 return;
50f530e176eac8 Richard Fitzgerald 2021-05-14 57
50f530e176eac8 Richard Fitzgerald 2021-05-14 58 fail:
50f530e176eac8 Richard Fitzgerald 2021-05-14 59 failed_tests++;
50f530e176eac8 Richard Fitzgerald 2021-05-14 60 va_end(ap);
50f530e176eac8 Richard Fitzgerald 2021-05-14 61 }
50f530e176eac8 Richard Fitzgerald 2021-05-14 62
:::::: The code at line 41 was first introduced by commit
:::::: 50f530e176eac808e64416732e54c0686ce2c39b lib: test_scanf: Add tests for sscanf number conversion
:::::: TO: Richard Fitzgerald <rf(a)opensource.cirrus.com>
:::::: CC: Petr Mladek <pmladek(a)suse.com>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
drivers/usb/storage/sddr09.c:1156:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or ...
by kernel test robot
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd(a)arndb.de>
CC: Masahiro Yamada <masahiroy(a)kernel.org>
CC: Alex Shi <alexs(a)kernel.org>
CC: Nick Desaulniers <ndesaulniers(a)google.com>
CC: Miguel Ojeda <ojeda(a)kernel.org>
CC: Nathan Chancellor <nathan(a)kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 965181d7ef7e1a863477536dc328c23a7ebc8a1d
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 2 weeks ago
:::::: branch date: 7 hours ago
:::::: commit date: 2 weeks ago
config: arm-randconfig-c002-20220329 (https://download.01.org/0day-ci/archive/20220330/202203301630.PtkyuGLo-lk...)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
status = mos7840_calc_baud_rate_divisor(port, baudRate, &divisor,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/serial/mos7840.c:1202:2: warning: Value stored to 'lData' is never read [clang-analyzer-deadcode.DeadStores]
lData = LCR_BITS_8;
^
drivers/usb/serial/mos7840.c:1202:2: note: Value stored to 'lData' is never read
drivers/usb/serial/mos7840.c:1203:2: warning: Value stored to 'lStop' is never read [clang-analyzer-deadcode.DeadStores]
lStop = LCR_STOP_1;
^
drivers/usb/serial/mos7840.c:1203:2: note: Value stored to 'lStop' is never read
drivers/usb/serial/mos7840.c:1306:2: warning: Value stored to 'status' is never read [clang-analyzer-deadcode.DeadStores]
status = mos7840_send_cmd_write_baud_rate(mos7840_port, baud);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/serial/mos7840.c:1306:2: note: Value stored to 'status' is never read
status = mos7840_send_cmd_write_baud_rate(mos7840_port, baud);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/serial/mos7840.c:1387:26: warning: Value stored to 'port' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct usb_serial_port *port = tty->driver_data;
^~~~ ~~~~~~~~~~~~~~~~
drivers/usb/serial/mos7840.c:1387:26: note: Value stored to 'port' during its initialization is never read
struct usb_serial_port *port = tty->driver_data;
^~~~ ~~~~~~~~~~~~~~~~
drivers/usb/serial/mos7840.c:1516:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = &serial->interface->dev;
^~~ ~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/serial/mos7840.c:1516:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = &serial->interface->dev;
^~~ ~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
44 warnings generated.
drivers/usb/storage/onetouch.c:213:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(onetouch->name, sizeof(onetouch->name),
^~~~~~~~
drivers/usb/storage/onetouch.c:213:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(onetouch->name, sizeof(onetouch->name),
^~~~~~~~
Suppressed 43 warnings (43 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
63 warnings generated.
drivers/usb/storage/sddr09.c:240:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(data, ecc, 3);
^~~~~~
drivers/usb/storage/sddr09.c:240:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(data, ecc, 3);
^~~~~~
drivers/usb/storage/sddr09.c:352:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:352:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:528:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:528:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:717:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:717:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:796:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(buffer, 0, len);
^~~~~~
drivers/usb/storage/sddr09.c:796:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(buffer, 0, len);
^~~~~~
drivers/usb/storage/sddr09.c:922:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(bptr, xptr, info->pagesize);
^~~~~~
drivers/usb/storage/sddr09.c:922:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(bptr, xptr, info->pagesize);
^~~~~~
drivers/usb/storage/sddr09.c:1076:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:1076:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(command, 0, 12);
^~~~~~
drivers/usb/storage/sddr09.c:1106:3: warning: Value stored to 'wp_fmt' is never read [clang-analyzer-deadcode.DeadStores]
wp_fmt = " WP";
^ ~~~~~
drivers/usb/storage/sddr09.c:1106:3: note: Value stored to 'wp_fmt' is never read
wp_fmt = " WP";
^ ~~~~~
drivers/usb/storage/sddr09.c:1108:3: warning: Value stored to 'wp_fmt' is never read [clang-analyzer-deadcode.DeadStores]
wp_fmt = "";
^ ~~
drivers/usb/storage/sddr09.c:1108:3: note: Value stored to 'wp_fmt' is never read
wp_fmt = "";
^ ~~
drivers/usb/storage/sddr09.c:1153:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(blurbtxt, "sddr09: Found Flash card, ID = %4ph", deviceID);
^~~~~~~
drivers/usb/storage/sddr09.c:1153:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(blurbtxt, "sddr09: Found Flash card, ID = %4ph", deviceID);
^~~~~~~
>> drivers/usb/storage/sddr09.c:1156:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1156:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1168:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1168:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1171:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1171:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1177:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1177:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1183:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1183:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1188:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1188:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(blurbtxt + strlen(blurbtxt),
^~~~~~~
drivers/usb/storage/sddr09.c:1563:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(ptr, 0, 18);
^~~~~~
drivers/usb/storage/sddr09.c:1563:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(ptr, 0, 18);
^~~~~~
drivers/usb/storage/sddr09.c:1581:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ptr, inquiry_response, 8);
^~~~~~
drivers/usb/storage/sddr09.c:1581:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ptr, inquiry_response, 8);
^~~~~~
drivers/usb/storage/sddr09.c:1639:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ptr, mode_page_01, sizeof(mode_page_01));
^~~~~~
drivers/usb/storage/sddr09.c:1639:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ptr, mode_page_01, sizeof(mode_page_01));
^~~~~~
drivers/usb/storage/sddr09.c:1705:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(ptr+strlen(ptr), "%02X ", srb->cmnd[i]);
^~~~~~~
drivers/usb/storage/sddr09.c:1705:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(ptr+strlen(ptr), "%02X ", srb->cmnd[i]);
^~~~~~~
Suppressed 43 warnings (43 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
43 warnings generated.
Suppressed 43 warnings (43 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
44 warnings generated.
drivers/gpu/drm/arm/display/komeda/komeda_kms.c:48:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&evts, 0, sizeof(evts));
^~~~~~
drivers/gpu/drm/arm/display/komeda/komeda_kms.c:48:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&evts, 0, sizeof(evts));
^~~~~~
Suppressed 43 warnings (43 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
43 warnings generated.
drivers/gpu/drm/arm/display/komeda/komeda_crtc.c:581:4: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "pipe-%d", crtc->slave->id);
^~~~~~~
drivers/gpu/drm/arm/display/komeda/komeda_crtc.c:581:4: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "pipe-%d", crtc->slave->id);
^~~~~~~
drivers/gpu/drm/arm/display/komeda/komeda_crtc.c:583:4: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(str, "None");
^~~~~~~
drivers/gpu/drm/arm/display/komeda/komeda_crtc.c:583:4: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(str, "None");
^~~~~~~
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
44 warnings generated.
block/blk-map.c:32:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(bmd->iov, data->iov, sizeof(struct iovec) * data->nr_segs);
^~~~~~
block/blk-map.c:32:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(bmd->iov, data->iov, sizeof(struct iovec) * data->nr_segs);
vim +1156 drivers/usb/storage/sddr09.c
^1da177e4c3f41 Linus Torvalds 2005-04-16 1092
^1da177e4c3f41 Linus Torvalds 2005-04-16 1093 static int
^1da177e4c3f41 Linus Torvalds 2005-04-16 1094 sddr09_get_wp(struct us_data *us, struct sddr09_card_info *info) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1095 int result;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1096 unsigned char status;
ef976ea33b4c44 Victor Dodon 2016-02-17 1097 const char *wp_fmt;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1098
^1da177e4c3f41 Linus Torvalds 2005-04-16 1099 result = sddr09_read_status(us, &status);
0dc08a357538de Matthew Dharm 2005-12-04 1100 if (result) {
191648d03d2022 Joe Perches 2013-04-19 1101 usb_stor_dbg(us, "read_status fails\n");
^1da177e4c3f41 Linus Torvalds 2005-04-16 1102 return result;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1103 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1104 if ((status & 0x80) == 0) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1105 info->flags |= SDDR09_WP; /* write protected */
ef976ea33b4c44 Victor Dodon 2016-02-17 1106 wp_fmt = " WP";
ef976ea33b4c44 Victor Dodon 2016-02-17 1107 } else {
ef976ea33b4c44 Victor Dodon 2016-02-17 @1108 wp_fmt = "";
^1da177e4c3f41 Linus Torvalds 2005-04-16 1109 }
ef976ea33b4c44 Victor Dodon 2016-02-17 1110 usb_stor_dbg(us, "status 0x%02X%s%s%s%s\n", status, wp_fmt,
ef976ea33b4c44 Victor Dodon 2016-02-17 1111 status & 0x40 ? " Ready" : "",
ef976ea33b4c44 Victor Dodon 2016-02-17 1112 status & LUNBITS ? " Suspended" : "",
ef976ea33b4c44 Victor Dodon 2016-02-17 1113 status & 0x01 ? " Error" : "");
ef976ea33b4c44 Victor Dodon 2016-02-17 1114
0dc08a357538de Matthew Dharm 2005-12-04 1115 return 0;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1116 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1117
^1da177e4c3f41 Linus Torvalds 2005-04-16 1118 #if 0
^1da177e4c3f41 Linus Torvalds 2005-04-16 1119 /*
^1da177e4c3f41 Linus Torvalds 2005-04-16 1120 * Reset Command: 12 bytes.
^1da177e4c3f41 Linus Torvalds 2005-04-16 1121 * byte 0: opcode: EB
^1da177e4c3f41 Linus Torvalds 2005-04-16 1122 */
^1da177e4c3f41 Linus Torvalds 2005-04-16 1123 static int
^1da177e4c3f41 Linus Torvalds 2005-04-16 1124 sddr09_reset(struct us_data *us) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1125
^1da177e4c3f41 Linus Torvalds 2005-04-16 1126 unsigned char *command = us->iobuf;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1127
^1da177e4c3f41 Linus Torvalds 2005-04-16 1128 memset(command, 0, 12);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1129 command[0] = 0xEB;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1130 command[1] = LUNBITS;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1131
^1da177e4c3f41 Linus Torvalds 2005-04-16 1132 return sddr09_send_scsi_command(us, command, 12);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1133 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1134 #endif
^1da177e4c3f41 Linus Torvalds 2005-04-16 1135
^1da177e4c3f41 Linus Torvalds 2005-04-16 1136 static struct nand_flash_dev *
^1da177e4c3f41 Linus Torvalds 2005-04-16 1137 sddr09_get_cardinfo(struct us_data *us, unsigned char flags) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1138 struct nand_flash_dev *cardinfo;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1139 unsigned char deviceID[4];
^1da177e4c3f41 Linus Torvalds 2005-04-16 1140 char blurbtxt[256];
^1da177e4c3f41 Linus Torvalds 2005-04-16 1141 int result;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1142
191648d03d2022 Joe Perches 2013-04-19 1143 usb_stor_dbg(us, "Reading capacity...\n");
^1da177e4c3f41 Linus Torvalds 2005-04-16 1144
^1da177e4c3f41 Linus Torvalds 2005-04-16 1145 result = sddr09_read_deviceID(us, deviceID);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1146
0dc08a357538de Matthew Dharm 2005-12-04 1147 if (result) {
191648d03d2022 Joe Perches 2013-04-19 1148 usb_stor_dbg(us, "Result of read_deviceID is %d\n", result);
6f8aa65b520371 Frank Seidel 2009-02-05 1149 printk(KERN_WARNING "sddr09: could not read card info\n");
^1da177e4c3f41 Linus Torvalds 2005-04-16 1150 return NULL;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1151 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1152
7adce46784a099 Andy Shevchenko 2014-09-05 1153 sprintf(blurbtxt, "sddr09: Found Flash card, ID = %4ph", deviceID);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1154
^1da177e4c3f41 Linus Torvalds 2005-04-16 1155 /* Byte 0 is the manufacturer */
^1da177e4c3f41 Linus Torvalds 2005-04-16 @1156 sprintf(blurbtxt + strlen(blurbtxt),
^1da177e4c3f41 Linus Torvalds 2005-04-16 1157 ": Manuf. %s",
^1da177e4c3f41 Linus Torvalds 2005-04-16 1158 nand_flash_manufacturer(deviceID[0]));
^1da177e4c3f41 Linus Torvalds 2005-04-16 1159
^1da177e4c3f41 Linus Torvalds 2005-04-16 1160 /* Byte 1 is the device type */
^1da177e4c3f41 Linus Torvalds 2005-04-16 1161 cardinfo = nand_find_id(deviceID[1]);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1162 if (cardinfo) {
f0183a338e4f90 Felipe Balbi 2016-04-18 1163 /*
f0183a338e4f90 Felipe Balbi 2016-04-18 1164 * MB or MiB? It is neither. A 16 MB card has
f0183a338e4f90 Felipe Balbi 2016-04-18 1165 * 17301504 raw bytes, of which 16384000 are
f0183a338e4f90 Felipe Balbi 2016-04-18 1166 * usable for user data.
f0183a338e4f90 Felipe Balbi 2016-04-18 1167 */
^1da177e4c3f41 Linus Torvalds 2005-04-16 1168 sprintf(blurbtxt + strlen(blurbtxt),
^1da177e4c3f41 Linus Torvalds 2005-04-16 1169 ", %d MB", 1<<(cardinfo->chipshift - 20));
^1da177e4c3f41 Linus Torvalds 2005-04-16 1170 } else {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1171 sprintf(blurbtxt + strlen(blurbtxt),
^1da177e4c3f41 Linus Torvalds 2005-04-16 1172 ", type unrecognized");
^1da177e4c3f41 Linus Torvalds 2005-04-16 1173 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1174
^1da177e4c3f41 Linus Torvalds 2005-04-16 1175 /* Byte 2 is code to signal availability of 128-bit ID */
^1da177e4c3f41 Linus Torvalds 2005-04-16 1176 if (deviceID[2] == 0xa5) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1177 sprintf(blurbtxt + strlen(blurbtxt),
^1da177e4c3f41 Linus Torvalds 2005-04-16 1178 ", 128-bit ID");
^1da177e4c3f41 Linus Torvalds 2005-04-16 1179 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1180
^1da177e4c3f41 Linus Torvalds 2005-04-16 1181 /* Byte 3 announces the availability of another read ID command */
^1da177e4c3f41 Linus Torvalds 2005-04-16 1182 if (deviceID[3] == 0xc0) {
^1da177e4c3f41 Linus Torvalds 2005-04-16 1183 sprintf(blurbtxt + strlen(blurbtxt),
^1da177e4c3f41 Linus Torvalds 2005-04-16 1184 ", extra cmd");
^1da177e4c3f41 Linus Torvalds 2005-04-16 1185 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1186
^1da177e4c3f41 Linus Torvalds 2005-04-16 1187 if (flags & SDDR09_WP)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1188 sprintf(blurbtxt + strlen(blurbtxt),
^1da177e4c3f41 Linus Torvalds 2005-04-16 1189 ", WP");
^1da177e4c3f41 Linus Torvalds 2005-04-16 1190
6f8aa65b520371 Frank Seidel 2009-02-05 1191 printk(KERN_WARNING "%s\n", blurbtxt);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1192
^1da177e4c3f41 Linus Torvalds 2005-04-16 1193 return cardinfo;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1194 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1195
:::::: The code at line 1156 was first introduced by commit
:::::: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 Linux-2.6.12-rc2
:::::: TO: Linus Torvalds <torvalds(a)ppc970.osdl.org>
:::::: CC: Linus Torvalds <torvalds(a)ppc970.osdl.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
drivers/target/target_core_pscsi.c:1032:6: warning: Value stored to 'cdb' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
by kernel test robot
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Christoph Hellwig <hch(a)lst.de>
CC: "Martin K. Petersen" <martin.petersen(a)oracle.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 1c24a186398f59c80adb9a967486b65c1423a59d
commit: c49ff72cff4caff709b2edb98421bd87bec1d853 scsi: target: pscsi: Remove struct pscsi_plugin_task
date: 4 weeks ago
:::::: branch date: 10 hours ago
:::::: commit date: 4 weeks ago
config: x86_64-randconfig-c007 (https://download.01.org/0day-ci/archive/20220330/202203301545.wmLw8Kvh-lk...)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout c49ff72cff4caff709b2edb98421bd87bec1d853
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
include/linux/printk.h:131:2: note: expanded from macro 'no_printk'
if (0) \
^
net/ieee802154/nl-phy.c:174:6: note: Assuming the condition is false
if (!info->attrs[IEEE802154_ATTR_PHY_NAME])
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ieee802154/nl-phy.c:174:2: note: Taking false branch
if (!info->attrs[IEEE802154_ATTR_PHY_NAME])
^
net/ieee802154/nl-phy.c:178:6: note: Assuming the condition is false
if (name[nla_len(info->attrs[IEEE802154_ATTR_PHY_NAME]) - 1] != '\0')
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ieee802154/nl-phy.c:178:2: note: Taking false branch
if (name[nla_len(info->attrs[IEEE802154_ATTR_PHY_NAME]) - 1] != '\0')
^
net/ieee802154/nl-phy.c:181:6: note: Assuming the condition is false
if (info->attrs[IEEE802154_ATTR_DEV_NAME]) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ieee802154/nl-phy.c:181:2: note: Taking false branch
if (info->attrs[IEEE802154_ATTR_DEV_NAME]) {
^
net/ieee802154/nl-phy.c:192:2: note: Taking false branch
if (strlen(devname) >= IFNAMSIZ)
^
net/ieee802154/nl-phy.c:196:6: note: Assuming 'phy' is non-null
if (!phy)
^~~~
net/ieee802154/nl-phy.c:196:2: note: Taking false branch
if (!phy)
^
net/ieee802154/nl-phy.c:200:6: note: Assuming 'msg' is non-null
if (!msg)
^~~~
net/ieee802154/nl-phy.c:200:2: note: Taking false branch
if (!msg)
^
net/ieee802154/nl-phy.c:203:6: note: Assuming pointer value is null
if (info->attrs[IEEE802154_ATTR_HW_ADDR] &&
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ieee802154/nl-phy.c:203:43: note: Left side of '&&' is false
if (info->attrs[IEEE802154_ATTR_HW_ADDR] &&
^
net/ieee802154/nl-phy.c:210:6: note: Assuming the condition is false
if (info->attrs[IEEE802154_ATTR_DEV_TYPE]) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ieee802154/nl-phy.c:210:2: note: Taking false branch
if (info->attrs[IEEE802154_ATTR_DEV_TYPE]) {
^
net/ieee802154/nl-phy.c:220:6: note: Calling 'IS_ERR'
if (IS_ERR(dev)) {
^~~~~~~~~~~
include/linux/err.h:36:9: note: Assuming the condition is false
return IS_ERR_VALUE((unsigned long)ptr);
^
include/linux/err.h:22:34: note: expanded from macro 'IS_ERR_VALUE'
#define IS_ERR_VALUE(x) unlikely((unsigned long)(void *)(x) >= (unsigned long)-MAX_ERRNO)
~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
include/linux/err.h:36:2: note: Returning zero, which participates in a condition later
return IS_ERR_VALUE((unsigned long)ptr);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ieee802154/nl-phy.c:220:6: note: Returning from 'IS_ERR'
if (IS_ERR(dev)) {
^~~~~~~~~~~
net/ieee802154/nl-phy.c:220:2: note: Taking false branch
if (IS_ERR(dev)) {
^
net/ieee802154/nl-phy.c:226:2: note: Taking false branch
if (info->attrs[IEEE802154_ATTR_HW_ADDR]) {
^
net/ieee802154/nl-phy.c:243:6: note: Assuming the condition is false
if (nla_put_string(msg, IEEE802154_ATTR_PHY_NAME, wpan_phy_name(phy)) ||
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ieee802154/nl-phy.c:243:6: note: Left side of '||' is false
net/ieee802154/nl-phy.c:244:52: note: Passing null pointer value via 3rd parameter 'str'
nla_put_string(msg, IEEE802154_ATTR_DEV_NAME, dev->name)) {
^~~~~~~~~
net/ieee802154/nl-phy.c:244:6: note: Calling 'nla_put_string'
nla_put_string(msg, IEEE802154_ATTR_DEV_NAME, dev->name)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/netlink.h:1477:32: note: Null pointer passed as 1st argument to string length function
return nla_put(skb, attrtype, strlen(str) + 1, str);
^ ~~~
Suppressed 8 warnings (8 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
drivers/target/target_core_pscsi.c:355:25: warning: Value stored to 'phv' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct pscsi_hba_virt *phv = dev->se_hba->hba_ptr;
^~~ ~~~~~~~~~~~~~~~~~~~~
drivers/target/target_core_pscsi.c:355:25: note: Value stored to 'phv' during its initialization is never read
struct pscsi_hba_virt *phv = dev->se_hba->hba_ptr;
^~~ ~~~~~~~~~~~~~~~~~~~~
drivers/target/target_core_pscsi.c:400:25: warning: Value stored to 'phv' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct pscsi_hba_virt *phv = dev->se_hba->hba_ptr;
^~~ ~~~~~~~~~~~~~~~~~~~~
drivers/target/target_core_pscsi.c:400:25: note: Value stored to 'phv' during its initialization is never read
struct pscsi_hba_virt *phv = dev->se_hba->hba_ptr;
^~~ ~~~~~~~~~~~~~~~~~~~~
>> drivers/target/target_core_pscsi.c:1032:6: warning: Value stored to 'cdb' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
u8 *cdb = cmd->priv;
^~~ ~~~~~~~~~
drivers/target/target_core_pscsi.c:1032:6: note: Value stored to 'cdb' during its initialization is never read
u8 *cdb = cmd->priv;
^~~ ~~~~~~~~~
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
drivers/target/loopback/tcm_loop.c:697:30: warning: Access to field 'tl_fabric_prot_type' results in a dereference of a null pointer (loaded from variable 'tl_tpg') [clang-analyzer-core.NullDereference]
tl_tpg->tl_fabric_prot_type = val;
~~~~~~ ^
drivers/target/loopback/tcm_loop.c:684:2: note: 'tl_tpg' initialized to a null pointer value
struct tcm_loop_tpg *tl_tpg = container_of(se_tpg, struct tcm_loop_tpg,
^~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:687:12: note: Calling 'kstrtoul'
int ret = kstrtoul(page, 0, &val);
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/kstrtox.h:36:6: note: Left side of '&&' is true
if (sizeof(unsigned long) == sizeof(unsigned long long) &&
^
include/linux/kstrtox.h:36:2: note: Taking true branch
if (sizeof(unsigned long) == sizeof(unsigned long long) &&
^
include/linux/kstrtox.h:38:3: note: Returning value, which participates in a condition later
return kstrtoull(s, base, (unsigned long long *)res);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:687:12: note: Returning from 'kstrtoul'
int ret = kstrtoul(page, 0, &val);
^~~~~~~~~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:689:6: note: Assuming 'ret' is 0
if (ret) {
^~~
drivers/target/loopback/tcm_loop.c:689:2: note: Taking false branch
if (ret) {
^
drivers/target/loopback/tcm_loop.c:693:6: note: Assuming 'val' is equal to 0
if (val != 0 && val != 1 && val != 3) {
^~~~~~~~
drivers/target/loopback/tcm_loop.c:693:15: note: Left side of '&&' is false
if (val != 0 && val != 1 && val != 3) {
^
drivers/target/loopback/tcm_loop.c:697:30: note: Access to field 'tl_fabric_prot_type' results in a dereference of a null pointer (loaded from variable 'tl_tpg')
tl_tpg->tl_fabric_prot_type = val;
~~~~~~ ^
drivers/target/loopback/tcm_loop.c:725:23: warning: Value stored to 'tl_hba' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct tcm_loop_hba *tl_hba = tl_tpg->tl_hba;
^~~~~~ ~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:725:23: note: Value stored to 'tl_hba' during its initialization is never read
struct tcm_loop_hba *tl_hba = tl_tpg->tl_hba;
^~~~~~ ~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:913:31: warning: Access to field 'tl_transport_status' results in a dereference of a null pointer (loaded from variable 'tl_tpg') [clang-analyzer-core.NullDereference]
tl_tpg->tl_transport_status = TCM_TRANSPORT_ONLINE;
~~~~~~ ^
drivers/target/loopback/tcm_loop.c:909:2: note: 'tl_tpg' initialized to a null pointer value
struct tcm_loop_tpg *tl_tpg = container_of(se_tpg,
^~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:912:2: note: Taking true branch
if (!strncmp(page, "online", 6)) {
^
drivers/target/loopback/tcm_loop.c:913:31: note: Access to field 'tl_transport_status' results in a dereference of a null pointer (loaded from variable 'tl_tpg')
tl_tpg->tl_transport_status = TCM_TRANSPORT_ONLINE;
~~~~~~ ^
drivers/target/loopback/tcm_loop.c:993:17: warning: Value stored to 'wwn' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct se_wwn *wwn = se_tpg->se_tpg_wwn;
^~~ ~~~~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:993:17: note: Value stored to 'wwn' during its initialization is never read
struct se_wwn *wwn = se_tpg->se_tpg_wwn;
^~~ ~~~~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:999:2: warning: Value stored to 'tl_hba' is never read [clang-analyzer-deadcode.DeadStores]
tl_hba = tl_tpg->tl_hba;
^ ~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:999:2: note: Value stored to 'tl_hba' is never read
tl_hba = tl_tpg->tl_hba;
^ ~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:1000:2: warning: Value stored to 'tpgt' is never read [clang-analyzer-deadcode.DeadStores]
tpgt = tl_tpg->tl_tpgt;
^ ~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:1000:2: note: Value stored to 'tpgt' is never read
tpgt = tl_tpg->tl_tpgt;
^ ~~~~~~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:1078:2: warning: Value stored to 'sh' is never read [clang-analyzer-deadcode.DeadStores]
sh = tl_hba->sh;
^ ~~~~~~~~~~
drivers/target/loopback/tcm_loop.c:1078:2: note: Value stored to 'sh' is never read
sh = tl_hba->sh;
^ ~~~~~~~~~~
Suppressed 5 warnings (5 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
13 warnings generated.
Suppressed 13 warnings (13 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
17 warnings generated.
net/mac80211/tx.c:2594:4: warning: Null pointer passed as 2nd argument to memory copy function [clang-analyzer-unix.cstring.NullArg]
memcpy(hdr.addr1, sta->sta.addr, ETH_ALEN);
^ ~~~~~~~~~~~~~
net/mac80211/tx.c:2576:2: note: Taking true branch
if (IS_ERR(sta))
^
net/mac80211/tx.c:2580:6: note: Assuming field 'force_tx_status' is false
if (local->force_tx_status)
vim +/cdb +1032 drivers/target/target_core_pscsi.c
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1026
2a842acab109f4 Christoph Hellwig 2017-06-03 1027 static void pscsi_req_done(struct request *req, blk_status_t status)
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1028 {
5787cacd0bd5ee Christoph Hellwig 2012-04-24 1029 struct se_cmd *cmd = req->end_io_data;
dce6ce8cfb842c Mike Christie 2017-05-31 1030 int result = scsi_req(req)->result;
149d0e489e807f Bart Van Assche 2021-05-23 1031 enum sam_status scsi_status = result & 0xff;
c49ff72cff4caf Christoph Hellwig 2022-02-24 @1032 u8 *cdb = cmd->priv;
5787cacd0bd5ee Christoph Hellwig 2012-04-24 1033
15df85e0d63d87 Bart Van Assche 2021-04-15 1034 if (scsi_status != SAM_STAT_GOOD) {
5787cacd0bd5ee Christoph Hellwig 2012-04-24 1035 pr_debug("PSCSI Status Byte exception at cmd: %p CDB:"
c49ff72cff4caf Christoph Hellwig 2022-02-24 1036 " 0x%02x Result: 0x%08x\n", cmd, cdb[0], result);
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1037 }
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1038
dce6ce8cfb842c Mike Christie 2017-05-31 1039 pscsi_complete_cmd(cmd, scsi_status, scsi_req(req)->sense);
dce6ce8cfb842c Mike Christie 2017-05-31 1040
dce6ce8cfb842c Mike Christie 2017-05-31 1041 switch (host_byte(result)) {
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1042 case DID_OK:
bd81372065fa46 Lee Duncan 2018-05-15 1043 target_complete_cmd_with_length(cmd, scsi_status,
bd81372065fa46 Lee Duncan 2018-05-15 1044 cmd->data_length - scsi_req(req)->resid_len);
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1045 break;
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1046 default:
5787cacd0bd5ee Christoph Hellwig 2012-04-24 1047 pr_debug("PSCSI Host Byte exception at cmd: %p CDB:"
c49ff72cff4caf Christoph Hellwig 2022-02-24 1048 " 0x%02x Result: 0x%08x\n", cmd, cdb[0], result);
5787cacd0bd5ee Christoph Hellwig 2012-04-24 1049 target_complete_cmd(cmd, SAM_STAT_CHECK_CONDITION);
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1050 break;
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1051 }
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1052
0bf6d96cb82940 Christoph Hellwig 2021-10-25 1053 blk_mq_free_request(req);
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1054 }
c66ac9db8d4ad9 Nicholas Bellinger 2010-12-17 1055
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
drivers/mmc/host/litex_mmc.c:436:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
by kernel test robot
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Gabriel Somlo <gsomlo(a)gmail.com>
CC: Ulf Hansson <ulf.hansson(a)linaro.org>
CC: Kamil Rakoczy <krakoczy(a)antmicro.com>
CC: Maciej Dudek <mdudek(a)internships.antmicro.com>
CC: Paul Mackerras <paulus(a)ozlabs.org>
CC: Joel Stanley <joel(a)jms.id.au>
CC: Andy Shevchenko <andy.shevchenko(a)gmail.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 1c24a186398f59c80adb9a967486b65c1423a59d
commit: 92e099104729d7284d37bc0f49f8a9d30f3e0521 mmc: Add driver for LiteX's LiteSDCard interface
date: 4 weeks ago
:::::: branch date: 8 hours ago
:::::: commit date: 4 weeks ago
config: arm-randconfig-c002-20220328 (https://download.01.org/0day-ci/archive/20220330/202203301336.WANXPoBa-lk...)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 92e099104729d7284d37bc0f49f8a9d30f3e0521
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
drivers/phy/cadence/phy-cadence-torrent.c:1352:25: warning: The result of the left shift is undefined because the left operand is negative [clang-analyzer-core.UndefinedBinaryOperatorResult]
value |= ((~lane_mask) << PMA_TX_ELEC_IDLE_SHIFT) &
^
drivers/phy/cadence/phy-cadence-torrent.c:1476:6: note: 'ret' is 0
if (ret) {
^~~
drivers/phy/cadence/phy-cadence-torrent.c:1476:2: note: Taking false branch
if (ret) {
^
drivers/phy/cadence/phy-cadence-torrent.c:1481:6: note: Assuming field 'set_lanes' is not equal to 0
if (opts->dp.set_lanes) {
^~~~~~~~~~~~~~~~~~
drivers/phy/cadence/phy-cadence-torrent.c:1481:2: note: Taking true branch
if (opts->dp.set_lanes) {
^
drivers/phy/cadence/phy-cadence-torrent.c:1482:9: note: Calling 'cdns_torrent_dp_set_lanes'
ret = cdns_torrent_dp_set_lanes(cdns_phy, &opts->dp);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/phy/cadence/phy-cadence-torrent.c:1352:25: note: The result of the left shift is undefined because the left operand is negative
value |= ((~lane_mask) << PMA_TX_ELEC_IDLE_SHIFT) &
~~~~~~~~~~~~ ^
Suppressed 8 warnings (8 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
drivers/mmc/host/mmc_spi.c:354:4: warning: Value stored to 'end' is never read [clang-analyzer-deadcode.DeadStores]
end = cp+1;
^ ~~~~
drivers/mmc/host/mmc_spi.c:354:4: note: Value stored to 'end' is never read
end = cp+1;
^ ~~~~
drivers/mmc/host/mmc_spi.c:866:15: warning: Value stored to 'write_or_read' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
const char *write_or_read = (direction == DMA_TO_DEVICE) ? "write" : "read";
^~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/mmc/host/mmc_spi.c:866:15: note: Value stored to 'write_or_read' during its initialization is never read
const char *write_or_read = (direction == DMA_TO_DEVICE) ? "write" : "read";
^~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/mmc/host/mmc_spi.c:1076:4: warning: Value stored to 'status' is never read [clang-analyzer-deadcode.DeadStores]
status = mmc_spi_command_send(host, mrq, &stop, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/mmc/host/mmc_spi.c:1076:4: note: Value stored to 'status' is never read
status = mmc_spi_command_send(host, mrq, &stop, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/mmc/host/mmc_spi.c:1083:4: warning: Value stored to 'status' is never read [clang-analyzer-deadcode.DeadStores]
status = mmc_spi_command_send(host, mrq, mrq->stop, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/mmc/host/mmc_spi.c:1083:4: note: Value stored to 'status' is never read
status = mmc_spi_command_send(host, mrq, mrq->stop, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/mmc/host/mmc_spi.c:1238:3: warning: Value stored to 'status' is never read [clang-analyzer-deadcode.DeadStores]
status = spi_setup(host->spi);
^ ~~~~~~~~~~~~~~~~~~~~
drivers/mmc/host/mmc_spi.c:1238:3: note: Value stored to 'status' is never read
status = spi_setup(host->spi);
^ ~~~~~~~~~~~~~~~~~~~~
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
>> drivers/mmc/host/litex_mmc.c:436:17: warning: Value stored to 'dev' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct device *dev = mmc_dev(host->mmc);
^~~
drivers/mmc/host/litex_mmc.c:436:17: note: Value stored to 'dev' during its initialization is never read
struct device *dev = mmc_dev(host->mmc);
^~~
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
Suppressed 8 warnings (7 in non-user code, 1 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
drivers/gpu/drm/tegra/sor.c:809:7: warning: Value stored to 'value' is never read [clang-analyzer-deadcode.DeadStores]
for (value = 0, i = 0; i < link->lanes; i++) {
^ ~
drivers/gpu/drm/tegra/sor.c:809:7: note: Value stored to 'value' is never read
for (value = 0, i = 0; i < link->lanes; i++) {
^ ~
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
9 warnings generated.
drivers/gpu/drm/tegra/dpaux.c:755:14: warning: The left operand of '!=' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
if (status != connector_status_connected)
~~~~~~ ^
drivers/gpu/drm/tegra/dpaux.c:729:6: note: Assuming 'err' is >= 0
if (err < 0)
^~~~~~~
drivers/gpu/drm/tegra/dpaux.c:729:2: note: Taking false branch
if (err < 0)
^
drivers/gpu/drm/tegra/dpaux.c:735:6: note: Assuming field 'panel' is non-null
if (output->panel) {
^~~~~~~~~~~~~
drivers/gpu/drm/tegra/dpaux.c:735:2: note: Taking true branch
if (output->panel) {
^
drivers/gpu/drm/tegra/dpaux.c:736:3: note: 'status' declared without an initial value
enum drm_connector_status status;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/gpu/drm/tegra/dpaux.c:738:7: note: Assuming field 'vdd' is null
if (dpaux->vdd) {
^~~~~~~~~~
drivers/gpu/drm/tegra/dpaux.c:738:3: note: Taking false branch
if (dpaux->vdd) {
^
drivers/gpu/drm/tegra/dpaux.c:746:10: note: Left side of '&&' is true
while (time_before(jiffies, timeout)) {
^
include/linux/jiffies.h:108:26: note: expanded from macro 'time_before'
#define time_before(a,b) time_after(b,a)
^
include/linux/jiffies.h:105:3: note: expanded from macro 'time_after'
(typecheck(unsigned long, a) && \
^
include/linux/typecheck.h:9:27: note: expanded from macro 'typecheck'
#define typecheck(type,x) \
^
drivers/gpu/drm/tegra/dpaux.c:746:10: note: Left side of '&&' is true
while (time_before(jiffies, timeout)) {
^
include/linux/jiffies.h:108:26: note: expanded from macro 'time_before'
#define time_before(a,b) time_after(b,a)
^
include/linux/jiffies.h:105:3: note: expanded from macro 'time_after'
(typecheck(unsigned long, a) && \
vim +/dev +436 drivers/mmc/host/litex_mmc.c
92e099104729d72 Gabriel Somlo 2022-01-13 433
92e099104729d72 Gabriel Somlo 2022-01-13 434 static void litex_mmc_setclk(struct litex_mmc_host *host, unsigned int freq)
92e099104729d72 Gabriel Somlo 2022-01-13 435 {
92e099104729d72 Gabriel Somlo 2022-01-13 @436 struct device *dev = mmc_dev(host->mmc);
92e099104729d72 Gabriel Somlo 2022-01-13 437 u32 div;
92e099104729d72 Gabriel Somlo 2022-01-13 438
92e099104729d72 Gabriel Somlo 2022-01-13 439 div = freq ? host->ref_clk / freq : 256U;
92e099104729d72 Gabriel Somlo 2022-01-13 440 div = roundup_pow_of_two(div);
92e099104729d72 Gabriel Somlo 2022-01-13 441 div = clamp(div, 2U, 256U);
92e099104729d72 Gabriel Somlo 2022-01-13 442 dev_dbg(dev, "sd_clk_freq=%d: set to %d via div=%d\n",
92e099104729d72 Gabriel Somlo 2022-01-13 443 freq, host->ref_clk / div, div);
92e099104729d72 Gabriel Somlo 2022-01-13 444 litex_write16(host->sdphy + LITEX_PHY_CLOCKERDIV, div);
92e099104729d72 Gabriel Somlo 2022-01-13 445 host->sd_clk = freq;
92e099104729d72 Gabriel Somlo 2022-01-13 446 }
92e099104729d72 Gabriel Somlo 2022-01-13 447
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
drivers/gpu/drm/amd/amdgpu/gfxhub_v1_1.c:56 gfxhub_v1_1_get_xgmi_info() warn: should '(((((((adev->virt.caps & (1 << 2)) && adev->gfx.rlc.funcs && adev->gfx.rlc.rlcg_reg_access_supported)) ?amdgpu_sriov_rreg(adev, adev->reg_offset[1][0][0] + 2425, 0, 1):a...
by kernel test robot
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Hawking Zhang <Hawking.Zhang(a)amd.com>
CC: Alex Deucher <alexander.deucher(a)amd.com>
CC: "Zhou, Peng Ju" <PengJu.Zhou(a)amd.com>
CC: Lijo Lazar <lijo.lazar(a)amd.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 13776ebb9964b2ea66ffb8c824c0762eed6da784
commit: 1b2dc99e2dc6f35f55f0487e12fc9166fbd023ed drm/amdgpu: switch to amdgpu_sriov_rreg/wreg
date: 9 weeks ago
:::::: branch date: 7 hours ago
:::::: commit date: 9 weeks ago
config: riscv-randconfig-m031-20220327 (https://download.01.org/0day-ci/archive/20220330/202203300922.q2quiFpi-lk...)
compiler: riscv32-linux-gcc (GCC) 11.2.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
Reported-by: Dan Carpenter <dan.carpenter(a)oracle.com>
New smatch warnings:
drivers/gpu/drm/amd/amdgpu/gfxhub_v1_1.c:56 gfxhub_v1_1_get_xgmi_info() warn: should '(((((((adev->virt.caps & (1 << 2)) && adev->gfx.rlc.funcs && adev->gfx.rlc.rlcg_reg_access_supported)) ?amdgpu_sriov_rreg(adev, adev->reg_offset[1][0][0] + 2425, 0, 1):amdgpu_device_rreg(adev, (adev->reg_offset[1][0][0] + 2425), 0))) & 65535) >> 0) << 24' be a 64 bit type?
drivers/gpu/drm/amd/amdgpu/gfxhub_v2_1.c:530 gfxhub_v2_1_get_xgmi_info() warn: should '(((((((adev->virt.caps & (1 << 2)) && adev->gfx.rlc.funcs && adev->gfx.rlc.rlcg_reg_access_supported)) ?amdgpu_sriov_rreg(adev, adev->reg_offset[1][0][0] + 5880, 0, 1):amdgpu_device_rreg(adev, (adev->reg_offset[1][0][0] + 5880), 0))) & 131071) >> 0) << 24' be a 64 bit type?
Old smatch warnings:
drivers/gpu/drm/amd/amdgpu/gfxhub_v1_1.c:63 gfxhub_v1_1_get_xgmi_info() warn: should '(((((((adev->virt.caps & (1 << 2)) && adev->gfx.rlc.funcs && adev->gfx.rlc.rlcg_reg_access_supported)) ?amdgpu_sriov_rreg(adev, adev->reg_offset[1][0][0] + 2424, 0, 1):amdgpu_device_rreg(adev, (adev->reg_offset[1][0][0] + 2424), 0))) & 65535) >> 0) << 24' be a 64 bit type?
vim +56 drivers/gpu/drm/amd/amdgpu/gfxhub_v1_1.c
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 43
21470d97c9f8bb Kevin Wang 2020-10-14 44 int gfxhub_v1_1_get_xgmi_info(struct amdgpu_device *adev)
bf0a60b78b61a7 Alex Deucher 2018-06-19 45 {
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 46 u32 max_num_physical_nodes;
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 47 u32 max_physical_node_id;
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 48 u32 xgmi_lfb_cntl;
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 49 u32 max_region;
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 50 u64 seg_size;
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 51
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 52 if (adev->asic_type == CHIP_ALDEBARAN) {
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 53 xgmi_lfb_cntl = RREG32_SOC15(GC, 0, mmMC_VM_XGMI_LFB_CNTL_ALDE);
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 54 seg_size = REG_GET_FIELD(
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 55 RREG32_SOC15(GC, 0, mmMC_VM_XGMI_LFB_SIZE_ALDE),
3cbb3a9749a31a Rajneesh Bhardwaj 2020-04-30 @56 MC_VM_XGMI_LFB_SIZE, PF_LFB_SIZE) << 24;
:::::: The code at line 56 was first introduced by commit
:::::: 3cbb3a9749a31a6e8549650df3d16a050acab3ca drm/amdgpu: support get xgmi information for Aldebaran
:::::: TO: Rajneesh Bhardwaj <rajneesh.bhardwaj(a)amd.com>
:::::: CC: Alex Deucher <alexander.deucher(a)amd.com>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
drivers/iio/test/iio-test-rescale.c:578:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-...
by kernel test robot
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Liam Beguin <liambeguin(a)gmail.com>
CC: Jonathan Cameron <Jonathan.Cameron(a)huawei.com>
CC: Peter Rosin <peda(a)axentia.se>
CC: Andy Shevchenko <andy.shevchenko(a)gmail.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 1930a6e739c4b4a654a69164dbe39e554d228915
commit: 8e74a48d17d509bf605e64252f38550b1a9cc376 iio: test: add basic tests for the iio-rescale driver
date: 4 weeks ago
:::::: branch date: 21 hours ago
:::::: commit date: 4 weeks ago
config: arm-randconfig-c002-20220328 (https://download.01.org/0day-ci/archive/20220330/202203300527.sDzBjoh9-lk...)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 8e74a48d17d509bf605e64252f38550b1a9cc376
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^
fs/xfs/libxfs/xfs_defer.c:499:9: note: Left side of '||' is false
while (!list_empty(&dop_pending) || !list_empty(&(*tp)->t_dfops)) {
^
fs/xfs/libxfs/xfs_defer.c:499:2: note: Loop condition is true. Entering loop body
while (!list_empty(&dop_pending) || !list_empty(&(*tp)->t_dfops)) {
^
fs/xfs/libxfs/xfs_defer.c:513:7: note: 'error' is 0
if (error)
^~~~~
fs/xfs/libxfs/xfs_defer.c:513:3: note: Taking false branch
if (error)
^
fs/xfs/libxfs/xfs_defer.c:518:7: note: 'error' is 0
if (error)
^~~~~
fs/xfs/libxfs/xfs_defer.c:518:3: note: Taking false branch
if (error)
^
fs/xfs/libxfs/xfs_defer.c:523:11: note: Calling 'xfs_defer_finish_one'
error = xfs_defer_finish_one(*tp, dfp);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/xfs/libxfs/xfs_defer.c:442:2: note: 'error' declared without an initial value
int error;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/xfs/libxfs/xfs_defer.c:447:2: note: Loop condition is false. Execution continues on line 470
list_for_each_safe(li, n, &dfp->dfp_work) {
^
include/linux/list.h:607:2: note: expanded from macro 'list_for_each_safe'
for (pos = (head)->next, n = pos->next; \
^
fs/xfs/libxfs/xfs_defer.c:473:6: note: Assuming field 'finish_cleanup' is null
if (ops->finish_cleanup)
^~~~~~~~~~~~~~~~~~~
fs/xfs/libxfs/xfs_defer.c:473:2: note: Taking false branch
if (ops->finish_cleanup)
^
fs/xfs/libxfs/xfs_defer.c:475:2: note: Undefined or garbage value returned to caller
return error;
^ ~~~~~
Suppressed 8 warnings (8 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
fs/jfs/jfs_types.h:61:33: warning: The left operand of '&' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
pxd->len_addr = (pxd->len_addr & cpu_to_le32(~0xffffff)) |
^
fs/jfs/inode.c:211:6: note: Assuming 'create' is not equal to 0
if (create)
^~~~~~
fs/jfs/inode.c:211:2: note: Taking true branch
if (create)
^
fs/jfs/inode.c:216:7: note: Assuming the condition is true
if (((lblock64 << ip->i_sb->s_blocksize_bits) < ip->i_size) &&
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/jfs/inode.c:216:6: note: Left side of '&&' is true
if (((lblock64 << ip->i_sb->s_blocksize_bits) < ip->i_size) &&
^
fs/jfs/inode.c:217:7: note: Assuming the condition is true
(!xtLookup(ip, lblock64, xlen, &xflag, &xaddr, &xlen, 0)) &&
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/jfs/inode.c:216:6: note: Left side of '&&' is true
if (((lblock64 << ip->i_sb->s_blocksize_bits) < ip->i_size) &&
^
fs/jfs/inode.c:218:6: note: Assuming 'xaddr' is not equal to 0
xaddr) {
^~~~~
fs/jfs/inode.c:216:2: note: Taking true branch
if (((lblock64 << ip->i_sb->s_blocksize_bits) < ip->i_size) &&
^
fs/jfs/inode.c:219:7: note: Assuming the condition is true
if (xflag & XAD_NOTRECORDED) {
^~~~~~~~~~~~~~~~~~~~~~~
fs/jfs/inode.c:219:3: note: Taking true branch
if (xflag & XAD_NOTRECORDED) {
^
fs/jfs/inode.c:220:9: note: 'create' is not equal to 0
if (!create)
^~~~~~
fs/jfs/inode.c:220:4: note: Taking false branch
if (!create)
^
fs/jfs/inode.c:228:4: note: Calling 'PXDlength'
XADlength(&xad, xlen);
^
fs/jfs/jfs_xtree.h:38:34: note: expanded from macro 'XADlength'
#define XADlength(xad, length32) PXDlength(&(xad)->loc, length32)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/jfs/jfs_types.h:61:33: note: The left operand of '&' is a garbage value
pxd->len_addr = (pxd->len_addr & cpu_to_le32(~0xffffff)) |
~~~~~~~~~~~~~ ^
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
>> drivers/iio/test/iio-test-rescale.c:578:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(desc, t->name);
^~~~~~
drivers/iio/test/iio-test-rescale.c:578:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(desc, t->name);
^~~~~~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
drivers/perf/arm-cmn.c:1252:25: warning: Value stored to 'nid' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct arm_cmn_nodeid nid = arm_cmn_nid(cmn, nodeid);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~
drivers/perf/arm-cmn.c:1252:25: note: Value stored to 'nid' during its initialization is never read
struct arm_cmn_nodeid nid = arm_cmn_nid(cmn, nodeid);
^~~ ~~~~~~~~~~~~~~~~~~~~~~~~
drivers/perf/arm-cmn.c:1635:3: warning: Value stored to 'level' is never read [clang-analyzer-deadcode.DeadStores]
level = 0;
^ ~
drivers/perf/arm-cmn.c:1635:3: note: Value stored to 'level' is never read
level = 0;
^ ~
drivers/perf/arm-cmn.c:1637:3: warning: Value stored to 'level' is never read [clang-analyzer-deadcode.DeadStores]
level = 1;
^ ~
drivers/perf/arm-cmn.c:1637:3: note: Value stored to 'level' is never read
level = 1;
^ ~
drivers/perf/arm-cmn.c:1639:3: warning: Value stored to 'level' is never read [clang-analyzer-deadcode.DeadStores]
level = 2;
^ ~
drivers/perf/arm-cmn.c:1639:3: note: Value stored to 'level' is never read
level = 2;
^ ~
drivers/perf/arm-cmn.c:1823:29: warning: Division by zero [clang-analyzer-core.DivideZero]
cmn->mesh_y = cmn->num_xps / cmn->mesh_x;
~~~~~~~~~~~~~^~~~~~~~~~~~~
drivers/perf/arm-cmn.c:1657:2: note: Calling 'arm_cmn_init_node_info'
arm_cmn_init_node_info(cmn, rgn_offset, &cfg);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/perf/arm-cmn.c:1628:15: note: Taking false branch
node->type = FIELD_GET(CMN_NI_NODE_TYPE, reg);
^
include/linux/bitfield.h:125:3: note: expanded from macro 'FIELD_GET'
__BF_FIELD_CHECK(_mask, _reg, 0U, "FIELD_GET: "); \
^
include/linux/bitfield.h:62:3: note: expanded from macro '__BF_FIELD_CHECK'
BUILD_BUG_ON_MSG(!__builtin_constant_p(_mask), \
^
include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG'
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^
include/linux/compiler_types.h:346:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:334:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:326:3: note: expanded from macro '__compiletime_assert'
if (!(condition)) \
^
drivers/perf/arm-cmn.c:1628:15: note: Loop condition is false. Exiting loop
node->type = FIELD_GET(CMN_NI_NODE_TYPE, reg);
^
include/linux/bitfield.h:125:3: note: expanded from macro 'FIELD_GET'
__BF_FIELD_CHECK(_mask, _reg, 0U, "FIELD_GET: "); \
^
include/linux/bitfield.h:62:3: note: expanded from macro '__BF_FIELD_CHECK'
BUILD_BUG_ON_MSG(!__builtin_constant_p(_mask), \
^
include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG'
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^
include/linux/compiler_types.h:346:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:334:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:318:2: note: expanded from macro '__compiletime_assert'
do { \
^
drivers/perf/arm-cmn.c:1628:15: note: Taking false branch
node->type = FIELD_GET(CMN_NI_NODE_TYPE, reg);
^
include/linux/bitfield.h:125:3: note: expanded from macro 'FIELD_GET'
__BF_FIELD_CHECK(_mask, _reg, 0U, "FIELD_GET: "); \
^
include/linux/bitfield.h:64:3: note: expanded from macro '__BF_FIELD_CHECK'
BUILD_BUG_ON_MSG((_mask) == 0, _pfx "mask is zero"); \
vim +578 drivers/iio/test/iio-test-rescale.c
8e74a48d17d509 Liam Beguin 2022-02-12 575
8e74a48d17d509 Liam Beguin 2022-02-12 576 static void case_to_desc(const struct rescale_tc_data *t, char *desc)
8e74a48d17d509 Liam Beguin 2022-02-12 577 {
8e74a48d17d509 Liam Beguin 2022-02-12 @578 strcpy(desc, t->name);
8e74a48d17d509 Liam Beguin 2022-02-12 579 }
8e74a48d17d509 Liam Beguin 2022-02-12 580
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
fs/exfat/file.c:369:17: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
by kernel test robot
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Hyeongseok Kim <hyeongseok(a)gmail.com>
CC: Namjae Jeon <namjae.jeon(a)samsung.com>
CC: Chaitanya Kulkarni <chaitanya.kulkarni(a)wdc.com>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 1930a6e739c4b4a654a69164dbe39e554d228915
commit: 654762df2ec7d61b05acc788afbffaba52d658fe exfat: add support ioctl and FITRIM function
date: 11 months ago
:::::: branch date: 21 hours ago
:::::: commit date: 11 months ago
config: mips-randconfig-c004-20220328 (https://download.01.org/0day-ci/archive/20220330/202203300544.xPLyDmy1-lk...)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install mips cross compiling tool for clang build
# apt-get install binutils-mips-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 654762df2ec7d61b05acc788afbffaba52d658fe
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=mips clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
container_of(ptr, type, member)
^
note: (skipping 2 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
include/linux/compiler_types.h:320:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:308:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:298:2: note: expanded from macro '__compiletime_assert'
do { \
^
drivers/virtio/virtio_balloon.c:266:2: note: Assigned value is garbage or undefined
list_for_each_entry_safe(page, next, pages, lru) {
^
include/linux/list.h:716:7: note: expanded from macro 'list_for_each_entry_safe'
n = list_next_entry(pos, member); \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:555:2: note: expanded from macro 'list_next_entry'
list_entry((pos)->member.next, typeof(*(pos)), member)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:511:2: note: expanded from macro 'list_entry'
container_of(ptr, type, member)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/kernel.h:708:2: note: expanded from macro 'container_of'
void *__mptr = (void *)(ptr); \
^ ~~~~~~~~~~~~~
Suppressed 3 warnings (3 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
fs/exfat/nls.c:582:18: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
*p_cstring++ = buf[j];
^
fs/exfat/nls.c:635:6: note: Assuming field 'utf8' is 0
if (EXFAT_SB(sb)->options.utf8)
^~~~~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/nls.c:635:2: note: Taking false branch
if (EXFAT_SB(sb)->options.utf8)
^
fs/exfat/nls.c:638:9: note: Calling '__exfat_utf16_to_nls'
return __exfat_utf16_to_nls(sb, uniname, p_cstring, buflen);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/nls.c:550:9: note: 'i' is < MAX_NAME_LENGTH
while (i < MAX_NAME_LENGTH && out_len < (buflen - 1)) {
^
fs/exfat/nls.c:550:9: note: Left side of '&&' is true
fs/exfat/nls.c:550:32: note: Assuming the condition is true
while (i < MAX_NAME_LENGTH && out_len < (buflen - 1)) {
^~~~~~~~~~~~~~~~~~~~~~
fs/exfat/nls.c:550:2: note: Loop condition is true. Entering loop body
while (i < MAX_NAME_LENGTH && out_len < (buflen - 1)) {
^
fs/exfat/nls.c:551:7: note: Assuming the condition is false
if (*uniname == '\0')
^~~~~~~~~~~~~~~~
fs/exfat/nls.c:551:3: note: Taking false branch
if (*uniname == '\0')
^
fs/exfat/nls.c:553:7: note: Assuming the condition is false
if ((*uniname & SURROGATE_MASK) != SURROGATE_PAIR) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/nls.c:553:3: note: Taking false branch
if ((*uniname & SURROGATE_MASK) != SURROGATE_PAIR) {
^
fs/exfat/nls.c:558:8: note: Assuming the condition is false
if (!(*uniname & SURROGATE_LOW) &&
^~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/nls.c:558:36: note: Left side of '&&' is false
if (!(*uniname & SURROGATE_LOW) &&
^
fs/exfat/nls.c:576:7: note: Assuming the condition is true
if (out_len + len >= buflen)
^~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/nls.c:576:3: note: Taking true branch
if (out_len + len >= buflen)
^
fs/exfat/nls.c:580:7: note: 'len' is > 1
if (len > 1) {
^~~
fs/exfat/nls.c:580:3: note: Taking true branch
if (len > 1) {
^
fs/exfat/nls.c:581:4: note: Loop condition is true. Entering loop body
for (j = 0; j < len; j++)
^
fs/exfat/nls.c:581:25: note: The value 1 is assigned to 'j'
for (j = 0; j < len; j++)
^~~
fs/exfat/nls.c:581:4: note: Loop condition is true. Entering loop body
for (j = 0; j < len; j++)
^
fs/exfat/nls.c:582:18: note: Assigned value is garbage or undefined
*p_cstring++ = buf[j];
^ ~~~~~~
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
Suppressed 1 warnings (1 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
>> fs/exfat/file.c:369:17: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
range.minlen = max_t(unsigned int, range.minlen,
^
include/linux/minmax.h:118:27: note: expanded from macro 'max_t'
#define max_t(type, x, y) __careful_cmp((type)(x), (type)(y), >)
^
include/linux/minmax.h:44:3: note: expanded from macro '__careful_cmp'
__cmp_once(x, y, __UNIQUE_ID(__x), __UNIQUE_ID(__y), op))
^
include/linux/minmax.h:37:3: note: expanded from macro '__cmp_once'
typeof(x) unique_x = (x); \
^
fs/exfat/file.c:386:2: note: Control jumps to 'case 3222820985:' at line 387
switch (cmd) {
^
fs/exfat/file.c:388:10: note: Calling 'exfat_ioctl_fitrim'
return exfat_ioctl_fitrim(inode, arg);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/file.c:360:6: note: Assuming the condition is false
if (!capable(CAP_SYS_ADMIN))
^~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/file.c:360:2: note: Taking false branch
if (!capable(CAP_SYS_ADMIN))
^
fs/exfat/file.c:363:6: note: Assuming the condition is false
if (!blk_queue_discard(q))
^~~~~~~~~~~~~~~~~~~~~
fs/exfat/file.c:363:2: note: Taking false branch
if (!blk_queue_discard(q))
^
fs/exfat/file.c:366:6: note: Calling 'copy_from_user'
if (copy_from_user(&range, (struct fstrim_range __user *)arg, sizeof(range)))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:191:2: note: Taking true branch
if (likely(check_copy_size(to, n, false)))
^
include/linux/uaccess.h:192:7: note: Calling '_copy_from_user'
n = _copy_from_user(to, from, n);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:157:6: note: Assuming the condition is true
if (!should_fail_usercopy() && likely(access_ok(from, n))) {
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:157:6: note: Left side of '&&' is true
include/linux/uaccess.h:157:33: note: Assuming the condition is true
if (!should_fail_usercopy() && likely(access_ok(from, n))) {
^
include/linux/compiler.h:77:20: note: expanded from macro 'likely'
# define likely(x) __builtin_expect(!!(x), 1)
^~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:157:2: note: Taking true branch
if (!should_fail_usercopy() && likely(access_ok(from, n))) {
^
include/linux/uaccess.h:159:9: note: Calling 'raw_copy_from_user'
res = raw_copy_from_user(to, from, n);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
arch/mips/include/asm/uaccess.h:616:2: note: Taking false branch
if (eva_kernel_access())
^
arch/mips/include/asm/uaccess.h:619:3: note: Returning without writing to 'to->minlen'
return __invoke_copy_from_user(to, from, n);
^
include/linux/uaccess.h:159:9: note: Returning from 'raw_copy_from_user'
res = raw_copy_from_user(to, from, n);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:161:6: note: Assuming 'res' is 0, which participates in a condition later
if (unlikely(res))
^
include/linux/compiler.h:78:40: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^~~~
include/linux/uaccess.h:161:2: note: Taking false branch
if (unlikely(res))
^
include/linux/uaccess.h:163:2: note: Returning without writing to 'to->minlen'
return res;
^
include/linux/uaccess.h:163:2: note: Returning zero (loaded from 'res'), which participates in a condition later
return res;
^~~~~~~~~~
include/linux/uaccess.h:192:7: note: Returning from '_copy_from_user'
n = _copy_from_user(to, from, n);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/uaccess.h:193:2: note: Returning without writing to 'to->minlen'
return n;
^
include/linux/uaccess.h:193:2: note: Returning zero (loaded from 'n'), which participates in a condition later
return n;
^~~~~~~~
fs/exfat/file.c:366:6: note: Returning from 'copy_from_user'
if (copy_from_user(&range, (struct fstrim_range __user *)arg, sizeof(range)))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/exfat/file.c:366:2: note: Taking false branch
if (copy_from_user(&range, (struct fstrim_range __user *)arg, sizeof(range)))
^
fs/exfat/file.c:369:17: note: Assigned value is garbage or undefined
range.minlen = max_t(unsigned int, range.minlen,
^
include/linux/minmax.h:118:27: note: expanded from macro 'max_t'
#define max_t(type, x, y) __careful_cmp((type)(x), (type)(y), >)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/minmax.h:44:3: note: expanded from macro '__careful_cmp'
vim +369 fs/exfat/file.c
98d917047e8b7f4 Namjae Jeon 2020-03-02 353
654762df2ec7d61 Hyeongseok Kim 2021-03-04 354 static int exfat_ioctl_fitrim(struct inode *inode, unsigned long arg)
654762df2ec7d61 Hyeongseok Kim 2021-03-04 355 {
654762df2ec7d61 Hyeongseok Kim 2021-03-04 356 struct request_queue *q = bdev_get_queue(inode->i_sb->s_bdev);
654762df2ec7d61 Hyeongseok Kim 2021-03-04 357 struct fstrim_range range;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 358 int ret = 0;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 359
654762df2ec7d61 Hyeongseok Kim 2021-03-04 360 if (!capable(CAP_SYS_ADMIN))
654762df2ec7d61 Hyeongseok Kim 2021-03-04 361 return -EPERM;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 362
654762df2ec7d61 Hyeongseok Kim 2021-03-04 363 if (!blk_queue_discard(q))
654762df2ec7d61 Hyeongseok Kim 2021-03-04 364 return -EOPNOTSUPP;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 365
654762df2ec7d61 Hyeongseok Kim 2021-03-04 366 if (copy_from_user(&range, (struct fstrim_range __user *)arg, sizeof(range)))
654762df2ec7d61 Hyeongseok Kim 2021-03-04 367 return -EFAULT;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 368
654762df2ec7d61 Hyeongseok Kim 2021-03-04 @369 range.minlen = max_t(unsigned int, range.minlen,
654762df2ec7d61 Hyeongseok Kim 2021-03-04 370 q->limits.discard_granularity);
654762df2ec7d61 Hyeongseok Kim 2021-03-04 371
654762df2ec7d61 Hyeongseok Kim 2021-03-04 372 ret = exfat_trim_fs(inode, &range);
654762df2ec7d61 Hyeongseok Kim 2021-03-04 373 if (ret < 0)
654762df2ec7d61 Hyeongseok Kim 2021-03-04 374 return ret;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 375
654762df2ec7d61 Hyeongseok Kim 2021-03-04 376 if (copy_to_user((struct fstrim_range __user *)arg, &range, sizeof(range)))
654762df2ec7d61 Hyeongseok Kim 2021-03-04 377 return -EFAULT;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 378
654762df2ec7d61 Hyeongseok Kim 2021-03-04 379 return 0;
654762df2ec7d61 Hyeongseok Kim 2021-03-04 380 }
654762df2ec7d61 Hyeongseok Kim 2021-03-04 381
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0
drivers/usb/gadget/udc/renesas_usb3.c:2496:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length argu...
by kernel test robot
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd(a)arndb.de>
CC: Masahiro Yamada <masahiroy(a)kernel.org>
CC: Alex Shi <alexs(a)kernel.org>
CC: Nick Desaulniers <ndesaulniers(a)google.com>
CC: Miguel Ojeda <ojeda(a)kernel.org>
CC: Nathan Chancellor <nathan(a)kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 1930a6e739c4b4a654a69164dbe39e554d228915
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 2 weeks ago
:::::: branch date: 19 hours ago
:::::: commit date: 2 weeks ago
config: riscv-randconfig-c006-20220327 (https://download.01.org/0day-ci/archive/20220330/202203300330.dXkjLkHw-lk...)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 0f6d9501cf49ce02937099350d08f20c4af86f3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit...
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~
net/mac80211/mesh_hwmp.c:264:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:264:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(mgmt->bssid, sdata->vif.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:281:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(pos, target, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:281:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(pos, target, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:440:3: warning: Value stored to 'fresh_info' is never read [clang-analyzer-deadcode.DeadStores]
fresh_info = false;
^ ~~~~~
net/mac80211/mesh_hwmp.c:440:3: note: Value stored to 'fresh_info' is never read
fresh_info = false;
^ ~~~~~
net/mac80211/mesh_hwmp.c:514:3: warning: Value stored to 'fresh_info' is never read [clang-analyzer-deadcode.DeadStores]
fresh_info = false;
^ ~~~~~
net/mac80211/mesh_hwmp.c:514:3: note: Value stored to 'fresh_info' is never read
fresh_info = false;
^ ~~~~~
net/mac80211/mesh_hwmp.c:733:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(next_hop, next_hop_deref_protected(mpath)->sta.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:733:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(next_hop, next_hop_deref_protected(mpath)->sta.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:885:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(mpath->rann_snd_addr, mgmt->sa, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:885:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(mpath->rann_snd_addr, mgmt->sa, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1004:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(preq_node->dst, mpath->dst, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1004:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(preq_node->dst, mpath->dst, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1208:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(hdr->addr1, hdr->addr3, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1208:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(hdr->addr1, hdr->addr3, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1209:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1209:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1250:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(hdr->addr1, next_hop->sta.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1250:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(hdr->addr1, next_hop->sta.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1251:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
^~~~~~
net/mac80211/mesh_hwmp.c:1251:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(hdr->addr2, sdata->vif.addr, ETH_ALEN);
^~~~~~
Suppressed 69 warnings (69 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
32 warnings generated.
drivers/usb/gadget/udc/m66592-udc.c:1603:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(clk_name, sizeof(clk_name), "usbf%d", pdev->id);
^~~~~~~~
drivers/usb/gadget/udc/m66592-udc.c:1603:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(clk_name, sizeof(clk_name), "usbf%d", pdev->id);
^~~~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
drivers/usb/gadget/udc/r8a66597-udc.c:1524:2: warning: Value stored to 'tmp' is never read [clang-analyzer-deadcode.DeadStores]
tmp = r8a66597_read(r8a66597, SYSCFG0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/gadget/udc/r8a66597-udc.c:1524:2: note: Value stored to 'tmp' is never read
tmp = r8a66597_read(r8a66597, SYSCFG0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/usb/gadget/udc/r8a66597-udc.c:1880:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(clk_name, sizeof(clk_name), "usb%d", pdev->id);
^~~~~~~~
drivers/usb/gadget/udc/r8a66597-udc.c:1880:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(clk_name, sizeof(clk_name), "usb%d", pdev->id);
^~~~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
50 warnings generated.
drivers/usb/gadget/udc/renesas_usb3.c:1580:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(usb3->ep0_buf, tx_data,
^~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:1580:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(usb3->ep0_buf, tx_data,
^~~~~~
>> drivers/usb/gadget/udc/renesas_usb3.c:2496:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%s\n", usb3_is_host(usb3) ? "host" : "peripheral");
^~~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:2496:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%s\n", usb3_is_host(usb3) ? "host" : "peripheral");
^~~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:2608:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(usb3_ep->ep_name, sizeof(usb3_ep->ep_name), "ep%d", i);
^~~~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:2608:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(usb3_ep->ep_name, sizeof(usb3_ep->ep_name), "ep%d", i);
^~~~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:2649:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(ramif, 0, sizeof(ramif));
^~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:2649:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(ramif, 0, sizeof(ramif));
^~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:2650:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(basead, 0, sizeof(basead));
^~~~~~
drivers/usb/gadget/udc/renesas_usb3.c:2650:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(basead, 0, sizeof(basead));
^~~~~~
Suppressed 45 warnings (45 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
lib/kobject.c:156:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(path + length, kobject_name(parent), cur);
^~~~~~
lib/kobject.c:156:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(path + length, kobject_name(parent), cur);
^~~~~~
lib/kobject.c:516:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(devpath_string, "DEVPATH_OLD=%s", devpath);
^~~~~~~
lib/kobject.c:516:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(devpath_string, "DEVPATH_OLD=%s", devpath);
^~~~~~~
lib/kobject.c:582:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(devpath_string, "DEVPATH_OLD=%s", devpath);
^~~~~~~
lib/kobject.c:582:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(devpath_string, "DEVPATH_OLD=%s", devpath);
^~~~~~~
Suppressed 9 warnings (9 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
drivers/comedi/drivers/ni_routes.c:141:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(tables, 0, sizeof(struct ni_route_tables));
^~~~~~
drivers/comedi/drivers/ni_routes.c:141:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(tables, 0, sizeof(struct ni_route_tables));
^~~~~~
Suppressed 9 warnings (9 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
2 warnings generated.
Suppressed 2 warnings (2 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
74 warnings generated.
Suppressed 74 warnings (74 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
155 warnings generated.
net/core/filter.c:94:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(dst, 0, sizeof(*dst));
^~~~~~
net/core/filter.c:94:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(dst, 0, sizeof(*dst));
^~~~~~
net/core/filter.c:872:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(new_insn, tmp_insns,
^~~~~~
net/core/filter.c:872:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(new_insn, tmp_insns,
^~~~~~
net/core/filter.c:919:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(masks, 0xff, flen * sizeof(*masks));
vim +2496 drivers/usb/gadget/udc/renesas_usb3.c
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2487
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2488 static ssize_t role_show(struct device *dev, struct device_attribute *attr,
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2489 char *buf)
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2490 {
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2491 struct renesas_usb3 *usb3 = dev_get_drvdata(dev);
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2492
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2493 if (!usb3->driver)
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2494 return -ENODEV;
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2495
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 @2496 return sprintf(buf, "%s\n", usb3_is_host(usb3) ? "host" : "peripheral");
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2497 }
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2498 static DEVICE_ATTR_RW(role);
cc995c9ec1184b9 Yoshihiro Shimoda 2017-03-31 2499
:::::: The code at line 2496 was first introduced by commit
:::::: cc995c9ec1184b964ffdf8cf242250bb4319cd91 usb: gadget: udc: renesas_usb3: add support for usb role swap
:::::: TO: Yoshihiro Shimoda <yoshihiro.shimoda.uh(a)renesas.com>
:::::: CC: Felipe Balbi <felipe.balbi(a)linux.intel.com>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
4 months, 2 weeks
- 1
- 0