CC: [email protected] CC: [email protected] CC: Linux Memory Management List <[email protected]> TO: Benjamin Li <[email protected]> CC: Kalle Valo <[email protected]>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master head: f30a24ed97b401416118756fa35fbe5d28f999e3 commit: f02e1cc2a84693a649d94a7584291d88f31fd5fa [567/3897] wcn36xx: implement flush op to speed up connected scan :::::: branch date: 3 days ago :::::: commit date: 4 weeks ago config: riscv-randconfig-c006-20211128 (https://download.01.org/0day-ci/archive/20211129/[email protected]/config) compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 5c64d8ef8cc0c0ed3e0f2ae693d99e7f70f20a84) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install riscv cross compiling tool for clang build # apt-get install binutils-riscv64-linux-gnu # https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=f02e1cc2a84693a649d94a7584291d88f31fd5fa git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git git fetch --no-tags linux-next master git checkout f02e1cc2a84693a649d94a7584291d88f31fd5fa # save the config file to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> clang-analyzer warnings: (new ones prefixed by >>) ^~~~~~~~ include/linux/bitops.h:189:10: note: Returning from 'fls' return fls(l); ^~~~~~ include/linux/bitops.h:189:3: note: Returning the value 32 return fls(l); ^~~~~~~~~~~~~ include/linux/log2.h:57:16: note: Returning from 'fls_long' return 1UL << fls_long(n - 1); ^~~~~~~~~~~~~~~ include/linux/log2.h:57:13: note: The result of the left shift is undefined due to shifting by '32', which is greater or equal to the width of type 'unsigned long' return 1UL << fls_long(n - 1); ^ ~~~~~~~~~~~~~~~ include/linux/skbuff.h:2048:2: warning: 2nd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] __skb_insert(newsk, next->prev, next, list); ^ drivers/net/wireless/ath/ath11k/ce.c:671:6: note: Assuming field 'send_cb' is null if (pipe->send_cb) ^~~~~~~~~~~~~ drivers/net/wireless/ath/ath11k/ce.c:671:2: note: Taking false branch if (pipe->send_cb) ^ drivers/net/wireless/ath/ath11k/ce.c:674:6: note: Assuming field 'recv_cb' is non-null if (pipe->recv_cb) ^~~~~~~~~~~~~ drivers/net/wireless/ath/ath11k/ce.c:674:2: note: Taking true branch if (pipe->recv_cb) ^ drivers/net/wireless/ath/ath11k/ce.c:675:3: note: Calling 'ath11k_ce_recv_process_cb' ath11k_ce_recv_process_cb(pipe); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/net/wireless/ath/ath11k/ce.c:419:2: note: Calling '__skb_queue_head_init' __skb_queue_head_init(&list); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/net/wireless/ath/ath11k/ce.c:419:2: note: Returning from '__skb_queue_head_init' __skb_queue_head_init(&list); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/net/wireless/ath/ath11k/ce.c:420:2: note: Loop condition is true. Entering loop body while (ath11k_ce_completed_recv_next(pipe, &skb, &nbytes) == 0) { ^ drivers/net/wireless/ath/ath11k/ce.c:425:16: note: Assuming 'max_nbytes' is >= 'nbytes' if (unlikely(max_nbytes < nbytes)) { ^ include/linux/compiler.h:78:42: note: expanded from macro 'unlikely' # define unlikely(x) __builtin_expect(!!(x), 0) ^ drivers/net/wireless/ath/ath11k/ce.c:425:3: note: Taking false branch if (unlikely(max_nbytes < nbytes)) { ^ drivers/net/wireless/ath/ath11k/ce.c:433:3: note: Calling '__skb_queue_tail' __skb_queue_tail(&list, skb); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/skbuff.h:2081:2: note: Calling '__skb_queue_before' __skb_queue_before(list, (struct sk_buff *)list, newsk); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/skbuff.h:2048:2: note: 2nd function call argument is an uninitialized value __skb_insert(newsk, next->prev, next, list); ^ ~~~~~~~~~~ Suppressed 13 warnings (13 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 9 warnings generated. sound/pci/ca0106/ca0106_mixer.c:704:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(id.name, name); ^~~~~~ sound/pci/ca0106/ca0106_mixer.c:704:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(id.name, name); ^~~~~~ sound/pci/ca0106/ca0106_mixer.c:714:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(sid.name, name); ^~~~~~ sound/pci/ca0106/ca0106_mixer.c:714:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(sid.name, name); ^~~~~~ sound/pci/ca0106/ca0106_mixer.c:723:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(kctl->id.name, dst); ^~~~~~ sound/pci/ca0106/ca0106_mixer.c:723:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(kctl->id.name, dst); ^~~~~~ Suppressed 6 warnings (6 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 7 warnings generated. sound/pci/ca0106/ca_midi.c:290:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(rmidi->name, name); ^~~~~~ sound/pci/ca0106/ca_midi.c:290:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(rmidi->name, name); ^~~~~~ Suppressed 6 warnings (6 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 7 warnings generated. sound/pci/lola/lola.c:632:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(card->mixername, card->shortname); ^~~~~~ sound/pci/lola/lola.c:632:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(card->mixername, card->shortname); ^~~~~~ Suppressed 6 warnings (6 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 13 warnings generated. >> drivers/net/wireless/ath/wcn36xx/dxe.c:848:2: warning: Value stored to >> 'ctl_bd' is never read [clang-analyzer-deadcode.DeadStores] ctl_bd = ctl_bd_start; ^ ~~~~~~~~~~~~ drivers/net/wireless/ath/wcn36xx/dxe.c:848:2: note: Value stored to 'ctl_bd' is never read ctl_bd = ctl_bd_start; ^ ~~~~~~~~~~~~ Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. Suppressed 14 warnings (14 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 13 warnings generated. Suppressed 13 warnings (13 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 13 warnings generated. Suppressed 13 warnings (13 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 13 warnings generated. Suppressed 13 warnings (13 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. drivers/net/wireless/ath/ath5k/mac80211-ops.c:385:2: warning: Value stored to 'changed_flags' is never read [clang-analyzer-deadcode.DeadStores] changed_flags &= SUPPORTED_FIF_FLAGS; ^ drivers/net/wireless/ath/ath5k/mac80211-ops.c:385:2: note: Value stored to 'changed_flags' is never read Suppressed 13 warnings (12 in non-user code, 1 with check filters). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 13 warnings generated. include/linux/list.h:71:12: warning: Access to field 'next' results in a dereference of a null pointer (loaded from variable 'new') [clang-analyzer-core.NullDereference] new->next = next; ^ drivers/net/wireless/ath/ath9k/beacon.c:221:2: note: 'bf' initialized here struct ath_buf *bf = avp->av_bcbuf; ^~~~~~~~~~~~~~~~~~ drivers/net/wireless/ath/ath9k/beacon.c:228:6: note: Assuming 'bf' is null if (bf && bf->bf_mpdu) { ^~ drivers/net/wireless/ath/ath9k/beacon.c:228:9: note: Left side of '&&' is false if (bf && bf->bf_mpdu) { ^ drivers/net/wireless/ath/ath9k/beacon.c:239:16: note: Passing null pointer value via 1st parameter 'new' list_add_tail(&bf->list, &sc->beacon.bbuf); ^~~~~~~~~ drivers/net/wireless/ath/ath9k/beacon.c:239:2: note: Calling 'list_add_tail' list_add_tail(&bf->list, &sc->beacon.bbuf); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/list.h:100:13: note: Passing null pointer value via 1st parameter 'new' __list_add(new, head->prev, head); ^~~ include/linux/list.h:100:2: note: Calling '__list_add' __list_add(new, head->prev, head); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/list.h:67:6: note: Assuming the condition is false if (!__list_add_valid(new, prev, next)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/list.h:67:2: note: Taking false branch if (!__list_add_valid(new, prev, next)) ^ include/linux/list.h:71:12: note: Access to field 'next' results in a dereference of a null pointer (loaded from variable 'new') new->next = next; ~~~ ^ Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 12 warnings generated. Suppressed 12 warnings (12 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 17 warnings generated. drivers/net/ethernet/qlogic/qed/qed_spq.c:345:4: warning: Value stored to 'rc' is never read [clang-analyzer-deadcode.DeadStores] rc = -EINVAL; ^ ~~~~~~~ drivers/net/ethernet/qlogic/qed/qed_spq.c:345:4: note: Value stored to 'rc' is never read rc = -EINVAL; ^ ~~~~~~~ drivers/net/ethernet/qlogic/qed/qed_spq.c:360:5: warning: Value stored to 'rc' is never read [clang-analyzer-deadcode.DeadStores] vim +/ctl_bd +848 drivers/net/wireless/ath/wcn36xx/dxe.c 8e84c25821698b Eugene Krasnikov 2013-10-08 836 f02e1cc2a84693 Benjamin Li 2021-10-27 837 static bool _wcn36xx_dxe_tx_channel_is_empty(struct wcn36xx_dxe_ch *ch) f02e1cc2a84693 Benjamin Li 2021-10-27 838 { f02e1cc2a84693 Benjamin Li 2021-10-27 839 unsigned long flags; f02e1cc2a84693 Benjamin Li 2021-10-27 840 struct wcn36xx_dxe_ctl *ctl_bd_start, *ctl_skb_start; f02e1cc2a84693 Benjamin Li 2021-10-27 841 struct wcn36xx_dxe_ctl *ctl_bd, *ctl_skb; f02e1cc2a84693 Benjamin Li 2021-10-27 842 bool ret = true; f02e1cc2a84693 Benjamin Li 2021-10-27 843 f02e1cc2a84693 Benjamin Li 2021-10-27 844 spin_lock_irqsave(&ch->lock, flags); f02e1cc2a84693 Benjamin Li 2021-10-27 845 f02e1cc2a84693 Benjamin Li 2021-10-27 846 /* Loop through ring buffer looking for nonempty entries. */ f02e1cc2a84693 Benjamin Li 2021-10-27 847 ctl_bd_start = ch->head_blk_ctl; f02e1cc2a84693 Benjamin Li 2021-10-27 @848 ctl_bd = ctl_bd_start; f02e1cc2a84693 Benjamin Li 2021-10-27 849 ctl_skb_start = ctl_bd_start->next; f02e1cc2a84693 Benjamin Li 2021-10-27 850 ctl_skb = ctl_skb_start; f02e1cc2a84693 Benjamin Li 2021-10-27 851 do { f02e1cc2a84693 Benjamin Li 2021-10-27 852 if (ctl_skb->skb) { f02e1cc2a84693 Benjamin Li 2021-10-27 853 ret = false; f02e1cc2a84693 Benjamin Li 2021-10-27 854 goto unlock; f02e1cc2a84693 Benjamin Li 2021-10-27 855 } f02e1cc2a84693 Benjamin Li 2021-10-27 856 ctl_bd = ctl_skb->next; f02e1cc2a84693 Benjamin Li 2021-10-27 857 ctl_skb = ctl_bd->next; f02e1cc2a84693 Benjamin Li 2021-10-27 858 } while (ctl_skb != ctl_skb_start); f02e1cc2a84693 Benjamin Li 2021-10-27 859 f02e1cc2a84693 Benjamin Li 2021-10-27 860 unlock: f02e1cc2a84693 Benjamin Li 2021-10-27 861 spin_unlock_irqrestore(&ch->lock, flags); f02e1cc2a84693 Benjamin Li 2021-10-27 862 return ret; f02e1cc2a84693 Benjamin Li 2021-10-27 863 } f02e1cc2a84693 Benjamin Li 2021-10-27 864 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected] _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
