CC: [email protected] CC: [email protected] CC: [email protected] TO: "Kai-Heng Feng" <[email protected]> CC: Takashi Iwai <[email protected]>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master head: 4634129ad9fdc89d10b597fc6f8f4336fb61e105 commit: 69644fca2716699cc6896aff51d37b1e886c94d2 ALSA: usb-audio: Carve out connector value checking into a helper date: 10 months ago :::::: branch date: 21 hours ago :::::: commit date: 10 months ago config: riscv-randconfig-c006-20211207 (https://download.01.org/0day-ci/archive/20220110/[email protected]/config) compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project 097a1cb1d5ebb3a0ec4bcaed8ba3ff6a8e33c00a) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install riscv cross compiling tool for clang build # apt-get install binutils-riscv64-linux-gnu # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=69644fca2716699cc6896aff51d37b1e886c94d2 git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git git fetch --no-tags linus master git checkout 69644fca2716699cc6896aff51d37b1e886c94d2 # save the config file to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv clang-analyzer If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> clang-analyzer warnings: (new ones prefixed by >>) 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 5 warnings generated. sound/core/seq/seq_midi.c:104:7: warning: Although the value stored to 'tmp' is used in the enclosing expression, the value is never actually read from 'tmp' [clang-analyzer-deadcode.DeadStores] if ((tmp = runtime->avail) < count) { ^ ~~~~~~~~~~~~~~ sound/core/seq/seq_midi.c:104:7: note: Although the value stored to 'tmp' is used in the enclosing expression, the value is never actually read from 'tmp' if ((tmp = runtime->avail) < count) { ^ ~~~~~~~~~~~~~~ sound/core/seq/seq_midi.c:343:4: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(port->name, info->subname); ^~~~~~ sound/core/seq/seq_midi.c:343:4: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(port->name, info->subname); ^~~~~~ Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. sound/usb/mixer.c:678:4: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "Selector"); ^~~~~~ sound/usb/mixer.c:678:4: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "Selector"); ^~~~~~ sound/usb/mixer.c:681:4: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "Process Unit"); ^~~~~~ sound/usb/mixer.c:681:4: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "Process Unit"); ^~~~~~ sound/usb/mixer.c:684:4: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "Ext Unit"); ^~~~~~ sound/usb/mixer.c:684:4: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "Ext Unit"); ^~~~~~ sound/usb/mixer.c:687:4: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "Mixer"); ^~~~~~ sound/usb/mixer.c:687:4: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "Mixer"); ^~~~~~ sound/usb/mixer.c:696:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "PCM"); ^~~~~~ sound/usb/mixer.c:696:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "PCM"); ^~~~~~ sound/usb/mixer.c:699:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "Mic"); ^~~~~~ sound/usb/mixer.c:699:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "Mic"); ^~~~~~ sound/usb/mixer.c:702:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "Headset"); ^~~~~~ sound/usb/mixer.c:702:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "Headset"); ^~~~~~ sound/usb/mixer.c:705:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, "Phone"); ^~~~~~ sound/usb/mixer.c:705:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, "Phone"); ^~~~~~ sound/usb/mixer.c:711:4: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(name, names->name); ^~~~~~ sound/usb/mixer.c:711:4: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(name, names->name); ^~~~~~ >> sound/usb/mixer.c:1510:35: warning: Assigned value is garbage or undefined >> [clang-analyzer-core.uninitialized.Assign] ucontrol->value.integer.value[0] = val; ^ ~~~ sound/usb/mixer.c:1503:11: note: 'val' declared without an initial value int ret, val; ^~~ sound/usb/mixer.c:1505:8: note: Calling 'get_connector_value' ret = get_connector_value(cval, kcontrol->id.name, &val); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sound/usb/mixer.c:1457:8: note: Assuming the condition is true ret = snd_usb_lock_shutdown(chip) ? -EIO : 0; ^~~~~~~~~~~~~~~~~~~~~~~~~~~ sound/usb/mixer.c:1457:8: note: '?' condition is true sound/usb/mixer.c:1458:6: note: 'ret' is -5 if (ret) ^~~ sound/usb/mixer.c:1458:2: note: Taking true branch if (ret) ^ sound/usb/mixer.c:1459:3: note: Control jumps to line 1489 goto error; ^ sound/usb/mixer.c:1492:10: note: Assuming field 'ignore_ctl_error' is not equal to 0 return filter_error(cval, ret); ^ sound/usb/mixer.c:130:3: note: expanded from macro 'filter_error' ((cval)->head.mixer->ignore_ctl_error ? 0 : (err)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sound/usb/mixer.c:1492:10: note: '?' condition is true return filter_error(cval, ret); ^ sound/usb/mixer.c:130:3: note: expanded from macro 'filter_error' ((cval)->head.mixer->ignore_ctl_error ? 0 : (err)) ^ sound/usb/mixer.c:1492:3: note: Returning without writing to '*val' return filter_error(cval, ret); ^ sound/usb/mixer.c:1505:8: note: Returning from 'get_connector_value' ret = get_connector_value(cval, kcontrol->id.name, &val); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sound/usb/mixer.c:1507:6: note: 'ret' is >= 0 if (ret < 0) ^~~ sound/usb/mixer.c:1507:2: note: Taking false branch if (ret < 0) ^ sound/usb/mixer.c:1510:35: note: Assigned value is garbage or undefined ucontrol->value.integer.value[0] = val; ^ ~~~ sound/usb/mixer.c:2138:3: warning: Value stored to 'len' is never read [clang-analyzer-deadcode.DeadStores] len = sprintf(kctl->id.name, "Mixer Source %d", in_ch + 1); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sound/usb/mixer.c:2138:3: note: Value stored to 'len' is never read len = sprintf(kctl->id.name, "Mixer Source %d", in_ch + 1); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ sound/usb/mixer.c:2729:3: warning: Value stored to 'len' is never read [clang-analyzer-deadcode.DeadStores] len = 0; ^ ~ sound/usb/mixer.c:2729:3: note: Value stored to 'len' is never read len = 0; ^ ~ Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 4 warnings generated. Suppressed 4 warnings (4 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 3 warnings generated. Suppressed 3 warnings (3 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 6 warnings generated. sound/soc/codecs/adau7118.c:127:24: warning: Value stored to 'st' during its initialization is never read [clang-analyzer-deadcode.DeadStores] struct adau7118_data *st = ^~ sound/soc/codecs/adau7118.c:127:24: note: Value stored to 'st' during its initialization is never read struct adau7118_data *st = ^~ sound/soc/codecs/adau7118.c:210:24: warning: Value stored to 'st' during its initialization is never read [clang-analyzer-deadcode.DeadStores] struct adau7118_data *st = ^~ sound/soc/codecs/adau7118.c:210:24: note: Value stored to 'st' during its initialization is never read struct adau7118_data *st = ^~ Suppressed 4 warnings (4 in non-user code). vim +1510 sound/usb/mixer.c 69644fca271669 Kai-Heng Feng 2021-03-26 1497 69644fca271669 Kai-Heng Feng 2021-03-26 1498 /* get the connectors status and report it as boolean type */ 69644fca271669 Kai-Heng Feng 2021-03-26 1499 static int mixer_ctl_connector_get(struct snd_kcontrol *kcontrol, 69644fca271669 Kai-Heng Feng 2021-03-26 1500 struct snd_ctl_elem_value *ucontrol) 69644fca271669 Kai-Heng Feng 2021-03-26 1501 { 69644fca271669 Kai-Heng Feng 2021-03-26 1502 struct usb_mixer_elem_info *cval = kcontrol->private_data; 69644fca271669 Kai-Heng Feng 2021-03-26 1503 int ret, val; 69644fca271669 Kai-Heng Feng 2021-03-26 1504 69644fca271669 Kai-Heng Feng 2021-03-26 1505 ret = get_connector_value(cval, kcontrol->id.name, &val); 69644fca271669 Kai-Heng Feng 2021-03-26 1506 69644fca271669 Kai-Heng Feng 2021-03-26 1507 if (ret < 0) 69644fca271669 Kai-Heng Feng 2021-03-26 1508 return ret; 69644fca271669 Kai-Heng Feng 2021-03-26 1509 1d38f5d828b455 Jorge Sanjuan 2018-05-11 @1510 ucontrol->value.integer.value[0] = val; 1d38f5d828b455 Jorge Sanjuan 2018-05-11 1511 return 0; 1d38f5d828b455 Jorge Sanjuan 2018-05-11 1512 } 1d38f5d828b455 Jorge Sanjuan 2018-05-11 1513 :::::: The code at line 1510 was first introduced by commit :::::: 1d38f5d828b45546e53095a172c77556642a8a04 ALSA: usb-audio: UAC3 Add support for connector insertion. :::::: TO: Jorge Sanjuan <[email protected]> :::::: CC: Takashi Iwai <[email protected]> --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected] _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
