CC: [email protected] CC: [email protected] BCC: [email protected] In-Reply-To: <20220320183225.1.Iaf638bb9f885f5880ab1b4e7ae2f73dd53a54661@changeid> References: <20220320183225.1.Iaf638bb9f885f5880ab1b4e7ae2f73dd53a54661@changeid> TO: Manish Mandlik <[email protected]> TO: [email protected] TO: [email protected] CC: [email protected] CC: [email protected] CC: "Abhishek Pandit-Subedi" <[email protected]> CC: Manish Mandlik <[email protected]> CC: Jakub Kicinski <[email protected]> CC: Johan Hedberg <[email protected]> CC: Paolo Abeni <[email protected]> CC: [email protected] CC: [email protected]
Hi Manish, Thank you for the patch! Perhaps something to improve: [auto build test WARNING on bluetooth/master] [also build test WARNING on bluetooth-next/master v5.17 next-20220324] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Manish-Mandlik/Bluetooth-Add-support-for-devcoredump/20220321-093553 base: https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git master :::::: branch date: 4 days ago :::::: commit date: 4 days ago config: i386-randconfig-c001 (https://download.01.org/0day-ci/archive/20220325/[email protected]/config) compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 85e9b2687a13d1908aa86d1b89c5ce398a06cd39) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/0day-ci/linux/commit/ac170a5ea7c81e445f903d14dce2a5f92155d1ef git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Manish-Mandlik/Bluetooth-Add-support-for-devcoredump/20220321-093553 git checkout ac170a5ea7c81e445f903d14dce2a5f92155d1ef # save the config file to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=i386 clang-analyzer If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> clang-analyzer warnings: (new ones prefixed by >>) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/md/bcache/btree.c:764:2: note: Loop condition is true. Entering loop body while (!list_empty(&c->btree_cache_freed)) { ^ drivers/md/bcache/btree.c:767:3: note: Calling 'list_del' list_del(&b->list); ^~~~~~~~~~~~~~~~~~ include/linux/list.h:149:14: note: Use of memory after it is freed entry->next = LIST_POISON1; ~~~~~~~~~~~ ^ 1 warning generated. drivers/nvme/target/fcloop.c:1226:3: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores] ret = -EINVAL; ^ ~~~~~~~ drivers/nvme/target/fcloop.c:1226:3: note: Value stored to 'ret' is never read ret = -EINVAL; ^ ~~~~~~~ 1 warning generated. drivers/i3c/master/mipi-i3c-hci/ext_caps.c:78:7: warning: Value stored to 'mode_entry' during its initialization is never read [clang-analyzer-deadcode.DeadStores] u32 mode_entry = readl(base); ^~~~~~~~~~ drivers/i3c/master/mipi-i3c-hci/ext_caps.c:78:7: note: Value stored to 'mode_entry' during its initialization is never read u32 mode_entry = readl(base); ^~~~~~~~~~ 1 warning generated. sound/firewire/motu/motu-pcm.c:363:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(pcm->name, motu->card->shortname); ^~~~~~ sound/firewire/motu/motu-pcm.c:363:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(pcm->name, motu->card->shortname); ^~~~~~ 1 warning generated. drivers/accessibility/speakup/speakup_soft.c:174:2: warning: Value stored to 'cp' is never read [clang-analyzer-deadcode.DeadStores] cp = cp + scnprintf(cp, len, "\n"); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/accessibility/speakup/speakup_soft.c:174:2: note: Value stored to 'cp' is never read cp = cp + scnprintf(cp, len, "\n"); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 warning generated. drivers/bcma/main.c:674:3: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores] err = 0; ^ ~ drivers/bcma/main.c:674:3: note: Value stored to 'err' is never read err = 0; ^ ~ 3 warnings generated. drivers/gpu/drm/bridge/analogix/analogix-anx78xx.c:536:2: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores] err = anx78xx_clear_bits(anx78xx->map[I2C_IDX_TX_P2], ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/gpu/drm/bridge/analogix/analogix-anx78xx.c:536:2: note: Value stored to 'err' is never read err = anx78xx_clear_bits(anx78xx->map[I2C_IDX_TX_P2], ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Suppressed 2 warnings (2 with check filters). 1 warning generated. drivers/gpu/drm/bridge/analogix/analogix_dp_reg.c:424:2: warning: Value stored to 'reg' is never read [clang-analyzer-deadcode.DeadStores] reg = readl(dp->reg_base + ANALOGIX_DP_SYS_CTL_3); ^ drivers/gpu/drm/bridge/analogix/analogix_dp_reg.c:424:2: note: Value stored to 'reg' is never read 1 warning generated. drivers/mmc/core/sdio_cis.c:63:3: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(string, buf); ^~~~~~ drivers/mmc/core/sdio_cis.c:63:3: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(string, buf); ^~~~~~ 1 warning generated. drivers/w1/slaves/w1_ds2438.c:69:3: warning: Value stored to 'crc' is never read [clang-analyzer-deadcode.DeadStores] crc = 0; ^ ~ drivers/w1/slaves/w1_ds2438.c:69:3: note: Value stored to 'crc' is never read crc = 0; ^ ~ 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 4 warnings generated. net/bluetooth/hci_core.c:891:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(di.name, hdev->name); ^~~~~~ net/bluetooth/hci_core.c:891:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(di.name, hdev->name); ^~~~~~ >> net/bluetooth/hci_core.c:2467:2: warning: Value stored to 'ptr' is never >> read [clang-analyzer-deadcode.DeadStores] ptr += read; ^ ~~~~ net/bluetooth/hci_core.c:2467:2: note: Value stored to 'ptr' is never read ptr += read; ^ ~~~~ Suppressed 2 warnings (2 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 2 warnings generated. sound/drivers/mpu401/mpu401.c:67:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(card->shortname, card->driver); ^~~~~~ sound/drivers/mpu401/mpu401.c:67:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(card->shortname, card->driver); ^~~~~~ sound/drivers/mpu401/mpu401.c:72:3: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcat(card->longname, "polled"); ^~~~~~ sound/drivers/mpu401/mpu401.c:72:3: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 strcat(card->longname, "polled"); ^~~~~~ 1 warning generated. sound/isa/es18xx.c:1777:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(card->mixername, chip->pcm->name); ^~~~~~ sound/isa/es18xx.c:1777:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(card->mixername, chip->pcm->name); ^~~~~~ 1 warning generated. sound/isa/opl3sa2.c:242:2: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcat(card->shortname, str); ^~~~~~ sound/isa/opl3sa2.c:242:2: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 strcat(card->shortname, str); ^~~~~~ 1 warning generated. sound/isa/sscape.c:1052:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy] strcpy(card->shortname, name); ^~~~~~ sound/isa/sscape.c:1052:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 strcpy(card->shortname, name); ^~~~~~ 1 warning generated. drivers/nvme/target/core.c:1124:10: warning: Although the value stored to 'cc_css' is used in the enclosing expression, the value is never actually read from 'cc_css' [clang-analyzer-deadcode.DeadStores] switch (cc_css <<= NVME_CC_CSS_SHIFT) { ^ ~~~~~~~~~~~~~~~~~ drivers/nvme/target/core.c:1124:10: note: Although the value stored to 'cc_css' is used in the enclosing expression, the value is never actually read from 'cc_css' switch (cc_css <<= NVME_CC_CSS_SHIFT) { ^ ~~~~~~~~~~~~~~~~~ 2 warnings generated. drivers/media/i2c/adv7170.c:361:3: warning: Value stored to 'i' is never read [clang-analyzer-deadcode.DeadStores] i = adv7170_write(sd, 0x07, TR0MODE | TR0RST); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/media/i2c/adv7170.c:361:3: note: Value stored to 'i' is never read i = adv7170_write(sd, 0x07, TR0MODE | TR0RST); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/media/i2c/adv7170.c:362:3: warning: Value stored to 'i' is never read [clang-analyzer-deadcode.DeadStores] i = adv7170_write(sd, 0x07, TR0MODE); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/media/i2c/adv7170.c:362:3: note: Value stored to 'i' is never read i = adv7170_write(sd, 0x07, TR0MODE); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2 warnings generated. drivers/media/i2c/adv7175.c:416:3: warning: Value stored to 'i' is never read [clang-analyzer-deadcode.DeadStores] i = adv7175_write(sd, 0x07, TR0MODE | TR0RST); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/media/i2c/adv7175.c:416:3: note: Value stored to 'i' is never read i = adv7175_write(sd, 0x07, TR0MODE | TR0RST); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/media/i2c/adv7175.c:417:3: warning: Value stored to 'i' is never read [clang-analyzer-deadcode.DeadStores] i = adv7175_write(sd, 0x07, TR0MODE); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/media/i2c/adv7175.c:417:3: note: Value stored to 'i' is never read i = adv7175_write(sd, 0x07, TR0MODE); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1 warning generated. Suppressed 1 warnings (1 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 1 warning generated. Suppressed 1 warnings (1 in non-user code). vim +/ptr +2467 net/bluetooth/hci_core.c ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2445 ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2446 static int hci_devcoredump_mkheader(struct hci_dev *hdev, char *buf, ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2447 size_t buf_size) ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2448 { ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2449 char *ptr = buf; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2450 size_t rem = buf_size; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2451 size_t read = 0; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2452 ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2453 read = hci_devcoredump_update_hdr_state(ptr, rem, HCI_DEVCOREDUMP_IDLE); ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2454 read += 1; /* update_hdr_state adds \0 at the end upon state rewrite */ ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2455 rem -= read; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2456 ptr += read; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2457 ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2458 if (hdev->dump.dmp_hdr) { ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2459 /* dmp_hdr() should return number of bytes written */ ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2460 read = hdev->dump.dmp_hdr(hdev, ptr, rem); ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2461 rem -= read; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2462 ptr += read; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2463 } ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2464 ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2465 read = snprintf(ptr, rem, "--- Start dump ---\n"); ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2466 rem -= read; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 @2467 ptr += read; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2468 ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2469 return buf_size - rem; ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2470 } ac170a5ea7c81e Abhishek Pandit-Subedi 2022-03-20 2471 -- 0-DAY CI Kernel Test Service https://01.org/lkp _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
