:::::: :::::: Manual check reason: "low confidence static check warning: drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]" ::::::
CC: [email protected] CC: [email protected] BCC: [email protected] CC: [email protected] TO: Arnd Bergmann <[email protected]> tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master head: 34f4335c16a5f4bb7da6c8d2d5e780b6a163846a commit: 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b fbdev: omap: avoid using mach/*.h files date: 7 weeks ago :::::: branch date: 4 hours ago :::::: commit date: 7 weeks ago config: arm-randconfig-c002-20220608 (https://download.01.org/0day-ci/archive/20220609/[email protected]/config) compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project b92436efcb7813fc481b30f2593a4907568d917a) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install arm cross compiling tool for clang build # apt-get install binutils-arm-linux-gnueabi # https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=804f7f19c2e2928aeb8eafef8379fe8b8d13f98b git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git git fetch --no-tags linus master git checkout 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b # save the config file COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer If you fix the issue, kindly add following tag where applicable Reported-by: kernel test robot <[email protected]> clang-analyzer warnings: (new ones prefixed by >>) 42 warnings generated. drivers/regulator/qcom-labibb-regulator.c:864:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(&vreg->desc, reg_data->desc, sizeof(vreg->desc)); ^~~~~~ drivers/regulator/qcom-labibb-regulator.c:864:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(&vreg->desc, reg_data->desc, sizeof(vreg->desc)); ^~~~~~ Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 42 warnings generated. drivers/regulator/pwm-regulator.c:335:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(&drvdata->desc, &pwm_regulator_desc, sizeof(drvdata->desc)); ^~~~~~ drivers/regulator/pwm-regulator.c:335:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(&drvdata->desc, &pwm_regulator_desc, sizeof(drvdata->desc)); ^~~~~~ Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 42 warnings generated. drivers/regulator/rk808-regulator.c:274:3: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores] ret = regmap_write(rdev->regmap, rdev->desc->vsel_reg, val); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/regulator/rk808-regulator.c:274:3: note: Value stored to 'ret' is never read ret = regmap_write(rdev->regmap, rdev->desc->vsel_reg, val); ^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 80 warnings generated. kernel/cgroup/cgroup.c:1248:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(cset->subsys, template, sizeof(cset->subsys)); ^~~~~~ kernel/cgroup/cgroup.c:1248:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(cset->subsys, template, sizeof(cset->subsys)); ^~~~~~ kernel/cgroup/cgroup.c:1497:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] snprintf(buf, CGROUP_FILE_NAME_MAX, "%s%s.%s", ^~~~~~~~ kernel/cgroup/cgroup.c:1497:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 snprintf(buf, CGROUP_FILE_NAME_MAX, "%s%s.%s", ^~~~~~~~ kernel/cgroup/cgroup.c:4708:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(it, 0, sizeof(*it)); ^~~~~~ kernel/cgroup/cgroup.c:4708:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(it, 0, sizeof(*it)); ^~~~~~ kernel/cgroup/cgroup.c:5224:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(css, 0, sizeof(*css)); ^~~~~~ kernel/cgroup/cgroup.c:5224:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(css, 0, sizeof(*css)); ^~~~~~ kernel/cgroup/cgroup.c:6640:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] if (!sscanf(input, "%lld.%n%lld%n", &whole, &fstart, &frac, &fend)) ^~~~~~ kernel/cgroup/cgroup.c:6640:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 if (!sscanf(input, "%lld.%n%lld%n", &whole, &fstart, &frac, &fend)) ^~~~~~ kernel/cgroup/cgroup.c:6727:11: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] ret += snprintf(buf + ret, size - ret, "%s.", prefix); ^~~~~~~~ kernel/cgroup/cgroup.c:6727:11: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 ret += snprintf(buf + ret, size - ret, "%s.", prefix); ^~~~~~~~ kernel/cgroup/cgroup.c:6729:10: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] ret += snprintf(buf + ret, size - ret, "%s\n", cft->name); ^~~~~~~~ kernel/cgroup/cgroup.c:6729:10: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 ret += snprintf(buf + ret, size - ret, "%s\n", cft->name); ^~~~~~~~ kernel/cgroup/cgroup.c:6760:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return snprintf(buf, PAGE_SIZE, ^~~~~~~~ kernel/cgroup/cgroup.c:6760:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 return snprintf(buf, PAGE_SIZE, ^~~~~~~~ Suppressed 72 warnings (72 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 44 warnings generated. drivers/video/fbdev/omap/lcd_mipid.c:66:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(xfer, 0, sizeof(xfer)); ^~~~~~ drivers/video/fbdev/omap/lcd_mipid.c:66:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(xfer, 0, sizeof(xfer)); ^~~~~~ >> drivers/video/fbdev/omap/lcd_mipid.c:264:3: warning: Value stored to 'pixel' >> is never read [clang-analyzer-deadcode.DeadStores] pixel = 0; ^ ~ drivers/video/fbdev/omap/lcd_mipid.c:264:3: note: Value stored to 'pixel' is never read pixel = 0; ^ ~ Suppressed 42 warnings (42 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 8 warnings generated. Suppressed 8 warnings (8 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 30 warnings generated. drivers/video/fbdev/omap2/omapfb/dss/dispc.c:670:49: warning: The result of the left shift is undefined because the left operand is negative [clang-analyzer-core.UndefinedBinaryOperatorResult] dispc_write_reg(DISPC_OVL_CONV_COEF(plane, 2), CVAL(ct->gcb, ct->gcr)); ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:666:21: note: expanded from macro 'CVAL' #define CVAL(x, y) (FLD_VAL(x, 26, 16) | FLD_VAL(y, 10, 0)) ^ drivers/video/fbdev/omap2/omapfb/dss/dss.h:60:42: note: expanded from macro 'FLD_VAL' #define FLD_VAL(val, start, end) (((val) << (end)) & FLD_MASK(start, end)) ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4049:6: note: Assuming the condition is true if (REG_GET(DISPC_CONFIG, 2, 1) != OMAP_DSS_LOAD_FRAME_ONLY) { ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:49:2: note: expanded from macro 'REG_GET' FLD_GET(dispc_read_reg(idx), start, end) ^ drivers/video/fbdev/omap2/omapfb/dss/dss.h:61:34: note: expanded from macro 'FLD_GET' #define FLD_GET(val, start, end) (((val) & FLD_MASK(start, end)) >> (end)) ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4049:2: note: Taking true branch if (REG_GET(DISPC_CONFIG, 2, 1) != OMAP_DSS_LOAD_FRAME_ONLY) { ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4050:3: note: Calling '_omap_dispc_initial_config' _omap_dispc_initial_config(); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3721:6: note: Assuming the condition is false if (dss_has_feature(FEAT_CORE_CLK_DIV)) { ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3721:2: note: Taking false branch if (dss_has_feature(FEAT_CORE_CLK_DIV)) { ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3732:6: note: Assuming the condition is false if (dss_has_feature(FEAT_FUNCGATED)) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3732:2: note: Taking false branch if (dss_has_feature(FEAT_FUNCGATED)) ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3735:2: note: Calling 'dispc_setup_color_conv_coef' dispc_setup_color_conv_coef(); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:692:14: note: Assuming 'i' is >= 'num_ovl' for (i = 1; i < num_ovl; i++) ^~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:692:2: note: Loop condition is false. Execution continues on line 695 for (i = 1; i < num_ovl; i++) ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:695:6: note: Assuming field 'has_writeback' is true if (dispc.feat->has_writeback) ^~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:695:2: note: Taking true branch if (dispc.feat->has_writeback) ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:696:3: note: Calling 'dispc_ovl_write_color_conv_coef' dispc_ovl_write_color_conv_coef(OMAP_DSS_WB, &ctbl_bt601_5_wb); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:670:49: note: The result of the left shift is undefined because the left operand is negative dispc_write_reg(DISPC_OVL_CONV_COEF(plane, 2), CVAL(ct->gcb, ct->gcr)); ^ drivers/video/fbdev/omap2/omapfb/dss/dispc.c:666:21: note: expanded from macro 'CVAL' #define CVAL(x, y) (FLD_VAL(x, 26, 16) | FLD_VAL(y, 10, 0)) ^~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap2/omapfb/dss/dss.h:60:42: note: expanded from macro 'FLD_VAL' #define FLD_VAL(val, start, end) (((val) << (end)) & FLD_MASK(start, end)) ~~~~~ ^ Suppressed 29 warnings (29 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. drivers/usb/core/devio.c:257:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(mem, 0, size); ^~~~~~ drivers/usb/core/devio.c:257:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(mem, 0, size); ^~~~~~ drivers/usb/core/devio.c:325:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(&temp_desc, &dev->descriptor, sizeof(dev->descriptor)); ^~~~~~ drivers/usb/core/devio.c:325:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(&temp_desc, &dev->descriptor, sizeof(dev->descriptor)); ^~~~~~ drivers/usb/core/devio.c:1444:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(&ci, 0, sizeof(ci)); ^~~~~~ drivers/usb/core/devio.c:1444:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(&ci, 0, sizeof(ci)); -- ^~~~~~~~ drivers/media/platform/ti/am437x/am437x-vpfe.c:1278:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 snprintf(cap->bus_info, sizeof(cap->bus_info), ^~~~~~~~ drivers/media/platform/ti/am437x/am437x-vpfe.c:1411:2: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores] ret = 0; ^ ~ drivers/media/platform/ti/am437x/am437x-vpfe.c:1411:2: note: Value stored to 'ret' is never read ret = 0; ^ ~ drivers/media/platform/ti/am437x/am437x-vpfe.c:1515:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(fsize->reserved, 0x0, sizeof(fsize->reserved)); ^~~~~~ drivers/media/platform/ti/am437x/am437x-vpfe.c:1515:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(fsize->reserved, 0x0, sizeof(fsize->reserved)); ^~~~~~ drivers/media/platform/ti/am437x/am437x-vpfe.c:1517:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(&fse, 0x0, sizeof(fse)); ^~~~~~ drivers/media/platform/ti/am437x/am437x-vpfe.c:1517:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(&fse, 0x0, sizeof(fse)); ^~~~~~ drivers/media/platform/ti/am437x/am437x-vpfe.c:2176:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(&mbus_code, 0, sizeof(mbus_code)); ^~~~~~ drivers/media/platform/ti/am437x/am437x-vpfe.c:2176:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(&mbus_code, 0, sizeof(mbus_code)); ^~~~~~ Suppressed 46 warnings (45 in non-user code, 1 with check filters). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 53 warnings generated. drivers/video/fbdev/omap/omapfb_main.c:599:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(new_var, &fbi->var, sizeof(*new_var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:599:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(new_var, &fbi->var, sizeof(*new_var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:605:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(&fbi->var, new_var, sizeof(*new_var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:605:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(&fbi->var, new_var, sizeof(*new_var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:843:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(new_var, &fbi->var, sizeof(*new_var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:843:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(new_var, &fbi->var, sizeof(*new_var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:863:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(&fbi->var, new_var, sizeof(fbi->var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:863:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(&fbi->var, new_var, sizeof(fbi->var)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:891:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(mi, 0, sizeof(*mi)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:891:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(mi, 0, sizeof(*mi)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1017:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(caps, 0, sizeof(*caps)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1017:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(caps, 0, sizeof(*caps)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1031:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(&win, 0, sizeof(win)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1031:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(&win, 0, sizeof(win)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1100:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(u->reserved, 0, sizeof(u->reserved)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1100:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(u->reserved, 0, sizeof(u->reserved)); ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1334:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] if (sscanf(buf, "%10d", &level) == 1) { ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1334:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 if (sscanf(buf, "%10d", &level) == 1) { ^~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1451:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] strncpy(fix->id, MODULE_NAME, sizeof(fix->id)); ^~~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1451:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 strncpy(fix->id, MODULE_NAME, sizeof(fix->id)); ^~~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1577:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1); ^~~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1577:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1); ^~~~~~~ >> drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after >> it is freed [clang-analyzer-unix.Malloc] fbdev->dssdev = NULL; ~~~~~~~~~~~~~ ^ drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Calling 'omapfb_free_resources' omapfb_free_resources(fbdev, saved_state); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1530:2: note: Control jumps to 'case 1:' at line 1555 switch (state) { ^ drivers/video/fbdev/omap/omapfb_main.c:1557:3: note: Memory is released kfree(fbdev); ^~~~~~~~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1558:3: note: Execution continues on line 1557 break; ^ drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Returning; memory was released via 1st parameter omapfb_free_resources(fbdev, saved_state); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ drivers/video/fbdev/omap/omapfb_main.c:1811:16: note: Use of memory after it is freed fbdev->dssdev = NULL; ~~~~~~~~~~~~~ ^ Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 44 warnings generated. drivers/video/fbdev/core/fbsysfs.c:121:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return snprintf(&buf[offset], PAGE_SIZE - offset, "%c:%dx%d%c-%d\n", ^~~~~~~~ drivers/video/fbdev/core/fbsysfs.c:121:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 return snprintf(&buf[offset], PAGE_SIZE - offset, "%c:%dx%d%c-%d\n", ^~~~~~~~ drivers/video/fbdev/core/fbsysfs.c:137:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(&var, 0, sizeof(var)); ^~~~~~ drivers/video/fbdev/core/fbsysfs.c:137:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(&var, 0, sizeof(var)); ^~~~~~ drivers/video/fbdev/core/fbsysfs.c:443:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] if (sscanf(&buf[i * 24], ^~~~~~ drivers/video/fbdev/core/fbsysfs.c:443:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 if (sscanf(&buf[i * 24], ^~~~~~ Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. Suppressed 14 warnings (14 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. Suppressed 14 warnings (14 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. Suppressed 14 warnings (14 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. Suppressed 14 warnings (14 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 14 warnings generated. Suppressed 14 warnings (14 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 41 warnings generated. Suppressed 41 warnings (41 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 22 warnings generated. drivers/cpufreq/brcmstb-avs-cpufreq.c:658:10: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return sprintf(buf, "<unknown>\n"); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:658:10: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 return sprintf(buf, "<unknown>\n"); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:660:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return sprintf(buf, "%u\n", pstate); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:660:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 return sprintf(buf, "%u\n", pstate); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:669:10: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return sprintf(buf, "<unknown>\n"); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:669:10: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 return sprintf(buf, "<unknown>\n"); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:671:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return sprintf(buf, "%s %u\n", brcm_avs_mode_to_string(pmap.mode), ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:671:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 return sprintf(buf, "%s %u\n", brcm_avs_mode_to_string(pmap.mode), ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:683:10: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return sprintf(buf, "<unknown>\n"); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:683:10: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 return sprintf(buf, "<unknown>\n"); ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:688:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return sprintf(buf, "0x%08x 0x%08x %u %u %u %u %u %u %u %u %u\n", ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:688:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 return sprintf(buf, "0x%08x 0x%08x %u %u %u %u %u %u %u %u %u\n", ^~~~~~~ drivers/cpufreq/brcmstb-avs-cpufreq.c:697:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] return sprintf(buf, "0x%08x\n", brcm_avs_get_voltage(priv->base)); vim +1811 drivers/video/fbdev/omap/omapfb_main.c 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1798 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1799 /* Called when the device is being detached from the driver */ 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1800 static int omapfb_remove(struct platform_device *pdev) 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1801 { 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1802 struct omapfb_device *fbdev = platform_get_drvdata(pdev); 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1803 enum omapfb_state saved_state = fbdev->state; 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1804 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1805 /* FIXME: wait till completion of pending events */ 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1806 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1807 fbdev->state = OMAPFB_DISABLED; 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1808 omapfb_free_resources(fbdev, saved_state); 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1809 f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1810 platform_device_unregister(&omapdss_device); f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 @1811 fbdev->dssdev = NULL; f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1812 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1813 return 0; 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1814 } 8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1815 :::::: The code at line 1811 was first introduced by commit :::::: f778a12dd33200513596a0d4d3ba4d5f09e79c09 OMAP: OMAPFB: fix clk_get for RFBI :::::: TO: Tomi Valkeinen <[email protected]> :::::: CC: Tomi Valkeinen <[email protected]> -- 0-DAY CI Kernel Test Service https://01.org/lkp _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
