* drivers/mtd/maps/ck804xrom.c:234:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or p...
@ 2022-04-27 5:27 kernel test robot
0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2022-04-27 5:27 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 133313 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
CC: Masahiro Yamada <masahiroy@kernel.org>
CC: Alex Shi <alexs@kernel.org>
CC: Nick Desaulniers <ndesaulniers@google.com>
CC: Miguel Ojeda <ojeda@kernel.org>
CC: Nathan Chancellor <nathan@kernel.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 46cf2c613f4b10eb12f749207b0fd2c1bfae3088
commit: e8c07082a810fbb9db303a2b66b66b8d7e588b53 Kbuild: move to -std=gnu11
date: 6 weeks ago
:::::: branch date: 6 hours ago
:::::: commit date: 6 weeks ago
config: x86_64-randconfig-c007-20220425 (https://download.01.org/0day-ci/archive/20220427/202204271303.1vqsH7Pb-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 1cddcfdc3c683b393df1a5c9063252eb60e52818)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e8c07082a810fbb9db303a2b66b66b8d7e588b53
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout e8c07082a810fbb9db303a2b66b66b8d7e588b53
# save the config file
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=x86_64 clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/memstick/host/jmb38x_ms.c:308:17: note: Field 'long_data' is 0
if (host->req->long_data) {
^
drivers/memstick/host/jmb38x_ms.c:308:2: note: Taking false branch
if (host->req->long_data) {
^
drivers/memstick/host/jmb38x_ms.c:316:2: note: Loop condition is true. Entering loop body
while (length) {
^
drivers/memstick/host/jmb38x_ms.c:317:3: note: 'p_off' declared without an initial value
unsigned int p_off;
^~~~~~~~~~~~~~~~~~
drivers/memstick/host/jmb38x_ms.c:319:18: note: Field 'long_data' is 0
if (host->req->long_data) {
^
drivers/memstick/host/jmb38x_ms.c:319:3: note: Taking false branch
if (host->req->long_data) {
^
drivers/memstick/host/jmb38x_ms.c:333:18: note: Field 'data_dir' is equal to WRITE
if (host->req->data_dir == WRITE)
^
drivers/memstick/host/jmb38x_ms.c:333:3: note: Taking true branch
if (host->req->data_dir == WRITE)
^
drivers/memstick/host/jmb38x_ms.c:334:13: note: '?' condition is false
t_size = !(host->cmd_flags & REG_DATA)
^
drivers/memstick/host/jmb38x_ms.c:342:7: note: Assuming field 'long_data' is not equal to 0
if (host->req->long_data) {
^~~~~~~~~~~~~~~~~~~~
drivers/memstick/host/jmb38x_ms.c:342:3: note: Taking true branch
if (host->req->long_data) {
^
drivers/memstick/host/jmb38x_ms.c:343:4: note: Taking false branch
kunmap_atomic(buf - p_off);
^
include/linux/highmem-internal.h:245:2: note: expanded from macro 'kunmap_atomic'
BUILD_BUG_ON(__same_type((__addr), struct page *)); \
^
include/linux/build_bug.h:50:2: note: expanded from macro 'BUILD_BUG_ON'
BUILD_BUG_ON_MSG(condition, "BUILD_BUG_ON failed: " #condition)
^
include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG'
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^
include/linux/compiler_types.h:346:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:334:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:326:3: note: expanded from macro '__compiletime_assert'
if (!(condition)) \
^
drivers/memstick/host/jmb38x_ms.c:343:4: note: Loop condition is false. Exiting loop
kunmap_atomic(buf - p_off);
^
include/linux/highmem-internal.h:245:2: note: expanded from macro 'kunmap_atomic'
BUILD_BUG_ON(__same_type((__addr), struct page *)); \
^
include/linux/build_bug.h:50:2: note: expanded from macro 'BUILD_BUG_ON'
BUILD_BUG_ON_MSG(condition, "BUILD_BUG_ON failed: " #condition)
^
include/linux/build_bug.h:39:37: note: expanded from macro 'BUILD_BUG_ON_MSG'
#define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg)
^
include/linux/compiler_types.h:346:2: note: expanded from macro 'compiletime_assert'
_compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__)
^
include/linux/compiler_types.h:334:2: note: expanded from macro '_compiletime_assert'
__compiletime_assert(condition, msg, prefix, suffix)
^
include/linux/compiler_types.h:318:2: note: expanded from macro '__compiletime_assert'
do { \
^
drivers/memstick/host/jmb38x_ms.c:343:22: note: The right operand of '-' is a garbage value
kunmap_atomic(buf - p_off);
^
include/linux/highmem-internal.h:246:18: note: expanded from macro 'kunmap_atomic'
__kunmap_atomic(__addr); \
^~~~~~
drivers/memstick/host/jmb38x_ms.c:866:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(host->host_id, sizeof(host->host_id), DRIVER_NAME ":slot%d",
^~~~~~~~
drivers/memstick/host/jmb38x_ms.c:866:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(host->host_id, sizeof(host->host_id), DRIVER_NAME ":slot%d",
^~~~~~~~
Suppressed 37 warnings (37 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
Suppressed 33 warnings (33 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
drivers/mtd/maps/ck804xrom.c:225:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(map, 0, sizeof(*map));
^~~~~~
drivers/mtd/maps/ck804xrom.c:225:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(map, 0, sizeof(*map));
^~~~~~
>> drivers/mtd/maps/ck804xrom.c:234:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(map->map_name, "%s @%08Lx",
^~~~~~~
drivers/mtd/maps/ck804xrom.c:234:3: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(map->map_name, "%s @%08Lx",
^~~~~~~
Suppressed 33 warnings (33 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
20 warnings generated.
Suppressed 20 warnings (20 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
Suppressed 33 warnings (33 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
20 warnings generated.
Suppressed 20 warnings (20 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
Suppressed 33 warnings (33 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
37 warnings generated.
drivers/mtd/devices/docg3.c:1315:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dst, oobsrc, DOC_LAYOUT_OOB_PAGEINFO_SZ);
^~~~~~
drivers/mtd/devices/docg3.c:1315:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dst, oobsrc, DOC_LAYOUT_OOB_PAGEINFO_SZ);
^~~~~~
drivers/mtd/devices/docg3.c:1353:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(docg3->oob_write_buf, ops->oobbuf, DOC_LAYOUT_OOB_SIZE);
^~~~~~
drivers/mtd/devices/docg3.c:1353:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(docg3->oob_write_buf, ops->oobbuf, DOC_LAYOUT_OOB_SIZE);
^~~~~~
drivers/mtd/devices/docg3.c:1430:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(oob, 0, sizeof(oob));
^~~~~~
drivers/mtd/devices/docg3.c:1430:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(oob, 0, sizeof(oob));
^~~~~~
drivers/mtd/devices/docg3.c:1432:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(oob, docg3->oob_write_buf, DOC_LAYOUT_OOB_SIZE);
^~~~~~
drivers/mtd/devices/docg3.c:1432:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(oob, docg3->oob_write_buf, DOC_LAYOUT_OOB_SIZE);
^~~~~~
drivers/mtd/devices/docg3.c:1436:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(oob, oobbuf, DOC_LAYOUT_OOB_SIZE);
^~~~~~
drivers/mtd/devices/docg3.c:1436:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(oob, oobbuf, DOC_LAYOUT_OOB_SIZE);
^~~~~~
drivers/mtd/devices/docg3.c:1480:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%d\n", !(dps0 & DOC_DPS_KEY_OK));
^~~~~~~
drivers/mtd/devices/docg3.c:1480:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%d\n", !(dps0 & DOC_DPS_KEY_OK));
^~~~~~~
drivers/mtd/devices/docg3.c:1495:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%d\n", !(dps1 & DOC_DPS_KEY_OK));
^~~~~~~
drivers/mtd/devices/docg3.c:1495:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%d\n", !(dps1 & DOC_DPS_KEY_OK));
^~~~~~~
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
89 warnings generated.
net/sunrpc/addr.c:40:10: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(buf, buflen, "::");
^~~~~~~~
net/sunrpc/addr.c:40:10: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(buf, buflen, "::");
^~~~~~~~
net/sunrpc/addr.c:48:10: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(buf, buflen, "::1");
^~~~~~~~
net/sunrpc/addr.c:48:10: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(buf, buflen, "::1");
^~~~~~~~
net/sunrpc/addr.c:57:10: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(buf, buflen, "::ffff:%pI4",
^~~~~~~~
net/sunrpc/addr.c:57:10: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(buf, buflen, "::ffff:%pI4",
^~~~~~~~
net/sunrpc/addr.c:63:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(buf, buflen, "%pI6c", addr);
^~~~~~~~
net/sunrpc/addr.c:63:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(buf, buflen, "%pI6c", addr);
^~~~~~~~
net/sunrpc/addr.c:83:7: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
rc = snprintf(scopebuf, sizeof(scopebuf), "%c%u",
^~~~~~~~
net/sunrpc/addr.c:83:7: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
rc = snprintf(scopebuf, sizeof(scopebuf), "%c%u",
^~~~~~~~
net/sunrpc/addr.c:92:2: warning: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcat(buf, scopebuf);
^~~~~~
net/sunrpc/addr.c:92:2: note: Call to function 'strcat' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcat'. CWE-119
strcat(buf, scopebuf);
--
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/block-group.c:391:2: note: Taking true branch
if (refcount_dec_and_test(&ctl->count))
^
fs/btrfs/block-group.c:392:3: note: Memory is released
kfree(ctl);
^~~~~~~~~~
fs/btrfs/block-group.c:3921:3: note: Returning; memory was released via 1st parameter
btrfs_put_caching_control(caching_ctl);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/block-group.c:3917:2: note: Loop condition is true. Entering loop body
while (!list_empty(&info->caching_block_groups)) {
^
fs/btrfs/block-group.c:3920:3: note: Calling 'list_del'
list_del(&caching_ctl->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:148:2: note: Calling '__list_del_entry'
__list_del_entry(entry);
^~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:6: note: Assuming the condition is false
if (!__list_del_entry_valid(entry))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:134:2: note: Taking false branch
if (!__list_del_entry_valid(entry))
^
include/linux/list.h:137:13: note: Use of memory after it is freed
__list_del(entry->prev, entry->next);
^~~~~~~~~~~
include/linux/list.h:149:14: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
entry->next = LIST_POISON1;
^
fs/btrfs/block-group.c:3917:2: note: Loop condition is true. Entering loop body
while (!list_empty(&info->caching_block_groups)) {
^
fs/btrfs/block-group.c:3921:3: note: Calling 'btrfs_put_caching_control'
btrfs_put_caching_control(caching_ctl);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/block-group.c:391:2: note: Taking true branch
if (refcount_dec_and_test(&ctl->count))
^
fs/btrfs/block-group.c:392:3: note: Memory is released
kfree(ctl);
^~~~~~~~~~
fs/btrfs/block-group.c:3921:3: note: Returning; memory was released via 1st parameter
btrfs_put_caching_control(caching_ctl);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/btrfs/block-group.c:3917:2: note: Loop condition is true. Entering loop body
while (!list_empty(&info->caching_block_groups)) {
^
fs/btrfs/block-group.c:3920:3: note: Calling 'list_del'
list_del(&caching_ctl->list);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/list.h:149:14: note: Use of memory after it is freed
entry->next = LIST_POISON1;
~~~~~~~~~~~ ^
Suppressed 44 warnings (42 in non-user code, 2 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
69 warnings generated.
fs/cifs/link.c:84:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
rc = sscanf(buf, CIFS_MF_SYMLINK_LEN_FORMAT, &link_len);
^~~~~~
fs/cifs/link.c:84:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
rc = sscanf(buf, CIFS_MF_SYMLINK_LEN_FORMAT, &link_len);
^~~~~~
fs/cifs/link.c:139:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(buf + ofs, link_str, link_len);
^~~~~~
fs/cifs/link.c:139:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(buf + ofs, link_str, link_len);
^~~~~~
Suppressed 67 warnings (67 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
drivers/greybus/interface.c:472:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%u\n", measurement);
^~~~~~~
drivers/greybus/interface.c:472:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%u\n", measurement);
^~~~~~~
drivers/greybus/interface.c:491:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%u\n", measurement);
^~~~~~~
drivers/greybus/interface.c:491:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%u\n", measurement);
^~~~~~~
drivers/greybus/interface.c:510:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%u\n", measurement);
^~~~~~~
drivers/greybus/interface.c:510:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%u\n", measurement);
^~~~~~~
drivers/greybus/interface.c:589:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%s\n", gb_interface_type_string(intf));
^~~~~~~
drivers/greybus/interface.c:589:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%s\n", gb_interface_type_string(intf));
^~~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
>> sound/pci/vx222/vx222.c:185:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->longname, "%s at 0x%lx & 0x%lx, irq %i",
^~~~~~~
sound/pci/vx222/vx222.c:185:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->longname, "%s at 0x%lx & 0x%lx, irq %i",
^~~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
sound/firewire/fcp.c:369:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(t->response_buffer, data,
^~~~~~
sound/firewire/fcp.c:369:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(t->response_buffer, data,
^~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
35 warnings generated.
sound/firewire/amdtp-stream.c:952:13: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
desc->syt = syt;
^
sound/firewire/amdtp-stream.c:1281:6: note: Assuming field 'packet_index' is >= 0
if (s->packet_index < 0)
^~~~~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:1281:2: note: Taking false branch
if (s->packet_index < 0)
^
sound/firewire/amdtp-stream.c:1288:9: note: Assuming 'offset' is < 'packets'
while (offset < packets) {
^~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:1288:2: note: Loop condition is true. Entering loop body
while (offset < packets) {
^
sound/firewire/amdtp-stream.c:1291:3: note: Taking true branch
if (compare_ohci_cycle_count(cycle, d->processing_cycle.tx_start) >= 0)
^
sound/firewire/amdtp-stream.c:1292:4: note: Execution continues on line 1298
break;
^
sound/firewire/amdtp-stream.c:1300:6: note: 'offset' is <= 0
if (offset > 0) {
^~~~~~
sound/firewire/amdtp-stream.c:1300:2: note: Taking false branch
if (offset > 0) {
^
sound/firewire/amdtp-stream.c:1311:6: note: 'offset' is < 'packets'
if (offset < packets) {
^~~~~~
sound/firewire/amdtp-stream.c:1311:2: note: Taking true branch
if (offset < packets) {
^
sound/firewire/amdtp-stream.c:1315:3: note: Calling 'process_tx_packets'
process_tx_packets(context, tstamp, header_length, ctx_header, s);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:1212:6: note: Assuming field 'packet_index' is >= 0
if (s->packet_index < 0)
^~~~~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:1212:2: note: Taking false branch
if (s->packet_index < 0)
^
sound/firewire/amdtp-stream.c:1219:8: note: Calling 'generate_device_pkt_descs'
err = generate_device_pkt_descs(s, s->pkt_descs, ctx_header, packets, &desc_count);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:903:14: note: Assuming 'i' is < 'packets'
for (i = 0; i < packets; ++i) {
^~~~~~~~~~~
sound/firewire/amdtp-stream.c:903:2: note: Loop condition is true. Entering loop body
for (i = 0; i < packets; ++i) {
^
sound/firewire/amdtp-stream.c:908:3: note: 'syt' declared without an initial value
unsigned int syt;
^~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:911:11: note: Assuming 'next_cycle' is equal to 'cycle'
lost = (next_cycle != cycle);
^~~~~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:912:7: note: 'lost' is false
if (lost) {
^~~~
sound/firewire/amdtp-stream.c:912:3: note: Taking false branch
if (lost) {
^
sound/firewire/amdtp-stream.c:946:9: note: Calling 'parse_ir_ctx_header'
err = parse_ir_ctx_header(s, cycle, ctx_header, &data_blocks, &dbc, &syt,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/firewire/amdtp-stream.c:809:6: note: Assuming the condition is true
if (!(s->flags & CIP_NO_HEADER))
--
^~~~~~
sound/pci/asihpi/asihpi.c:910:10: note: Assuming 'a' is non-null
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
sound/pci/asihpi/asihpi.c:910:10: note: Left side of '||' is false
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
sound/pci/asihpi/asihpi.c:910:16: note: Assuming field 'snd_card' is non-null
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
sound/pci/asihpi/asihpi.c:910:10: note: Left side of '||' is false
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
sound/pci/asihpi/asihpi.c:910:32: note: Assuming field 'private_data' is null
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
include/asm-generic/bug.h:121:25: note: expanded from macro 'WARN_ON'
int __ret_warn_on = !!(condition); \
^~~~~~~~~
sound/pci/asihpi/asihpi.c:910:2: note: Taking true branch
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
include/asm-generic/bug.h:122:2: note: expanded from macro 'WARN_ON'
if (unlikely(__ret_warn_on)) \
^
sound/pci/asihpi/asihpi.c:910:2: note: Loop condition is false. Exiting loop
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
include/asm-generic/bug.h:123:3: note: expanded from macro 'WARN_ON'
__WARN(); \
^
include/asm-generic/bug.h:96:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
arch/x86/include/asm/bug.h:82:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, f, ASM_REACHABLE); \
^
arch/x86/include/asm/bug.h:25:43: note: expanded from macro '_BUG_FLAGS'
#define _BUG_FLAGS(ins, flags, extra) \
^
sound/pci/asihpi/asihpi.c:910:2: note: Loop condition is false. Exiting loop
WARN_ON(!a || !a->snd_card || !a->snd_card->private_data);
^
include/asm-generic/bug.h:123:3: note: expanded from macro 'WARN_ON'
__WARN(); \
^
include/asm-generic/bug.h:96:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
arch/x86/include/asm/bug.h:78:33: note: expanded from macro '__WARN_FLAGS'
#define __WARN_FLAGS(flags) \
^
sound/pci/asihpi/asihpi.c:911:2: note: Null pointer value stored to 'asihpi'
asihpi = (struct snd_card_asihpi *)a->snd_card->private_data;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:912:6: note: Access to field 'llmode_streampriv' results in a dereference of a null pointer (loaded from variable 'asihpi')
if (asihpi->llmode_streampriv)
^~~~~~
sound/pci/asihpi/asihpi.c:965:3: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = hpi_sample_clock_get_sample_rate(h_control,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:965:3: note: Value stored to 'err' is never read
err = hpi_sample_clock_get_sample_rate(h_control,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:1012:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&snd_card_asihpi_playback, 0, sizeof(snd_card_asihpi_playback));
^~~~~~
sound/pci/asihpi/asihpi.c:1012:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&snd_card_asihpi_playback, 0, sizeof(snd_card_asihpi_playback));
^~~~~~
sound/pci/asihpi/asihpi.c:1139:3: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = hpi_sample_clock_get_sample_rate(h_control,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:1139:3: note: Value stored to 'err' is never read
err = hpi_sample_clock_get_sample_rate(h_control,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:1185:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&snd_card_asihpi_capture, 0, sizeof(snd_card_asihpi_capture));
^~~~~~
sound/pci/asihpi/asihpi.c:1185:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&snd_card_asihpi_capture, 0, sizeof(snd_card_asihpi_capture));
^~~~~~
sound/pci/asihpi/asihpi.c:1257:2: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = hpi_adapter_get_info(asihpi->hpi->adapter->index,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:1257:2: note: Value stored to 'err' is never read
err = hpi_adapter_get_info(asihpi->hpi->adapter->index,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:1380:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(snd_control, 0, sizeof(*snd_control));
^~~~~~
sound/pci/asihpi/asihpi.c:1380:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(snd_control, 0, sizeof(*snd_control));
^~~~~~
>> sound/pci/asihpi/asihpi.c:1401:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(hpi_ctl->name, "%s %d %s %d %s%s",
^~~~~~~
sound/pci/asihpi/asihpi.c:1401:3: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(hpi_ctl->name, "%s %d %s %d %s%s",
^~~~~~~
sound/pci/asihpi/asihpi.c:1408:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(hpi_ctl->name, "%s %d %s%s",
^~~~~~~
sound/pci/asihpi/asihpi.c:1408:3: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(hpi_ctl->name, "%s %d %s%s",
^~~~~~~
sound/pci/asihpi/asihpi.c:1413:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(hpi_ctl->name, "%s %d %s%s",
^~~~~~~
sound/pci/asihpi/asihpi.c:1413:3: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(hpi_ctl->name, "%s %d %s%s",
^~~~~~~
sound/pci/asihpi/asihpi.c:2152:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(uinfo->value.enumerated.name, "%s %d",
^~~~~~~
sound/pci/asihpi/asihpi.c:2152:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(uinfo->value.enumerated.name, "%s %d",
^~~~~~~
sound/pci/asihpi/asihpi.c:2331:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/asihpi/asihpi.c:2331:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/asihpi/asihpi.c:2562:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&prev_ctl, 0, sizeof(prev_ctl));
^~~~~~
sound/pci/asihpi/asihpi.c:2562:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&prev_ctl, 0, sizeof(prev_ctl));
^~~~~~
sound/pci/asihpi/asihpi.c:2903:3: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = hpi_sample_clock_set_local_rate(
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:2903:3: note: Value stored to 'err' is never read
err = hpi_sample_clock_set_local_rate(
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/asihpi/asihpi.c:2914:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->shortname, "AudioScience ASI%4X",
^~~~~~~
sound/pci/asihpi/asihpi.c:2914:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->shortname, "AudioScience ASI%4X",
^~~~~~~
sound/pci/asihpi/asihpi.c:2916:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->longname, "%s %i",
^~~~~~~
sound/pci/asihpi/asihpi.c:2916:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->longname, "%s %i",
^~~~~~~
Suppressed 32 warnings (31 in non-user code, 1 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
sound/firewire/dice/dice-tcelectronic.c:93:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dice->tx_pcm_chs, entry->spec->tx_pcm_chs,
^~~~~~
sound/firewire/dice/dice-tcelectronic.c:93:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dice->tx_pcm_chs, entry->spec->tx_pcm_chs,
^~~~~~
sound/firewire/dice/dice-tcelectronic.c:95:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dice->rx_pcm_chs, entry->spec->rx_pcm_chs,
^~~~~~
sound/firewire/dice/dice-tcelectronic.c:95:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dice->rx_pcm_chs, entry->spec->rx_pcm_chs,
^~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
sound/firewire/dice/dice-alesis.c:36:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dice->tx_pcm_chs, alesis_io14_tx_pcm_chs,
^~~~~~
sound/firewire/dice/dice-alesis.c:36:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dice->tx_pcm_chs, alesis_io14_tx_pcm_chs,
^~~~~~
sound/firewire/dice/dice-alesis.c:40:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dice->tx_pcm_chs, alesis_io26_tx_pcm_chs,
^~~~~~
sound/firewire/dice/dice-alesis.c:40:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dice->tx_pcm_chs, alesis_io26_tx_pcm_chs,
^~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
31 warnings generated.
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
69 warnings generated.
fs/ext4/xattr.c:368:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy((char *)buf + blocksize * i, bhs[i]->b_data,
^~~~~~
fs/ext4/xattr.c:368:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy((char *)buf + blocksize * i, bhs[i]->b_data,
--
^
sound/pci/hda/patch_ca0132.c:2413:7: note: Dereference of null pointer (loaded from variable 'reply_len')
if (*reply_len < ret_size*sizeof(unsigned int)) {
^~~~~~~~~~
sound/pci/hda/patch_ca0132.c:2424:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(reply, scp_reply.data, *reply_len);
^~~~~~
sound/pci/hda/patch_ca0132.c:2424:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(reply, scp_reply.data, *reply_len);
^~~~~~
sound/pci/hda/patch_ca0132.c:2592:29: warning: The left operand of '&' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
return ((dma_chnlstart_reg & (1 <<
^
sound/pci/hda/patch_ca0132.c:2608:2: note: Taking false branch
codec_dbg(codec, "-- dsp_dma_setup_common() -- Begin ---------\n");
^
sound/pci/hda/hda_local.h:735:2: note: expanded from macro 'codec_dbg'
dev_dbg(hda_codec_dev(codec), fmt, ##args)
^
include/linux/dev_printk.h:155:2: note: expanded from macro 'dev_dbg'
dynamic_dev_dbg(dev, dev_fmt(fmt), ##__VA_ARGS__)
^
include/linux/dynamic_debug.h:166:2: note: expanded from macro 'dynamic_dev_dbg'
_dynamic_func_call(fmt,__dynamic_dev_dbg, \
^
include/linux/dynamic_debug.h:152:2: note: expanded from macro '_dynamic_func_call'
__dynamic_func_call(__UNIQUE_ID(ddebug), fmt, func, ##__VA_ARGS__)
^
include/linux/dynamic_debug.h:133:2: note: expanded from macro '__dynamic_func_call'
if (DYNAMIC_DEBUG_BRANCH(id)) \
^
sound/pci/hda/patch_ca0132.c:2608:2: note: Loop condition is false. Exiting loop
codec_dbg(codec, "-- dsp_dma_setup_common() -- Begin ---------\n");
^
sound/pci/hda/hda_local.h:735:2: note: expanded from macro 'codec_dbg'
dev_dbg(hda_codec_dev(codec), fmt, ##args)
^
include/linux/dev_printk.h:155:2: note: expanded from macro 'dev_dbg'
dynamic_dev_dbg(dev, dev_fmt(fmt), ##__VA_ARGS__)
^
include/linux/dynamic_debug.h:166:2: note: expanded from macro 'dynamic_dev_dbg'
_dynamic_func_call(fmt,__dynamic_dev_dbg, \
^
include/linux/dynamic_debug.h:152:2: note: expanded from macro '_dynamic_func_call'
__dynamic_func_call(__UNIQUE_ID(ddebug), fmt, func, ##__VA_ARGS__)
^
include/linux/dynamic_debug.h:131:49: note: expanded from macro '__dynamic_func_call'
#define __dynamic_func_call(id, fmt, func, ...) do { \
^
sound/pci/hda/patch_ca0132.c:2610:6: note: Assuming 'dma_chan' is < DSPDMAC_DMA_CFG_CHANNEL_COUNT
if (dma_chan >= DSPDMAC_DMA_CFG_CHANNEL_COUNT) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:2610:2: note: Taking false branch
if (dma_chan >= DSPDMAC_DMA_CFG_CHANNEL_COUNT) {
^
sound/pci/hda/patch_ca0132.c:2615:6: note: Calling 'dsp_is_dma_active'
if (dsp_is_dma_active(codec, dma_chan)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:2588:2: note: 'dma_chnlstart_reg' declared without an initial value
unsigned int dma_chnlstart_reg;
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:2590:2: note: Calling 'chipio_read'
chipio_read(codec, DSPDMAC_CHNLSTART_INST_OFFSET, &dma_chnlstart_reg);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:1750:6: note: 'err' is < 0
if (err < 0)
^~~
sound/pci/hda/patch_ca0132.c:1750:2: note: Taking true branch
if (err < 0)
^
sound/pci/hda/patch_ca0132.c:1751:3: note: Control jumps to line 1758
goto exit;
^
sound/pci/hda/patch_ca0132.c:1759:2: note: Returning without writing to '*data'
return err;
^
sound/pci/hda/patch_ca0132.c:2590:2: note: Returning from 'chipio_read'
chipio_read(codec, DSPDMAC_CHNLSTART_INST_OFFSET, &dma_chnlstart_reg);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:2592:29: note: The left operand of '&' is a garbage value
return ((dma_chnlstart_reg & (1 <<
~~~~~~~~~~~~~~~~~ ^
sound/pci/hda/patch_ca0132.c:3090:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dma->dmab->area, data, count);
^~~~~~
sound/pci/hda/patch_ca0132.c:3090:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dma->dmab->area, data, count);
^~~~~~
sound/pci/hda/patch_ca0132.c:4879:3: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = ca0132_alt_surround_set_bass_redirection(codec,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:4879:3: note: Value stored to 'err' is never read
err = ca0132_alt_surround_set_bass_redirection(codec,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:4882:3: warning: Value stored to 'err' is never read [clang-analyzer-deadcode.DeadStores]
err = ca0132_alt_surround_set_bass_redirection(codec, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:4882:3: note: Value stored to 'err' is never read
err = ca0132_alt_surround_set_bass_redirection(codec, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> sound/pci/hda/patch_ca0132.c:5786:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(namestr, "%d %s", (uinfo->value.enumerated.item * 10), sfx);
^~~~~~~
sound/pci/hda/patch_ca0132.c:5786:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(namestr, "%d %s", (uinfo->value.enumerated.item * 10), sfx);
^~~~~~~
sound/pci/hda/patch_ca0132.c:5787:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name, namestr);
^~~~~~
sound/pci/hda/patch_ca0132.c:5787:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name, namestr);
^~~~~~
sound/pci/hda/patch_ca0132.c:5838:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(namestr, "%s %s",
^~~~~~~
sound/pci/hda/patch_ca0132.c:5838:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(namestr, "%s %s",
^~~~~~~
sound/pci/hda/patch_ca0132.c:5841:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name, namestr);
^~~~~~
sound/pci/hda/patch_ca0132.c:5841:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name, namestr);
^~~~~~
sound/pci/hda/patch_ca0132.c:5892:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(namestr, "%s",
^~~~~~~
sound/pci/hda/patch_ca0132.c:5892:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(namestr, "%s",
^~~~~~~
sound/pci/hda/patch_ca0132.c:5894:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name, namestr);
^~~~~~
sound/pci/hda/patch_ca0132.c:5894:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name, namestr);
^~~~~~
sound/pci/hda/patch_ca0132.c:5943:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:5943:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:5995:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:5995:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6046:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6046:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6099:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6099:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6163:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6163:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6220:2: warning: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119 [clang-analyzer-security.insecureAPI.strcpy]
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6220:2: note: Call to function 'strcpy' is insecure as it does not provide bounding of the memory buffer. Replace unbounded copy functions with analogous functions that support length arguments such as 'strlcpy'. CWE-119
strcpy(uinfo->value.enumerated.name,
^~~~~~
sound/pci/hda/patch_ca0132.c:6649:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(namestr, "FX: %s %s Volume", pfx, dirstr[dir]);
^~~~~~~
sound/pci/hda/patch_ca0132.c:6649:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(namestr, "FX: %s %s Volume", pfx, dirstr[dir]);
^~~~~~~
sound/pci/hda/patch_ca0132.c:6688:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(namestr, "FX: %s %s Switch", pfx, dirstr[dir]);
^~~~~~~
sound/pci/hda/patch_ca0132.c:6688:3: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(namestr, "FX: %s %s Switch", pfx, dirstr[dir]);
^~~~~~~
sound/pci/hda/patch_ca0132.c:6690:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(namestr, "%s %s Switch", pfx, dirstr[dir]);
^~~~~~~
sound/pci/hda/patch_ca0132.c:6690:3: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(namestr, "%s %s Switch", pfx, dirstr[dir]);
^~~~~~~
sound/pci/hda/patch_ca0132.c:8622:22: warning: Value stored to 'spec' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct ca0132_spec *spec = codec->spec;
^~~~ ~~~~~~~~~~~
sound/pci/hda/patch_ca0132.c:8622:22: note: Value stored to 'spec' during its initialization is never read
struct ca0132_spec *spec = codec->spec;
^~~~ ~~~~~~~~~~~
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
--
^~~~~~
sound/pci/hda/patch_hdmi.c:383:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ucontrol->value.bytes.data, eld->eld_buffer,
^~~~~~
sound/pci/hda/patch_hdmi.c:509:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(name, sizeof(name), "eld#%d.%d", codec->addr, index);
^~~~~~~~
sound/pci/hda/patch_hdmi.c:509:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(name, sizeof(name), "eld#%d.%d", codec->addr, index);
^~~~~~~~
sound/pci/hda/patch_hdmi.c:676:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&ai, 0, sizeof(ai));
^~~~~~
sound/pci/hda/patch_hdmi.c:676:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&ai, 0, sizeof(ai));
^~~~~~
sound/pci/hda/patch_hdmi.c:1334:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(per_pin->mux_nids, spec->cvt_nids,
^~~~~~
sound/pci/hda/patch_hdmi.c:1334:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(per_pin->mux_nids, spec->cvt_nids,
^~~~~~
sound/pci/hda/patch_hdmi.c:1492:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(per_pin->chmap, 0, sizeof(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:1492:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(per_pin->chmap, 0, sizeof(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:1585:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(pin_eld->eld_buffer, eld->eld_buffer,
^~~~~~
sound/pci/hda/patch_hdmi.c:1585:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(pin_eld->eld_buffer, eld->eld_buffer,
^~~~~~
sound/pci/hda/patch_hdmi.c:1798:20: warning: Value stored to 'codec' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct hda_codec *codec = per_pin->codec;
^~~~~ ~~~~~~~~~~~~~~
sound/pci/hda/patch_hdmi.c:1798:20: note: Value stored to 'codec' during its initialization is never read
struct hda_codec *codec = per_pin->codec;
^~~~~ ~~~~~~~~~~~~~~
sound/pci/hda/patch_hdmi.c:2041:26: warning: Value stored to 'runtime' during its initialization is never read [clang-analyzer-deadcode.DeadStores]
struct snd_pcm_runtime *runtime = substream->runtime;
^~~~~~~ ~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_hdmi.c:2041:26: note: Value stored to 'runtime' during its initialization is never read
struct snd_pcm_runtime *runtime = substream->runtime;
^~~~~~~ ~~~~~~~~~~~~~~~~~~
sound/pci/hda/patch_hdmi.c:2175:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(per_pin->chmap, 0, sizeof(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:2175:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(per_pin->chmap, 0, sizeof(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:2218:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(chmap, per_pin->chmap, ARRAY_SIZE(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:2218:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(chmap, per_pin->chmap, ARRAY_SIZE(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:2232:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(per_pin->chmap, chmap, ARRAY_SIZE(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:2232:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(per_pin->chmap, chmap, ARRAY_SIZE(per_pin->chmap));
^~~~~~
sound/pci/hda/patch_hdmi.c:2309:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(hdmi_str + strlen(hdmi_str), ",pcm=%d", pcmdev);
^~~~~~~
sound/pci/hda/patch_hdmi.c:2309:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(hdmi_str + strlen(hdmi_str), ",pcm=%d", pcmdev);
^~~~~~~
sound/pci/hda/patch_hdmi.c:2312:3: warning: Call to function 'strncat' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncat_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncat(hdmi_str, " Phantom",
^~~~~~~
sound/pci/hda/patch_hdmi.c:2312:3: note: Call to function 'strncat' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncat_s' in case of C11
strncat(hdmi_str, " Phantom",
^~~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
77 warnings generated.
Suppressed 77 warnings (77 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
88 warnings generated.
net/ipv4/inet_fragment.c:547:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&fp->rbnode, 0, sizeof(fp->rbnode));
^~~~~~
net/ipv4/inet_fragment.c:547:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&fp->rbnode, 0, sizeof(fp->rbnode));
^~~~~~
net/ipv4/inet_fragment.c:591:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&head->rbnode, 0, sizeof(head->rbnode));
^~~~~~
net/ipv4/inet_fragment.c:591:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&head->rbnode, 0, sizeof(head->rbnode));
^~~~~~
Suppressed 86 warnings (86 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
48 warnings generated.
Suppressed 48 warnings (48 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
32 warnings generated.
>> sound/pci/aw2/aw2-alsa.c:288:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->longname, "%s with SAA7146 irq %i",
^~~~~~~
sound/pci/aw2/aw2-alsa.c:288:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->longname, "%s with SAA7146 irq %i",
^~~~~~~
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
31 warnings generated.
Suppressed 31 warnings (31 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
sound/pci/ctxfi/xfi.c:103:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(card->longname, sizeof(card->longname), "%s %s %s",
^~~~~~~~
sound/pci/ctxfi/xfi.c:103:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(card->longname, sizeof(card->longname), "%s %s %s",
^~~~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
29 warnings generated.
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
33 warnings generated.
sound/pci/ctxfi/ctvmem.c:51:6: warning: Access to field 'size' results in a dereference of an undefined pointer value (loaded from variable 'entry') [clang-analyzer-core.NullDereference]
if (entry->size == size) {
^
sound/pci/ctxfi/ctvmem.c:132:10: note: Calling 'get_vm_block'
block = get_vm_block(vm, size, atc);
^~~~~~~~~~~~~~~~~~~~~~~~~~~
sound/pci/ctxfi/ctvmem.c:32:37: note: 'entry' declared without an initial value
struct ct_vm_block *block = NULL, *entry;
^~~~~
sound/pci/ctxfi/ctvmem.c:36:6: note: Assuming 'size' is <= field 'size'
if (size > vm->size) {
^~~~~~~~~~~~~~~
sound/pci/ctxfi/ctvmem.c:36:2: note: Taking false branch
if (size > vm->size) {
^
sound/pci/ctxfi/ctvmem.c:43:2: note: Loop condition is false. Execution continues on line 48
list_for_each(pos, &vm->unused) {
^
include/linux/list.h:580:2: note: expanded from macro 'list_for_each'
for (pos = (head)->next; !list_is_head(pos, (head)); pos = pos->next)
^
sound/pci/ctxfi/ctvmem.c:48:6: note: Assuming the condition is false
if (pos == &vm->unused)
^~~~~~~~~~~~~~~~~~
sound/pci/ctxfi/ctvmem.c:48:2: note: Taking false branch
if (pos == &vm->unused)
^
sound/pci/ctxfi/ctvmem.c:51:6: note: Access to field 'size' results in a dereference of an undefined pointer value (loaded from variable 'entry')
if (entry->size == size) {
^~~~~
sound/pci/ctxfi/ctvmem.c:95:38: warning: Access to field 'addr' results in a dereference of an undefined pointer value (loaded from variable 'entry') [clang-analyzer-core.NullDereference]
if ((block->addr + block->size) == entry->addr) {
^
sound/pci/ctxfi/ctvmem.c:155:2: note: Calling 'put_vm_block'
put_vm_block(vm, block);
^~~~~~~~~~~~~~~~~~~~~~~
sound/pci/ctxfi/ctvmem.c:77:22: note: 'entry' declared without an initial value
struct ct_vm_block *entry, *pre_ent;
^~~~~
sound/pci/ctxfi/ctvmem.c:86:2: note: Loop condition is false. Execution continues on line 91
list_for_each(pos, &vm->unused) {
^
include/linux/list.h:580:2: note: expanded from macro 'list_for_each'
for (pos = (head)->next; !list_is_head(pos, (head)); pos = pos->next)
^
sound/pci/ctxfi/ctvmem.c:91:6: note: Assuming the condition is false
if (pos == &vm->unused) {
^~~~~~~~~~~~~~~~~~
sound/pci/ctxfi/ctvmem.c:91:2: note: Taking false branch
if (pos == &vm->unused) {
^
sound/pci/ctxfi/ctvmem.c:95:38: note: Access to field 'addr' results in a dereference of an undefined pointer value (loaded from variable 'entry')
if ((block->addr + block->size) == entry->addr) {
^~~~~
sound/pci/ctxfi/ctvmem.c:224:3: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
list_del(pos);
^
sound/pci/ctxfi/ctvmem.c:178:6: note: Assuming 'vm' is non-null
if (!vm)
^~~
sound/pci/ctxfi/ctvmem.c:178:2: note: Taking false branch
if (!vm)
^
sound/pci/ctxfi/ctvmem.c:181:2: note: Loop condition is false. Exiting loop
mutex_init(&vm->lock);
^
include/linux/mutex.h:101:32: note: expanded from macro 'mutex_init'
#define mutex_init(mutex) \
^
sound/pci/ctxfi/ctvmem.c:184:2: note: Loop condition is true. Entering loop body
for (i = 0; i < CT_PTP_NUM; i++) {
^
sound/pci/ctxfi/ctvmem.c:188:7: note: Assuming 'err' is < 0
if (err < 0)
^~~~~~~
sound/pci/ctxfi/ctvmem.c:188:3: note: Taking true branch
if (err < 0)
--
^~~~~~
fs/cifs/smb2transport.c:310:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(key, 0x0, key_size);
^~~~~~
fs/cifs/smb2transport.c:379:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(key, hashptr, key_size);
^~~~~~
fs/cifs/smb2transport.c:379:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(key, hashptr, key_size);
^~~~~~
fs/cifs/smb2transport.c:438:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(ses->chans[0].signkey, ses->smb3signingkey,
^~~~~~
fs/cifs/smb2transport.c:438:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(ses->chans[0].signkey, ses->smb3signingkey,
^~~~~~
fs/cifs/smb2transport.c:442:3: warning: Value stored to 'rc' is never read [clang-analyzer-deadcode.DeadStores]
rc = generate_key(ses, ptriplet->encryption.label,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/cifs/smb2transport.c:442:3: note: Value stored to 'rc' is never read
rc = generate_key(ses, ptriplet->encryption.label,
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/cifs/smb2transport.c:574:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(smb3_signature, 0x0, SMB2_CMACAES_SIZE);
^~~~~~
fs/cifs/smb2transport.c:574:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(smb3_signature, 0x0, SMB2_CMACAES_SIZE);
^~~~~~
fs/cifs/smb2transport.c:575:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(shdr->Signature, 0x0, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:575:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(shdr->Signature, 0x0, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:616:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(shdr->Signature, sigptr, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:616:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(shdr->Signature, sigptr, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:650:3: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(shdr->Signature, "BSRSPYL", 8);
^~~~~~~
fs/cifs/smb2transport.c:650:3: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(shdr->Signature, "BSRSPYL", 8);
^~~~~~~
fs/cifs/smb2transport.c:688:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:688:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(server_response_sig, shdr->Signature, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:690:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(shdr->Signature, 0, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:690:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(shdr->Signature, 0, SMB2_SIGNATURE_SIZE);
^~~~~~
fs/cifs/smb2transport.c:734:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(temp, 0, sizeof(struct mid_q_entry));
^~~~~~
fs/cifs/smb2transport.c:734:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(temp, 0, sizeof(struct mid_q_entry));
^~~~~~
Suppressed 67 warnings (67 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
38 warnings generated.
sound/pci/hda/hda_intel.c:2009:2: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(card->longname, sizeof(card->longname),
^~~~~~~~
sound/pci/hda/hda_intel.c:2009:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(card->longname, sizeof(card->longname),
^~~~~~~~
Suppressed 37 warnings (37 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
37 warnings generated.
sound/pci/korg1212/korg1212.c:1280:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset((void*) dst + offset, 0, size);
^~~~~~
sound/pci/korg1212/korg1212.c:1280:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset((void*) dst + offset, 0, size);
^~~~~~
sound/pci/korg1212/korg1212.c:1314:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy((__force void *)dst, src, size);
^~~~~~
sound/pci/korg1212/korg1212.c:1314:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy((__force void *)dst, src, size);
^~~~~~
sound/pci/korg1212/korg1212.c:1353:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dst, (__force void *)src, size);
^~~~~~
sound/pci/korg1212/korg1212.c:1353:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dst, (__force void *)src, size);
^~~~~~
sound/pci/korg1212/korg1212.c:2276:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(korg1212->dma_dsp->area, dsp_code->data, dsp_code->size);
^~~~~~
sound/pci/korg1212/korg1212.c:2276:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(korg1212->dma_dsp->area, dsp_code->data, dsp_code->size);
^~~~~~
>> sound/pci/korg1212/korg1212.c:2362:2: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(card->longname, "%s at 0x%lx, irq %d", card->shortname,
^~~~~~~
sound/pci/korg1212/korg1212.c:2362:2: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(card->longname, "%s at 0x%lx, irq %d", card->shortname,
^~~~~~~
Suppressed 32 warnings (32 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
38 warnings generated.
Suppressed 38 warnings (38 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
47 warnings generated.
drivers/md/dm.c:711:3: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
format_dev_t(td->dm_dev.name, dev);
^
include/linux/kdev_t.h:19:3: note: expanded from macro 'format_dev_t'
sprintf(buffer, "%u:%u", MAJOR(dev), MINOR(dev)); \
^~~~~~~
drivers/md/dm.c:711:3: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
format_dev_t(td->dm_dev.name, dev);
^
include/linux/kdev_t.h:19:3: note: expanded from macro 'format_dev_t'
sprintf(buffer, "%u:%u", MAJOR(dev), MINOR(dev)); \
^~~~~~~
drivers/md/dm.c:1319:2: warning: Address of stack memory associated with local variable 'flush_bio' is still referred to by the stack variable 'ci' upon returning to the caller. This will be a dangling reference [clang-analyzer-core.StackAddressEscape]
return 0;
^
drivers/md/dm.c:1498:15: note: Assuming 'map' is non-null
if (unlikely(!map)) {
^
include/linux/compiler.h:78:42: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^
drivers/md/dm.c:1498:2: note: Taking false branch
if (unlikely(!map)) {
^
drivers/md/dm.c:1506:6: note: Assuming the condition is false
if (unlikely(test_bit(DMF_BLOCK_IO_FOR_SUSPEND, &md->flags))) {
^
include/linux/compiler.h:78:22: note: expanded from macro 'unlikely'
# define unlikely(x) __builtin_expect(!!(x), 0)
^~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/md/dm.c:1506:2: note: Taking false branch
if (unlikely(test_bit(DMF_BLOCK_IO_FOR_SUSPEND, &md->flags))) {
^
drivers/md/dm.c:1520:2: note: Taking false branch
if (is_abnormal_io(bio))
^
drivers/md/dm.c:1523:2: note: Calling '__split_and_process_bio'
__split_and_process_bio(md, map, bio);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/md/dm.c:1456:6: note: Assuming the condition is true
if (bio->bi_opf & REQ_PREFLUSH) {
^~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/md/dm.c:1456:2: note: Taking true branch
if (bio->bi_opf & REQ_PREFLUSH) {
^
drivers/md/dm.c:1457:11: note: Calling '__send_empty_flush'
error = __send_empty_flush(&ci);
^~~~~~~~~~~~~~~~~~~~~~~
drivers/md/dm.c:1314:2: note: Taking false branch
BUG_ON(bio_has_data(ci->bio));
^
include/asm-generic/bug.h:65:32: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
drivers/md/dm.c:1314:2: note: Loop condition is false. Exiting loop
BUG_ON(bio_has_data(ci->bio));
^
include/asm-generic/bug.h:65:27: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
drivers/md/dm.c:1315:2: note: Loop condition is false. Execution continues on line 1318
while ((ti = dm_table_get_target(ci->map, target_nr++)))
^
drivers/md/dm.c:1319:2: note: Address of stack memory associated with local variable 'flush_bio' is still referred to by the stack variable 'ci' upon returning to the caller. This will be a dangling reference
return 0;
^
drivers/md/dm.c:1704:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
sprintf(md->disk->disk_name, "dm-%d", minor);
^~~~~~~
drivers/md/dm.c:1704:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
sprintf(md->disk->disk_name, "dm-%d", minor);
^~~~~~~
drivers/md/dm.c:1718:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
format_dev_t(md->name, MKDEV(_major, minor));
^
include/linux/kdev_t.h:19:3: note: expanded from macro 'format_dev_t'
sprintf(buffer, "%u:%u", MAJOR(dev), MINOR(dev)); \
^~~~~~~
drivers/md/dm.c:1718:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
format_dev_t(md->name, MKDEV(_major, minor));
^
include/linux/kdev_t.h:19:3: note: expanded from macro 'format_dev_t'
sprintf(buffer, "%u:%u", MAJOR(dev), MINOR(dev)); \
^~~~~~~
drivers/md/dm.c:1846:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&md->geometry, 0, sizeof(md->geometry));
^~~~~~
drivers/md/dm.c:1846:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&md->geometry, 0, sizeof(md->geometry));
vim +234 drivers/mtd/maps/ck804xrom.c
90afffc8bd79d1 Dave Olsen 2006-11-06 114
90afffc8bd79d1 Dave Olsen 2006-11-06 115
e4106a7c8236eb Julia Lawall 2016-04-19 116 static int __init ck804xrom_init_one(struct pci_dev *pdev,
90afffc8bd79d1 Dave Olsen 2006-11-06 117 const struct pci_device_id *ent)
90afffc8bd79d1 Dave Olsen 2006-11-06 118 {
90afffc8bd79d1 Dave Olsen 2006-11-06 119 static char *rom_probe_types[] = { "cfi_probe", "jedec_probe", NULL };
90afffc8bd79d1 Dave Olsen 2006-11-06 120 u8 byte;
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 121 u16 word;
90afffc8bd79d1 Dave Olsen 2006-11-06 122 struct ck804xrom_window *window = &ck804xrom_window;
90afffc8bd79d1 Dave Olsen 2006-11-06 123 struct ck804xrom_map_info *map = NULL;
90afffc8bd79d1 Dave Olsen 2006-11-06 124 unsigned long map_top;
90afffc8bd79d1 Dave Olsen 2006-11-06 125
90afffc8bd79d1 Dave Olsen 2006-11-06 126 /* Remember the pci dev I find the window in */
90afffc8bd79d1 Dave Olsen 2006-11-06 127 window->pdev = pci_dev_get(pdev);
90afffc8bd79d1 Dave Olsen 2006-11-06 128
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 129 switch (ent->driver_data) {
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 130 case DEV_CK804:
90afffc8bd79d1 Dave Olsen 2006-11-06 131 /* Enable the selected rom window. This is often incorrectly
90afffc8bd79d1 Dave Olsen 2006-11-06 132 * set up by the BIOS, and the 4MiB offset for the lock registers
90afffc8bd79d1 Dave Olsen 2006-11-06 133 * requires the full 5MiB of window space.
90afffc8bd79d1 Dave Olsen 2006-11-06 134 *
90afffc8bd79d1 Dave Olsen 2006-11-06 135 * This 'write, then read' approach leaves the bits for
90afffc8bd79d1 Dave Olsen 2006-11-06 136 * other uses of the hardware info.
90afffc8bd79d1 Dave Olsen 2006-11-06 137 */
90afffc8bd79d1 Dave Olsen 2006-11-06 138 pci_read_config_byte(pdev, 0x88, &byte);
90afffc8bd79d1 Dave Olsen 2006-11-06 139 pci_write_config_byte(pdev, 0x88, byte | win_size_bits );
90afffc8bd79d1 Dave Olsen 2006-11-06 140
90afffc8bd79d1 Dave Olsen 2006-11-06 141 /* Assume the rom window is properly setup, and find it's size */
90afffc8bd79d1 Dave Olsen 2006-11-06 142 pci_read_config_byte(pdev, 0x88, &byte);
90afffc8bd79d1 Dave Olsen 2006-11-06 143
90afffc8bd79d1 Dave Olsen 2006-11-06 144 if ((byte & ((1<<7)|(1<<6))) == ((1<<7)|(1<<6)))
90afffc8bd79d1 Dave Olsen 2006-11-06 145 window->phys = 0xffb00000; /* 5MiB */
90afffc8bd79d1 Dave Olsen 2006-11-06 146 else if ((byte & (1<<7)) == (1<<7))
90afffc8bd79d1 Dave Olsen 2006-11-06 147 window->phys = 0xffc00000; /* 4MiB */
90afffc8bd79d1 Dave Olsen 2006-11-06 148 else
90afffc8bd79d1 Dave Olsen 2006-11-06 149 window->phys = 0xffff0000; /* 64KiB */
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 150 break;
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 151
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 152 case DEV_MCP55:
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 153 pci_read_config_byte(pdev, 0x88, &byte);
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 154 pci_write_config_byte(pdev, 0x88, byte | (win_size_bits & 0xff));
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 155
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 156 pci_read_config_byte(pdev, 0x8c, &byte);
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 157 pci_write_config_byte(pdev, 0x8c, byte | ((win_size_bits & 0xff00) >> 8));
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 158
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 159 pci_read_config_word(pdev, 0x90, &word);
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 160 pci_write_config_word(pdev, 0x90, word | ((win_size_bits & 0x7fff0000) >> 16));
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 161
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 162 window->phys = 0xff000000; /* 16MiB, hardcoded for now */
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 163 break;
c3f08b353519ee Carl-Daniel Hailfinger 2008-01-16 164 }
90afffc8bd79d1 Dave Olsen 2006-11-06 165
90afffc8bd79d1 Dave Olsen 2006-11-06 166 window->size = 0xffffffffUL - window->phys + 1UL;
90afffc8bd79d1 Dave Olsen 2006-11-06 167
90afffc8bd79d1 Dave Olsen 2006-11-06 168 /*
90afffc8bd79d1 Dave Olsen 2006-11-06 169 * Try to reserve the window mem region. If this fails then
90afffc8bd79d1 Dave Olsen 2006-11-06 170 * it is likely due to a fragment of the window being
90afffc8bd79d1 Dave Olsen 2006-11-06 171 * "reserved" by the BIOS. In the case that the
90afffc8bd79d1 Dave Olsen 2006-11-06 172 * request_mem_region() fails then once the rom size is
90afffc8bd79d1 Dave Olsen 2006-11-06 173 * discovered we will try to reserve the unreserved fragment.
90afffc8bd79d1 Dave Olsen 2006-11-06 174 */
90afffc8bd79d1 Dave Olsen 2006-11-06 175 window->rsrc.name = MOD_NAME;
90afffc8bd79d1 Dave Olsen 2006-11-06 176 window->rsrc.start = window->phys;
90afffc8bd79d1 Dave Olsen 2006-11-06 177 window->rsrc.end = window->phys + window->size - 1;
90afffc8bd79d1 Dave Olsen 2006-11-06 178 window->rsrc.flags = IORESOURCE_MEM | IORESOURCE_BUSY;
90afffc8bd79d1 Dave Olsen 2006-11-06 179 if (request_resource(&iomem_resource, &window->rsrc)) {
90afffc8bd79d1 Dave Olsen 2006-11-06 180 window->rsrc.parent = NULL;
90afffc8bd79d1 Dave Olsen 2006-11-06 181 printk(KERN_ERR MOD_NAME
f9a5279c70af10 Joe Perches 2010-11-12 182 " %s(): Unable to register resource %pR - kernel bug?\n",
f9a5279c70af10 Joe Perches 2010-11-12 183 __func__, &window->rsrc);
90afffc8bd79d1 Dave Olsen 2006-11-06 184 }
90afffc8bd79d1 Dave Olsen 2006-11-06 185
90afffc8bd79d1 Dave Olsen 2006-11-06 186
90afffc8bd79d1 Dave Olsen 2006-11-06 187 /* Enable writes through the rom window */
90afffc8bd79d1 Dave Olsen 2006-11-06 188 pci_read_config_byte(pdev, 0x6d, &byte);
90afffc8bd79d1 Dave Olsen 2006-11-06 189 pci_write_config_byte(pdev, 0x6d, byte | 1);
90afffc8bd79d1 Dave Olsen 2006-11-06 190
90afffc8bd79d1 Dave Olsen 2006-11-06 191 /* FIXME handle registers 0x80 - 0x8C the bios region locks */
90afffc8bd79d1 Dave Olsen 2006-11-06 192
90afffc8bd79d1 Dave Olsen 2006-11-06 193 /* For write accesses caches are useless */
4bdc0d676a6431 Christoph Hellwig 2020-01-06 194 window->virt = ioremap(window->phys, window->size);
90afffc8bd79d1 Dave Olsen 2006-11-06 195 if (!window->virt) {
90afffc8bd79d1 Dave Olsen 2006-11-06 196 printk(KERN_ERR MOD_NAME ": ioremap(%08lx, %08lx) failed\n",
90afffc8bd79d1 Dave Olsen 2006-11-06 197 window->phys, window->size);
90afffc8bd79d1 Dave Olsen 2006-11-06 198 goto out;
90afffc8bd79d1 Dave Olsen 2006-11-06 199 }
90afffc8bd79d1 Dave Olsen 2006-11-06 200
90afffc8bd79d1 Dave Olsen 2006-11-06 201 /* Get the first address to look for a rom chip at */
90afffc8bd79d1 Dave Olsen 2006-11-06 202 map_top = window->phys;
90afffc8bd79d1 Dave Olsen 2006-11-06 203 #if 1
90afffc8bd79d1 Dave Olsen 2006-11-06 204 /* The probe sequence run over the firmware hub lock
90afffc8bd79d1 Dave Olsen 2006-11-06 205 * registers sets them to 0x7 (no access).
90afffc8bd79d1 Dave Olsen 2006-11-06 206 * Probe at most the last 4MiB of the address space.
90afffc8bd79d1 Dave Olsen 2006-11-06 207 */
90afffc8bd79d1 Dave Olsen 2006-11-06 208 if (map_top < 0xffc00000)
90afffc8bd79d1 Dave Olsen 2006-11-06 209 map_top = 0xffc00000;
90afffc8bd79d1 Dave Olsen 2006-11-06 210 #endif
90afffc8bd79d1 Dave Olsen 2006-11-06 211 /* Loop through and look for rom chips. Since we don't know the
90afffc8bd79d1 Dave Olsen 2006-11-06 212 * starting address for each chip, probe every ROM_PROBE_STEP_SIZE
90afffc8bd79d1 Dave Olsen 2006-11-06 213 * bytes from the starting address of the window.
90afffc8bd79d1 Dave Olsen 2006-11-06 214 */
90afffc8bd79d1 Dave Olsen 2006-11-06 215 while((map_top - 1) < 0xffffffffUL) {
90afffc8bd79d1 Dave Olsen 2006-11-06 216 struct cfi_private *cfi;
90afffc8bd79d1 Dave Olsen 2006-11-06 217 unsigned long offset;
90afffc8bd79d1 Dave Olsen 2006-11-06 218 int i;
90afffc8bd79d1 Dave Olsen 2006-11-06 219
90afffc8bd79d1 Dave Olsen 2006-11-06 220 if (!map) {
042bf272d5fcb2 Zhen Lei 2021-06-10 221 map = kmalloc(sizeof(*map), GFP_KERNEL);
042bf272d5fcb2 Zhen Lei 2021-06-10 222 if (!map)
90afffc8bd79d1 Dave Olsen 2006-11-06 223 goto out;
90afffc8bd79d1 Dave Olsen 2006-11-06 224 }
90afffc8bd79d1 Dave Olsen 2006-11-06 @225 memset(map, 0, sizeof(*map));
90afffc8bd79d1 Dave Olsen 2006-11-06 226 INIT_LIST_HEAD(&map->list);
90afffc8bd79d1 Dave Olsen 2006-11-06 227 map->map.name = map->map_name;
90afffc8bd79d1 Dave Olsen 2006-11-06 228 map->map.phys = map_top;
90afffc8bd79d1 Dave Olsen 2006-11-06 229 offset = map_top - window->phys;
90afffc8bd79d1 Dave Olsen 2006-11-06 230 map->map.virt = (void __iomem *)
90afffc8bd79d1 Dave Olsen 2006-11-06 231 (((unsigned long)(window->virt)) + offset);
90afffc8bd79d1 Dave Olsen 2006-11-06 232 map->map.size = 0xffffffffUL - map_top + 1UL;
90afffc8bd79d1 Dave Olsen 2006-11-06 233 /* Set the name of the map to the address I am trying */
65af07141b8249 Andrew Morton 2007-02-17 @234 sprintf(map->map_name, "%s @%08Lx",
65af07141b8249 Andrew Morton 2007-02-17 235 MOD_NAME, (unsigned long long)map->map.phys);
90afffc8bd79d1 Dave Olsen 2006-11-06 236
90afffc8bd79d1 Dave Olsen 2006-11-06 237 /* There is no generic VPP support */
90afffc8bd79d1 Dave Olsen 2006-11-06 238 for(map->map.bankwidth = 32; map->map.bankwidth;
90afffc8bd79d1 Dave Olsen 2006-11-06 239 map->map.bankwidth >>= 1)
90afffc8bd79d1 Dave Olsen 2006-11-06 240 {
90afffc8bd79d1 Dave Olsen 2006-11-06 241 char **probe_type;
90afffc8bd79d1 Dave Olsen 2006-11-06 242 /* Skip bankwidths that are not supported */
90afffc8bd79d1 Dave Olsen 2006-11-06 243 if (!map_bankwidth_supported(map->map.bankwidth))
90afffc8bd79d1 Dave Olsen 2006-11-06 244 continue;
90afffc8bd79d1 Dave Olsen 2006-11-06 245
90afffc8bd79d1 Dave Olsen 2006-11-06 246 /* Setup the map methods */
90afffc8bd79d1 Dave Olsen 2006-11-06 247 simple_map_init(&map->map);
90afffc8bd79d1 Dave Olsen 2006-11-06 248
90afffc8bd79d1 Dave Olsen 2006-11-06 249 /* Try all of the probe methods */
90afffc8bd79d1 Dave Olsen 2006-11-06 250 probe_type = rom_probe_types;
90afffc8bd79d1 Dave Olsen 2006-11-06 251 for(; *probe_type; probe_type++) {
90afffc8bd79d1 Dave Olsen 2006-11-06 252 map->mtd = do_map_probe(*probe_type, &map->map);
90afffc8bd79d1 Dave Olsen 2006-11-06 253 if (map->mtd)
90afffc8bd79d1 Dave Olsen 2006-11-06 254 goto found;
90afffc8bd79d1 Dave Olsen 2006-11-06 255 }
90afffc8bd79d1 Dave Olsen 2006-11-06 256 }
90afffc8bd79d1 Dave Olsen 2006-11-06 257 map_top += ROM_PROBE_STEP_SIZE;
90afffc8bd79d1 Dave Olsen 2006-11-06 258 continue;
90afffc8bd79d1 Dave Olsen 2006-11-06 259 found:
90afffc8bd79d1 Dave Olsen 2006-11-06 260 /* Trim the size if we are larger than the map */
90afffc8bd79d1 Dave Olsen 2006-11-06 261 if (map->mtd->size > map->map.size) {
90afffc8bd79d1 Dave Olsen 2006-11-06 262 printk(KERN_WARNING MOD_NAME
69423d99fc182a Adrian Hunter 2008-12-10 263 " rom(%llu) larger than window(%lu). fixing...\n",
69423d99fc182a Adrian Hunter 2008-12-10 264 (unsigned long long)map->mtd->size, map->map.size);
90afffc8bd79d1 Dave Olsen 2006-11-06 265 map->mtd->size = map->map.size;
90afffc8bd79d1 Dave Olsen 2006-11-06 266 }
90afffc8bd79d1 Dave Olsen 2006-11-06 267 if (window->rsrc.parent) {
90afffc8bd79d1 Dave Olsen 2006-11-06 268 /*
90afffc8bd79d1 Dave Olsen 2006-11-06 269 * Registering the MTD device in iomem may not be possible
90afffc8bd79d1 Dave Olsen 2006-11-06 270 * if there is a BIOS "reserved" and BUSY range. If this
90afffc8bd79d1 Dave Olsen 2006-11-06 271 * fails then continue anyway.
90afffc8bd79d1 Dave Olsen 2006-11-06 272 */
90afffc8bd79d1 Dave Olsen 2006-11-06 273 map->rsrc.name = map->map_name;
90afffc8bd79d1 Dave Olsen 2006-11-06 274 map->rsrc.start = map->map.phys;
90afffc8bd79d1 Dave Olsen 2006-11-06 275 map->rsrc.end = map->map.phys + map->mtd->size - 1;
90afffc8bd79d1 Dave Olsen 2006-11-06 276 map->rsrc.flags = IORESOURCE_MEM | IORESOURCE_BUSY;
90afffc8bd79d1 Dave Olsen 2006-11-06 277 if (request_resource(&window->rsrc, &map->rsrc)) {
90afffc8bd79d1 Dave Olsen 2006-11-06 278 printk(KERN_ERR MOD_NAME
90afffc8bd79d1 Dave Olsen 2006-11-06 279 ": cannot reserve MTD resource\n");
90afffc8bd79d1 Dave Olsen 2006-11-06 280 map->rsrc.parent = NULL;
90afffc8bd79d1 Dave Olsen 2006-11-06 281 }
90afffc8bd79d1 Dave Olsen 2006-11-06 282 }
90afffc8bd79d1 Dave Olsen 2006-11-06 283
90afffc8bd79d1 Dave Olsen 2006-11-06 284 /* Make the whole region visible in the map */
90afffc8bd79d1 Dave Olsen 2006-11-06 285 map->map.virt = window->virt;
90afffc8bd79d1 Dave Olsen 2006-11-06 286 map->map.phys = window->phys;
90afffc8bd79d1 Dave Olsen 2006-11-06 287 cfi = map->map.fldrv_priv;
90afffc8bd79d1 Dave Olsen 2006-11-06 288 for(i = 0; i < cfi->numchips; i++)
90afffc8bd79d1 Dave Olsen 2006-11-06 289 cfi->chips[i].start += offset;
90afffc8bd79d1 Dave Olsen 2006-11-06 290
90afffc8bd79d1 Dave Olsen 2006-11-06 291 /* Now that the mtd devices is complete claim and export it */
90afffc8bd79d1 Dave Olsen 2006-11-06 292 map->mtd->owner = THIS_MODULE;
ee0e87b174bb41 Jamie Iles 2011-05-23 293 if (mtd_device_register(map->mtd, NULL, 0)) {
90afffc8bd79d1 Dave Olsen 2006-11-06 294 map_destroy(map->mtd);
90afffc8bd79d1 Dave Olsen 2006-11-06 295 map->mtd = NULL;
90afffc8bd79d1 Dave Olsen 2006-11-06 296 goto out;
90afffc8bd79d1 Dave Olsen 2006-11-06 297 }
90afffc8bd79d1 Dave Olsen 2006-11-06 298
90afffc8bd79d1 Dave Olsen 2006-11-06 299
90afffc8bd79d1 Dave Olsen 2006-11-06 300 /* Calculate the new value of map_top */
90afffc8bd79d1 Dave Olsen 2006-11-06 301 map_top += map->mtd->size;
90afffc8bd79d1 Dave Olsen 2006-11-06 302
90afffc8bd79d1 Dave Olsen 2006-11-06 303 /* File away the map structure */
90afffc8bd79d1 Dave Olsen 2006-11-06 304 list_add(&map->list, &window->maps);
90afffc8bd79d1 Dave Olsen 2006-11-06 305 map = NULL;
90afffc8bd79d1 Dave Olsen 2006-11-06 306 }
90afffc8bd79d1 Dave Olsen 2006-11-06 307
90afffc8bd79d1 Dave Olsen 2006-11-06 308 out:
90afffc8bd79d1 Dave Olsen 2006-11-06 309 /* Free any left over map structures */
90afffc8bd79d1 Dave Olsen 2006-11-06 310 kfree(map);
90afffc8bd79d1 Dave Olsen 2006-11-06 311
90afffc8bd79d1 Dave Olsen 2006-11-06 312 /* See if I have any map structures */
90afffc8bd79d1 Dave Olsen 2006-11-06 313 if (list_empty(&window->maps)) {
90afffc8bd79d1 Dave Olsen 2006-11-06 314 ck804xrom_cleanup(window);
90afffc8bd79d1 Dave Olsen 2006-11-06 315 return -ENODEV;
90afffc8bd79d1 Dave Olsen 2006-11-06 316 }
90afffc8bd79d1 Dave Olsen 2006-11-06 317 return 0;
90afffc8bd79d1 Dave Olsen 2006-11-06 318 }
90afffc8bd79d1 Dave Olsen 2006-11-06 319
:::::: The code at line 234 was first introduced by commit
:::::: 65af07141b8249c98888a470e01c449131b72ffe [MTD] [MAPS] ck804xrom warning fix
:::::: TO: Andrew Morton <akpm@linux-foundation.org>
:::::: CC: David Woodhouse <dwmw2@infradead.org>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-04-27 5:27 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-04-27 5:27 drivers/mtd/maps/ck804xrom.c:234:3: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or p kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.