From: kernel test robot <lkp@intel.com>
To: kbuild@lists.01.org
Subject: net/bluetooth/hci_event.c:517:2: warning: Null pointer passed as 1st argument to memory copy function [clang-analyzer-unix.cstring.NullArg]
Date: Fri, 25 Mar 2022 10:56:59 +0800 [thread overview]
Message-ID: <202203251037.UopvuTC3-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 27353 bytes --]
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
CC: Marcel Holtmann <marcel@holtmann.org>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 52deda9551a01879b3562e7b41748e85c591f14c
commit: 9b392e0e0b6d026da5a62bb79a08f32e27af858e Bluetooth: Fix not checking for valid hdev on bt_dev_{info,warn,err,dbg}
date: 3 weeks ago
:::::: branch date: 6 hours ago
:::::: commit date: 3 weeks ago
config: arm-randconfig-c002-20220323 (https://download.01.org/0day-ci/archive/20220325/202203251037.UopvuTC3-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 902f4708fe1d03b0de7e5315ef875006a6adc319)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9b392e0e0b6d026da5a62bb79a08f32e27af858e
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 9b392e0e0b6d026da5a62bb79a08f32e27af858e
# save the config file to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
drivers/iio/adc/max1241.c:22:8: note: Excessive padding in 'struct max1241' (54 padding bytes, where 22 is optimal). Optimal fields order: data, spi, vdd, vref, shutdown, lock, consider reordering the fields or adding explicit padding members
struct max1241 {
~~~~~~~^~~~~~~~~
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
1 warning generated.
drivers/iio/adc/mt6360-adc.c:277:20: warning: Assigned value is garbage or undefined [clang-analyzer-core.uninitialized.Assign]
data.values[i++] = val;
^ ~~~
drivers/iio/adc/mt6360-adc.c:267:18: note: 'val' declared without an initial value
int i = 0, bit, val, ret;
^~~
drivers/iio/adc/mt6360-adc.c:270:2: note: Assuming 'bit' is < field 'masklength'
for_each_set_bit(bit, indio_dev->active_scan_mask, indio_dev->masklength) {
^
include/linux/find.h:284:7: note: expanded from macro 'for_each_set_bit'
(bit) < (size); \
^~~~~~~~~~~~~~
drivers/iio/adc/mt6360-adc.c:270:2: note: Loop condition is true. Entering loop body
for_each_set_bit(bit, indio_dev->active_scan_mask, indio_dev->masklength) {
^
include/linux/find.h:283:2: note: expanded from macro 'for_each_set_bit'
for ((bit) = find_next_bit((addr), (size), 0); \
^
drivers/iio/adc/mt6360-adc.c:271:9: note: Calling 'mt6360_adc_read_channel'
ret = mt6360_adc_read_channel(mad, bit, &val);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/iio/adc/mt6360-adc.c:78:6: note: Assuming 'ret' is not equal to 0
if (ret)
^~~
drivers/iio/adc/mt6360-adc.c:78:2: note: Taking true branch
if (ret)
^
drivers/iio/adc/mt6360-adc.c:79:3: note: Control jumps to line 138
goto out_adc_lock;
^
drivers/iio/adc/mt6360-adc.c:140:2: note: Returning without writing to '*val'
return ret;
^
drivers/iio/adc/mt6360-adc.c:271:9: note: Returning from 'mt6360_adc_read_channel'
ret = mt6360_adc_read_channel(mad, bit, &val);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/iio/adc/mt6360-adc.c:272:7: note: Assuming 'ret' is >= 0
if (ret < 0) {
^~~~~~~
drivers/iio/adc/mt6360-adc.c:272:3: note: Taking false branch
if (ret < 0) {
^
drivers/iio/adc/mt6360-adc.c:277:20: note: Assigned value is garbage or undefined
data.values[i++] = val;
^ ~~~
6 warnings generated.
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
12 warnings generated.
include/asm-generic/bitops/non-atomic.h:118:16: warning: Array access (from variable 'addr') results in a null pointer dereference [clang-analyzer-core.NullDereference]
return 1UL & (addr[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG-1)));
^
net/bluetooth/hci_event.c:5274:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "");
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/hci_event.c:5274:2: note: '?' condition is false
bt_dev_dbg(hdev, "");
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/hci_event.c:5278:7: note: Passing null pointer value via 2nd parameter 'addr'
if (!hci_dev_test_flag(hdev, HCI_MGMT))
^
include/net/bluetooth/hci_core.h:787:63: note: expanded from macro 'hci_dev_test_flag'
#define hci_dev_test_flag(hdev, nr) test_bit((nr), (hdev)->dev_flags)
^~~~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:5278:7: note: Calling 'arch_test_bit'
if (!hci_dev_test_flag(hdev, HCI_MGMT))
^
include/net/bluetooth/hci_core.h:787:48: note: expanded from macro 'hci_dev_test_flag'
#define hci_dev_test_flag(hdev, nr) test_bit((nr), (hdev)->dev_flags)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/asm-generic/bitops/non-atomic.h:120:18: note: expanded from macro 'test_bit'
#define test_bit arch_test_bit
^
include/asm-generic/bitops/non-atomic.h:118:16: note: Array access (from variable 'addr') results in a null pointer dereference
return 1UL & (addr[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG-1)));
^~~~
>> net/bluetooth/hci_event.c:517:2: warning: Null pointer passed as 1st argument to memory copy function [clang-analyzer-unix.cstring.NullArg]
memcpy(hdev->dev_class, rp->dev_class, 3);
^ ~~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:512:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/hci_event.c:512:2: note: '?' condition is false
bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/hci_event.c:514:6: note: Assuming field 'status' is 0
if (rp->status)
^~~~~~~~~~
net/bluetooth/hci_event.c:514:2: note: Taking false branch
if (rp->status)
^
net/bluetooth/hci_event.c:517:2: note: Null pointer passed as 1st argument to memory copy function
memcpy(hdev->dev_class, rp->dev_class, 3);
^ ~~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:540:3: warning: Null pointer passed as 1st argument to memory copy function [clang-analyzer-unix.cstring.NullArg]
memcpy(hdev->dev_class, sent, 3);
^ ~~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:531:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/hci_event.c:531:2: note: '?' condition is false
bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/hci_event.c:534:6: note: Assuming 'sent' is non-null
if (!sent)
^~~~~
net/bluetooth/hci_event.c:534:2: note: Taking false branch
if (!sent)
^
net/bluetooth/hci_event.c:539:6: note: Assuming field 'status' is 0
if (!rp->status)
^~~~~~~~~~~
net/bluetooth/hci_event.c:539:2: note: Taking true branch
if (!rp->status)
^
net/bluetooth/hci_event.c:540:3: note: Null pointer passed as 1st argument to memory copy function
memcpy(hdev->dev_class, sent, 3);
^ ~~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:788:2: warning: Null pointer passed as 1st argument to memory copy function [clang-analyzer-unix.cstring.NullArg]
memcpy(hdev->features, rp->features, 8);
^ ~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:783:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/hci_event.c:783:2: note: '?' condition is false
bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/hci_event.c:785:6: note: Assuming field 'status' is 0
if (rp->status)
^~~~~~~~~~
net/bluetooth/hci_event.c:785:2: note: Taking false branch
if (rp->status)
^
net/bluetooth/hci_event.c:788:2: note: Null pointer passed as 1st argument to memory copy function
memcpy(hdev->features, rp->features, 8);
^ ~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:1895:2: warning: Null pointer passed as 1st argument to memory copy function [clang-analyzer-unix.cstring.NullArg]
memcpy(hdev->le_states, rp->le_states, 8);
^ ~~~~~~~~~~~~~~~
net/bluetooth/hci_event.c:1890:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
--
^~~~~~~~~~~~~~~~~~~~
net/can/j1939/main.c:291:8: note: Returning; memory was released via 1st parameter
ret = j1939_can_rx_register(priv);
^~~~~~~~~~~~~~~~~~~~~~~~~~~
net/can/j1939/main.c:292:6: note: 'ret' is < 0
if (ret < 0)
^~~
net/can/j1939/main.c:292:2: note: Taking true branch
if (ret < 0)
^
net/can/j1939/main.c:293:3: note: Control jumps to line 298
goto out_priv_put;
^
net/can/j1939/main.c:300:2: note: Attempt to free released memory
kfree(priv);
^~~~~~~~~~~
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
16 warnings generated.
include/asm-generic/bitops/non-atomic.h:118:16: warning: Array access (from variable 'addr') results in a null pointer dereference [clang-analyzer-core.NullDereference]
return 1UL & (addr[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG-1)));
^
net/bluetooth/mgmt.c:6049:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "sock %p", sk);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/mgmt.c:6049:2: note: '?' condition is false
bt_dev_dbg(hdev, "sock %p", sk);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/mgmt.c:6051:7: note: Passing null pointer value via 2nd parameter 'addr'
if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED) ||
^
include/net/bluetooth/hci_core.h:787:63: note: expanded from macro 'hci_dev_test_flag'
#define hci_dev_test_flag(hdev, nr) test_bit((nr), (hdev)->dev_flags)
^~~~~~~~~~~~~~~~~
net/bluetooth/mgmt.c:6051:7: note: Calling 'arch_test_bit'
if (!hci_dev_test_flag(hdev, HCI_BREDR_ENABLED) ||
^
include/net/bluetooth/hci_core.h:787:48: note: expanded from macro 'hci_dev_test_flag'
#define hci_dev_test_flag(hdev, nr) test_bit((nr), (hdev)->dev_flags)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/asm-generic/bitops/non-atomic.h:120:18: note: expanded from macro 'test_bit'
#define test_bit arch_test_bit
^
include/asm-generic/bitops/non-atomic.h:118:16: note: Array access (from variable 'addr') results in a null pointer dereference
return 1UL & (addr[BIT_WORD(nr)] >> (nr & (BITS_PER_LONG-1)));
^~~~
include/linux/bitmap.h:252:2: warning: Null pointer passed as 2nd argument to memory copy function [clang-analyzer-unix.cstring.NullArg]
memcpy(dst, src, len);
^
net/bluetooth/mgmt.c:4501:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "Set device flags %pMR (type 0x%x) = 0x%x",
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/mgmt.c:4501:2: note: '?' condition is false
bt_dev_dbg(hdev, "Set device flags %pMR (type 0x%x) = 0x%x",
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/mgmt.c:4505:2: note: Passing null pointer value via 2nd parameter 'src'
bitmap_to_arr32(&supported_flags, hdev->conn_flags,
^
include/linux/bitmap.h:281:4: note: expanded from macro 'bitmap_to_arr32'
(const unsigned long *) (bitmap), (nbits))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/bluetooth/mgmt.c:4505:2: note: Calling 'bitmap_copy_clear_tail'
bitmap_to_arr32(&supported_flags, hdev->conn_flags,
^
include/linux/bitmap.h:280:2: note: expanded from macro 'bitmap_to_arr32'
bitmap_copy_clear_tail((unsigned long *) (buf), \
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/bitmap.h:261:19: note: Passing null pointer value via 2nd parameter 'src'
bitmap_copy(dst, src, nbits);
^~~
include/linux/bitmap.h:261:2: note: Calling 'bitmap_copy'
bitmap_copy(dst, src, nbits);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/bitmap.h:252:2: note: Null pointer passed as 2nd argument to memory copy function
memcpy(dst, src, len);
^ ~~~
>> net/bluetooth/mgmt.c:3404:7: warning: Null pointer passed as 1st argument to memory comparison function [clang-analyzer-unix.cstring.NullArg]
if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) &&
^ ~~~~~~~~~~~~~~
net/bluetooth/mgmt.c:3397:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "sock %p", sk);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/mgmt.c:3397:2: note: '?' condition is false
bt_dev_dbg(hdev, "sock %p", sk);
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/mgmt.c:3404:7: note: Null pointer passed as 1st argument to memory comparison function
if (!memcmp(hdev->dev_name, cp->name, sizeof(hdev->dev_name)) &&
^ ~~~~~~~~~~~~~~
net/bluetooth/mgmt.c:4671:2: warning: 3rd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
bt_dev_dbg(hdev, "add monitor %d complete, status %u",
^
include/net/bluetooth/bluetooth.h:216:2: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^ ~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:26: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^ ~~~~~~~~~~~
net/bluetooth/mgmt.c:4648:6: note: Assuming 'cmd' is null
if (!cmd) {
^~~~
net/bluetooth/mgmt.c:4648:2: note: Taking true branch
if (!cmd) {
^
net/bluetooth/mgmt.c:4650:7: note: Assuming 'cmd' is null
if (!cmd)
^~~~
net/bluetooth/mgmt.c:4650:3: note: Taking true branch
if (!cmd)
^
net/bluetooth/mgmt.c:4651:4: note: Control jumps to line 4670
goto done;
^
net/bluetooth/mgmt.c:4671:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "add monitor %d complete, status %u",
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^~~~~~~~~~~
include/net/bluetooth/bluetooth.h:207:28: note: expanded from macro 'bt_dev_name'
#define bt_dev_name(hdev) ((hdev) ? (hdev)->name : "null")
^~~~~~
net/bluetooth/mgmt.c:4671:2: note: '?' condition is false
bt_dev_dbg(hdev, "add monitor %d complete, status %u",
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^
net/bluetooth/mgmt.c:4671:2: note: 3rd function call argument is an uninitialized value
bt_dev_dbg(hdev, "add monitor %d complete, status %u",
^
include/net/bluetooth/bluetooth.h:216:2: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^ ~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:26: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^ ~~~~~~~~~~~
net/bluetooth/mgmt.c:4896:2: warning: 3rd function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage]
bt_dev_dbg(hdev, "remove monitor %d complete, status %u",
^
include/net/bluetooth/bluetooth.h:216:2: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
^ ~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:26: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
^ ~~~~~~~~~~~
net/bluetooth/mgmt.c:4881:6: note: Assuming 'cmd' is null
if (!cmd)
^~~~
net/bluetooth/mgmt.c:4881:2: note: Taking true branch
if (!cmd)
^
net/bluetooth/mgmt.c:4882:3: note: Control jumps to line 4895
goto done;
^
net/bluetooth/mgmt.c:4896:2: note: Assuming 'hdev' is null
bt_dev_dbg(hdev, "remove monitor %d complete, status %u",
^
include/net/bluetooth/bluetooth.h:216:21: note: expanded from macro 'bt_dev_dbg'
BT_DBG("%s: " fmt, bt_dev_name(hdev), ##__VA_ARGS__)
~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/net/bluetooth/bluetooth.h:202:45: note: expanded from macro 'BT_DBG'
#define BT_DBG(fmt, ...) bt_dbg(fmt "\n", ##__VA_ARGS__)
vim +517 net/bluetooth/hci_event.c
e5b0ad69c97a04 Abhishek Pandit-Subedi 2021-03-03 506
c8992cffbe7411 Luiz Augusto von Dentz 2021-12-01 507 static u8 hci_cc_read_class_of_dev(struct hci_dev *hdev, void *data,
c8992cffbe7411 Luiz Augusto von Dentz 2021-12-01 508 struct sk_buff *skb)
a9de9248064bfc Marcel Holtmann 2007-10-20 509 {
c8992cffbe7411 Luiz Augusto von Dentz 2021-12-01 510 struct hci_rp_read_class_of_dev *rp = data;
e3f3a1aea8719a Luiz Augusto von Dentz 2021-12-01 511
e3f3a1aea8719a Luiz Augusto von Dentz 2021-12-01 512 bt_dev_dbg(hdev, "status 0x%2.2x", rp->status);
a9de9248064bfc Marcel Holtmann 2007-10-20 513
a9de9248064bfc Marcel Holtmann 2007-10-20 514 if (rp->status)
c8992cffbe7411 Luiz Augusto von Dentz 2021-12-01 515 return rp->status;
a9de9248064bfc Marcel Holtmann 2007-10-20 516
a9de9248064bfc Marcel Holtmann 2007-10-20 @517 memcpy(hdev->dev_class, rp->dev_class, 3);
a9de9248064bfc Marcel Holtmann 2007-10-20 518
e3f3a1aea8719a Luiz Augusto von Dentz 2021-12-01 519 bt_dev_dbg(hdev, "class 0x%.2x%.2x%.2x", hdev->dev_class[2],
e3f3a1aea8719a Luiz Augusto von Dentz 2021-12-01 520 hdev->dev_class[1], hdev->dev_class[0]);
c8992cffbe7411 Luiz Augusto von Dentz 2021-12-01 521
c8992cffbe7411 Luiz Augusto von Dentz 2021-12-01 522 return rp->status;
a9de9248064bfc Marcel Holtmann 2007-10-20 523 }
a9de9248064bfc Marcel Holtmann 2007-10-20 524
:::::: The code at line 517 was first introduced by commit
:::::: a9de9248064bfc8eb0a183a6a951a4e7b5ca10a4 [Bluetooth] Switch from OGF+OCF to using only opcodes
:::::: TO: Marcel Holtmann <marcel@holtmann.org>
:::::: CC: David S. Miller <davem@sunset.davemloft.net>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
reply other threads:[~2022-03-25 2:56 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202203251037.UopvuTC3-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.