* drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
@ 2022-06-09 21:29 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-06-09 21:29 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 41955 bytes --]
::::::
:::::: Manual check reason: "low confidence static check warning: drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]"
::::::
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 3d9f55c57bc3659f986acc421eac431ff6edcc83
commit: 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b fbdev: omap: avoid using mach/*.h files
date: 7 weeks ago
:::::: branch date: 2 hours ago
:::::: commit date: 7 weeks ago
config: arm-randconfig-c002-20220608 (https://download.01.org/0day-ci/archive/20220610/202206100557.51ypLGap-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project b92436efcb7813fc481b30f2593a4907568d917a)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=804f7f19c2e2928aeb8eafef8379fe8b8d13f98b
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b
# save the config file
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:768:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
ZSTD_memset(dst, b, regenSize);
^
lib/zstd/decompress/../common/zstd_deps.h:34:28: note: expanded from macro 'ZSTD_memset'
#define ZSTD_memset(d,s,n) __builtin_memset((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1063:17: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(dctx->headerBuffer, src, srcSize);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1063:17: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(dctx->headerBuffer, src, srcSize);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1070:9: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(dctx->headerBuffer, src, srcSize);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1070:9: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(dctx->headerBuffer, src, srcSize);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1077:9: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(dctx->headerBuffer + (dctx->headerSize - srcSize), src, srcSize);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1077:9: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(dctx->headerBuffer + (dctx->headerSize - srcSize), src, srcSize);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1188:9: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(dctx->headerBuffer + (ZSTD_SKIPPABLEHEADERSIZE - srcSize), src, srcSize); /* complete skippable header */
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1188:9: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(dctx->headerBuffer + (ZSTD_SKIPPABLEHEADERSIZE - srcSize), src, srcSize); /* complete skippable header */
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1346:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(dctx->entropy.rep, repStartValue, sizeof(repStartValue)); /* initial repcodes */
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1346:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(dctx->entropy.rep, repStartValue, sizeof(repStartValue)); /* initial repcodes */
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1866:29: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(zds->headerBuffer + zds->lhSize, ip, remainingInput);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1866:29: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(zds->headerBuffer + zds->lhSize, ip, remainingInput);
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1873:21: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(zds->headerBuffer + zds->lhSize, ip, toLoad); zds->lhSize = hSize; ip += toLoad;
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/decompress/zstd_decompress.c:1873:21: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(zds->headerBuffer + zds->lhSize, ip, toLoad); zds->lhSize = hSize; ip += toLoad;
^
lib/zstd/decompress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
44 warnings generated.
drivers/video/fbdev/omap/lcd_mipid.c:66:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(xfer, 0, sizeof(xfer));
^~~~~~
drivers/video/fbdev/omap/lcd_mipid.c:66:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(xfer, 0, sizeof(xfer));
^~~~~~
>> drivers/video/fbdev/omap/lcd_mipid.c:264:3: warning: Value stored to 'pixel' is never read [clang-analyzer-deadcode.DeadStores]
pixel = 0;
^ ~
drivers/video/fbdev/omap/lcd_mipid.c:264:3: note: Value stored to 'pixel' is never read
pixel = 0;
^ ~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
Suppressed 8 warnings (8 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:670:49: warning: The result of the left shift is undefined because the left operand is negative [clang-analyzer-core.UndefinedBinaryOperatorResult]
dispc_write_reg(DISPC_OVL_CONV_COEF(plane, 2), CVAL(ct->gcb, ct->gcr));
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:666:21: note: expanded from macro 'CVAL'
#define CVAL(x, y) (FLD_VAL(x, 26, 16) | FLD_VAL(y, 10, 0))
^
drivers/video/fbdev/omap2/omapfb/dss/dss.h:60:42: note: expanded from macro 'FLD_VAL'
#define FLD_VAL(val, start, end) (((val) << (end)) & FLD_MASK(start, end))
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4049:6: note: Assuming the condition is true
if (REG_GET(DISPC_CONFIG, 2, 1) != OMAP_DSS_LOAD_FRAME_ONLY) {
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:49:2: note: expanded from macro 'REG_GET'
FLD_GET(dispc_read_reg(idx), start, end)
^
drivers/video/fbdev/omap2/omapfb/dss/dss.h:61:34: note: expanded from macro 'FLD_GET'
#define FLD_GET(val, start, end) (((val) & FLD_MASK(start, end)) >> (end))
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4049:2: note: Taking true branch
if (REG_GET(DISPC_CONFIG, 2, 1) != OMAP_DSS_LOAD_FRAME_ONLY) {
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4050:3: note: Calling '_omap_dispc_initial_config'
_omap_dispc_initial_config();
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3721:6: note: Assuming the condition is false
if (dss_has_feature(FEAT_CORE_CLK_DIV)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3721:2: note: Taking false branch
if (dss_has_feature(FEAT_CORE_CLK_DIV)) {
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3732:6: note: Assuming the condition is false
if (dss_has_feature(FEAT_FUNCGATED))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3732:2: note: Taking false branch
if (dss_has_feature(FEAT_FUNCGATED))
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3735:2: note: Calling 'dispc_setup_color_conv_coef'
dispc_setup_color_conv_coef();
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:692:14: note: Assuming 'i' is >= 'num_ovl'
for (i = 1; i < num_ovl; i++)
^~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:692:2: note: Loop condition is false. Execution continues on line 695
for (i = 1; i < num_ovl; i++)
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:695:6: note: Assuming field 'has_writeback' is true
if (dispc.feat->has_writeback)
^~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:695:2: note: Taking true branch
if (dispc.feat->has_writeback)
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:696:3: note: Calling 'dispc_ovl_write_color_conv_coef'
dispc_ovl_write_color_conv_coef(OMAP_DSS_WB, &ctbl_bt601_5_wb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:670:49: note: The result of the left shift is undefined because the left operand is negative
dispc_write_reg(DISPC_OVL_CONV_COEF(plane, 2), CVAL(ct->gcb, ct->gcr));
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:666:21: note: expanded from macro 'CVAL'
#define CVAL(x, y) (FLD_VAL(x, 26, 16) | FLD_VAL(y, 10, 0))
^~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dss.h:60:42: note: expanded from macro 'FLD_VAL'
#define FLD_VAL(val, start, end) (((val) << (end)) & FLD_MASK(start, end))
~~~~~ ^
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
7 warnings generated.
Suppressed 7 warnings (7 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
31 warnings generated.
drivers/usb/misc/legousbtower.c:684:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(dev->read_buffer + dev->read_buffer_length,
^~~~~~
drivers/usb/misc/legousbtower.c:684:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(dev->read_buffer + dev->read_buffer_length,
^~~~~~
Suppressed 30 warnings (30 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
14 warnings generated.
Suppressed 14 warnings (14 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
31 warnings generated.
drivers/usb/misc/trancevibrator.c:39:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%d\n", tv->speed);
--
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1026:11: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
result = sprintf(page, "%u\n", opts->isoc_mult);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1069:11: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
result = sprintf(page, "%u\n", opts->isoc_maxburst);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1069:11: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
result = sprintf(page, "%u\n", opts->isoc_maxburst);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1112:11: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
result = sprintf(page, "%u\n", opts->bulk_buflen);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1112:11: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
result = sprintf(page, "%u\n", opts->bulk_buflen);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1150:11: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
result = sprintf(page, "%u\n", opts->bulk_qlen);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1150:11: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
result = sprintf(page, "%u\n", opts->bulk_qlen);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1188:11: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
result = sprintf(page, "%u\n", opts->iso_qlen);
^~~~~~~
drivers/usb/gadget/function/f_sourcesink.c:1188:11: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
result = sprintf(page, "%u\n", opts->iso_qlen);
^~~~~~~
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
53 warnings generated.
drivers/video/fbdev/omap/omapfb_main.c:599:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:599:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:605:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&fbi->var, new_var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:605:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&fbi->var, new_var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:843:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:843:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:863:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&fbi->var, new_var, sizeof(fbi->var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:863:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&fbi->var, new_var, sizeof(fbi->var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:891:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(mi, 0, sizeof(*mi));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:891:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(mi, 0, sizeof(*mi));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1017:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(caps, 0, sizeof(*caps));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1017:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(caps, 0, sizeof(*caps));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1031:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&win, 0, sizeof(win));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1031:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&win, 0, sizeof(win));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1100:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(u->reserved, 0, sizeof(u->reserved));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1100:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(u->reserved, 0, sizeof(u->reserved));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1334:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (sscanf(buf, "%10d", &level) == 1) {
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1334:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
if (sscanf(buf, "%10d", &level) == 1) {
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1451:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(fix->id, MODULE_NAME, sizeof(fix->id));
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1451:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(fix->id, MODULE_NAME, sizeof(fix->id));
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1577:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1);
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1577:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1);
^~~~~~~
>> drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
fbdev->dssdev = NULL;
~~~~~~~~~~~~~ ^
drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Calling 'omapfb_free_resources'
omapfb_free_resources(fbdev, saved_state);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1530:2: note: Control jumps to 'case 1:' at line 1555
switch (state) {
^
drivers/video/fbdev/omap/omapfb_main.c:1557:3: note: Memory is released
kfree(fbdev);
^~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1558:3: note: Execution continues on line 1557
break;
^
drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Returning; memory was released via 1st parameter
omapfb_free_resources(fbdev, saved_state);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1811:16: note: Use of memory after it is freed
fbdev->dssdev = NULL;
~~~~~~~~~~~~~ ^
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
47 warnings generated.
drivers/media/i2c/ov7670.c:1292:2: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores]
ret = ov7670_read(sd, REG_CMATRIX_SIGN, &signbits);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:1292:2: note: Value stored to 'ret' is never read
ret = ov7670_read(sd, REG_CMATRIX_SIGN, &signbits);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:1381:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(tmpmatrix, matrix, CMATRIX_LEN*sizeof(int));
^~~~~~
drivers/media/i2c/ov7670.c:1381:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(tmpmatrix, matrix, CMATRIX_LEN*sizeof(int));
^~~~~~
drivers/media/i2c/ov7670.c:1528:15: warning: The left operand of '&' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
com1 = (com1 & 0xfc) | (value & 0x03);
^
drivers/media/i2c/ov7670.c:1597:2: note: Control jumps to 'case 10094849:' at line 1617
switch (ctrl->id) {
^
drivers/media/i2c/ov7670.c:1620:7: note: Assuming field 'val' is equal to V4L2_EXPOSURE_MANUAL
if (ctrl->val == V4L2_EXPOSURE_MANUAL) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:1620:3: note: Taking true branch
if (ctrl->val == V4L2_EXPOSURE_MANUAL) {
^
drivers/media/i2c/ov7670.c:1622:11: note: Calling 'ov7670_s_exp'
return ov7670_s_exp(sd, info->exposure->val);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:1520:16: note: 'com1' declared without an initial value
unsigned char com1, com8, aech, aechh;
^~~~
drivers/media/i2c/ov7670.c:1522:8: note: Calling 'ov7670_read'
ret = ov7670_read(sd, REG_COM1, &com1) +
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:565:6: note: Assuming field 'use_smbus' is true
if (info->use_smbus)
^~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:565:2: note: Taking true branch
if (info->use_smbus)
^
drivers/media/i2c/ov7670.c:566:10: note: Calling 'ov7670_read_smbus'
return ov7670_read_smbus(sd, reg, value);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:485:6: note: Assuming 'ret' is < 0
if (ret >= 0) {
^~~~~~~~
drivers/media/i2c/ov7670.c:485:2: note: Taking false branch
if (ret >= 0) {
^
drivers/media/i2c/ov7670.c:489:2: note: Returning without writing to '*value'
return ret;
^
drivers/media/i2c/ov7670.c:566:10: note: Returning from 'ov7670_read_smbus'
return ov7670_read_smbus(sd, reg, value);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:566:3: note: Returning without writing to '*value'
return ov7670_read_smbus(sd, reg, value);
^
drivers/media/i2c/ov7670.c:1522:8: note: Returning from 'ov7670_read'
ret = ov7670_read(sd, REG_COM1, &com1) +
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/media/i2c/ov7670.c:1525:6: note: Assuming 'ret' is 0
if (ret)
^~~
drivers/media/i2c/ov7670.c:1525:2: note: Taking false branch
if (ret)
^
drivers/media/i2c/ov7670.c:1528:15: note: The left operand of '&' is a garbage value
com1 = (com1 & 0xfc) | (value & 0x03);
~~~~ ^
drivers/media/i2c/ov7670.c:1530:17: warning: The left operand of '&' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
aechh = (aechh & 0xc0) | ((value >> 10) & 0x3f);
^
drivers/media/i2c/ov7670.c:1597:2: note: Control jumps to 'case 10094849:' at line 1617
switch (ctrl->id) {
^
drivers/media/i2c/ov7670.c:1620:7: note: Assuming field 'val' is equal to V4L2_EXPOSURE_MANUAL
if (ctrl->val == V4L2_EXPOSURE_MANUAL) {
vim +1811 drivers/video/fbdev/omap/omapfb_main.c
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1798
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1799 /* Called when the device is being detached from the driver */
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1800 static int omapfb_remove(struct platform_device *pdev)
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1801 {
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1802 struct omapfb_device *fbdev = platform_get_drvdata(pdev);
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1803 enum omapfb_state saved_state = fbdev->state;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1804
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1805 /* FIXME: wait till completion of pending events */
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1806
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1807 fbdev->state = OMAPFB_DISABLED;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1808 omapfb_free_resources(fbdev, saved_state);
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1809
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1810 platform_device_unregister(&omapdss_device);
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 @1811 fbdev->dssdev = NULL;
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1812
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1813 return 0;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1814 }
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1815
:::::: The code at line 1811 was first introduced by commit
:::::: f778a12dd33200513596a0d4d3ba4d5f09e79c09 OMAP: OMAPFB: fix clk_get for RFBI
:::::: TO: Tomi Valkeinen <tomi.valkeinen@nokia.com>
:::::: CC: Tomi Valkeinen <tomi.valkeinen@nokia.com>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 3+ messages in thread* drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
@ 2023-03-31 2:32 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2023-03-31 2:32 UTC (permalink / raw)
To: oe-kbuild; +Cc: lkp
::::::
:::::: Manual check reason: "low confidence static check warning: drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]"
::::::
BCC: lkp@intel.com
CC: llvm@lists.linux.dev
CC: oe-kbuild-all@lists.linux.dev
CC: linux-kernel@vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 62bad54b26db8bc98e28749cd76b2d890edb4258
commit: 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b fbdev: omap: avoid using mach/*.h files
date: 11 months ago
:::::: branch date: 3 hours ago
:::::: commit date: 11 months ago
config: arm-randconfig-c002-20230329 (https://download.01.org/0day-ci/archive/20230331/202303311047.2rVOzYjo-lkp@intel.com/config)
compiler: clang version 17.0.0 (https://github.com/llvm/llvm-project 67409911353323ca5edf2049ef0df54132fa1ca7)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=804f7f19c2e2928aeb8eafef8379fe8b8d13f98b
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b
# save the config file
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer olddefconfig
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Link: https://lore.kernel.org/r/202303311047.2rVOzYjo-lkp@intel.com/
clang_analyzer warnings: (new ones prefixed by >>)
fs/namespace.c:3868:1: note: Calling '__do_sys_pivot_root'
SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
^
include/linux/syscalls.h:218:36: note: expanded from macro 'SYSCALL_DEFINE2'
#define SYSCALL_DEFINE2(name, ...) SYSCALL_DEFINEx(2, _##name, __VA_ARGS__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/syscalls.h:228:2: note: expanded from macro 'SYSCALL_DEFINEx'
__SYSCALL_DEFINEx(x, sname, __VA_ARGS__)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/syscalls.h:249:14: note: expanded from macro '__SYSCALL_DEFINEx'
long ret = __do_sys##name(__MAP(x,__SC_CAST,__VA_ARGS__));\
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
note: expanded from here
fs/namespace.c:3876:2: note: Taking false branch
if (!may_mount())
^
fs/namespace.c:3881:6: note: Assuming 'error' is 0
if (error)
^~~~~
fs/namespace.c:3881:2: note: Taking false branch
if (error)
^
fs/namespace.c:3886:6: note: Assuming 'error' is 0
if (error)
^~~~~
fs/namespace.c:3886:2: note: Taking false branch
if (error)
^
fs/namespace.c:3890:6: note: 'error' is 0
if (error)
^~~~~
fs/namespace.c:3890:2: note: Taking false branch
if (error)
^
fs/namespace.c:3894:11: note: Calling 'lock_mount'
old_mp = lock_mount(&old);
^~~~~~~~~~~~~~~~
fs/namespace.c:2293:6: note: Assuming the condition is true
if (unlikely(cant_mount(dentry))) {
^
include/linux/compiler.h:48:24: note: expanded from macro 'unlikely'
# define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x)))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/compiler.h:33:32: note: expanded from macro '__branch_check__'
______r = __builtin_expect(!!(x), expect); \
^~~~
fs/namespace.c:2293:2: note: Taking false branch
if (unlikely(cant_mount(dentry))) {
^
fs/namespace.c:2299:14: note: 'mnt' is non-null
if (likely(!mnt)) {
^
include/linux/compiler.h:45:39: note: expanded from macro 'likely'
# define likely(x) (__branch_check__(x, 1, __builtin_constant_p(x)))
^
include/linux/compiler.h:33:34: note: expanded from macro '__branch_check__'
______r = __builtin_expect(!!(x), expect); \
^
fs/namespace.c:2299:14: note: 'mnt' is non-null
if (likely(!mnt)) {
^
include/linux/compiler.h:45:66: note: expanded from macro 'likely'
# define likely(x) (__branch_check__(x, 1, __builtin_constant_p(x)))
^
include/linux/compiler.h:35:19: note: expanded from macro '__branch_check__'
expect, is_constant); \
^~~~~~~~~~~
fs/namespace.c:2299:2: note: Taking false branch
if (likely(!mnt)) {
^
fs/namespace.c:2312:2: note: Null pointer value stored to 'dentry'
dentry = path->dentry = dget(mnt->mnt_root);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fs/namespace.c:2313:2: note: Control jumps to line 2292
goto retry;
^
fs/namespace.c:2292:13: note: Access to field 'd_inode' results in a dereference of a null pointer (loaded from variable 'dentry')
inode_lock(dentry->d_inode);
^~~~~~
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
10 warnings generated.
drivers/video/fbdev/omap/omapfb_main.c:1334:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (sscanf(buf, "%10d", &level) == 1) {
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1334:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
if (sscanf(buf, "%10d", &level) == 1) {
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1451:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(fix->id, MODULE_NAME, sizeof(fix->id));
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1451:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(fix->id, MODULE_NAME, sizeof(fix->id));
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1577:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1);
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1577:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1);
^~~~~~~
>> drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
fbdev->dssdev = NULL;
~~~~~~~~~~~~~ ^
drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Calling 'omapfb_free_resources'
omapfb_free_resources(fbdev, saved_state);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1530:2: note: Control jumps to 'case 1:' at line 1555
switch (state) {
^
drivers/video/fbdev/omap/omapfb_main.c:1557:3: note: Memory is released
kfree(fbdev);
^~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1558:3: note: Execution continues on line 1557
break;
^
drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Returning; memory was released via 1st parameter
omapfb_free_resources(fbdev, saved_state);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1811:16: note: Use of memory after it is freed
fbdev->dssdev = NULL;
~~~~~~~~~~~~~ ^
Suppressed 6 warnings (6 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
5 warnings generated.
lib/zstd/compress/zstd_compress_sequences.c:260:9: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(nextCTable, prevCTable, prevCTableSize);
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_sequences.c:260:9: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(nextCTable, prevCTable, prevCTableSize);
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
Suppressed 4 warnings (4 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
20 warnings generated.
lib/zstd/compress/zstd_compress_superblock.c:82:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:82:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:121:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memset(nextHuf->CTable, 0, sizeof(nextHuf->CTable));
^
lib/zstd/compress/../common/zstd_deps.h:34:28: note: expanded from macro 'ZSTD_memset'
#define ZSTD_memset(d,s,n) __builtin_memset((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:121:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
ZSTD_memset(nextHuf->CTable, 0, sizeof(nextHuf->CTable));
^
lib/zstd/compress/../common/zstd_deps.h:34:28: note: expanded from macro 'ZSTD_memset'
#define ZSTD_memset(d,s,n) __builtin_memset((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:141:21: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:141:21: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:148:17: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:148:17: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
ZSTD_memcpy(nextHuf, prevHuf, sizeof(*prevHuf));
^
lib/zstd/compress/../common/zstd_deps.h:32:28: note: expanded from macro 'ZSTD_memcpy'
#define ZSTD_memcpy(d,s,n) __builtin_memcpy((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:192:5: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memset(workspace, 0, wkspSize);
^
lib/zstd/compress/../common/zstd_deps.h:34:28: note: expanded from macro 'ZSTD_memset'
#define ZSTD_memset(d,s,n) __builtin_memset((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:192:5: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
ZSTD_memset(workspace, 0, wkspSize);
^
lib/zstd/compress/../common/zstd_deps.h:34:28: note: expanded from macro 'ZSTD_memset'
#define ZSTD_memset(d,s,n) __builtin_memset((d),(s),(n))
^~~~~~~~~~~~~~~~
lib/zstd/compress/zstd_compress_superblock.c:352:9: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ZSTD_memcpy(op, hufMetadata->hufDesBuffer, hufMetadata->hufDesSize);
vim +1811 drivers/video/fbdev/omap/omapfb_main.c
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1798
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1799 /* Called when the device is being detached from the driver */
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1800 static int omapfb_remove(struct platform_device *pdev)
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1801 {
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1802 struct omapfb_device *fbdev = platform_get_drvdata(pdev);
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1803 enum omapfb_state saved_state = fbdev->state;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1804
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1805 /* FIXME: wait till completion of pending events */
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1806
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1807 fbdev->state = OMAPFB_DISABLED;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1808 omapfb_free_resources(fbdev, saved_state);
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1809
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1810 platform_device_unregister(&omapdss_device);
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 @1811 fbdev->dssdev = NULL;
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1812
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1813 return 0;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1814 }
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1815
:::::: The code at line 1811 was first introduced by commit
:::::: f778a12dd33200513596a0d4d3ba4d5f09e79c09 OMAP: OMAPFB: fix clk_get for RFBI
:::::: TO: Tomi Valkeinen <tomi.valkeinen@nokia.com>
:::::: CC: Tomi Valkeinen <tomi.valkeinen@nokia.com>
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests
^ permalink raw reply [flat|nested] 3+ messages in thread* drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
@ 2022-06-08 20:06 kernel test robot
0 siblings, 0 replies; 3+ messages in thread
From: kernel test robot @ 2022-06-08 20:06 UTC (permalink / raw)
To: kbuild
[-- Attachment #1: Type: text/plain, Size: 47342 bytes --]
::::::
:::::: Manual check reason: "low confidence static check warning: drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]"
::::::
CC: llvm(a)lists.linux.dev
CC: kbuild-all(a)lists.01.org
BCC: lkp(a)intel.com
CC: linux-kernel(a)vger.kernel.org
TO: Arnd Bergmann <arnd@arndb.de>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 34f4335c16a5f4bb7da6c8d2d5e780b6a163846a
commit: 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b fbdev: omap: avoid using mach/*.h files
date: 7 weeks ago
:::::: branch date: 4 hours ago
:::::: commit date: 7 weeks ago
config: arm-randconfig-c002-20220608 (https://download.01.org/0day-ci/archive/20220609/202206090354.icGVmug7-lkp(a)intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project b92436efcb7813fc481b30f2593a4907568d917a)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install arm cross compiling tool for clang build
# apt-get install binutils-arm-linux-gnueabi
# https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=804f7f19c2e2928aeb8eafef8379fe8b8d13f98b
git remote add linus https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
git fetch --no-tags linus master
git checkout 804f7f19c2e2928aeb8eafef8379fe8b8d13f98b
# save the config file
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>
clang-analyzer warnings: (new ones prefixed by >>)
42 warnings generated.
drivers/regulator/qcom-labibb-regulator.c:864:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&vreg->desc, reg_data->desc, sizeof(vreg->desc));
^~~~~~
drivers/regulator/qcom-labibb-regulator.c:864:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&vreg->desc, reg_data->desc, sizeof(vreg->desc));
^~~~~~
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
drivers/regulator/pwm-regulator.c:335:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&drvdata->desc, &pwm_regulator_desc, sizeof(drvdata->desc));
^~~~~~
drivers/regulator/pwm-regulator.c:335:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&drvdata->desc, &pwm_regulator_desc, sizeof(drvdata->desc));
^~~~~~
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
42 warnings generated.
drivers/regulator/rk808-regulator.c:274:3: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores]
ret = regmap_write(rdev->regmap, rdev->desc->vsel_reg, val);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/regulator/rk808-regulator.c:274:3: note: Value stored to 'ret' is never read
ret = regmap_write(rdev->regmap, rdev->desc->vsel_reg, val);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
80 warnings generated.
kernel/cgroup/cgroup.c:1248:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(cset->subsys, template, sizeof(cset->subsys));
^~~~~~
kernel/cgroup/cgroup.c:1248:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(cset->subsys, template, sizeof(cset->subsys));
^~~~~~
kernel/cgroup/cgroup.c:1497:3: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
snprintf(buf, CGROUP_FILE_NAME_MAX, "%s%s.%s",
^~~~~~~~
kernel/cgroup/cgroup.c:1497:3: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(buf, CGROUP_FILE_NAME_MAX, "%s%s.%s",
^~~~~~~~
kernel/cgroup/cgroup.c:4708:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(it, 0, sizeof(*it));
^~~~~~
kernel/cgroup/cgroup.c:4708:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(it, 0, sizeof(*it));
^~~~~~
kernel/cgroup/cgroup.c:5224:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(css, 0, sizeof(*css));
^~~~~~
kernel/cgroup/cgroup.c:5224:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(css, 0, sizeof(*css));
^~~~~~
kernel/cgroup/cgroup.c:6640:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (!sscanf(input, "%lld.%n%lld%n", &whole, &fstart, &frac, &fend))
^~~~~~
kernel/cgroup/cgroup.c:6640:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
if (!sscanf(input, "%lld.%n%lld%n", &whole, &fstart, &frac, &fend))
^~~~~~
kernel/cgroup/cgroup.c:6727:11: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret += snprintf(buf + ret, size - ret, "%s.", prefix);
^~~~~~~~
kernel/cgroup/cgroup.c:6727:11: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
ret += snprintf(buf + ret, size - ret, "%s.", prefix);
^~~~~~~~
kernel/cgroup/cgroup.c:6729:10: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
ret += snprintf(buf + ret, size - ret, "%s\n", cft->name);
^~~~~~~~
kernel/cgroup/cgroup.c:6729:10: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
ret += snprintf(buf + ret, size - ret, "%s\n", cft->name);
^~~~~~~~
kernel/cgroup/cgroup.c:6760:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(buf, PAGE_SIZE,
^~~~~~~~
kernel/cgroup/cgroup.c:6760:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(buf, PAGE_SIZE,
^~~~~~~~
Suppressed 72 warnings (72 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
44 warnings generated.
drivers/video/fbdev/omap/lcd_mipid.c:66:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(xfer, 0, sizeof(xfer));
^~~~~~
drivers/video/fbdev/omap/lcd_mipid.c:66:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(xfer, 0, sizeof(xfer));
^~~~~~
>> drivers/video/fbdev/omap/lcd_mipid.c:264:3: warning: Value stored to 'pixel' is never read [clang-analyzer-deadcode.DeadStores]
pixel = 0;
^ ~
drivers/video/fbdev/omap/lcd_mipid.c:264:3: note: Value stored to 'pixel' is never read
pixel = 0;
^ ~
Suppressed 42 warnings (42 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
8 warnings generated.
Suppressed 8 warnings (8 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
30 warnings generated.
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:670:49: warning: The result of the left shift is undefined because the left operand is negative [clang-analyzer-core.UndefinedBinaryOperatorResult]
dispc_write_reg(DISPC_OVL_CONV_COEF(plane, 2), CVAL(ct->gcb, ct->gcr));
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:666:21: note: expanded from macro 'CVAL'
#define CVAL(x, y) (FLD_VAL(x, 26, 16) | FLD_VAL(y, 10, 0))
^
drivers/video/fbdev/omap2/omapfb/dss/dss.h:60:42: note: expanded from macro 'FLD_VAL'
#define FLD_VAL(val, start, end) (((val) << (end)) & FLD_MASK(start, end))
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4049:6: note: Assuming the condition is true
if (REG_GET(DISPC_CONFIG, 2, 1) != OMAP_DSS_LOAD_FRAME_ONLY) {
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:49:2: note: expanded from macro 'REG_GET'
FLD_GET(dispc_read_reg(idx), start, end)
^
drivers/video/fbdev/omap2/omapfb/dss/dss.h:61:34: note: expanded from macro 'FLD_GET'
#define FLD_GET(val, start, end) (((val) & FLD_MASK(start, end)) >> (end))
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4049:2: note: Taking true branch
if (REG_GET(DISPC_CONFIG, 2, 1) != OMAP_DSS_LOAD_FRAME_ONLY) {
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:4050:3: note: Calling '_omap_dispc_initial_config'
_omap_dispc_initial_config();
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3721:6: note: Assuming the condition is false
if (dss_has_feature(FEAT_CORE_CLK_DIV)) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3721:2: note: Taking false branch
if (dss_has_feature(FEAT_CORE_CLK_DIV)) {
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3732:6: note: Assuming the condition is false
if (dss_has_feature(FEAT_FUNCGATED))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3732:2: note: Taking false branch
if (dss_has_feature(FEAT_FUNCGATED))
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:3735:2: note: Calling 'dispc_setup_color_conv_coef'
dispc_setup_color_conv_coef();
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:692:14: note: Assuming 'i' is >= 'num_ovl'
for (i = 1; i < num_ovl; i++)
^~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:692:2: note: Loop condition is false. Execution continues on line 695
for (i = 1; i < num_ovl; i++)
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:695:6: note: Assuming field 'has_writeback' is true
if (dispc.feat->has_writeback)
^~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:695:2: note: Taking true branch
if (dispc.feat->has_writeback)
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:696:3: note: Calling 'dispc_ovl_write_color_conv_coef'
dispc_ovl_write_color_conv_coef(OMAP_DSS_WB, &ctbl_bt601_5_wb);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:670:49: note: The result of the left shift is undefined because the left operand is negative
dispc_write_reg(DISPC_OVL_CONV_COEF(plane, 2), CVAL(ct->gcb, ct->gcr));
^
drivers/video/fbdev/omap2/omapfb/dss/dispc.c:666:21: note: expanded from macro 'CVAL'
#define CVAL(x, y) (FLD_VAL(x, 26, 16) | FLD_VAL(y, 10, 0))
^~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap2/omapfb/dss/dss.h:60:42: note: expanded from macro 'FLD_VAL'
#define FLD_VAL(val, start, end) (((val) << (end)) & FLD_MASK(start, end))
~~~~~ ^
Suppressed 29 warnings (29 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
drivers/usb/core/devio.c:257:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(mem, 0, size);
^~~~~~
drivers/usb/core/devio.c:257:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(mem, 0, size);
^~~~~~
drivers/usb/core/devio.c:325:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&temp_desc, &dev->descriptor, sizeof(dev->descriptor));
^~~~~~
drivers/usb/core/devio.c:325:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&temp_desc, &dev->descriptor, sizeof(dev->descriptor));
^~~~~~
drivers/usb/core/devio.c:1444:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&ci, 0, sizeof(ci));
^~~~~~
drivers/usb/core/devio.c:1444:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&ci, 0, sizeof(ci));
--
^~~~~~~~
drivers/media/platform/ti/am437x/am437x-vpfe.c:1278:2: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
snprintf(cap->bus_info, sizeof(cap->bus_info),
^~~~~~~~
drivers/media/platform/ti/am437x/am437x-vpfe.c:1411:2: warning: Value stored to 'ret' is never read [clang-analyzer-deadcode.DeadStores]
ret = 0;
^ ~
drivers/media/platform/ti/am437x/am437x-vpfe.c:1411:2: note: Value stored to 'ret' is never read
ret = 0;
^ ~
drivers/media/platform/ti/am437x/am437x-vpfe.c:1515:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(fsize->reserved, 0x0, sizeof(fsize->reserved));
^~~~~~
drivers/media/platform/ti/am437x/am437x-vpfe.c:1515:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(fsize->reserved, 0x0, sizeof(fsize->reserved));
^~~~~~
drivers/media/platform/ti/am437x/am437x-vpfe.c:1517:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&fse, 0x0, sizeof(fse));
^~~~~~
drivers/media/platform/ti/am437x/am437x-vpfe.c:1517:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&fse, 0x0, sizeof(fse));
^~~~~~
drivers/media/platform/ti/am437x/am437x-vpfe.c:2176:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&mbus_code, 0, sizeof(mbus_code));
^~~~~~
drivers/media/platform/ti/am437x/am437x-vpfe.c:2176:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&mbus_code, 0, sizeof(mbus_code));
^~~~~~
Suppressed 46 warnings (45 in non-user code, 1 with check filters).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
53 warnings generated.
drivers/video/fbdev/omap/omapfb_main.c:599:3: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:599:3: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:605:4: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&fbi->var, new_var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:605:4: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&fbi->var, new_var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:843:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:843:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(new_var, &fbi->var, sizeof(*new_var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:863:5: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memcpy(&fbi->var, new_var, sizeof(fbi->var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:863:5: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11
memcpy(&fbi->var, new_var, sizeof(fbi->var));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:891:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(mi, 0, sizeof(*mi));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:891:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(mi, 0, sizeof(*mi));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1017:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(caps, 0, sizeof(*caps));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1017:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(caps, 0, sizeof(*caps));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1031:3: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&win, 0, sizeof(win));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1031:3: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&win, 0, sizeof(win));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1100:4: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(u->reserved, 0, sizeof(u->reserved));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1100:4: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(u->reserved, 0, sizeof(u->reserved));
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1334:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (sscanf(buf, "%10d", &level) == 1) {
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1334:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
if (sscanf(buf, "%10d", &level) == 1) {
^~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1451:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(fix->id, MODULE_NAME, sizeof(fix->id));
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1451:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(fix->id, MODULE_NAME, sizeof(fix->id));
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1577:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1);
^~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1577:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11
strncpy(name, conf->lcd.ctrl_name, sizeof(name) - 1);
^~~~~~~
>> drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]
fbdev->dssdev = NULL;
~~~~~~~~~~~~~ ^
drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Calling 'omapfb_free_resources'
omapfb_free_resources(fbdev, saved_state);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1530:2: note: Control jumps to 'case 1:' at line 1555
switch (state) {
^
drivers/video/fbdev/omap/omapfb_main.c:1557:3: note: Memory is released
kfree(fbdev);
^~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1558:3: note: Execution continues on line 1557
break;
^
drivers/video/fbdev/omap/omapfb_main.c:1808:2: note: Returning; memory was released via 1st parameter
omapfb_free_resources(fbdev, saved_state);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
drivers/video/fbdev/omap/omapfb_main.c:1811:16: note: Use of memory after it is freed
fbdev->dssdev = NULL;
~~~~~~~~~~~~~ ^
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
44 warnings generated.
drivers/video/fbdev/core/fbsysfs.c:121:9: warning: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return snprintf(&buf[offset], PAGE_SIZE - offset, "%c:%dx%d%c-%d\n",
^~~~~~~~
drivers/video/fbdev/core/fbsysfs.c:121:9: note: Call to function 'snprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'snprintf_s' in case of C11
return snprintf(&buf[offset], PAGE_SIZE - offset, "%c:%dx%d%c-%d\n",
^~~~~~~~
drivers/video/fbdev/core/fbsysfs.c:137:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
memset(&var, 0, sizeof(var));
^~~~~~
drivers/video/fbdev/core/fbsysfs.c:137:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11
memset(&var, 0, sizeof(var));
^~~~~~
drivers/video/fbdev/core/fbsysfs.c:443:7: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
if (sscanf(&buf[i * 24],
^~~~~~
drivers/video/fbdev/core/fbsysfs.c:443:7: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11
if (sscanf(&buf[i * 24],
^~~~~~
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
14 warnings generated.
Suppressed 14 warnings (14 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
14 warnings generated.
Suppressed 14 warnings (14 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
14 warnings generated.
Suppressed 14 warnings (14 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
14 warnings generated.
Suppressed 14 warnings (14 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
14 warnings generated.
Suppressed 14 warnings (14 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
41 warnings generated.
Suppressed 41 warnings (41 in non-user code).
Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well.
22 warnings generated.
drivers/cpufreq/brcmstb-avs-cpufreq.c:658:10: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "<unknown>\n");
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:658:10: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "<unknown>\n");
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:660:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%u\n", pstate);
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:660:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%u\n", pstate);
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:669:10: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "<unknown>\n");
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:669:10: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "<unknown>\n");
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:671:9: warning: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "%s %u\n", brcm_avs_mode_to_string(pmap.mode),
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:671:9: note: Call to function 'sprintf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "%s %u\n", brcm_avs_mode_to_string(pmap.mode),
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:683:10: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "<unknown>\n");
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:683:10: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "<unknown>\n");
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:688:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "0x%08x 0x%08x %u %u %u %u %u %u %u %u %u\n",
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:688:9: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11
return sprintf(buf, "0x%08x 0x%08x %u %u %u %u %u %u %u %u %u\n",
^~~~~~~
drivers/cpufreq/brcmstb-avs-cpufreq.c:697:9: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling]
return sprintf(buf, "0x%08x\n", brcm_avs_get_voltage(priv->base));
vim +1811 drivers/video/fbdev/omap/omapfb_main.c
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1798
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1799 /* Called when the device is being detached from the driver */
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1800 static int omapfb_remove(struct platform_device *pdev)
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1801 {
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1802 struct omapfb_device *fbdev = platform_get_drvdata(pdev);
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1803 enum omapfb_state saved_state = fbdev->state;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1804
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1805 /* FIXME: wait till completion of pending events */
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1806
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1807 fbdev->state = OMAPFB_DISABLED;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1808 omapfb_free_resources(fbdev, saved_state);
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1809
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1810 platform_device_unregister(&omapdss_device);
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 @1811 fbdev->dssdev = NULL;
f778a12dd33200 drivers/video/omap/omapfb_main.c Tomi Valkeinen 2009-12-16 1812
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1813 return 0;
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1814 }
8b08cf2b64f5a6 drivers/video/omap/omapfb_main.c Imre Deak 2007-07-17 1815
:::::: The code at line 1811 was first introduced by commit
:::::: f778a12dd33200513596a0d4d3ba4d5f09e79c09 OMAP: OMAPFB: fix clk_get for RFBI
:::::: TO: Tomi Valkeinen <tomi.valkeinen@nokia.com>
:::::: CC: Tomi Valkeinen <tomi.valkeinen@nokia.com>
--
0-DAY CI Kernel Test Service
https://01.org/lkp
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-03-31 2:32 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-06-09 21:29 drivers/video/fbdev/omap/omapfb_main.c:1811:16: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc] kernel test robot
-- strict thread matches above, loose matches on Subject: below --
2023-03-31 2:32 kernel test robot
2022-06-08 20:06 kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.