The idx is guarantied to be less than SNDRV_CARDS (max 256 or 8) by the
code in snd_card_init(), however the compiler does not see that.
Compiling with W=1 results:
sound/core/init.c: In function ‘snd_card_init’:
sound/core/init.c:367:28: error: ‘%d’ directive writing between 1 and 10 bytes into a region of size 4 [-Werror=format-overflow=]
367 | sprintf(name, "card%d", idx);
| ^~
sound/core/init.c:367:23: note: directive argument in the range [0, 2147483646]
367 | sprintf(name, "card%d", idx);
| ^~~~~~~~
sound/core/init.c:367:9: note: ‘sprintf’ output between 6 and 15 bytes into a destination of size 8
367 | sprintf(name, "card%d", idx);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
While the code is correct, we need to silence the compiler somehow.
It could be done by limiting the range in sprintf like
sprintf(name, "card%d", idx % SNDRV_CARDS);
sprintf(name, "card%hhd", idx);
etc
These are too workaroundish. Increase the name array to 15 instead which
looks better and only adds 7 bytes on stack.
The warnings got brought to light by a recent patch upstream:
commit 6d4ab2e97dcf ("extrawarn: enable format and stringop overflow warnings in W=1")
Signed-off-by: Peter Ujfalusi <[email protected]>
---
Hi,
The mentioned commit causes other build failures with W=1 at least in
sound/usb/mixer_scarlett_gen2.c
sound/usb/mixer.c
sound/soc/codecs/hdac_hdmi.c
sound/hda/intel-sdw-acpi.c
Some of them are also false and we need to find a workaround, but
I think the scarlett case might be valid.
Regards,
Peter
sound/core/init.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/core/init.c b/sound/core/init.c
index d61bde1225f2..d8a13a76d241 100644
--- a/sound/core/init.c
+++ b/sound/core/init.c
@@ -279,7 +279,7 @@ static int snd_card_init(struct snd_card *card, struct device *parent,
{
int err;
#ifdef CONFIG_SND_DEBUG
- char name[8];
+ char name[15];
#endif
if (extra_size > 0)
--
2.42.0
On 12/09/2023 13:42, Takashi Iwai wrote:
> On Tue, 12 Sep 2023 12:18:04 +0200,
> Arnd Bergmann wrote:
>>
>> On Tue, Sep 12, 2023, at 10:39, Peter Ujfalusi wrote:
>>
>>> While the code is correct, we need to silence the compiler somehow.
>>> It could be done by limiting the range in sprintf like
>>> sprintf(name, "card%d", idx % SNDRV_CARDS);
>>> sprintf(name, "card%hhd", idx);
>>> etc
>>>
>>> These are too workaroundish. Increase the name array to 15 instead which
>>> looks better and only adds 7 bytes on stack.
>>
>> It looks like we use the same string for kobject_set_name(), so
>> maybe this would work as well:
>>
>> --- a/sound/core/init.c
>> +++ b/sound/core/init.c
>> @@ -278,9 +278,6 @@ static int snd_card_init(struct snd_card *card, struct device *parent,
>> size_t extra_size)
>> {
>> int err;
>> -#ifdef CONFIG_SND_DEBUG
>> - char name[8];
>> -#endif
>>
>> if (extra_size > 0)
>> card->private_data = (char *)card + sizeof(struct snd_card);
>> @@ -364,8 +361,8 @@ static int snd_card_init(struct snd_card *card, struct device *parent,
>> }
>>
>> #ifdef CONFIG_SND_DEBUG
>> - sprintf(name, "card%d", idx);
>> - card->debugfs_root = debugfs_create_dir(name, sound_debugfs_root);
>> + card->debugfs_root = debugfs_create_dir(kobject_name(&card->card_dev.kobj),
>> + sound_debugfs_root);
>
> The idea looks neat, but I suppose it's better with
> dev_name(&card->card_dev) instead?
Yes, this looks better, I will send a new patch in a minute.
>
> thanks,
>
> Takashi
--
Péter
On Tue, 12 Sep 2023 12:18:04 +0200,
Arnd Bergmann wrote:
>
> On Tue, Sep 12, 2023, at 10:39, Peter Ujfalusi wrote:
>
> > While the code is correct, we need to silence the compiler somehow.
> > It could be done by limiting the range in sprintf like
> > sprintf(name, "card%d", idx % SNDRV_CARDS);
> > sprintf(name, "card%hhd", idx);
> > etc
> >
> > These are too workaroundish. Increase the name array to 15 instead which
> > looks better and only adds 7 bytes on stack.
>
> It looks like we use the same string for kobject_set_name(), so
> maybe this would work as well:
>
> --- a/sound/core/init.c
> +++ b/sound/core/init.c
> @@ -278,9 +278,6 @@ static int snd_card_init(struct snd_card *card, struct device *parent,
> size_t extra_size)
> {
> int err;
> -#ifdef CONFIG_SND_DEBUG
> - char name[8];
> -#endif
>
> if (extra_size > 0)
> card->private_data = (char *)card + sizeof(struct snd_card);
> @@ -364,8 +361,8 @@ static int snd_card_init(struct snd_card *card, struct device *parent,
> }
>
> #ifdef CONFIG_SND_DEBUG
> - sprintf(name, "card%d", idx);
> - card->debugfs_root = debugfs_create_dir(name, sound_debugfs_root);
> + card->debugfs_root = debugfs_create_dir(kobject_name(&card->card_dev.kobj),
> + sound_debugfs_root);
The idea looks neat, but I suppose it's better with
dev_name(&card->card_dev) instead?
thanks,
Takashi
On Tue, Sep 12, 2023, at 10:39, Peter Ujfalusi wrote:
> While the code is correct, we need to silence the compiler somehow.
> It could be done by limiting the range in sprintf like
> sprintf(name, "card%d", idx % SNDRV_CARDS);
> sprintf(name, "card%hhd", idx);
> etc
>
> These are too workaroundish. Increase the name array to 15 instead which
> looks better and only adds 7 bytes on stack.
It looks like we use the same string for kobject_set_name(), so
maybe this would work as well:
--- a/sound/core/init.c
+++ b/sound/core/init.c
@@ -278,9 +278,6 @@ static int snd_card_init(struct snd_card *card, struct device *parent,
size_t extra_size)
{
int err;
-#ifdef CONFIG_SND_DEBUG
- char name[8];
-#endif
if (extra_size > 0)
card->private_data = (char *)card + sizeof(struct snd_card);
@@ -364,8 +361,8 @@ static int snd_card_init(struct snd_card *card, struct device *parent,
}
#ifdef CONFIG_SND_DEBUG
- sprintf(name, "card%d", idx);
- card->debugfs_root = debugfs_create_dir(name, sound_debugfs_root);
+ card->debugfs_root = debugfs_create_dir(kobject_name(&card->card_dev.kobj),
+ sound_debugfs_root);
#endif
return 0;
Arnd