This patch series fixes below clang warnings in the ath12k driver.
* uninitilized variable
* out of bounds
Thiraviyam Mariyappan (4):
wifi: ath12k: Fix uninitilized variable clang warnings
wifi: ath12k: hal_rx: Use memset_startat() for clearing queue
descriptors
wifi: ath12k: dp_mon: Fix out of bounds clang warning
wifi: ath12k: dp_mon: Fix uninitialized warning related to the pktlog
drivers/net/wireless/ath/ath12k/dbring.c | 2 +-
drivers/net/wireless/ath/ath12k/dp_mon.c | 8 +-------
drivers/net/wireless/ath/ath12k/dp_rx.c | 3 +--
drivers/net/wireless/ath/ath12k/hal_rx.c | 9 +++------
drivers/net/wireless/ath/ath12k/mac.c | 4 ++--
5 files changed, 8 insertions(+), 18 deletions(-)
base-commit: 922932ca02191a390f7f52fb6e21c44b50e14025
--
2.17.1
Fix uninitilized variable warnings spotted during clang compilation.
Warnings:
drivers/net/wireless/ath/ath12k/mac.c:1076:8: warning: variable 'ret' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
drivers/net/wireless/ath/ath12k/dbring.c:272:7: warning: variable 'ring' is used uninitialized whenever switch case is taken [-Wsometimes-uninitialized]
drivers/net/wireless/ath/ath12k/dp_rx.c:2690:34: warning: variable 'i' is uninitialized when used here [-Wuninitialized]
Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0-03171-QCAHKSWPL_SILICONZ-1
Reported-by: kernel test robot <[email protected]>
Signed-off-by: Thiraviyam Mariyappan <[email protected]>
---
drivers/net/wireless/ath/ath12k/dbring.c | 2 +-
drivers/net/wireless/ath/ath12k/dp_rx.c | 3 +--
drivers/net/wireless/ath/ath12k/mac.c | 4 ++--
3 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/drivers/net/wireless/ath/ath12k/dbring.c b/drivers/net/wireless/ath/ath12k/dbring.c
index 9aa2631be1a8..8fbf868e6f7e 100644
--- a/drivers/net/wireless/ath/ath12k/dbring.c
+++ b/drivers/net/wireless/ath/ath12k/dbring.c
@@ -230,7 +230,7 @@ int ath12k_dbring_get_cap(struct ath12k_base *ab,
int ath12k_dbring_buffer_release_event(struct ath12k_base *ab,
struct ath12k_dbring_buf_release_event *ev)
{
- struct ath12k_dbring *ring;
+ struct ath12k_dbring *ring = NULL;
struct hal_srng *srng;
struct ath12k *ar;
struct ath12k_dbring_element *buff;
diff --git a/drivers/net/wireless/ath/ath12k/dp_rx.c b/drivers/net/wireless/ath/ath12k/dp_rx.c
index d6835d13f7ec..83a43ad48c51 100644
--- a/drivers/net/wireless/ath/ath12k/dp_rx.c
+++ b/drivers/net/wireless/ath/ath12k/dp_rx.c
@@ -2582,7 +2582,6 @@ int ath12k_dp_rx_process(struct ath12k_base *ab, int ring_id,
struct sk_buff *msdu;
bool done = false;
int mac_id;
- int i;
u64 desc_va;
__skb_queue_head_init(&msdu_list);
@@ -2687,7 +2686,7 @@ int ath12k_dp_rx_process(struct ath12k_base *ab, int ring_id,
goto exit;
/* TODO: Move to implicit BM? */
- ath12k_dp_rx_bufs_replenish(ab, i, rx_ring, num_buffs_reaped,
+ ath12k_dp_rx_bufs_replenish(ab, 0, rx_ring, num_buffs_reaped,
ab->hw_params->hal_params->rx_buf_rbm, true);
ath12k_dp_rx_process_received_packets(ab, napi, &msdu_list,
diff --git a/drivers/net/wireless/ath/ath12k/mac.c b/drivers/net/wireless/ath/ath12k/mac.c
index ac6548c087ba..bf7e5b6977b2 100644
--- a/drivers/net/wireless/ath/ath12k/mac.c
+++ b/drivers/net/wireless/ath/ath12k/mac.c
@@ -1057,7 +1057,7 @@ static int ath12k_mac_op_config(struct ieee80211_hw *hw, u32 changed)
{
struct ath12k *ar = hw->priv;
struct ieee80211_conf *conf = &hw->conf;
- int ret;
+ int ret = 0;
mutex_lock(&ar->conf_mutex);
@@ -1089,7 +1089,7 @@ static int ath12k_mac_op_config(struct ieee80211_hw *hw, u32 changed)
err_mon_del:
ath12k_mac_monitor_vdev_delete(ar);
mutex_unlock(&ar->conf_mutex);
- return 0;
+ return ret;
}
static int ath12k_mac_setup_bcn_tmpl(struct ath12k_vif *arvif)
--
2.17.1
In preparation for FORTIFY_SOURCE performing compile-time and run-time
field bounds checking for memset(), avoid intentionally writing across
neighboring fields.
Use memset_startat() so memset() doesn't get confused about writing
beyond the destination member that is intended to be the starting point
of zeroing through the end of the struct and fixes the below clang
warning.
Warning:
include/linux/fortify-string.h:314:4: warning: call to '__write_overflow_field' declared with 'warning' attribute:
detected write beyond size of field (1st parameter); maybe use struct_group()? [-Wattribute-warning]
Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0-03171-QCAHKSWPL_SILICONZ-1
Reported-by: kernel test robot <[email protected]>
Signed-off-by: Thiraviyam Mariyappan <[email protected]>
---
drivers/net/wireless/ath/ath12k/hal_rx.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/drivers/net/wireless/ath/ath12k/hal_rx.c b/drivers/net/wireless/ath/ath12k/hal_rx.c
index d47befb83e38..ee61a6462fdc 100644
--- a/drivers/net/wireless/ath/ath12k/hal_rx.c
+++ b/drivers/net/wireless/ath/ath12k/hal_rx.c
@@ -30,8 +30,7 @@ static int ath12k_hal_reo_cmd_queue_stats(struct hal_tlv_64_hdr *tlv,
u32_encode_bits(sizeof(*desc), HAL_TLV_HDR_LEN);
desc = (struct hal_reo_get_queue_stats *)tlv->value;
- memset(&desc->queue_addr_lo, 0,
- (sizeof(*desc) - sizeof(struct hal_reo_cmd_hdr)));
+ memset_startat(desc, 0, queue_addr_lo);
desc->cmd.info0 &= ~cpu_to_le32(HAL_REO_CMD_HDR_INFO0_STATUS_REQUIRED);
if (cmd->flag & HAL_REO_CMD_FLG_NEED_STATUS)
@@ -64,8 +63,7 @@ static int ath12k_hal_reo_cmd_flush_cache(struct ath12k_hal *hal,
u32_encode_bits(sizeof(*desc), HAL_TLV_HDR_LEN);
desc = (struct hal_reo_flush_cache *)tlv->value;
- memset(&desc->cache_addr_lo, 0,
- (sizeof(*desc) - sizeof(struct hal_reo_cmd_hdr)));
+ memset_startat(desc, 0, cache_addr_lo);
desc->cmd.info0 &= ~cpu_to_le32(HAL_REO_CMD_HDR_INFO0_STATUS_REQUIRED);
if (cmd->flag & HAL_REO_CMD_FLG_NEED_STATUS)
@@ -103,8 +101,7 @@ static int ath12k_hal_reo_cmd_update_rx_queue(struct hal_tlv_64_hdr *tlv,
u32_encode_bits(sizeof(*desc), HAL_TLV_HDR_LEN);
desc = (struct hal_reo_update_rx_queue *)tlv->value;
- memset(&desc->queue_addr_lo, 0,
- (sizeof(*desc) - sizeof(struct hal_reo_cmd_hdr)));
+ memset_startat(desc, 0, queue_addr_lo);
desc->cmd.info0 &= ~cpu_to_le32(HAL_REO_CMD_HDR_INFO0_STATUS_REQUIRED);
if (cmd->flag & HAL_REO_CMD_FLG_NEED_STATUS)
--
2.17.1
Fix below out-of-bounds access warning while processing ppdu end user
stats. The size of info array is 6 but storing 7 values, Fix this with
increasing info array size to 7.
Warning:
drivers/net/wireless/ath/ath12k/dp_mon.c:623:3: warning: array index 6 is past the end of the array (that has type 'u32[6]' (aka 'unsigned int[6]')) [-Warray-bounds]
Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0-03171-QCAHKSWPL_SILICONZ-1
Reported-by: kernel test robot <[email protected]>
Signed-off-by: Thiraviyam Mariyappan <[email protected]>
---
drivers/net/wireless/ath/ath12k/dp_mon.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/wireless/ath/ath12k/dp_mon.c b/drivers/net/wireless/ath/ath12k/dp_mon.c
index 7e9759807c88..f6f2e83f8f8e 100644
--- a/drivers/net/wireless/ath/ath12k/dp_mon.c
+++ b/drivers/net/wireless/ath/ath12k/dp_mon.c
@@ -588,7 +588,7 @@ ath12k_dp_mon_rx_parse_status_tlv(struct ath12k_base *ab,
u32 tlv_tag, u8 *tlv_data, u32 userid)
{
struct hal_rx_mon_ppdu_info *ppdu_info = &pmon->mon_ppdu_info;
- u32 info[6];
+ u32 info[7];
switch (tlv_tag) {
case HAL_RX_PPDU_START: {
--
2.17.1
Uninitialized warning in the code changes related to pktlog, which is not
completely supported in ath12k driver yet. Hence, remove the changes to
avoid the warning.
Warning:
drivers/net/wireless/ath/ath12k/dp_mon.c:2138:18: warning: variable 'rx_buf_sz' is uninitialized when used here [-Wuninitialized]
Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0-03171-QCAHKSWPL_SILICONZ-1
Reported-by: kernel test robot <[email protected]>
Signed-off-by: Thiraviyam Mariyappan <[email protected]>
---
drivers/net/wireless/ath/ath12k/dp_mon.c | 6 ------
1 file changed, 6 deletions(-)
diff --git a/drivers/net/wireless/ath/ath12k/dp_mon.c b/drivers/net/wireless/ath/ath12k/dp_mon.c
index f6f2e83f8f8e..a214797c96a2 100644
--- a/drivers/net/wireless/ath/ath12k/dp_mon.c
+++ b/drivers/net/wireless/ath/ath12k/dp_mon.c
@@ -2076,8 +2076,6 @@ int ath12k_dp_mon_srng_process(struct ath12k *ar, int mac_id, int *budget,
bool end_of_ppdu;
struct hal_rx_mon_ppdu_info *ppdu_info;
struct ath12k_peer *peer = NULL;
- u32 rx_buf_sz;
- u16 log_type = 0;
ppdu_info = &pmon->mon_ppdu_info;
memset(ppdu_info, 0, sizeof(*ppdu_info));
@@ -2133,10 +2131,6 @@ int ath12k_dp_mon_srng_process(struct ath12k *ar, int mac_id, int *budget,
for (i = 0; i < dest_idx; i++) {
skb = pmon->dest_skb_q[i];
- if (log_type)
- trace_ath12k_htt_rxdesc(ar, skb->data,
- log_type, rx_buf_sz);
-
if (monitor_mode == ATH12K_DP_RX_MONITOR_MODE)
ath12k_dp_mon_rx_parse_mon_status(ar, pmon, mac_id,
skb, napi);
--
2.17.1
Thiraviyam Mariyappan <[email protected]> wrote:
> Fix uninitilized variable warnings spotted during clang compilation.
>
> Warnings:
> drivers/net/wireless/ath/ath12k/mac.c:1076:8: warning: variable 'ret' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
> drivers/net/wireless/ath/ath12k/dbring.c:272:7: warning: variable 'ring' is used uninitialized whenever switch case is taken [-Wsometimes-uninitialized]
> drivers/net/wireless/ath/ath12k/dp_rx.c:2690:34: warning: variable 'i' is uninitialized when used here [-Wuninitialized]
>
> Tested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0-03171-QCAHKSWPL_SILICONZ-1
> Reported-by: kernel test robot <[email protected]>
> Signed-off-by: Thiraviyam Mariyappan <[email protected]>
> Signed-off-by: Kalle Valo <[email protected]>
4 patches applied to ath-next branch of ath.git, thanks.
d1335f0dc18f wifi: ath12k: Fix uninitilized variable clang warnings
b57f03200853 wifi: ath12k: hal_rx: Use memset_startat() for clearing queue descriptors
80166c42434c wifi: ath12k: dp_mon: Fix out of bounds clang warning
2ee25c257d17 wifi: ath12k: dp_mon: Fix uninitialized warning related to the pktlog
--
https://patchwork.kernel.org/project/linux-wireless/patch/[email protected]/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches