On July 2, 2024 4:02:39 PM Jonas Gorski <jonas.gorski@xxxxxxxxx> wrote:
Hi, On Tue, 2 Jul 2024 at 14:50, Su Hui <suhui@xxxxxxxxxxxx> wrote:Clang static checker (scan-build) has some warnings as follows. included from drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c:16 drivers/net/wireless/broadcom/brcm80211/brcmfmac/fwil.h:123:2: warning:Assigned value is garbage or undefined [core.uninitialized.Assign] 123 | __le32 data_le = cpu_to_le32(*data); | ^~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~ drivers/net/wireless/broadcom/brcm80211/brcmfmac/common.c:138:3:warning Value stored to 'err' is never read [deadcode.DeadStores] There are some functions like brcmf_fil_{cmd,iovar,basscfg}_int_get() which read the value of its parameter, but some callers have not initialized these parameters which will be read. And this patchset fixes these problems.The core issue here seems to be that brcmf_fil_{cmd,iovar,basscfg}_int_get() function (needlessly?) read from *data. So instead of forcing all callers of brcmf_fil_{cmd,iovar,basscfg}_int_get() to initialize *data first, I suggest changing brcmf_fil_{cmd,iovar,basscfg}_int_get() to just not read from it. I see no reason why they should care about what the previous value was, since they are supposed to overwrite it anyway.
The issue here is that these are generic functions and there is a reason. Some firmware API primitives allow/require the caller to pass selection parameters in *data. We wanted to keep the functions generic and leave out that knowledge. I suppose we could introduce a separate set of api functions for that purpose, but it seems like significant overhead to silence compiler warnings. Guess I underestimate the potential risk of leaking few bytes of stack data.
Regards, Arend
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
