> > >On Wed, Jan 12, 2022 at 06:32:37AM +0100, Pawel Laszczak wrote: >> From: Pawel Laszczak <pawell@xxxxxxxxxxx> >> >> Variable ret in function cdnsp_decode_trb is initialized but not >> used. To fix this compiler warning patch adds checking whether the >> data buffer has not been overflowed. >> >> Reported-by: kernel test robot <lkp@xxxxxxxxx> >> Signed-off-by: Pawel Laszczak <pawell@xxxxxxxxxxx> >> --- >> drivers/usb/cdns3/cdnsp-debug.h | 305 ++++++++++++++++---------------- >> 1 file changed, 154 insertions(+), 151 deletions(-) >> >> diff --git a/drivers/usb/cdns3/cdnsp-debug.h b/drivers/usb/cdns3/cdnsp-debug.h >> index a8776df2d4e0..f0ca865cce2a 100644 >> --- a/drivers/usb/cdns3/cdnsp-debug.h >> +++ b/drivers/usb/cdns3/cdnsp-debug.h >> @@ -182,208 +182,211 @@ static inline const char *cdnsp_decode_trb(char *str, size_t size, u32 field0, >> int ep_id = TRB_TO_EP_INDEX(field3) - 1; >> int type = TRB_FIELD_TO_TYPE(field3); >> unsigned int ep_num; >> - int ret = 0; >> + int ret; >> u32 temp; >> >> ep_num = DIV_ROUND_UP(ep_id, 2); >> >> switch (type) { >> case TRB_LINK: >> - ret += snprintf(str, size, >> - "LINK %08x%08x intr %ld type '%s' flags %c:%c:%c:%c", >> - field1, field0, GET_INTR_TARGET(field2), >> - cdnsp_trb_type_string(type), >> - field3 & TRB_IOC ? 'I' : 'i', >> - field3 & TRB_CHAIN ? 'C' : 'c', >> - field3 & TRB_TC ? 'T' : 't', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "LINK %08x%08x intr %ld type '%s' flags %c:%c:%c:%c", >> + field1, field0, GET_INTR_TARGET(field2), >> + cdnsp_trb_type_string(type), >> + field3 & TRB_IOC ? 'I' : 'i', >> + field3 & TRB_CHAIN ? 'C' : 'c', >> + field3 & TRB_TC ? 'T' : 't', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_TRANSFER: >> case TRB_COMPLETION: >> case TRB_PORT_STATUS: >> case TRB_HC_EVENT: >> - ret += snprintf(str, size, >> - "ep%d%s(%d) type '%s' TRB %08x%08x status '%s'" >> - " len %ld slot %ld flags %c:%c", >> - ep_num, ep_id % 2 ? "out" : "in", >> - TRB_TO_EP_INDEX(field3), >> - cdnsp_trb_type_string(type), field1, field0, >> - cdnsp_trb_comp_code_string(GET_COMP_CODE(field2)), >> - EVENT_TRB_LEN(field2), TRB_TO_SLOT_ID(field3), >> - field3 & EVENT_DATA ? 'E' : 'e', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "ep%d%s(%d) type '%s' TRB %08x%08x status '%s'" >> + " len %ld slot %ld flags %c:%c", >> + ep_num, ep_id % 2 ? "out" : "in", >> + TRB_TO_EP_INDEX(field3), >> + cdnsp_trb_type_string(type), field1, field0, >> + cdnsp_trb_comp_code_string(GET_COMP_CODE(field2)), >> + EVENT_TRB_LEN(field2), TRB_TO_SLOT_ID(field3), >> + field3 & EVENT_DATA ? 'E' : 'e', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_MFINDEX_WRAP: >> - ret += snprintf(str, size, "%s: flags %c", >> - cdnsp_trb_type_string(type), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, "%s: flags %c", >> + cdnsp_trb_type_string(type), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_SETUP: >> - ret += snprintf(str, size, >> - "type '%s' bRequestType %02x bRequest %02x " >> - "wValue %02x%02x wIndex %02x%02x wLength %d " >> - "length %ld TD size %ld intr %ld Setup ID %ld " >> - "flags %c:%c:%c", >> - cdnsp_trb_type_string(type), >> - field0 & 0xff, >> - (field0 & 0xff00) >> 8, >> - (field0 & 0xff000000) >> 24, >> - (field0 & 0xff0000) >> 16, >> - (field1 & 0xff00) >> 8, >> - field1 & 0xff, >> - (field1 & 0xff000000) >> 16 | >> - (field1 & 0xff0000) >> 16, >> - TRB_LEN(field2), GET_TD_SIZE(field2), >> - GET_INTR_TARGET(field2), >> - TRB_SETUPID_TO_TYPE(field3), >> - field3 & TRB_IDT ? 'D' : 'd', >> - field3 & TRB_IOC ? 'I' : 'i', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "type '%s' bRequestType %02x bRequest %02x " >> + "wValue %02x%02x wIndex %02x%02x wLength %d " >> + "length %ld TD size %ld intr %ld Setup ID %ld " >> + "flags %c:%c:%c", >> + cdnsp_trb_type_string(type), >> + field0 & 0xff, >> + (field0 & 0xff00) >> 8, >> + (field0 & 0xff000000) >> 24, >> + (field0 & 0xff0000) >> 16, >> + (field1 & 0xff00) >> 8, >> + field1 & 0xff, >> + (field1 & 0xff000000) >> 16 | >> + (field1 & 0xff0000) >> 16, >> + TRB_LEN(field2), GET_TD_SIZE(field2), >> + GET_INTR_TARGET(field2), >> + TRB_SETUPID_TO_TYPE(field3), >> + field3 & TRB_IDT ? 'D' : 'd', >> + field3 & TRB_IOC ? 'I' : 'i', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_DATA: >> - ret += snprintf(str, size, >> - "type '%s' Buffer %08x%08x length %ld TD size %ld " >> - "intr %ld flags %c:%c:%c:%c:%c:%c:%c", >> - cdnsp_trb_type_string(type), >> - field1, field0, TRB_LEN(field2), >> - GET_TD_SIZE(field2), >> - GET_INTR_TARGET(field2), >> - field3 & TRB_IDT ? 'D' : 'i', >> - field3 & TRB_IOC ? 'I' : 'i', >> - field3 & TRB_CHAIN ? 'C' : 'c', >> - field3 & TRB_NO_SNOOP ? 'S' : 's', >> - field3 & TRB_ISP ? 'I' : 'i', >> - field3 & TRB_ENT ? 'E' : 'e', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "type '%s' Buffer %08x%08x length %ld TD size %ld " >> + "intr %ld flags %c:%c:%c:%c:%c:%c:%c", >> + cdnsp_trb_type_string(type), >> + field1, field0, TRB_LEN(field2), >> + GET_TD_SIZE(field2), >> + GET_INTR_TARGET(field2), >> + field3 & TRB_IDT ? 'D' : 'i', >> + field3 & TRB_IOC ? 'I' : 'i', >> + field3 & TRB_CHAIN ? 'C' : 'c', >> + field3 & TRB_NO_SNOOP ? 'S' : 's', >> + field3 & TRB_ISP ? 'I' : 'i', >> + field3 & TRB_ENT ? 'E' : 'e', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_STATUS: >> - ret += snprintf(str, size, >> - "Buffer %08x%08x length %ld TD size %ld intr" >> - "%ld type '%s' flags %c:%c:%c:%c", >> - field1, field0, TRB_LEN(field2), >> - GET_TD_SIZE(field2), >> - GET_INTR_TARGET(field2), >> - cdnsp_trb_type_string(type), >> - field3 & TRB_IOC ? 'I' : 'i', >> - field3 & TRB_CHAIN ? 'C' : 'c', >> - field3 & TRB_ENT ? 'E' : 'e', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "Buffer %08x%08x length %ld TD size %ld intr" >> + "%ld type '%s' flags %c:%c:%c:%c", >> + field1, field0, TRB_LEN(field2), >> + GET_TD_SIZE(field2), >> + GET_INTR_TARGET(field2), >> + cdnsp_trb_type_string(type), >> + field3 & TRB_IOC ? 'I' : 'i', >> + field3 & TRB_CHAIN ? 'C' : 'c', >> + field3 & TRB_ENT ? 'E' : 'e', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_NORMAL: >> case TRB_ISOC: >> case TRB_EVENT_DATA: >> case TRB_TR_NOOP: >> - ret += snprintf(str, size, >> - "type '%s' Buffer %08x%08x length %ld " >> - "TD size %ld intr %ld " >> - "flags %c:%c:%c:%c:%c:%c:%c:%c:%c", >> - cdnsp_trb_type_string(type), >> - field1, field0, TRB_LEN(field2), >> - GET_TD_SIZE(field2), >> - GET_INTR_TARGET(field2), >> - field3 & TRB_BEI ? 'B' : 'b', >> - field3 & TRB_IDT ? 'T' : 't', >> - field3 & TRB_IOC ? 'I' : 'i', >> - field3 & TRB_CHAIN ? 'C' : 'c', >> - field3 & TRB_NO_SNOOP ? 'S' : 's', >> - field3 & TRB_ISP ? 'I' : 'i', >> - field3 & TRB_ENT ? 'E' : 'e', >> - field3 & TRB_CYCLE ? 'C' : 'c', >> - !(field3 & TRB_EVENT_INVALIDATE) ? 'V' : 'v'); >> + ret = snprintf(str, size, >> + "type '%s' Buffer %08x%08x length %ld " >> + "TD size %ld intr %ld " >> + "flags %c:%c:%c:%c:%c:%c:%c:%c:%c", >> + cdnsp_trb_type_string(type), >> + field1, field0, TRB_LEN(field2), >> + GET_TD_SIZE(field2), >> + GET_INTR_TARGET(field2), >> + field3 & TRB_BEI ? 'B' : 'b', >> + field3 & TRB_IDT ? 'T' : 't', >> + field3 & TRB_IOC ? 'I' : 'i', >> + field3 & TRB_CHAIN ? 'C' : 'c', >> + field3 & TRB_NO_SNOOP ? 'S' : 's', >> + field3 & TRB_ISP ? 'I' : 'i', >> + field3 & TRB_ENT ? 'E' : 'e', >> + field3 & TRB_CYCLE ? 'C' : 'c', >> + !(field3 & TRB_EVENT_INVALIDATE) ? 'V' : 'v'); >> break; >> case TRB_CMD_NOOP: >> case TRB_ENABLE_SLOT: >> - ret += snprintf(str, size, "%s: flags %c", >> - cdnsp_trb_type_string(type), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, "%s: flags %c", >> + cdnsp_trb_type_string(type), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_DISABLE_SLOT: >> - ret += snprintf(str, size, "%s: slot %ld flags %c", >> - cdnsp_trb_type_string(type), >> - TRB_TO_SLOT_ID(field3), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, "%s: slot %ld flags %c", >> + cdnsp_trb_type_string(type), >> + TRB_TO_SLOT_ID(field3), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_ADDR_DEV: >> - ret += snprintf(str, size, >> - "%s: ctx %08x%08x slot %ld flags %c:%c", >> - cdnsp_trb_type_string(type), field1, field0, >> - TRB_TO_SLOT_ID(field3), >> - field3 & TRB_BSR ? 'B' : 'b', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "%s: ctx %08x%08x slot %ld flags %c:%c", >> + cdnsp_trb_type_string(type), field1, field0, >> + TRB_TO_SLOT_ID(field3), >> + field3 & TRB_BSR ? 'B' : 'b', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_CONFIG_EP: >> - ret += snprintf(str, size, >> - "%s: ctx %08x%08x slot %ld flags %c:%c", >> - cdnsp_trb_type_string(type), field1, field0, >> - TRB_TO_SLOT_ID(field3), >> - field3 & TRB_DC ? 'D' : 'd', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "%s: ctx %08x%08x slot %ld flags %c:%c", >> + cdnsp_trb_type_string(type), field1, field0, >> + TRB_TO_SLOT_ID(field3), >> + field3 & TRB_DC ? 'D' : 'd', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_EVAL_CONTEXT: >> - ret += snprintf(str, size, >> - "%s: ctx %08x%08x slot %ld flags %c", >> - cdnsp_trb_type_string(type), field1, field0, >> - TRB_TO_SLOT_ID(field3), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "%s: ctx %08x%08x slot %ld flags %c", >> + cdnsp_trb_type_string(type), field1, field0, >> + TRB_TO_SLOT_ID(field3), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_RESET_EP: >> case TRB_HALT_ENDPOINT: >> case TRB_FLUSH_ENDPOINT: >> - ret += snprintf(str, size, >> - "%s: ep%d%s(%d) ctx %08x%08x slot %ld flags %c", >> - cdnsp_trb_type_string(type), >> - ep_num, ep_id % 2 ? "out" : "in", >> - TRB_TO_EP_INDEX(field3), field1, field0, >> - TRB_TO_SLOT_ID(field3), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "%s: ep%d%s(%d) ctx %08x%08x slot %ld flags %c", >> + cdnsp_trb_type_string(type), >> + ep_num, ep_id % 2 ? "out" : "in", >> + TRB_TO_EP_INDEX(field3), field1, field0, >> + TRB_TO_SLOT_ID(field3), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_STOP_RING: >> - ret += snprintf(str, size, >> - "%s: ep%d%s(%d) slot %ld sp %d flags %c", >> - cdnsp_trb_type_string(type), >> - ep_num, ep_id % 2 ? "out" : "in", >> - TRB_TO_EP_INDEX(field3), >> - TRB_TO_SLOT_ID(field3), >> - TRB_TO_SUSPEND_PORT(field3), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "%s: ep%d%s(%d) slot %ld sp %d flags %c", >> + cdnsp_trb_type_string(type), >> + ep_num, ep_id % 2 ? "out" : "in", >> + TRB_TO_EP_INDEX(field3), >> + TRB_TO_SLOT_ID(field3), >> + TRB_TO_SUSPEND_PORT(field3), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_SET_DEQ: >> - ret += snprintf(str, size, >> - "%s: ep%d%s(%d) deq %08x%08x stream %ld slot %ld flags %c", >> - cdnsp_trb_type_string(type), >> - ep_num, ep_id % 2 ? "out" : "in", >> - TRB_TO_EP_INDEX(field3), field1, field0, >> - TRB_TO_STREAM_ID(field2), >> - TRB_TO_SLOT_ID(field3), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, >> + "%s: ep%d%s(%d) deq %08x%08x stream %ld slot %ld flags %c", >> + cdnsp_trb_type_string(type), >> + ep_num, ep_id % 2 ? "out" : "in", >> + TRB_TO_EP_INDEX(field3), field1, field0, >> + TRB_TO_STREAM_ID(field2), >> + TRB_TO_SLOT_ID(field3), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_RESET_DEV: >> - ret += snprintf(str, size, "%s: slot %ld flags %c", >> - cdnsp_trb_type_string(type), >> - TRB_TO_SLOT_ID(field3), >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + ret = snprintf(str, size, "%s: slot %ld flags %c", >> + cdnsp_trb_type_string(type), >> + TRB_TO_SLOT_ID(field3), >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> case TRB_ENDPOINT_NRDY: >> - temp = TRB_TO_HOST_STREAM(field2); >> - >> - ret += snprintf(str, size, >> - "%s: ep%d%s(%d) H_SID %x%s%s D_SID %lx flags %c:%c", >> - cdnsp_trb_type_string(type), >> - ep_num, ep_id % 2 ? "out" : "in", >> - TRB_TO_EP_INDEX(field3), temp, >> - temp == STREAM_PRIME_ACK ? "(PRIME)" : "", >> - temp == STREAM_REJECTED ? "(REJECTED)" : "", >> - TRB_TO_DEV_STREAM(field0), >> - field3 & TRB_STAT ? 'S' : 's', >> - field3 & TRB_CYCLE ? 'C' : 'c'); >> + temp = TRB_TO_HOST_STREAM(field2); >> + >> + ret = snprintf(str, size, >> + "%s: ep%d%s(%d) H_SID %x%s%s D_SID %lx flags %c:%c", >> + cdnsp_trb_type_string(type), >> + ep_num, ep_id % 2 ? "out" : "in", >> + TRB_TO_EP_INDEX(field3), temp, >> + temp == STREAM_PRIME_ACK ? "(PRIME)" : "", >> + temp == STREAM_REJECTED ? "(REJECTED)" : "", >> + TRB_TO_DEV_STREAM(field0), >> + field3 & TRB_STAT ? 'S' : 's', >> + field3 & TRB_CYCLE ? 'C' : 'c'); >> break; >> default: >> - ret += snprintf(str, size, >> - "type '%s' -> raw %08x %08x %08x %08x", >> - cdnsp_trb_type_string(type), >> - field0, field1, field2, field3); >> + ret = snprintf(str, size, >> + "type '%s' -> raw %08x %08x %08x %08x", >> + cdnsp_trb_type_string(type), >> + field0, field1, field2, field3); >> } >> >> + if (ret >= size) >> + pr_info("CDNSP: buffer overflowed.\n"); > >"info"? > >If the buffer overflows, was it properly truncated? Or did we just >crash something else by passing on an overflowed buffer? Yes, data will be properly truncated. Driver and kernel will not crash. So, I added only information that some debug date may have been truncated. Thanks, Pawel Laszczak