Le 02/10/2023 à 13:45, Greg Kroah-Hartman a écrit :
On Sat, Sep 23, 2023 at 12:54:24PM +0200, Christophe JAILLET wrote:
In order to teach the compiler that 'hs_ep->name' will never be truncated,
we need to tell it that 'epnum' is not negative.
'epnum' comes from in a 'for' loop in dwc2_gadget_init(), starting at 0
and ending at 255. (hsotg->num_of_eps is a char)
When building with W=1, this fixes the following warnings:
drivers/usb/dwc2/gadget.c: In function ‘dwc2_hsotg_initep’:
drivers/usb/dwc2/gadget.c:4804:55: error: ‘%d’ directive output may be truncated writing between 1 and 11 bytes into a region of size 8 [-Werror=format-truncation=]
4804 | snprintf(hs_ep->name, sizeof(hs_ep->name), "ep%d%s", epnum, dir);
| ^~
drivers/usb/dwc2/gadget.c:4804:52: note: directive argument in the range [-2147483645, 255]
4804 | snprintf(hs_ep->name, sizeof(hs_ep->name), "ep%d%s", epnum, dir);
| ^~~~~~~~
drivers/usb/dwc2/gadget.c:4804:9: note: ‘snprintf’ output between 6 and 17 bytes into a destination of size 10
4804 | snprintf(hs_ep->name, sizeof(hs_ep->name), "ep%d%s", epnum, dir);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes: 5b7d70c6dbf2 ("USB: Gadget driver for Samsung HS/OtG block")
Signed-off-by: Christophe JAILLET <christophe.jaillet@xxxxxxxxxx>
Looks like the kernel test robot didn't like this one :(
Hi,
unless I missed something, this was built-tested.
I use gcc 12.3.0 and the report is done with gcc 11.3.0.
Maybe the value range propagation algorithm of how the diagnostic for
such potential overflow has been improved in recent gcc?
For your information, I got a similar feedback for another patch.
It was also built tested from my side, but the maintainer report that
there is still some potential overflow warning.
Strange :/
CJ