There is a spelling mistake in a ksft_test_result message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/futex/functional/futex_priv_hash.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/futex/functional/futex_priv_hash.c
b/tools
There is a spelling mistake in a fail error message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/futex/functional/futex_numa_mpol.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/futex/functional/futex_numa_mpol.c
b/tools
There is a spelling mistake in an error message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/perf_events/watermark_signal.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/perf_events/watermark_signal.c
b/tools/testing/selftests
There is a spelling mistake in a ksft_test_result_skip message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/kvm/s390/cpumodel_subfuncs_test.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/kvm/s390/cpumodel_subfuncs_test.c
b
There is a spelling mistake in a PER_PAGE_DEBUG debug message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/kvm/lib/userfaultfd_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/kvm/lib/userfaultfd_util.c
b/tools/testing
There is a spelling mistake in a sig_print message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/x86/xstate.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/x86/xstate.c
b/tools/testing/selftests/x86/xstate.c
index 875777911d82
There is a spelling mistake in a TEST_FAIL message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/kvm/lib/kvm_util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/kvm/lib/kvm_util.c
b/tools/testing/selftests/kvm/lib/kvm_util.c
There is a spelling mistake in a literal string and in the function
test_get_inital_dirty. Fix them.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/kvm/s390/cmma_test.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tools/testing/selftests/kvm/s390
There is a spelling mistake in a literal string. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/kvm/s390/cmma_test.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/kvm/s390/cmma_test.c
b/tools/testing/selftests/kvm/s390
ned-off-by: Colin Ian King
---
drivers/virtio/virtio_vdpa.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/virtio/virtio_vdpa.c b/drivers/virtio/virtio_vdpa.c
index 7364bd53e38d..1f60c9d5cb18 100644
--- a/drivers/virtio/virtio_vdpa.c
+++ b/drivers/virtio/virtio_vdp
There is a spelling mistake in a ksft_test_result_skip message. Fix it.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/kvm/s390x/cpumodel_subfuncs_test.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/testing/selftests/kvm/s390x/cpumodel_subfuncs_test.c
b
There are two spelling mistakes in the tracepoint message text. Fix them.
Signed-off-by: Colin Ian King
---
include/trace/events/firewire.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/trace/events/firewire.h b/include/trace/events/firewire.h
index
Signed-off-by: Colin Ian King
---
drivers/dax/bus.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/drivers/dax/bus.c b/drivers/dax/bus.c
index 797e1ebff299..f758afbf8f09 100644
--- a/drivers/dax/bus.c
+++ b/drivers/dax/bus.c
@@ -1204,7 +1204,6 @@ static ssize_t mapping_store(struct device *d
ue is never actually read
from 'error' [deadcode.DeadStores]
Signed-off-by: Colin Ian King
---
fs/dax.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/fs/dax.c b/fs/dax.c
index 2ababb89918d..cb36c6746fc4 100644
--- a/fs/dax.c
+++ b/fs/dax.c
@@ -1830,
There is a spelling mistake in a dev_warn message. Fix it.
Signed-off-by: Colin Ian King
---
drivers/nvdimm/region_devs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/nvdimm/region_devs.c b/drivers/nvdimm/region_devs.c
index 83dbf398ea84..8f5274b04348 100644
--- a
/* For larger pages we need devmap */
if (length > 1 && !pfn_t_devmap(*pfnp))
goto out;
rc = 0;
out_check_addr:
if (!kaddr)
goto out;
if (!*kaddr)
rc = -EFAULT;
out:
dax_read_unlock(id);
return rc;
}
Colin
From: Colin Ian King
There are a few function prototypes that are missing a void parameter,
fix this by adding it in.
Signed-off-by: Colin Ian King
---
tools/testing/selftests/vm/mremap_dontunmap.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/tools/testing
From: Colin Ian King
The bit-masks used for the TXERRCH and RXERRCH (tx and rx error channels)
are incorrect and always lead to a zero result. The mask values are
currently the incorrect post-right shifted values, fix this by setting
them to the currect values.
(I double checked these against
On 20/04/2021 16:31, Peter Zijlstra wrote:
> On Tue, Apr 20, 2021 at 05:03:03PM +0200, Peter Zijlstra wrote:
>> On Tue, Apr 20, 2021 at 03:29:07PM +0100, Colin King wrote:
>>> From: Colin Ian King
>>>
>>> The 64 bit value read from MSR_ARCH_PERFMON_FIXED_CTR_CT
From: Colin Ian King
The 64 bit value read from MSR_ARCH_PERFMON_FIXED_CTR_CTRL is being
bit-wise masked with the value (0x03 << i*4). However, the shifted value
is evaluated using 32 bit arithmetic, so will overflow when i > 8.
Fix this by making 0x03 a ULL so that the shift is perfor
From: Colin Ian King
Currently when the call to usb_urb_ep_type_check fails (returning -EINVAL)
the error return path returns -ENOMEM via the exit label "error". Other
uses of the same error exit label set the err variable to -ENOMEM but this
is not being used. I believe the original
-= phase_offset_raw results in phase_offset_raw being
zero, I don't think that was the intent.
Colin
From: Colin Ian King
The variable err is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/net/ethernet
From: Colin Ian King
The check for ret < 0 is always false because ret is a (unsigned) size_t
and not a (signed) ssize_t, hence simple_write_to_buffer failures are
never detected. Fix this by making ret a ssize_t
Addresses-Coverity: ("Unsigned compared against 0")
Fixes: 8074a79fad
From: Colin Ian King
The variable result is being assigned with a value that is
never read, the assignment is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/usb/storage/datafab.c | 1 -
1 file changed, 1 deletion(-)
di
From: Colin Ian King
The variable status is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed and move the
declaration of status to the scope where it is used.
Addresses-Coverity: ("Unused
From: Colin Ian King
The variable count is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/tty/syn
From: Colin Ian King
The pointer mbox is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/scs
From: Colin Ian King
The pointer tmp_hdr is being assigned a value that is never
read, the assignment is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/scsi/lpfc/lpfc_sli.c | 1 -
1 file changed, 1 deletion(-)
diff --git
From: Colin Ian King
The size of the buffer than can be written to is currently incorrect, it is
always the size of the entire buffer even though the snprintf is writing
as position pos into the buffer. Fix this by setting the buffer size to be
the number of bytes left in the buffer, namely
From: Colin Ian King
The size of the buffer than can be written to is currently incorrect, it is
always the size of the entire buffer even though the snprintf is writing
as position pos into the buffer. Fix this by setting the buffer size to be
the number of bytes left in the buffer, namely
From: Colin Ian King
Currently the assignment of idx dereferences pointer sta before
sta is null checked, leading to a potential null pointer dereference.
Fix this by assigning idx when it is required after the null check on
pointer sta.
Addresses-Coverity: ("Dereference before null
From: Colin Ian King
Currently when ns fails to be allocated the error return path returns
an uninitialized return code in variable 'err'. Fix this by setting
err to -ENOMEM.
Addresses-Coverity: ("Uninitialized scalar variable")
Fixes: 688330711e9a ("bcache: initializ
From: Colin Ian King
The variable agaw is initialized with a value that is never
read and it is being updated later with a new value as a
counter in a for-loop. The initialization is redundant and
can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
--
From: Colin Ian King
The variable retval is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/
From: Colin Ian King
Checkpatch reported that linux/processor.h should be included instead
of the asm variant. Fix this to clean up the warning.
Signed-off-by: Colin Ian King
---
drivers/gpu/drm/amd/pm/amdgpu_pm.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu
From: Colin Ian King
The increment of idx is indented one level too deeply, clean up the
code by removing the extraneous tab.
Signed-off-by: Colin Ian King
---
net/mac80211/rc80211_minstrel_ht.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/mac80211
From: Colin Ian King
Checkpatch is warning that char* text sould be char *text to match
the coding style. Fix this.
Signed-off-by: Colin Ian King
---
drivers/scsi/3w-9xxx.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/scsi/3w-9xxx.h b/drivers/scsi/3w-9xxx.h
From: Colin Ian King
Checkpatch warnings that there is a missing const, fix this by adding it.
Clean us up warning:
"WARNING: static const char * array should probably be static
const char * const"
Signed-off-by: Colin Ian King
---
kernel/sched/core.c | 2 +-
1 file changed, 1
From: Colin Ian King
The inline keyword should be between storage class and type. Fix
this by swapping void inline to inline void.
Signed-off-by: Colin Ian King
---
arch/x86/um/shared/sysdep/stub_32.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/um/shared
From: Colin Ian King
The variable rc is being assigned a value that is never read,
the assignment is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/acpi/apei/einj.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/dr
From: Colin Ian King
The variable r_index is being assigned a value that is never read,
the assignment is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
block/partitions/ldm.c | 1 -
1 file changed, 1 deletion(-)
diff --g
From: Colin Ian King
The variable st is being assigned a value that is never read and
it is being updated later with a new value. The initialization is
redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
arch/x86/include/asm/floppy.
From: Colin Ian King
There are spelling mistakes in netdev_dbg and netdev_dbg messages,
fix these.
Signed-off-by: Colin Ian King
---
drivers/net/can/usb/etas_es58x/es58x_core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/can/usb/etas_es58x/es58x_core.c
From: Colin Ian King
There are calls to idxd_cmd_exec that pass a null status pointer however
a recent commit has added an assignment to *status that can end up
with a null pointer dereference. The function expects a null status
pointer sometimes as there is a later assignment to *status where
On 15/04/2021 10:03, Marc Kleine-Budde wrote:
> On 15.04.2021 09:55:35, Colin King wrote:
>> From: Colin Ian King
>>
>> The pointer cf is being null checked earlier in the code, however the
>> update of the rx_bytes statistics is dereferencing cf without null
>>
From: Colin Ian King
The pointer cf is being null checked earlier in the code, however the
update of the rx_bytes statistics is dereferencing cf without null
checking cf. Fix this by moving the statement into the following code
block that has a null cf check.
Addresses-Coverity: ("Derefe
From: Colin Ian King
There is an assignment to *netdev that is can potentially be null but the
null check is checking netdev and not *netdev as intended. Fix this by
adding in the missing * operator.
Addresses-Coverity: ("Dereference before null check")
Fixes: 8537257874e9 ("
From: Colin Ian King
The comparison of the u32 variable queue with <= zero is always true
since an unsigned can never be negative. Replace the conditional
check with the boolean true to simplify the code. The while loop
will terminate because of the zero check on queue before queue
On 12/04/2021 17:48, James Bottomley wrote:
> On Mon, 2021-04-12 at 17:01 +0100, Colin King wrote:
>> From: Colin Ian King
>>
>> The kzalloc call can return null with the GFP_KERNEL flag so
>> add a null check and exit via a new error exit label. Use the
>> same e
From: Colin Ian King
Static analysis is reporting a memory leak on mgtdev, it appears
that the wrong object is being kfree'd. Fix this by kfree'ing
mgtdev rather than mdev.
Addresses-Coverity: ("Resource leak")
Fixes: c8a2d4c73e70 ("vdpa/mlx5: Enable user to add/delete
From: Colin Ian King
In the case where size is zero the while loop never assigns rc and the
return value is uninitialized. Fix this by initializing rc to zero.
Addresses-Coverity: ("Uninitialized scalar variable")
Fixes: 639781dcab82 ("habanalabs/gaudi: add debugfs to DMA
From: Colin Ian King
The kzalloc call can return null with the GFP_KERNEL flag so
add a null check and exit via a new error exit label. Use the
same exit error label for another error path too.
Addresses-Coverity: ("Dereference null return value")
Fixes: 830027e2cb55 ("KEY
From: Colin Ian King
The call to alloc_skb with the GFP_KERNEL flag can return a null sk_buff
pointer, so add a null check to avoid any null pointer deference issues.
Addresses-Coverity: ("Dereference null return value")
Fixes: afd2daa26c7a ("Bluetooth: Add support for virtio t
From: Colin Ian King
The reset_prepare and reset_done calls have a null pointer check
on ae_dev however ae_dev is being dereferenced via the call to
ns3_is_phys_func with the ae->pdev argument. Fix this by performing
a null pointer check on ae_dev and hence short-circuiting the
dereference
On 09/04/2021 15:28, Brian Foster wrote:
> On Fri, Apr 09, 2021 at 03:18:34PM +0100, Colin King wrote:
>> From: Colin Ian King
>>
>> A previous commit removed a call to xfs_attr3_leaf_read that
>> assigned an error return code to variable error. We now have
>>
From: Colin Ian King
A previous commit removed a call to xfs_attr3_leaf_read that
assigned an error return code to variable error. We now have
a few early error return paths to label 'out' that return
error if error is set; however error now is uninitialized
so potentially garbag
From: Colin Ian King
The shifting of the u8 integers rq->caching by 26 bits to
the left will be promoted to a 32 bit signed int and then
sign-extended to a u64. In the event that rq->caching is
greater than 0x1f then all then all the upper 32 bits of
the u64 end up as also being set beca
From: Colin Ian King
The shifting of the u8 integers f->fs.nat_lip[] by 24 bits to
the left will be promoted to a 32 bit signed int and then
sign-extended to a u64. In the event that the top bit of the u8
is set then all then all the upper 32 bits of the u64 end up as
also being set because
writing the value assigned on line 1761. Should the = operator
on the re-assignment be an |= operator instead?
Colin
From: Colin Ian King
The variable 'field' is being assigned a value this is never read,
it is being updated in all the following if/else combinations. The
assignment is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
dri
On 29/03/2021 08:13, Ido Schimmel wrote:
> On Sat, Mar 27, 2021 at 10:33:34PM +0000, Colin King wrote:
>> From: Colin Ian King
>>
>> The variable force is being initialized with a value that is
>> never read and it is being updated later with a new value. The
>>
From: Colin Ian King
The for-loop iterates with a u8 loop counter i and compares this
with the loop upper limit of num_parents that is an int type.
There is a potential infinite loop if num_parents is larger than
the u8 loop counter. Fix this by making the loop counter the same
type as
From: Colin Ian King
The for-loop iterates with a u8 loop counter i and compares this
with the loop upper limit of num_parents that is an int type.
There is a potential infinite loop if num_parents is larger than
the u8 loop counter. Fix this by making the loop counter the same
type as
On 09/04/2021 07:46, Masahiro Yamada wrote:
> On Thu, Apr 8, 2021 at 12:25 AM Colin King wrote:
>>
>> From: Colin Ian King
>>
>> The for-loop iterates with a u8 loop counter i and compares this
>> with the loop upper limit of num_parents that is an int type.
>
From: Colin Ian King
The for-loop iterates with a u16 loop counter idx and compares this
with the loop upper limit of q->flows_cnt that is a u32 type.
There is a potential infinite loop if q->flows_cnt is larger than
the u8 loop counter. Fix this by making the loop counter the same
typ
From: Colin Ian King
The for-loop iterates with a u8 loop counter i and compares this
with the loop upper limit of num_parents that is an int type.
There is a potential infinite loop if num_parents is larger than
the u8 loop counter. Fix this by making the loop counter the same
type as
From: Colin Ian King
The for-loop iterates with a u8 loop counter i and compares this
with the loop upper limit of riv->ieee80211->LinkDetectInfo.SlotNum
that is a u16 type. There is a potential infinite loop if SlotNum
is larger than the u8 loop counter. Fix this by making the loop
count
From: Colin Ian King
The for_each_tx_queue loop iterates with a u8 loop counter i and
compares this with the loop upper limit of bp->num_queues that
is an int type. There is a potential infinite loop if bp->num_queues
is larger than the u8 loop counter. Fix this by making the loop
count
From: Colin Ian King
The pointer hdev is being dereferenced twice on the assignment of
pointers cpu_cs_base and wrapper_base before hdev is being null
checked. Fix the potential null pointer dereference issues by
performing the null check of hdev before dereferencing it when
assigning
From: Colin Ian King
The for-loop iterates with a u8 loop counter i and compares this
with the loop upper limit of pm8001_ha->max_q_num which is a u32
type. There is a potential infinite loop if pm8001_ha->max_q_num
is larger than the u8 loop counter. Fix this by making the loop
count
From: Colin Ian King
The for-loop iterates with a u8 loop counter i and compares this
with the loop upper limit of res->resets_num which is an unsigned
int type. There is a potential infinite loop if res->resets_num
is larger than the u8 loop counter i. Fix this by making the loop
count
From: Colin Ian King
There is a spelling mistake in a comment. Fix it.
Signed-off-by: Colin Ian King
---
drivers/staging/comedi/drivers/addi_apci_16xx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/comedi/drivers/addi_apci_16xx.c
b/drivers/staging
From: Colin Ian King
There is a spelling mistake in a pr_err error message. Fix it.
Signed-off-by: Colin Ian King
---
drivers/nvme/target/configfs.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/nvme/target/configfs.c b/drivers/nvme/target/configfs.c
index
From: Colin Ian King
The macro CN23XX_PEM_BAR1_INDEX_REG is being used to shift oct->pcie_port
(a u16) left 24 places. There are two subtle issues here, first the
shift gets promoted to an signed int and then sign extended to a u64.
If oct->pcie_port is 0x80 or more then the upper bits ge
From: Colin Ian King
The error check on err is always false as err is always 0 at the
port_found label. The code is redundant and can be removed.
Addresses-Coverity: ("Logically dead code")
Signed-off-by: Colin Ian King
---
drivers/net/ethernet/xircom/xirc2ps_cs.c | 2 --
1 file
From: Colin Ian King
The call to platform_get_resource can potentially return a NULL pointer
on failure, so add this check and return -EINVAL if it fails.
Addresses-Coverity: ("Dereference null return")
Fixes: e95c237d78c0 ("hwmon: (dme1737) Add sch311x support")
Signed-of
From: Colin Ian King
The call to platform_get_resource can potentially return a NULL pointer
on failure, so add this check and return -EINVAL if it fails.
Addresses-Coverity: ("Dereference null return")
Fixes: c41442474a26 ("usb: gadget: R8A66597 peripheral controller support.&
From: Colin Ian King
The variable div is being initialized with a value that is
never read and it is being updated later with a new value. The
initialization is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/clk/socfpg
From: Colin Ian King
There is an error return path that is not kfree'ing socfpga_clk leading
to a memory leak. Fix this by adding in the missing kfree call.
Addresses-Coverity: ("Resource leak")
Signed-off-by: Colin Ian King
---
drivers/clk/socfpga/clk-gate-a10.c | 1 +
1
From: Colin Ian King
The bit-wise and of the action field with MLX5_ACCEL_ESP_ACTION_DECRYPT
is incorrect as MLX5_ACCEL_ESP_ACTION_DECRYPT is zero and not intended
to be a bit-flag. Fix this by using the == operator as was originally
intended.
Addresses-Coverity: ("Logically dead code&qu
From: Colin Ian King
The clean up of struct d can potentiallly index into a null array
d->virt_buf causing errorenous pointer dereferencing issues on
kfree calls. Fix this by adding a null check on d->virt_buf before
attempting to traverse the array to kfree the objects.
Addresses-Co
From: Colin Ian King
The while-loop iterates until src is non-null or i is 3, however, the
loop counter i is not intinitialied to zero, causing incorrect iteration
counts. Fix this by initializing it to zero.
Addresses-Coverity: ("Uninitialized scalar variable")
Fixes: 1aa5f2e2fe
From: Colin Ian King
There is a spelling mistake in debugfs gem stats. Fix it. Also
re-align output to cater for the extra 1 character.
Signed-off-by: Colin Ian King
---
drivers/gpu/drm/msm/msm_gem.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/gpu/drm
From: Colin Ian King
Currently there is a while loop that contains a handful of continue
statements that can skip over the assignment of the variable err. At
the end of the loop there is a potiential for err to be unassigned
and possibly causing issues when err is checked for a non-zero value
NINIT)
8. uninit_use_in_call: Using uninitialized value ww.ctx.acquired when
calling i915_gem_ww_ctx_fini.
230i915_gem_ww_ctx_fini(&ww);
231
232i915_vm_put(&ppgtt->vm);
233return err;
234 }
Coverity is reporting use of uninitialized values in (lines 230. Not
sure what the best fix is for this, so I'm reporting this as a potential
issue.
Colin
From: Colin Ian King
It appears there are several failure return paths that don't seem
to be free'ing pad. Fix these.
Addresses-Coverity: ("Resource leak")
Fixes: d9b45418a917 ("crypto: sun8i-ss - support hash algorithms")
Signed-off-by: Colin Ian King
---
dri
From: Colin Ian King
There are two error return paths that are not freeing rxd and causing
memory leaks. Fix these.
Addresses-Coverity: ("Resource leak")
Fixes: 00c9211f60db ("crypto: sa2ul - Fix DMA mapping API usage")
Signed-off-by: Colin Ian King
---
drivers/crypto/sa2
From: Colin Ian King
There are two error return paths that are not freeing rxd and causing
memory leaks. Fix these.
Addresses-Coverity: ("Resource leak")
Fixes: 00c9211f60db ("crypto: sa2ul - Fix DMA mapping API usage")
Signed-off-by: Colin Ian King
---
V2: Fix typo in $S
reak;
2084}
2085up_write(&snd_ctl_layer_rwsem);
2086 }
I couldn't quite figure out the original intent of the prev_lops use, so
I'd thought I'd report this issue as the code does look incorrect.
Colin
From: Colin Ian King
A for-loop is using a u8 loop counter that is being compared to
a u32 cmp_dcbcfg->numapp to check for the end of the loop. If
cmp_dcbcfg->numapp is larger than 255 then the counter j will wrap
around to zero and hence an infinite loop occurs. Fix this by making
counter
From: Colin Ian King
Currently the call to nf_log_register is returning an error code that
is not being assigned to ret and yet ret is being checked. Fix this by
adding in the missing assignment.
Addresses-Coverity: ("Logically dead code")
Fixes: 8d02e7da87a0 ("netfilter: nf_lo
From: Colin Ian King
Variable devnum is being checked for a less than zero error return
however the comparison will always be false because devnum is an 8 bit
unsigned integer. Fix this by making devnum an int. Also there is no
need to iniitialize devnum with zero as this value is no read, so
From: Colin Ian King
The variable status is being initialized with a value that is
never read and it is being updated later with a new value.
The initialization is redundant and can be removed. Also clean
up an indentation.
Addresses-Coverity: ("Unused value")
Signed-off-by: Coli
On 30/03/2021 12:48, Mel Gorman wrote:
> Colin Ian King reported the following problem (slightly edited)
>
> Author: Mel Gorman
> Date: Mon Mar 29 11:12:24 2021 +1100
>
> mm/page_alloc: add a bulk page allocator
>
> ...
>
>
From: Colin Ian King
There is a spelling mistake in a dev_err error message. Fix it.
Signed-off-by: Colin Ian King
---
sound/soc/codecs/mt6359-accdet.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sound/soc/codecs/mt6359-accdet.c b/sound/soc/codecs/mt6359-accdet.c
index
From: Colin Ian King
Currently the memory pointed to by area is being freed by the
free_vm_area call and then area->nr_pages is referencing the
free'd object. Fix this swapping the order of the warn_alloc
message and the free.
Addresses-Coverity: ("Read from pointer after
atetype(gfp_mask) == MIGRATE_MOVABLE)
2. read_value: Reading value alloc_flags.
3858alloc_flags |= ALLOC_CMA;
3859#endif
3860return alloc_flags;
3861 }
So alloc_flags in gfp_to_alloc_flags_cma is being updated with the |=
operator and we managed to get to this path with uninitialized
alloc_flags. Should alloc_flags be initialized to zero in
__alloc_page_bulk()?
Colin
From: Colin Ian King
In the case where !sg_dma_len(sgl) breaks out of the do-while loop
on the first iteration, error variable err has not been assigned
any value and will contain garbage. Fix this by ensuring err is
initialized to zero.
Addresses-Coverity: ("Uninitialized scalar var
From: Colin Ian King
The variable res is being initialized with a value that is
never read and it is being updated later with a new value.
The initialization is redundant and can be removed.
Addresses-Coverity: ("Unused value")
Signed-off-by: Colin Ian King
---
drivers/net/
1 - 100 of 1756 matches
Mail list logo
