[PATCH] net: cortina_ni: Fix typo accessing wrong phy

2025-08-01 Thread Andrew Goodbody
In ca_phy_probe when checking for an external phy it uses a field from the internal phy due to what is assumed to be a copy/paste typo. Make the obvious fix to use the field from the external phy. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/net/cortina_ni.c | 2

[PATCH] mtd: ubi: Remove test that always fails

2025-08-01 Thread Andrew Goodbody
When checking the VID header of a static volume there is an early test for data_size == 0 so testing for that condition again is guaranteed to fail. Just remove this piece of code. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mtd/ubi/io.c | 7 +-- 1 file

Smatch report for ubispl

2025-08-01 Thread Andrew Goodbody
Smatch reports the following error. drivers/mtd/ubispl/ubispl.c:782 ubi_scan_fastmap() error: memcpy() 'vh' too small (64 vs 268) I do not know the code well enough to attempt a fix in this case. Andrew

[PATCH 0/3] mtd: rawnand: Fix some Smatch reports

2025-08-01 Thread Andrew Goodbody
Smatch reported some errors with memory being leaked on error paths and also error paths lacking an error code to be returned. Signed-off-by: Andrew Goodbody --- Andrew Goodbody (3): mtd: nand: pxa3xx: Free memory on error mtd: rawnand: stm32_fmc2: Ensure to return error code

[PATCH 3/3] mtd: nand: sunxi: Free allocated memory on errors

2025-08-01 Thread Andrew Goodbody
Add kfree calls on error paths for memory that was allocated. This will prevent memory leaks. This issue found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mtd/nand/raw/sunxi_nand.c | 17 +++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/drivers/mtd/nand

[PATCH 2/3] mtd: rawnand: stm32_fmc2: Ensure to return error code

2025-08-01 Thread Andrew Goodbody
In stm32_fmc2_nfc_probe there are 3 error returns that do not set the error code before returning which could lead to the error being silently ignored. Just return -EINVAL in each case. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mtd/nand/raw/stm32_fmc2_nand.c

[PATCH 1/3] mtd: nand: pxa3xx: Free memory on error

2025-08-01 Thread Andrew Goodbody
In pxa3xx_nand_probe_dt if the function detects an error after allocating memory that memory is not freed before exit. Add the appropriate free. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mtd/nand/raw/pxa3xx_nand.c | 1 + 1 file changed, 1 insertion(+) diff

[PATCH 2/3] mtd: rawnand: denali: Remove always true test

2025-08-01 Thread Andrew Goodbody
In denali_wait_for_irq the code will either return from inside the while loop or exit with time_left being 0. The following test for time_left being 0 is guranteed to be true so remove the test and the following unreachable code. This issue was found by Smatch. Signed-off-by: Andrew Goodbody

[PATCH 0/3] mtd: rawnand: Fix some Smatch reported issues

2025-08-01 Thread Andrew Goodbody
Smatch reported some issues with rawnand code. Firstly detecting allocation failures for cortina. Secondly an always true test for denali. Lastly using goto an error path without setting the error code for return for mxs_nand. Signed-off-by: Andrew Goodbody --- Andrew Goodbody (3): mtd

[PATCH 3/3] mtd: rawnand: mxs_nand: Ensure err is set for error path

2025-08-01 Thread Andrew Goodbody
was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mtd/nand/raw/mxs_nand.c | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/drivers/mtd/nand/raw/mxs_nand.c b/drivers/mtd/nand/raw/mxs_nand.c index ba67466069b..fecf1f5ba91 100644 --- a/drivers/mtd/nand/raw

[PATCH 1/3] mtd: rawnand: cortina_nand: Fix -ENOMEM detection

2025-08-01 Thread Andrew Goodbody
the more likely scenario. Refactor the code to simplify it and just fail as soon as either allocation fails. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mtd/nand/raw/cortina_nand.c | 11 +-- 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/dr

[PATCH] mtd: nand: Do not dereference before NULL check

2025-07-31 Thread Andrew Goodbody
In nanddev_init mtd and memorg are assigned values that dereference nand but this happens before a NULL check for nand. Move the assignments after the NULL check. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mtd/nand/core.c | 7 +-- 1 file changed, 5

[PATCH] mmc: rockchip_sdhci: Do not test unsigned for being less than 0

2025-07-31 Thread Andrew Goodbody
In rockchip_sdhci_execute_tuning the variable tuning_loop_counter is tested for being less than 0. Ensure that it is a signed type by declaring it as s8 instead of char. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mmc/rockchip_sdhci.c | 2 +- 1 file changed, 1

[PATCH] mmc: owl_mmc: Do not dereference data before NULL check

2025-07-31 Thread Andrew Goodbody
In owl_mmc_prepare_data there is a NULL check for the pointer data but it happens after data has already been dereferenced. Refactor the code so that the NULL check happens before any code dereferences data. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mmc

[PATCH 2/2] mmc: octeontx_hsmmc: Remove impossible test

2025-07-31 Thread Andrew Goodbody
In octeontx_mmc_io_drive_setup drive and slew are tested for being less than 0 but they are declared as uint fields so this test must always fail. Just remove the test. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mmc/octeontx_hsmmc.c | 3 --- 1 file changed, 3

[PATCH 1/2] mmc: octeontx_hsmmc: Need parens in expression

2025-07-31 Thread Andrew Goodbody
The check for no response expected in octeontx_mmc_send_cmd needs parens adding for proper interpretation. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mmc/octeontx_hsmmc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/mmc

[PATCH 0/2] mmc: octeontx_hsmmc: Fix two Smatch issues

2025-07-31 Thread Andrew Goodbody
Smatch reported two issues. Firstly that an expression probably needed parenthesis to be correctly interpreted. Secondly that two unsigned fields in a struct were both being tested for being less than 0. Signed-off-by: Andrew Goodbody --- Andrew Goodbody (2): mmc: octeontx_hsmmc: Need

[PATCH] mmc: iproc_sdhci: Cannot test unsigned variable for negative

2025-07-30 Thread Andrew Goodbody
In sdhci_iproc_execute_tuning the variable tuning_loop_counter is unsigned and therefore will always fail the test for it being less than 0. Fix this by changing the variable type to be s8. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mmc/iproc_sdhci.c | 2 +- 1

[PATCH 2/2] mmc: gen_atmel_mci: NULL check variable before use

2025-07-29 Thread Andrew Goodbody
In mci_send_cmd the pointer 'data' is optional so guard its use with a NULL check to prevent any attempt to dereference it when not provided. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mmc/gen_atmel_mci.c | 14 -- 1 file changed, 8 insert

[PATCH 1/2] mmc: gen_atmel_mci: Remove duplicate checks

2025-07-29 Thread Andrew Goodbody
Remove duplicate checks on status from mci_data_read and mci_data_write which are guaranteed to be true as exiting the above do..while loop above requires that to be so. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mmc/gen_atmel_mci.c | 14 ++ 1 file

[PATCH 0/2] mmc: gen_atmel_mci: Fix some Smatch issues

2025-07-29 Thread Andrew Goodbody
Smatch reported issues with duplicated checks that could be removed. Smatch also reported an issue where a variable was dereferenced without a NULL check despite being an optional parameter. Signed-off-by: Andrew Goodbody --- Andrew Goodbody (2): mmc: gen_atmel_mci: Remove duplicate checks

[PATCH] mmc: bcm2835-host: Remove duplicate NULL test for cmd

2025-07-29 Thread Andrew Goodbody
eturn 0; + return -EILSEQ; } if (cmd) { --- base-commit: 182cb30084516c3085d2ca5dde3f105f7625d774 change-id: 20250729-mmc_bcm2835-c97e9597c25c Best regards, -- Andrew Goodbody

[PATCH] socfpga_dtreg: Ensure reg is initialised before use

2025-07-29 Thread Andrew Goodbody
In socfpga_dtreg_probe it is possible that if mask is 0 then reg will not be assigned to before first use. Refactor the code slightly to ensure that reg is always assigned to and remove a piece of duplicated code. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/misc

Smatch error report in drivers/misc/imx_ele/fuse.c

2025-07-29 Thread Andrew Goodbody
Smatch reports the following error. drivers/misc/imx_ele/fuse.c:218 fuse_sense() error: buffer overflow 'data' 4 <= 7 Looking at the code I can see that at line 198, word is checked to be less than 8. Later at line 203 data is declared as a 4 element array. Then at line 218 word is used to i

[PATCH] imx: scu_api: Remove unnecessary NULL check

2025-07-28 Thread Andrew Goodbody
In sc_seco_secvio_dgo_config there is a check for data being NULL but this occurs after data has already been dereferenced. All callers of the function provide a valid pointer for data so no need for the NULL check. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers

Unintialised variable 'offset' in drivers/misc/gsc.c

2025-07-28 Thread Andrew Goodbody
Smatch reports this error drivers/misc/gsc.c:330 gsc_hwmon() error: uninitialized symbol 'offset'. It is not clear to me how to fix this problem. Could you please take a look? Thanks, Andrew

[PATCH] mfd: atmel-smc: Ensure match is initialised

2025-07-28 Thread Andrew Goodbody
If the test in the for loop is never matched then the variable 'match' will never be assigned to. Provide an initial value so this cannot be a problem. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mfd/atmel-smc.c | 2 +- 1 file changed, 1 insertion(+),

[PATCH] mailbox: zynqmp: Fix off by 1 errors

2025-07-28 Thread Andrew Goodbody
Use resource_size to correctly calculate the size to pass to devm_ioremap and avoid the off by 1 errors previously present. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/mailbox/zynqmp-ipi.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git

[PATCH] i2c: rcar_iic: Do not use unitialised variable

2025-07-28 Thread Andrew Goodbody
In rcar_iic_xfer if nmsgs == 0 the ret will not be assigned to. As ret will always be 0 if the for loop is entered, may as well just return 0. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/i2c/rcar_iic.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff

[PATCH] ddr: marvell: a38x: Fix unsigned issues

2025-07-28 Thread Andrew Goodbody
Cannot test an unsigned variable to be less than 0, it will always fail. Signed-off-by: Andrew Goodbody --- drivers/ddr/marvell/a38x/mv_ddr4_training_calibration.c | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/drivers/ddr/marvell/a38x

Re: Smatch issues reported for Marvell a38x DDR4

2025-07-28 Thread Andrew Goodbody
On 25/07/2025 14:02, Stefan Roese wrote: Hi Andrew, On 24.07.25 18:01, Andrew Goodbody wrote: Hi Stefan, Smatch reports the following issues drivers/ddr/marvell/a38x/mv_ddr4_training_calibration.c:1029 mv_ddr4_center_of_mass_calc() warn: unsigned 'd_min' is never less than zer

Re: Smatch report for drivers/fpga/socfpga_gen5.c

2025-07-28 Thread Andrew Goodbody
On 25/07/2025 13:22, Heinrich Schuchardt wrote: On 25.07.25 13:09, Andrew Goodbody wrote: Smatch reports this issue drivers/fpga/socfpga_gen5.c:135 fpgamgr_program_poll_cd() warn: duplicate check 'reg & mask' (previous on line 129) Looking at the code I am not sure that i

[PATCH] arm: socfpga: Remove unnecessary for loop

2025-07-28 Thread Andrew Goodbody
The for loop in fpgamgr_program_poll_cd will always terminate after a single pass and so is not necessary. Remove it and all related code and leave only the code that is effective. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/fpga/socfpga_gen5.c | 25

Re: [PATCH] cmd: ufetch: Initialise size before first use

2025-07-28 Thread Andrew Goodbody
7/2025 10:59, Andrew Goodbody wrote: ping? On 26/06/2025 15:12, Andrew Goodbody wrote: The local variable size is not assigned to before it is used for the first time. Correct this. This issue was found by Smatch. Fixes: 86d462c05d57 (cmd: add a fetch utility) Signed-off-by: Andrew Goodbody ---

[PATCH] gpio: intel_gpio: Initialise or0 and or1

2025-07-25 Thread Andrew Goodbody
instead. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/gpio/intel_gpio.c | 18 +- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/drivers/gpio/intel_gpio.c b/drivers/gpio/intel_gpio.c index 0ab6e8a90bc..ac2fb8bc2cc 100644 --- a/drive

[PATCH] gpio: dwapb_gpio: Using wrong function to free memory

2025-07-25 Thread Andrew Goodbody
In gpio_dwapb_bind plat is used to reference memory allocated by devm_kcalloc but it is attempted to be freed using kfree. Instead free this memory using the correct devm_kfree function. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/gpio/dwapb_gpio.c | 2 +- 1 file

Smatch report for drivers/fpga/socfpga_gen5.c

2025-07-25 Thread Andrew Goodbody
Smatch reports this issue drivers/fpga/socfpga_gen5.c:135 fpgamgr_program_poll_cd() warn: duplicate check 'reg & mask' (previous on line 129) Looking at the code I am not sure that it will work as intended. There are two if statements within the for loop that test for opposite conditions so

[PATCH v2] clk: cdce9xx: Fix use of dev_read_u32_default

2025-07-25 Thread Andrew Goodbody
an error code separately from writing the value into the passed pointer. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- Changes in v2: - Instead of removing the always true test use the non-default version of dev_read_u32 which can return an error while writing to a u32. - Link

Re: [PATCH] clk: cdce9xx: Remove always true test

2025-07-25 Thread Andrew Goodbody
On 23/07/2025 18:03, Quentin Schulz wrote: Hi Andrew, On 7/23/25 5:17 PM, Andrew Goodbody wrote: The function dev_read_u32_default does not return an error and the variable 'val' is unsigned so testing for >= 0 will always be true so remove this test. This issue was found by Sm

Smatch report in drivers/fpga/socfpga_arria10.c

2025-07-25 Thread Andrew Goodbody
Smatch is reporting this issue drivers/fpga/socfpga_arria10.c:536 get_rbf_image_info() warn: ignoring unreachable code. Looking at the code, that for loop is a bit strange and I am not sure what was intended here. Could you please take a look? Thanks, Andrew

Smatch issues reported for Marvell a38x DDR4

2025-07-24 Thread Andrew Goodbody
Hi Stefan, Smatch reports the following issues drivers/ddr/marvell/a38x/mv_ddr4_training_calibration.c:1029 mv_ddr4_center_of_mass_calc() warn: unsigned 'd_min' is never less than zero. drivers/ddr/marvell/a38x/mv_ddr4_training_calibration.c:2192 mv_ddr4_dm_tuning() warn: unsigned 'reg_val' i

[PATCH] ddr: fsl: Provide initial value for zqcs_init

2025-07-24 Thread Andrew Goodbody
In the case of !zq_en zqcs_init is never assigned to although its value is used. Correct by initialising zqcs_init to 0. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/ddr/fsl/ctrl_regs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers

[PATCH] ddr: altera: n5x: size_t cannot be less than 0

2025-07-24 Thread Andrew Goodbody
The function socfpga_get_handoff_size returns an int so make the struct fields used to accept the return value also an int so that testing for less than 0 is then valid. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/ddr/altera/sdram_n5x.c | 8 1 file

[PATCH] cpu: imx8_cpu: Provide default temperatures

2025-07-24 Thread Andrew Goodbody
Add setting default temperatures to the weak version of get_cpu_temp_grade so these values will not be used uninitialised. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/cpu/imx8_cpu.c | 4 1 file changed, 4 insertions(+) diff --git a/drivers/cpu/imx8_cpu.c b

[PATCH] arm: mach-bcm283x: Fix binary logic

2025-07-24 Thread Andrew Goodbody
In bcm_cpu_probe the test on the return value from clk_enable is incorrect and will not work as intended. Change the || to && in order to achieve the desired effect. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/cpu/bcm283x_cpu.c | 2 +- 1 file changed, 1 i

[PATCH] clk: stm32: Wrong macros used in register read

2025-07-24 Thread Andrew Goodbody
Smatch reported a warning about a shift macro being used as a mask. Make the obvious changes to make this register read calculation work the same as the previous ones. Signed-off-by: Andrew Goodbody --- This fix is somewhat speculative as it is being made without reference to any manual

[PATCH] clk: renesas: Do not test unsigned variable to be less than 0

2025-07-24 Thread Andrew Goodbody
cted. Also remove initial values from 'value' and 'div' as they are not needed. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/renesas/rcar-cpg-lib.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/drivers/clk/renesas

Re: [PATCH] clk: Return value calculated by ERR_PTR

2025-07-24 Thread Andrew Goodbody
ping? On 03/07/2025 15:40, Andrew Goodbody wrote: In clk_set_default_get_by_id ret is passed to ERR_PTR but nothing is done with the value that this calculates which is obviously not the intention of the code. This is confirmed by the code around where this function is called. Instead return

Re: [PATCH] power: regulator: Fix incorrect use of binary and

2025-07-24 Thread Andrew Goodbody
ping? On 03/07/2025 12:53, Andrew Goodbody wrote: In regulator_list_autoset there is a test for ret being non-zero and error being zero but it uses the binary '&' instead of the logical '&&' which could well lead to unexpected results. Correct this to use the l

Re: [PATCH] power: pfuze100: Ensure loop index is incremented

2025-07-24 Thread Andrew Goodbody
ping? On 03/07/2025 12:31, Andrew Goodbody wrote: The for loop in se_desc uses i as the loop index and also to cause the loop to end if the passed in name is not found. However i is not incremented which could cause the loop to continue indefinitely and access out of bounds memory. Add an

Re: [PATCH] cmd: ufetch: Initialise size before first use

2025-07-24 Thread Andrew Goodbody
ping? On 26/06/2025 15:12, Andrew Goodbody wrote: The local variable size is not assigned to before it is used for the first time. Correct this. This issue was found by Smatch. Fixes: 86d462c05d57 (cmd: add a fetch utility) Signed-off-by: Andrew Goodbody --- cmd/ufetch.c | 2 +- 1 file

Re: [PATCH] cmd: mtd: Prevent use of uninitialised variable

2025-07-24 Thread Andrew Goodbody
ping? On 26/06/2025 11:49, Andrew Goodbody wrote: ret maybe used uninitialised in some cases so instead initialise it first to prevent this. This issue was found by Smatch. Fixes: 9671243e8d10 (cmd: mtd: Use the subcmd infrastructure to declare mtd sub-commands) Signed-off-by: Andrew

Re: [PATCH] mtd: nand: Prevent dereference of NULL pointer

2025-07-24 Thread Andrew Goodbody
ping? On 01/07/2025 17:12, Andrew Goodbody wrote: In nand_wait_ready there is a loop that includes a NULL check for chip->dev_ready before it is dereferenced. Use a NULL check once the loop is exited as well to cover the case where it exits due to a timeout and it is therefore not known if c

Re: [PATCH] spl: spl_imx_container: Delete uninitialized variable

2025-07-24 Thread Andrew Goodbody
ytes") Reported-by: Andrew Goodbody Signed-off-by: Ye Li Reviewed-by: Peng Fan Signed-off-by: Fabio Estevam --- common/spl/spl_imx_container.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/common/spl/spl_imx_container.c b/common/spl/spl_imx_container.c index b35

[PATCH] clk: meson: Remove unreachable code

2025-07-23 Thread Andrew Goodbody
A second return following the first return is unreachable code so remove it. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/meson/g12a.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/drivers/clk/meson/g12a.c b/drivers/clk/meson/g12a.c index 5d7faaa3eab

[PATCH] clk: imx: Free pll on error path

2025-07-23 Thread Andrew Goodbody
For an unknown pll type the error path neglects to free the memory just allocated. Add the free. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/imx/clk-pll14xx.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/clk/imx/clk-pll14xx.c b/drivers/clk/imx

[PATCH] clk: exynos: Fix always true test

2025-07-23 Thread Andrew Goodbody
ing ret as an 'int' so that the test for the error condition is valid. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/exynos/clk-exynos7420.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clk/exynos/clk-exynos7420.c b/dr

[PATCH 2/2] clk: versaclock: Use IS_ERR check before dereference

2025-07-23 Thread Andrew Goodbody
In versaclock_probe vc5->pin_xin may be an error pointer so need to check with IS_ERR before attempting to dereference it. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/clk_versaclock.c | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --gi

[PATCH 1/2] clk: versaclock: return value calculated by ERR_PTR

2025-07-23 Thread Andrew Goodbody
. Signed-off-by: Andrew Goodbody --- drivers/clk/clk_versaclock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/clk/clk_versaclock.c b/drivers/clk/clk_versaclock.c index 9ccaf13d242..790ea4dbe82 100644 --- a/drivers/clk/clk_versaclock.c +++ b/drivers/clk

[PATCH 0/2] clk: versaclock: Fix two issues found by Smatch

2025-07-23 Thread Andrew Goodbody
Should return value calculated by ERR_PTR as calling code attempts to check for it. Also do not dereference a pointer that could be an error pointer before checking it with IS_ERR. Signed-off-by: Andrew Goodbody --- Andrew Goodbody (2): clk: versaclock: return value calculated by ERR_PTR

[PATCH] clk: cdce9xx: Remove always true test

2025-07-23 Thread Andrew Goodbody
The function dev_read_u32_default does not return an error and the variable 'val' is unsigned so testing for >= 0 will always be true so remove this test. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/clk-cdce9xx.c | 3 +-- 1 file changed, 1 in

[PATCH 2/2] clk: at91: Fix use of unsigned loop index

2025-07-23 Thread Andrew Goodbody
e array so decrement it in the subsequent error path to prevent an out of bounds access occurring. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/at91/sckc.c | 8 +--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/drivers/clk/at91/sckc.c b/drivers/clk

[PATCH 1/2] clk: at91: Fix testing of unsigned variable to be negative

2025-07-23 Thread Andrew Goodbody
#x27; to be an int so that the error condition can be detected. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/clk/at91/clk-main.c | 3 ++- drivers/clk/at91/clk-master.c | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/drivers/clk/at91/clk-main.c

[PATCH 0/2] clk: at91: Fix issues found by Smatch

2025-07-23 Thread Andrew Goodbody
Unsigned variables will always fail tests that check for being negative. Use signed variables instead. Signed-off-by: Andrew Goodbody --- Andrew Goodbody (2): clk: at91: Fix testing of unsigned variable to be negative clk: at91: Fix use of unsigned loop index drivers/clk/at91/clk

[PATCH] clk: n5x: Fix misplaced paren

2025-07-23 Thread Andrew Goodbody
: Andrew Goodbody --- drivers/clk/altera/clk-n5x.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/clk/altera/clk-n5x.c b/drivers/clk/altera/clk-n5x.c index 09db250ab6d..9e4e7a1d908 100644 --- a/drivers/clk/altera/clk-n5x.c +++ b/drivers/clk/altera/clk-n5x.c @@ -386,8

[PATCH] button: qcom-pmic: Fix dereference of uninitialised pointer

2025-07-23 Thread Andrew Goodbody
The pointer 'label' is declared and later dereferenced without ever having a value assigned to it. Add an assignment to this pointer so it will be valid later when dereferenced. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/button/button-qcom-pmic.c | 3 +

[PATCH 2/2] bios_emulator: Add parens to xorl macro

2025-07-23 Thread Andrew Goodbody
The xorl macro lacked surrounding parens which meant that it could have unexpected results when used in expressions. Fix this by adding the surrounding parens to make its use predictable. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/bios_emulator/x86emu/ops2.c | 2

[PATCH 1/2] bios_emulator: Fix buffer overflow

2025-07-23 Thread Andrew Goodbody
Using strcpy to copy a 4 character string into a 4 byte field in a structure will overflow that field as it writes the terminating \0 into the following field. Correct this by using memcpy instead. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/bios_emulator

[PATCH 0/2] bios_emulator: Fix two issues found by Smatch

2025-07-23 Thread Andrew Goodbody
Smatch found two issues in bios_emulator, a buffer overflow and missing parens for a macro. Fix them both. Signed-off-by: Andrew Goodbody --- Andrew Goodbody (2): bios_emulator: Fix buffer overflow bios_emulator: Add parens to xorl macro drivers/bios_emulator/atibios.c | 2

[PATCH] sata: sata_mv: Remove always true test

2025-07-22 Thread Andrew Goodbody
of block counts in those functions always use lbaint_t. Signed-off-by: Andrew Goodbody --- drivers/ata/sata_mv.c | 43 --- 1 file changed, 16 insertions(+), 27 deletions(-) diff --git a/drivers/ata/sata_mv.c b/drivers/ata/sata_mv.c index ac78760a

[PATCH] adc: meson-saradc: uint cannot be less than zero

2025-07-22 Thread Andrew Goodbody
timeout is declared as a uint but then tested for being less than zero which must always fail. Change the while loop for a pre-decrement on timeout and test timeout for being zero. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/adc/meson-saradc.c | 8 1

[PATCH] imx93: adc: local variable ret should not be unsigned

2025-07-22 Thread Andrew Goodbody
Local variable ret is declared as unsigned but is used to receive the return value of functions that return int. ret is then tested for being negative which must always fail. Change ret to be an int. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/adc/imx93-adc.c | 4

Uninitialised variable in common/spl/spl_imx_container.c

2025-07-22 Thread Andrew Goodbody
The commit 73c40fcb7367f5a spl: Refactor spl_load_info->read to use units of bytes by Sean Anderson on 2023-11-08 16:48:40 introduced the variable 'overhead' in the function read_auth_image and it is referenced only once where its value is attempted to be used in that function but it is never

[PATCH] cmd: elf: Prevent possible buffer overflow

2025-07-21 Thread Andrew Goodbody
In do_bootvx the environment variable 'bootdev' is fetched and copied into a buffer without confirming that it will not overflow that buffer. Use strlcpy to ensure that the buffer will not be overflowed. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- cmd/elf.c | 6

[PATCH] spl: NULL check variable before dereference

2025-07-18 Thread Andrew Goodbody
In boot_from_devices the variable loader is not NULL checked after assignment and before first use but later code does check it for NULL. Add a NULL check before first use. This issue was found by Smatch. Signed-off-by: Andrew Goodbody --- common/spl/spl.c | 2 +- 1 file changed, 1 insertion

Re: [PATCH] fs: fat: Prevent possible buffer overflow

2025-07-18 Thread Andrew Goodbody
On 17/07/2025 17:57, Martin Husemann wrote: On Thu, Jul 17, 2025 at 04:38:50PM +0100, Andrew Goodbody wrote: The original use of strcpy suggests that the string must be \0 terminated. I will admit that I do not know the code well, is dir->itr.name guaranteed to be a known fixed size? You

Re: [PATCH] fs: fat: Prevent possible buffer overflow

2025-07-17 Thread Andrew Goodbody
On 17/07/2025 15:58, Martin Husemann wrote: On Thu, Jul 17, 2025 at 03:54:37PM +0100, Andrew Goodbody wrote: memset(dent, 0, sizeof(*dent)); - strcpy(dent->name, dir->itr.name); + strlcpy(dent->name, dir->itr.name, FS_DIRENT_NAME_LEN); Shouldn't that be

[PATCH v2] fs: exfat: Remove unused label code

2025-07-17 Thread Andrew Goodbody
Smatch reported a possible buffer overflow in exfat_set_label but it turns out that this code is unused so just guard the function with '#ifndef __UBOOT__' as well as exfat_get_label that is also unused and the helper static find_label. Signed-off-by: Andrew Goodbody --- Changes in v2:

Re: [PATCH] fs: exfat: Remove unused label code

2025-07-17 Thread Andrew Goodbody
On 17/07/2025 15:46, Tom Rini wrote: On Thu, Jul 17, 2025 at 01:04:58PM +0100, Andrew Goodbody wrote: Smatch reported a possible buffer overflow in exfat_set_label but it turns out that this code is unused so just remove the function as well as exfat_get_label that is also unused and the

[PATCH] fs: fat: Prevent possible buffer overflow

2025-07-17 Thread Andrew Goodbody
Instead of strcpy which is unbounded use strlcpy to ensure that the receiving buffer cannot be overflowed. This issue found by Smatch. Signed-off-by: Andrew Goodbody --- fs/fat/fat.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/fat/fat.c b/fs/fat/fat.c index

[PATCH] fs: exfat: Remove unused label code

2025-07-17 Thread Andrew Goodbody
Smatch reported a possible buffer overflow in exfat_set_label but it turns out that this code is unused so just remove the function as well as exfat_get_label that is also unused and the helper static find_label. Signed-off-by: Andrew Goodbody --- fs/exfat/exfat.h | 2 -- fs/exfat/node.c | 54

Re: [PATCH] block: Remove blk_find_first/next

2025-07-17 Thread Andrew Goodbody
/ + /* The test device tree has two fixed and one removable block device(s) */ found = 0; blk_foreach_probe(BLKF_BOTH, dev) found |= 1 << dectoul(&dev->name[3], NULL); Reviewed-by: Andrew Goodbody

[PATCH] sandbox: eth-raw: Prevent possible buffer overflow

2025-07-17 Thread Andrew Goodbody
Instead of strcpy which is unbounded use strlcpy to ensure that the receiving buffer cannot be overflowed. This issue found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/net/sandbox-raw-bus.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/sandbox-raw

[PATCH] fastboot: Fix off by 1 error

2025-07-17 Thread Andrew Goodbody
strlen only reports length of string not including terminating 0 byte but this has to be included in length of receiving buffer on copy so adjust length check to be correct. This issue found by Smatch. Signed-off-by: Andrew Goodbody --- drivers/fastboot/fb_command.c | 2 +- 1 file changed, 1

[PATCH] cmd: gpt: Fix off by 1 errors

2025-07-16 Thread Andrew Goodbody
The buffer for a name to be copied into must also contain the terminating 0 byte but strlen returns the length of the string without counting that 0 byte. Adjust the length checks to take this into account. This issue found by Smatch. Signed-off-by: Andrew Goodbody --- cmd/gpt.c | 10

[PATCH v3 2/2] uclass: Cleanup uclass_find_next_device

2025-07-16 Thread Andrew Goodbody
uclass_find_next_device always returns 0, so instead make it a void and update calling sites. Signed-off-by: Andrew Goodbody --- board/emulation/qemu-ppce500/qemu-ppce500.c | 4 +- boot/bootdev-uclass.c | 8 +- cmd/regulator.c | 8

[PATCH v3 1/2] block: Remove unreachable code

2025-07-16 Thread Andrew Goodbody
atch. Signed-off-by: Andrew Goodbody --- drivers/block/blk-uclass.c | 14 -- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/drivers/block/blk-uclass.c b/drivers/block/blk-uclass.c index f3ac8db9464..b38c21ffbe2 100644 --- a/drivers/block/blk-uclass.c +++ b/driver

[PATCH v3 0/2] Remove unreachable code and cleanup code with fixed return

2025-07-16 Thread Andrew Goodbody
Smatch reported unreachable code in blk-uclass.c which led to noticing that uclass_find_next_device always returned 0 which meant it had no need of any return value. Signed-off-by: Andrew Goodbody --- Changes in v3: - Address review comments to make more readable and prevent for loop testing

[PATCH] abuf: Remove code that prevented test code running

2025-07-16 Thread Andrew Goodbody
y code which has its own tests. Finally use a new #define for the allocs that are meant to fail to ensure they do fail on all CI platforms. This issue found by Smatch. Signed-off-by: Andrew Goodbody --- test/lib/abuf.c | 46 +++--- 1 file changed, 7 insert

Re: [PATCH v2 2/2] uclass: Cleanup uclass_find_next_device

2025-07-15 Thread Andrew Goodbody
On 15/07/2025 13:06, Quentin Schulz wrote: Hi Andrew, On 7/15/25 11:23 AM, Andrew Goodbody wrote: uclass_find_next_device always returns 0, so instead make it a void and update calling sites. Signed-off-by: Andrew Goodbody ---   board/emulation/qemu-ppce500/qemu-ppce500.c |  4 ++--   boot

[PATCH v2 2/2] uclass: Cleanup uclass_find_next_device

2025-07-15 Thread Andrew Goodbody
uclass_find_next_device always returns 0, so instead make it a void and update calling sites. Signed-off-by: Andrew Goodbody --- board/emulation/qemu-ppce500/qemu-ppce500.c | 4 ++-- boot/bootdev-uclass.c | 2 +- cmd/regulator.c | 4

[PATCH v2 1/2] block: Remove unreachable code

2025-07-15 Thread Andrew Goodbody
atch. Signed-off-by: Andrew Goodbody --- drivers/block/blk-uclass.c | 14 -- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/drivers/block/blk-uclass.c b/drivers/block/blk-uclass.c index f3ac8db9464..b38c21ffbe2 100644 --- a/drivers/block/blk-uclass.c +++ b/driver

[PATCH v2 0/2] block: Remove unreachable code

2025-07-15 Thread Andrew Goodbody
Smatch reported unreachable code in blk-uclass.c which led to noticing that uclass_find_next_device always returned 0 which meant it had no need of any return value. Signed-off-by: Andrew Goodbody --- Changes in v2: - make uclass_find_next_device a void and update callers - Link to v1: https

Re: [PATCH] block: Remove unreachable code

2025-07-15 Thread Andrew Goodbody
On 14/07/2025 20:13, Greg Malysa wrote: Hi Tom, Andrew, On Mon, Jul 14, 2025 at 1:12 PM Andrew Goodbody wrote: On 14/07/2025 17:29, Tom Rini wrote: On Mon, Jul 14, 2025 at 04:38:53PM +0100, Andrew Goodbody wrote: The two functions blk_find_first and blk_find_next use a for loop with the

Re: [PATCH] block: Remove unreachable code

2025-07-14 Thread Andrew Goodbody
On 14/07/2025 17:29, Tom Rini wrote: On Mon, Jul 14, 2025 at 04:38:53PM +0100, Andrew Goodbody wrote: The two functions blk_find_first and blk_find_next use a for loop with the content being a 'return 0' which means that the 'increment' code is unreachable so remove it

[PATCH] lmb: Remove unreachable code

2025-07-14 Thread Andrew Goodbody
Code after a break is unreachable so remove it. Signed-off-by: Andrew Goodbody --- lib/lmb.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/lib/lmb.c b/lib/lmb.c index e5a0677e3f9..3d13dea726e 100644 --- a/lib/lmb.c +++ b/lib/lmb.c @@ -214,8 +214,6 @@ static long lmb_add_region_flags

[PATCH] block: Remove unreachable code

2025-07-14 Thread Andrew Goodbody
atch. Signed-off-by: Andrew Goodbody --- drivers/block/blk-uclass.c | 14 -- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/drivers/block/blk-uclass.c b/drivers/block/blk-uclass.c index f3ac8db9464..b38c21ffbe2 100644 --- a/drivers/block/blk-uclass.c +++ b/driver

Re: [PATCH] boot: bootflow: Ensure sel_id is initialised before use

2025-07-09 Thread Andrew Goodbody
On 09/07/2025 16:50, Tom Rini wrote: On Mon, Jun 30, 2025 at 02:25:44PM +0100, Andrew Goodbody wrote: sel_id is only assigned to in the case of EXPOACT_SELECT, anything else will leave sel_id uninitialised. Initialise it on declaration to ensure that it is always valid. This issue was found

[PATCH v2] boot: Ensure method_flags is initialised before use

2025-07-09 Thread Andrew Goodbody
The local variable method_flags is only assigned to in some of the code paths leaving it possibly uninitialised at first use. Initialise method_flags at declaration to ensure that it cannot be used uninitialised. Also remove now redundant assignments. Signed-off-by: Andrew Goodbody --- Changes

Re: [PATCH] boot: Ensure method_flags is initialised before use

2025-07-09 Thread Andrew Goodbody
On 09/07/2025 01:14, Tom Rini wrote: On Fri, Jun 27, 2025 at 11:09:36AM +0100, Andrew Goodbody wrote: The local variable method_flags is only assigned to in some of the code paths leaving it possibly uninitialised at first use. Initialise method_flags at declaration to ensure that it cannot be

  1   2   3   >