[1/2] media: i2c: ds90ub9x3: Fix use of uninitialized variables

Message ID 20230803-ub9xx-uninit-vars-v1-1-284a5455260f@ideasonboard.com
State New
Headers
Series media: i2c: ds90ubxxx: Fix uninitialized variable uses |

Commit Message

Tomi Valkeinen Aug. 3, 2023, 8:41 a.m. UTC
  smatch reports some uninitialized variables:

drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v1'.
drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v2'.
drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_local_data'.
drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_input_ctrl'.
drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_pin_sts'.

These are used only for printing debug information, and the use of an
uninitialized variable only happens if an i2c transaction has failed,
which will print an error. Thus, fix the errors just by initializing the
variables to 0.

Fixes: 6363db1c9d45 ("media: i2c: add DS90UB953 driver")
Fixes: c158d0d4ff15 ("media: i2c: add DS90UB913 driver")
Reported-by: Hans Verkuil <hverkuil@xs4all.nl>
Closes: https://lore.kernel.org/all/8d6daeb1-b62a-bbb2-b840-8759c84f2085@xs4all.nl/
Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com>
---
 drivers/media/i2c/ds90ub913.c | 2 +-
 drivers/media/i2c/ds90ub953.c | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)
  

Comments

Andy Shevchenko Aug. 3, 2023, 11:57 a.m. UTC | #1
On Thu, Aug 03, 2023 at 11:41:38AM +0300, Tomi Valkeinen wrote:
> smatch reports some uninitialized variables:
> 
> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v1'.
> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v2'.
> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_local_data'.
> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_input_ctrl'.
> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_pin_sts'.
> 
> These are used only for printing debug information, and the use of an
> uninitialized variable only happens if an i2c transaction has failed,
> which will print an error. Thus, fix the errors just by initializing the
> variables to 0.
> 
> Fixes: 6363db1c9d45 ("media: i2c: add DS90UB953 driver")
> Fixes: c158d0d4ff15 ("media: i2c: add DS90UB913 driver")

I would prefer two separate changes on per driver basis. This is a good
practice to make backporting easier (generally speaking).
  
Tomi Valkeinen Aug. 3, 2023, 11:59 a.m. UTC | #2
On 03/08/2023 14:57, Andy Shevchenko wrote:
> On Thu, Aug 03, 2023 at 11:41:38AM +0300, Tomi Valkeinen wrote:
>> smatch reports some uninitialized variables:
>>
>> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v1'.
>> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v2'.
>> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_local_data'.
>> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_input_ctrl'.
>> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_pin_sts'.
>>
>> These are used only for printing debug information, and the use of an
>> uninitialized variable only happens if an i2c transaction has failed,
>> which will print an error. Thus, fix the errors just by initializing the
>> variables to 0.
>>
>> Fixes: 6363db1c9d45 ("media: i2c: add DS90UB953 driver")
>> Fixes: c158d0d4ff15 ("media: i2c: add DS90UB913 driver")
> 
> I would prefer two separate changes on per driver basis. This is a good
> practice to make backporting easier (generally speaking).

Yes, I almost did that, but then somehow got hit by acute laziness... 
I'll send a v2 with split patches.

  Tomi
  
Laurent Pinchart Aug. 3, 2023, 9:46 p.m. UTC | #3
Hi Tomi,

Thank you for the patch.

On Thu, Aug 03, 2023 at 11:41:38AM +0300, Tomi Valkeinen wrote:
> smatch reports some uninitialized variables:
> 
> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v1'.
> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v2'.
> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_local_data'.
> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_input_ctrl'.
> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_pin_sts'.
> 
> These are used only for printing debug information, and the use of an
> uninitialized variable only happens if an i2c transaction has failed,
> which will print an error. Thus, fix the errors just by initializing the
> variables to 0.
> 
> Fixes: 6363db1c9d45 ("media: i2c: add DS90UB953 driver")
> Fixes: c158d0d4ff15 ("media: i2c: add DS90UB913 driver")
> Reported-by: Hans Verkuil <hverkuil@xs4all.nl>
> Closes: https://lore.kernel.org/all/8d6daeb1-b62a-bbb2-b840-8759c84f2085@xs4all.nl/
> Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com>
> ---
>  drivers/media/i2c/ds90ub913.c | 2 +-
>  drivers/media/i2c/ds90ub953.c | 6 +++---
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/media/i2c/ds90ub913.c b/drivers/media/i2c/ds90ub913.c
> index 80d9cf6dd945..b2115e3519e2 100644
> --- a/drivers/media/i2c/ds90ub913.c
> +++ b/drivers/media/i2c/ds90ub913.c
> @@ -469,7 +469,7 @@ static int ub913_log_status(struct v4l2_subdev *sd)
>  {
>  	struct ub913_data *priv = sd_to_ub913(sd);
>  	struct device *dev = &priv->client->dev;
> -	u8 v = 0, v1, v2;
> +	u8 v = 0, v1 = 0, v2 = 0;

This seems to work around the lack of error checking when calling
ub913_read(). Wouldn't it be better to check for errors there ? Or,
because this is ub913_log_status(), do you consider that we can print an
invalid CRC errors count, given that the ub913_read() function will have
printed an error message before ?

>  
>  	ub913_read(priv, UB913_REG_MODE_SEL, &v);
>  	dev_info(dev, "MODE_SEL %#02x\n", v);
> diff --git a/drivers/media/i2c/ds90ub953.c b/drivers/media/i2c/ds90ub953.c
> index cadf75eb0773..27471249a62a 100644
> --- a/drivers/media/i2c/ds90ub953.c
> +++ b/drivers/media/i2c/ds90ub953.c
> @@ -593,9 +593,9 @@ static int ub953_log_status(struct v4l2_subdev *sd)
>  	u8 v = 0, v1 = 0, v2 = 0;
>  	unsigned int i;
>  	char id[UB953_REG_FPD3_RX_ID_LEN];
> -	u8 gpio_local_data;
> -	u8 gpio_input_ctrl;
> -	u8 gpio_pin_sts;
> +	u8 gpio_local_data = 0;
> +	u8 gpio_input_ctrl = 0;
> +	u8 gpio_pin_sts = 0;
>  
>  	for (i = 0; i < sizeof(id); i++)
>  		ub953_read(priv, UB953_REG_FPD3_RX_ID(i), &id[i]);
>
  
Tomi Valkeinen Aug. 4, 2023, 5:49 a.m. UTC | #4
On 04/08/2023 00:46, Laurent Pinchart wrote:
> Hi Tomi,
> 
> Thank you for the patch.
> 
> On Thu, Aug 03, 2023 at 11:41:38AM +0300, Tomi Valkeinen wrote:
>> smatch reports some uninitialized variables:
>>
>> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v1'.
>> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v2'.
>> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_local_data'.
>> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_input_ctrl'.
>> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_pin_sts'.
>>
>> These are used only for printing debug information, and the use of an
>> uninitialized variable only happens if an i2c transaction has failed,
>> which will print an error. Thus, fix the errors just by initializing the
>> variables to 0.
>>
>> Fixes: 6363db1c9d45 ("media: i2c: add DS90UB953 driver")
>> Fixes: c158d0d4ff15 ("media: i2c: add DS90UB913 driver")
>> Reported-by: Hans Verkuil <hverkuil@xs4all.nl>
>> Closes: https://lore.kernel.org/all/8d6daeb1-b62a-bbb2-b840-8759c84f2085@xs4all.nl/
>> Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com>
>> ---
>>   drivers/media/i2c/ds90ub913.c | 2 +-
>>   drivers/media/i2c/ds90ub953.c | 6 +++---
>>   2 files changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/media/i2c/ds90ub913.c b/drivers/media/i2c/ds90ub913.c
>> index 80d9cf6dd945..b2115e3519e2 100644
>> --- a/drivers/media/i2c/ds90ub913.c
>> +++ b/drivers/media/i2c/ds90ub913.c
>> @@ -469,7 +469,7 @@ static int ub913_log_status(struct v4l2_subdev *sd)
>>   {
>>   	struct ub913_data *priv = sd_to_ub913(sd);
>>   	struct device *dev = &priv->client->dev;
>> -	u8 v = 0, v1, v2;
>> +	u8 v = 0, v1 = 0, v2 = 0;
> 
> This seems to work around the lack of error checking when calling

Yes.

> ub913_read(). Wouldn't it be better to check for errors there ? Or,
> because this is ub913_log_status(), do you consider that we can print an
> invalid CRC errors count, given that the ub913_read() function will have
> printed an error message before ?

Yes, that was my thinking. Adding proper error handling would complicate 
the function (more visibly so in ub953 and ub960, which have more 
printing done), and what would be the benefit? Not much, in my opinion. 
If the i2c transactions start to fail, we're in a bad situation anyway 
(and, as you mention, ub913_read() will print errors).

However, I guess the "benefit" depends on the use a bit. If log status 
is used as a debug aid, I think my reasoning is fine. But if it's used 
by some automated script, to collect data, it may be more difficult for 
the script to detect that an error has happened in the log status.

That said, I have to say this ignore-errors code somewhat bugs me, so 
maybe I'll improve the log-status functions later. But I think these are 
acceptable fixes to get rid of the smatch errors.

  Tomi
  
Laurent Pinchart Aug. 4, 2023, 9 a.m. UTC | #5
On Fri, Aug 04, 2023 at 08:49:28AM +0300, Tomi Valkeinen wrote:
> On 04/08/2023 00:46, Laurent Pinchart wrote:
> > Hi Tomi,
> > 
> > Thank you for the patch.
> > 
> > On Thu, Aug 03, 2023 at 11:41:38AM +0300, Tomi Valkeinen wrote:
> >> smatch reports some uninitialized variables:
> >>
> >> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v1'.
> >> drivers/media/i2c/ds90ub913.c:481 ub913_log_status() error: uninitialized symbol 'v2'.
> >> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_local_data'.
> >> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_input_ctrl'.
> >> drivers/media/i2c/ds90ub953.c:655 ub953_log_status() error: uninitialized symbol 'gpio_pin_sts'.
> >>
> >> These are used only for printing debug information, and the use of an
> >> uninitialized variable only happens if an i2c transaction has failed,
> >> which will print an error. Thus, fix the errors just by initializing the
> >> variables to 0.
> >>
> >> Fixes: 6363db1c9d45 ("media: i2c: add DS90UB953 driver")
> >> Fixes: c158d0d4ff15 ("media: i2c: add DS90UB913 driver")
> >> Reported-by: Hans Verkuil <hverkuil@xs4all.nl>
> >> Closes: https://lore.kernel.org/all/8d6daeb1-b62a-bbb2-b840-8759c84f2085@xs4all.nl/
> >> Signed-off-by: Tomi Valkeinen <tomi.valkeinen@ideasonboard.com>
> >> ---
> >>   drivers/media/i2c/ds90ub913.c | 2 +-
> >>   drivers/media/i2c/ds90ub953.c | 6 +++---
> >>   2 files changed, 4 insertions(+), 4 deletions(-)
> >>
> >> diff --git a/drivers/media/i2c/ds90ub913.c b/drivers/media/i2c/ds90ub913.c
> >> index 80d9cf6dd945..b2115e3519e2 100644
> >> --- a/drivers/media/i2c/ds90ub913.c
> >> +++ b/drivers/media/i2c/ds90ub913.c
> >> @@ -469,7 +469,7 @@ static int ub913_log_status(struct v4l2_subdev *sd)
> >>   {
> >>   	struct ub913_data *priv = sd_to_ub913(sd);
> >>   	struct device *dev = &priv->client->dev;
> >> -	u8 v = 0, v1, v2;
> >> +	u8 v = 0, v1 = 0, v2 = 0;
> > 
> > This seems to work around the lack of error checking when calling
> 
> Yes.
> 
> > ub913_read(). Wouldn't it be better to check for errors there ? Or,
> > because this is ub913_log_status(), do you consider that we can print an
> > invalid CRC errors count, given that the ub913_read() function will have
> > printed an error message before ?
> 
> Yes, that was my thinking. Adding proper error handling would complicate 
> the function (more visibly so in ub953 and ub960, which have more 
> printing done), and what would be the benefit? Not much, in my opinion. 
> If the i2c transactions start to fail, we're in a bad situation anyway 
> (and, as you mention, ub913_read() will print errors).
> 
> However, I guess the "benefit" depends on the use a bit. If log status 
> is used as a debug aid, I think my reasoning is fine. But if it's used 
> by some automated script, to collect data, it may be more difficult for 
> the script to detect that an error has happened in the log status.

I see log status as a debugging aid only, so I'm fine with your
reasoning.

> That said, I have to say this ignore-errors code somewhat bugs me, so 
> maybe I'll improve the log-status functions later. But I think these are 
> acceptable fixes to get rid of the smatch errors.
  

Patch

diff --git a/drivers/media/i2c/ds90ub913.c b/drivers/media/i2c/ds90ub913.c
index 80d9cf6dd945..b2115e3519e2 100644
--- a/drivers/media/i2c/ds90ub913.c
+++ b/drivers/media/i2c/ds90ub913.c
@@ -469,7 +469,7 @@  static int ub913_log_status(struct v4l2_subdev *sd)
 {
 	struct ub913_data *priv = sd_to_ub913(sd);
 	struct device *dev = &priv->client->dev;
-	u8 v = 0, v1, v2;
+	u8 v = 0, v1 = 0, v2 = 0;
 
 	ub913_read(priv, UB913_REG_MODE_SEL, &v);
 	dev_info(dev, "MODE_SEL %#02x\n", v);
diff --git a/drivers/media/i2c/ds90ub953.c b/drivers/media/i2c/ds90ub953.c
index cadf75eb0773..27471249a62a 100644
--- a/drivers/media/i2c/ds90ub953.c
+++ b/drivers/media/i2c/ds90ub953.c
@@ -593,9 +593,9 @@  static int ub953_log_status(struct v4l2_subdev *sd)
 	u8 v = 0, v1 = 0, v2 = 0;
 	unsigned int i;
 	char id[UB953_REG_FPD3_RX_ID_LEN];
-	u8 gpio_local_data;
-	u8 gpio_input_ctrl;
-	u8 gpio_pin_sts;
+	u8 gpio_local_data = 0;
+	u8 gpio_input_ctrl = 0;
+	u8 gpio_pin_sts = 0;
 
 	for (i = 0; i < sizeof(id); i++)
 		ub953_read(priv, UB953_REG_FPD3_RX_ID(i), &id[i]);