v2: Add the correct Cc's
Coverity complains of a possible use of an uninitialized variable
in quad8_action_read().
CID 119643 (#1 of 1): Uninitialized scalar variable (UNINIT)
4. uninit_use: Using uninitialized value function.
346 switch (function) {
The call to quad8_function_read() could theoretically return without
assigning a value to '*function', thus causing the use of an
ininitialized variable 'function' in quad8_action_read().
Fix this by adding a default statement to the switch in
quad8_function_read() and returning an error.
Cc: William Breathitt Gray <[email protected]>
Cc: Syed Nayyar Waris <[email protected]>
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Tim Gardner <[email protected]>
---
drivers/counter/104-quad-8.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/counter/104-quad-8.c b/drivers/counter/104-quad-8.c
index c587f295d720..3a69d35b82ea 100644
--- a/drivers/counter/104-quad-8.c
+++ b/drivers/counter/104-quad-8.c
@@ -215,6 +215,8 @@ static int quad8_function_read(struct counter_device *counter,
case 2:
*function = COUNTER_FUNCTION_QUADRATURE_X4;
break;
+ default:
+ return -1;
}
else
*function = COUNTER_FUNCTION_PULSE_DIRECTION;
--
2.33.0
On Mon, Sep 20, 2021 at 11:37:37AM -0600, Tim Gardner wrote:
> v2: Add the correct Cc's
>
> Coverity complains of a possible use of an uninitialized variable
> in quad8_action_read().
>
> CID 119643 (#1 of 1): Uninitialized scalar variable (UNINIT)
> 4. uninit_use: Using uninitialized value function.
> 346 switch (function) {
>
> The call to quad8_function_read() could theoretically return without
> assigning a value to '*function', thus causing the use of an
> ininitialized variable 'function' in quad8_action_read().
>
> Fix this by adding a default statement to the switch in
> quad8_function_read() and returning an error.
>
> Cc: William Breathitt Gray <[email protected]>
> Cc: Syed Nayyar Waris <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Signed-off-by: Tim Gardner <[email protected]>
Hello Tim,
The possible values of quadrature_scale are hardcoded in
quad8_function_write() so we should never have scale value greater than
2. But it would be a good idea to provide a default statement here to
pacify the warning, or at least mitigate shooting ourselves in the foot
in the future if this part of the code is changed.
Please add a comment similar to the default statement in
quad8_function_write() indicating that we should never reach this path,
and also return a more informative error code such as -EINVAL.
William Breathitt Gray
> ---
> drivers/counter/104-quad-8.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/counter/104-quad-8.c b/drivers/counter/104-quad-8.c
> index c587f295d720..3a69d35b82ea 100644
> --- a/drivers/counter/104-quad-8.c
> +++ b/drivers/counter/104-quad-8.c
> @@ -215,6 +215,8 @@ static int quad8_function_read(struct counter_device *counter,
> case 2:
> *function = COUNTER_FUNCTION_QUADRATURE_X4;
> break;
> + default:
> + return -1;
> }
> else
> *function = COUNTER_FUNCTION_PULSE_DIRECTION;
> --
> 2.33.0
>
Coverity complains of a possible use of an uninitialized variable in
quad8_action_read().
CID 119643 (#1 of 1): Uninitialized scalar variable (UNINIT)
4. uninit_use: Using uninitialized value function.
346 switch (function) {
The call to quad8_function_read() could theoretically return without assigning
a value to '*function', thus causing the use of an ininitialized variable
'function' in quad8_action_read().
Fix this by adding a default statement to the switch in quad8_function_read()
and setting a return error code.
Cc: William Breathitt Gray <[email protected]>
Cc: Syed Nayyar Waris <[email protected]>
Cc: [email protected]
Cc: [email protected]
Signed-off-by: Tim Gardner <[email protected]>
---
v2 - Add the correct Cc's
v3 - Add comment to the default switch statement. Also noticed v2 would have
returned with a lock held. Fix that by returning a variable return code.
---
drivers/counter/104-quad-8.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/drivers/counter/104-quad-8.c b/drivers/counter/104-quad-8.c
index c587f295d720..7faca6b760e7 100644
--- a/drivers/counter/104-quad-8.c
+++ b/drivers/counter/104-quad-8.c
@@ -201,6 +201,7 @@ static int quad8_function_read(struct counter_device *counter,
{
struct quad8 *const priv = counter->priv;
const int id = count->id;
+ int ret = 0;
mutex_lock(&priv->lock);
@@ -215,13 +216,16 @@ static int quad8_function_read(struct counter_device *counter,
case 2:
*function = COUNTER_FUNCTION_QUADRATURE_X4;
break;
+ default:
+ /* should never reach this path */
+ ret = -EINVAL;
}
else
*function = COUNTER_FUNCTION_PULSE_DIRECTION;
mutex_unlock(&priv->lock);
- return 0;
+ return ret;
}
static int quad8_function_write(struct counter_device *counter,
--
2.33.0
On Tue, Sep 21, 2021 at 07:37:49AM -0600, Tim Gardner wrote:
> Coverity complains of a possible use of an uninitialized variable in
> quad8_action_read().
>
> CID 119643 (#1 of 1): Uninitialized scalar variable (UNINIT)
> 4. uninit_use: Using uninitialized value function.
> 346 switch (function) {
>
> The call to quad8_function_read() could theoretically return without assigning
> a value to '*function', thus causing the use of an ininitialized variable
> 'function' in quad8_action_read().
>
> Fix this by adding a default statement to the switch in quad8_function_read()
> and setting a return error code.
>
> Cc: William Breathitt Gray <[email protected]>
> Cc: Syed Nayyar Waris <[email protected]>
> Cc: [email protected]
> Cc: [email protected]
> Signed-off-by: Tim Gardner <[email protected]>
Thank you for noticing the mutex. Although this case is simple, I'd
still prefer for this function to return early when an error is found
rather than hold a return value until the end. Please adjust the default
case to unlock the mutex directly and return immediately with -EINVAL.
With that change feel free to add my Ack-by line:
Acked-by: William Breathitt Gray <[email protected]>
> ---
> v2 - Add the correct Cc's
> v3 - Add comment to the default switch statement. Also noticed v2 would have
> returned with a lock held. Fix that by returning a variable return code.
> ---
> drivers/counter/104-quad-8.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/counter/104-quad-8.c b/drivers/counter/104-quad-8.c
> index c587f295d720..7faca6b760e7 100644
> --- a/drivers/counter/104-quad-8.c
> +++ b/drivers/counter/104-quad-8.c
> @@ -201,6 +201,7 @@ static int quad8_function_read(struct counter_device *counter,
> {
> struct quad8 *const priv = counter->priv;
> const int id = count->id;
> + int ret = 0;
>
> mutex_lock(&priv->lock);
>
> @@ -215,13 +216,16 @@ static int quad8_function_read(struct counter_device *counter,
> case 2:
> *function = COUNTER_FUNCTION_QUADRATURE_X4;
> break;
> + default:
> + /* should never reach this path */
> + ret = -EINVAL;
> }
> else
> *function = COUNTER_FUNCTION_PULSE_DIRECTION;
>
> mutex_unlock(&priv->lock);
>
> - return 0;
> + return ret;
> }
>
> static int quad8_function_write(struct counter_device *counter,
> --
> 2.33.0
>