linux-pm.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dan Carpenter <dan.carpenter@oracle.com>
To: linus.walleij@linaro.org
Cc: linux-pm@vger.kernel.org
Subject: [bug report] power: supply_core: Pass pointer to battery info
Date: Thu, 6 Jan 2022 16:19:31 +0300	[thread overview]
Message-ID: <20220106131931.GA32698@kili> (raw)

Hello Linus Walleij,

The patch 25fd330370ac: "power: supply_core: Pass pointer to battery
info" from Dec 15, 2021, leads to the following Smatch static checker
warning:

	drivers/power/supply/bq256xx_charger.c:1529 bq256xx_hw_init()
	error: potentially dereferencing uninitialized 'bat_info'.

drivers/power/supply/bq256xx_charger.c
    1505 static int bq256xx_hw_init(struct bq256xx_device *bq)
    1506 {
    1507         struct power_supply_battery_info *bat_info;
    1508         int wd_reg_val = BQ256XX_WATCHDOG_DIS;
    1509         int ret = 0;
    1510         int i;
    1511 
    1512         for (i = 0; i < BQ256XX_NUM_WD_VAL; i++) {
    1513                 if (bq->watchdog_timer == bq256xx_watchdog_time[i]) {
    1514                         wd_reg_val = i;
    1515                         break;
    1516                 }
    1517                 if (bq->watchdog_timer > bq256xx_watchdog_time[i] &&
    1518                     bq->watchdog_timer < bq256xx_watchdog_time[i + 1])
    1519                         wd_reg_val = i;
    1520         }
    1521         ret = regmap_update_bits(bq->regmap, BQ256XX_CHARGER_CONTROL_1,
    1522                                  BQ256XX_WATCHDOG_MASK, wd_reg_val <<
    1523                                                 BQ256XX_WDT_BIT_SHIFT);
    1524 
    1525         ret = power_supply_get_battery_info(bq->charger, &bat_info);

If the first allocation in power_supply_get_battery_info() fails then
bat_info is uninitialized.  (It's not really possible unless you do
failure injection).

    1526         if (ret) {
    1527                 dev_warn(bq->dev, "battery info missing, default values will be applied\n");
    1528 
--> 1529                 bat_info->constant_charge_current_max_ua =
    1530                                 bq->chip_info->bq256xx_def_ichg;
    1531 
    1532                 bat_info->constant_charge_voltage_max_uv =
    1533                                 bq->chip_info->bq256xx_def_vbatreg;
    1534 
    1535                 bat_info->precharge_current_ua =
    1536                                 bq->chip_info->bq256xx_def_iprechg;
    1537 
    1538                 bat_info->charge_term_current_ua =
    1539                                 bq->chip_info->bq256xx_def_iterm;
    1540 
    1541                 bq->init_data.ichg_max =
    1542                                 bq->chip_info->bq256xx_max_ichg;
    1543 
    1544                 bq->init_data.vbatreg_max =
    1545                                 bq->chip_info->bq256xx_max_vbatreg;
    1546         } else {
    1547                 bq->init_data.ichg_max =
    1548                         bat_info->constant_charge_current_max_ua;
    1549 
    1550                 bq->init_data.vbatreg_max =
    1551                         bat_info->constant_charge_voltage_max_uv;
    1552         }
    1553 
    1554         ret = bq->chip_info->bq256xx_set_vindpm(bq, bq->init_data.vindpm);
    1555         if (ret)
    1556                 return ret;
    1557 
    1558         ret = bq->chip_info->bq256xx_set_iindpm(bq, bq->init_data.iindpm);
    1559         if (ret)
    1560                 return ret;
    1561 
    1562         ret = bq->chip_info->bq256xx_set_ichg(bq,
    1563                                 bat_info->constant_charge_current_max_ua);
    1564         if (ret)
    1565                 return ret;
    1566 
    1567         ret = bq->chip_info->bq256xx_set_iprechg(bq,
    1568                                 bat_info->precharge_current_ua);
    1569         if (ret)
    1570                 return ret;
    1571 
    1572         ret = bq->chip_info->bq256xx_set_vbatreg(bq,
    1573                                 bat_info->constant_charge_voltage_max_uv);
    1574         if (ret)
    1575                 return ret;
    1576 
    1577         ret = bq->chip_info->bq256xx_set_iterm(bq,
    1578                                 bat_info->charge_term_current_ua);
    1579         if (ret)
    1580                 return ret;
    1581 
    1582         power_supply_put_battery_info(bq->charger, bat_info);
    1583 
    1584         return 0;
    1585 }

regards,
dan carpenter

             reply	other threads:[~2022-01-06 13:19 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-01-06 13:19 Dan Carpenter [this message]
2022-01-10 15:50 ` [bug report] power: supply_core: Pass pointer to battery info Linus Walleij
  -- strict thread matches above, loose matches on Subject: below --
2024-02-12  6:31 Dan Carpenter

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220106131931.GA32698@kili \
    --to=dan.carpenter@oracle.com \
    --cc=linus.walleij@linaro.org \
    --cc=linux-pm@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).