Re: [linux-safety] [PATCH] usb: host: ehci-sched: add comment about find_tt() not returning error

From: Sudip Mukherjee
Date: Mon Oct 12 2020 - 11:24:55 EST

Next message: Andrey Konovalov: "[PATCH v3] kcov, usb: specify contexts for remote coverage sections"
Previous message: Joe Perches: "Re: [RFC PATCH] checkpatch: add shebang check to EXECUTE_PERMISSIONS"
In reply to: Lukas Bulwahn: "Re: [linux-safety] [PATCH] usb: host: ehci-sched: add comment about find_tt() not returning error"
Next in thread: Lukas Bulwahn: "Re: [linux-safety] [PATCH] usb: host: ehci-sched: add comment about find_tt() not returning error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Lukas,

On Mon, Oct 12, 2020 at 3:11 PM Lukas Bulwahn <lukas.bulwahn@xxxxxxxxx> wrote:
>
>
>
> On Sun, 11 Oct 2020, Sudip Mukherjee wrote:
>
> > Add a comment explaining why find_tt() will not return error even though
> > find_tt() is checking for NULL and other errors.
> >
> > Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@xxxxxxxxx>
>
> I get the intent of the comment but there is a large risk that somebody
> could remove the find_tt() call before the calling the function and there
> is no chance to then see later that the comment is actually wrong.

Removing the find_tt() will mean a major rework of the code.

>
> I guess you want to link this comment here to a code line above and
> request anyone touching the line above to reconsider the comment then.
>
> But there is no 'concept' for such kind of requests to changes and
> comments.
>
> So, the comment is true now, but might be true or wrong later.

If it is wrong later due to some code change then I guess someone will
need to send a patch to correct the comment.

>
> I am wondering if such comment deserves to be included if we cannot check
> its validity later...

I am failing to understand why will you not be able to check its
validity later. You just need to read the code to check it.

>
> I would prefer a simple tool that could check that your basic assumption
> on the code is valid and if it the basic assumption is still valid,
> just shut up any stupid tool that simply does not get that these calls
> here cannot return any error.
>
> We encountered this issue because of clang analyzer complaining, but it is
> clear that it is a false positive of that (smart but) incomplete tool.

I dont think it is a false positive. The error return value is not
checked and that is true. Only that it is not applicable because of
the way the coding is done.

>
> Do you intend to add comment for all false positives from all tools or are
> we going to find a better solution than that?

I think tools will always give you some false positives and you will
need to read the code to know if its false positive or not. I dont
think there is any tool yet which will only give true positives.

--
Regards
Sudip

Next message: Andrey Konovalov: "[PATCH v3] kcov, usb: specify contexts for remote coverage sections"
Previous message: Joe Perches: "Re: [RFC PATCH] checkpatch: add shebang check to EXECUTE_PERMISSIONS"
In reply to: Lukas Bulwahn: "Re: [linux-safety] [PATCH] usb: host: ehci-sched: add comment about find_tt() not returning error"
Next in thread: Lukas Bulwahn: "Re: [linux-safety] [PATCH] usb: host: ehci-sched: add comment about find_tt() not returning error"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]