archive mirror
 help / color / mirror / Atom feed
From: Laurent Pinchart <>
To: Dan Carpenter <>
Cc: Tomi Valkeinen <>,
	Kieran Bingham <>,
	Mauro Carvalho Chehab <>,
	Hans Verkuil <>,
	Sakari Ailus <>,,
Subject: Re: [PATCH] media: v4l2-subdev: fix some NULL vs IS_ERR() checks
Date: Wed, 23 Jun 2021 05:34:16 +0300	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <20210622155858.GN1861@kadam>

Hi Dan,

On Tue, Jun 22, 2021 at 06:58:58PM +0300, Dan Carpenter wrote:
> On Tue, Jun 22, 2021 at 06:08:30PM +0300, Laurent Pinchart wrote:
> > On Tue, Jun 22, 2021 at 05:31:53PM +0300, Dan Carpenter wrote:
> > > The v4l2_subdev_alloc_state() function returns error pointers, it
> > > doesn't return NULL.
> > 
> > It's funny you send this patch today, I've been thinking about the exact
> > same issue yesterday, albeit more globally, when trying to figure out if
> > a function I called returned NULL or an error pointer on error.
> > 
> > Would it make to create an __err_ptr annotation to mark functions that
> > return an error pointer ? This would both give a simple indication to
> > the user and allow tools such as smatch to detect errors.
> If you have the cross function DB enabled then Smatch can figure out if
> it returns error pointers or NULL.  The big problem is that Smatch works
> on the precompiled code and doesn't understand ifdeffed code.
> I haven't pushed all the Smatch checks.  I told someone last month, I'd
> give them a month to fix any bugs since it was their idea.  But I'll
> push it soon.
> function returns error pointer or valid
> #else
> struct foo *function() { return NULL; }
> #endif

Ouch, that hurts.

> I believe that there are also people who use a two pass Coccinelle
> system where they make a list of functions that return error pointers
> and then check the callers.
> The Huawei devs find a bunch of these bugs through static analysis but
> I don't know which tools they are using.
> Today, I accidentally introduced a bug by converting a call that can
> "in theory/the future return error pointers" but also returns NULL at
> the end of a list.  I thought it was only supposed to be checked for
> NULLs.  Fortunately Colin King found it right away.  That was just
> sloppiness on my part :/ and it's pretty rare to find code like that.

Do you think an annotation could still help, by making it explicit in
headers whether a function returns NULL or an error pointer, thus
helping developers get it right in the first place ?


Laurent Pinchart

  parent reply	other threads:[~2021-06-23  2:34 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-22 14:31 [PATCH] media: v4l2-subdev: fix some NULL vs IS_ERR() checks Dan Carpenter
2021-06-22 15:08 ` Laurent Pinchart
2021-06-22 15:58   ` Dan Carpenter
2021-06-23  2:29     ` weiyongjun (A)
2021-06-23  2:34     ` Laurent Pinchart [this message]
2021-06-23  9:03       ` Dan Carpenter
2021-06-23 12:56         ` Laurent Pinchart
2021-06-22 20:01 ` Sakari Ailus

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).