lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240418154633.GD31776@pendragon.ideasonboard.com>
Date: Thu, 18 Apr 2024 18:46:33 +0300
From: Laurent Pinchart <laurent.pinchart@...asonboard.com>
To: Ricardo Ribalda <ribalda@...omium.org>
Cc: Dan Carpenter <dan.carpenter@...aro.org>,
	Martin Tuma <martin.tuma@...iteqautomotive.com>,
	Mauro Carvalho Chehab <mchehab@...nel.org>,
	Hans Verkuil <hverkuil-cisco@...all.nl>,
	Hugues Fruchet <hugues.fruchet@...s.st.com>,
	Alain Volmat <alain.volmat@...s.st.com>,
	Maxime Coquelin <mcoquelin.stm32@...il.com>,
	Alexandre Torgue <alexandre.torgue@...s.st.com>,
	Paul Kocialkowski <paul.kocialkowski@...tlin.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Chen-Yu Tsai <wens@...e.org>,
	Jernej Skrabec <jernej.skrabec@...il.com>,
	Samuel Holland <samuel@...lland.org>,
	Sakari Ailus <sakari.ailus@...ux.intel.com>,
	Thierry Reding <thierry.reding@...il.com>,
	Jonathan Hunter <jonathanh@...dia.com>,
	Sowjanya Komatineni <skomatineni@...dia.com>,
	Luca Ceresoli <luca.ceresoli@...tlin.com>,
	Matthias Brugger <matthias.bgg@...il.com>,
	AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>,
	Hans Verkuil <hverkuil@...all.nl>, Sergey Kozlov <serjk@...up.ru>,
	Abylay Ospan <aospan@...up.ru>,
	Ezequiel Garcia <ezequiel@...guardiasur.com.ar>,
	Dmitry Osipenko <digetx@...il.com>,
	Stanimir Varbanov <stanimir.k.varbanov@...il.com>,
	Vikash Garodia <quic_vgarodia@...cinc.com>,
	Bryan O'Donoghue <bryan.odonoghue@...aro.org>,
	Bjorn Andersson <andersson@...nel.org>,
	Konrad Dybcio <konrad.dybcio@...aro.org>,
	Benjamin Mugnier <benjamin.mugnier@...s.st.com>,
	Sylvain Petinot <sylvain.petinot@...s.st.com>,
	Jacopo Mondi <jacopo+renesas@...ndi.org>,
	Kieran Bingham <kieran.bingham+renesas@...asonboard.com>,
	Niklas Söderlund <niklas.soderlund+renesas@...natech.se>,
	Pavel Machek <pavel@....cz>, linux-media@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	linux-stm32@...md-mailman.stormreply.com,
	linux-arm-kernel@...ts.infradead.org, linux-staging@...ts.linux.dev,
	linux-sunxi@...ts.linux.dev, linux-tegra@...r.kernel.org,
	linux-mediatek@...ts.infradead.org, linux-arm-msm@...r.kernel.org,
	Oleg Drokin <green@...uxhacker.ru>
Subject: Re: [PATCH 00/35] media: Fix coccinelle warning/errors

Hi Ricardo,

On Thu, Apr 18, 2024 at 04:51:06PM +0200, Ricardo Ribalda wrote:
> On Thu, 18 Apr 2024 at 12:53, Laurent Pinchart wrote:
> > On Wed, Apr 17, 2024 at 06:19:14PM +0200, Ricardo Ribalda wrote:
> > > On Wed, 17 Apr 2024 at 17:51, Laurent Pinchart wrote:
> > > > On Tue, Apr 16, 2024 at 11:47:17AM +0300, Dan Carpenter wrote:
> > > > > In my opinion, it's better to just ignore old warnings.
> > > >
> > > > I agree. Whatever checkers we enable, whatever code we test, there will
> > > > always be false positives. A CI system needs to be able to ignore those
> > > > false positives and only warn about new issues.
> > >
> > > We already have support for that:
> > > https://gitlab.freedesktop.org/linux-media/media-ci/-/tree/main/testdata/static?ref_type=heads
> >
> > Those are manually written filters. Would it be possible to reduce the
> > manual step to flagging something as a false positive, and have a
> > machine build the filters ?
> 
> Do you expect that the list of exceptions will grow?
> 
> I hope that once the CI is in place we will fix the warnings before
> they land in the tree.

Any static checker is bound to produce false positives. Some of them can
be addressed by improving the checker, others by modifying the source
code, but in some cases the first option would be too difficult and the
second would reduce readability of the code. I thus thing the list of
accepted false positives will grow over time.

> > > But it would be great if those lists were as small as possible:
> > >
> > > - If we have a lot of warnings, two error messages can be combined and
> > > will scape the filters
> > > eg:
> > > print(AAAA);
> > > print(BBBB);
> > > > AABBBAAB
> > >
> > > - The filters might hide new errors if they are too broad
> > >
> > >
> > > Most of the patches in this series are simple and make a nicer code:
> > > Eg the non return minmax() ,
> > > Other patches show real integer overflows.
> > >
> > > Now that the patches are ready, let's bite the bullet and try to
> > > reduce our technical debt.
> > >
> > > > > When code is new the warnings are going to be mostly correct.  The
> > > > > original author is there and knows what the code does.  Someone has
> > > > > the hardware ready to test any changes.  High value, low burden.
> > > > >
> > > > > When the code is old only the false positives are left.  No one is
> > > > > testing the code.  It's low value, high burden.
> > > > >
> > > > > Plus it puts static checker authors in a difficult place because now
> > > > > people have to work around our mistakes.  It creates animosity.
> > > > >
> > > > > Now we have to hold ourselves to a much higher standard for false
> > > > > positives.  It sounds like I'm complaining and lazy, right?  But Oleg
> > > > > Drokin has told me previously that I spend too much time trying to
> > > > > silence false positives instead of working on new code.  He's has a
> > > > > point which is that actually we have limited amount of time and we have
> > > > > to make choices about what's the most useful thing we can do.
> > > > >
> > > > > So what I do and what the zero day bot does is we look at warnings one
> > > > > time and we re-review old warnings whenever a file is changed.
> > > > >
> > > > > Kernel developers are very good at addressing static checker warnings
> > > > > and fixing the real issues...  People sometimes ask me to create a
> > > > > database of warnings which I have reviewed but the answer is that
> > > > > anything old can be ignored.  As I write this, I've had a thought that
> > > > > instead of a database of false positives maybe we should record a
> > > > > database of real bugs to ensure that the fixes for anything real is
> > > > > applied.

-- 
Regards,

Laurent Pinchart

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ