| Message ID | 20231102141135.369-1-adiupina@astralinux.ru |
|---|---|
| State | New |
| Headers | show |
| Series | [1/4] Remove redundant return value check | expand |
On Thu, Nov 02, 2023 at 05:11:32PM +0300, Alexandra Diupina wrote: > media_entity_pads_init() will not return 0 only if the > 2nd parameter >= MEDIA_ENTITY_MAX_PADS (512), but 1 is > passed, so checking the return value is redundant > It can return an error because of this check: drivers/media/mc/mc-entity.c 215 if (hweight32(iter->flags & (MEDIA_PAD_FL_SINK | 216 MEDIA_PAD_FL_SOURCE)) != 1) { 217 ret = -EINVAL; 218 break; 219 } Plus I don't like removing error checking for this reason. Earlier this month I fixed a case where someone removed an IS_ERR() check but then we modified the function to return error pointers. https://lore.kernel.org/all/356fb42c-9cf1-45cd-9233-ac845c507fb7@moroto.mountain/ regards, dan carpenter
Hi Dan, On 11/2/23 15:35, Dan Carpenter wrote: > On Thu, Nov 02, 2023 at 05:11:32PM +0300, Alexandra Diupina wrote: >> media_entity_pads_init() will not return 0 only if the >> 2nd parameter >= MEDIA_ENTITY_MAX_PADS (512), but 1 is >> passed, so checking the return value is redundant >> >> Found by Linux Verification Center (linuxtesting.org) with SVACE. >> >> Fixes: ad85094b293e ("Revert "media: staging: atomisp: Remove driver"") >> Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru> >> --- >> drivers/staging/media/atomisp/i2c/atomisp-gc2235.c | 4 +--- >> drivers/staging/media/atomisp/i2c/atomisp-mt9m114.c | 6 +----- >> drivers/staging/media/atomisp/i2c/atomisp-ov2722.c | 2 -- >> drivers/staging/media/atomisp/i2c/ov5693/atomisp-ov5693.c | 2 -- >> 4 files changed, 2 insertions(+), 12 deletions(-) >> >> diff --git a/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c b/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c >> index 9fa390fbc5f3..f10931a03285 100644 >> --- a/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c >> +++ b/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c >> @@ -840,9 +840,7 @@ static int gc2235_probe(struct i2c_client *client) >> dev->ctrl_handler.lock = &dev->input_lock; >> dev->sd.ctrl_handler = &dev->ctrl_handler; >> >> - ret = media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); >> - if (ret) >> - gc2235_remove(client); > > Not related to your patch but why doesn't this error path return an > error? Can that be right? This is staging code and there are multiple camera sensor drivers under drivers/staging/media/atomisp/i2c/ The gc2235 driver is one of the drivers which I have not yes tested (I do have hw to test it, just no time), let alone worked on cleaning it up... Regards, Hans
Hi Hans, Alexandra, On Thu, Nov 02, 2023 at 03:21:04PM +0100, Hans de Goede wrote: > Hi Alexandra, > > On 11/2/23 15:11, Alexandra Diupina wrote: > > media_entity_pads_init() will not return 0 only if the > > 2nd parameter >= MEDIA_ENTITY_MAX_PADS (512), but 1 is > > passed, so checking the return value is redundant > > Generally speaking functions which can fail should always be > error-checked even if their invocation today happen to be > such that they will not fail. > > Either the invocation or the function itself my change > causing it to fail in the future. Which is why we want > to keep the error checks. > > But maybe media_entity_pads_init() is special and > does not need to be error checked. > > Sakari, Laurent do you have any opinion on this ? > > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > This feels like a false positive of the tool to me, > but lets wait and see what Sakari or Laurent have > to say. I agree with Hans: this function today may not fail with the parameters passed to it but it may happen in the future. In general it's good to check a return value of a function that returns one: if that function is changed, no-one will go through the callers as long as the arguments and the return value remain the same.
On Thu, Nov 02, 2023 at 05:11:33PM +0300, Alexandra Diupina wrote: > media_entity_pads_init() will not return 0 only if the > 2nd parameter >= MEDIA_ENTITY_MAX_PADS (512), but 1 is > passed, so checking the return value is redundant That may be the case today, but may not be true tomorrow if the function is extended to perform extra checks. I don't think dropping the error check in drivers is a good idea. > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > Fixes: 34009bffc1c6 ("media: i2c: Add RDACM20 driver") > Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru> > --- > drivers/media/i2c/rdacm20.c | 4 +--- > 1 file changed, 1 insertion(+), 3 deletions(-) > > diff --git a/drivers/media/i2c/rdacm20.c b/drivers/media/i2c/rdacm20.c > index f4e2e2f3972a..ed249ade54e0 100644 > --- a/drivers/media/i2c/rdacm20.c > +++ b/drivers/media/i2c/rdacm20.c > @@ -611,9 +611,7 @@ static int rdacm20_probe(struct i2c_client *client) > > dev->pad.flags = MEDIA_PAD_FL_SOURCE; > dev->sd.entity.function = MEDIA_ENT_F_CAM_SENSOR; > - ret = media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); > - if (ret < 0) > - goto error_free_ctrls; > + media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); > > ret = v4l2_async_register_subdev(&dev->sd); > if (ret)
diff --git a/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c b/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c index 9fa390fbc5f3..f10931a03285 100644 --- a/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c +++ b/drivers/staging/media/atomisp/i2c/atomisp-gc2235.c @@ -840,9 +840,7 @@ static int gc2235_probe(struct i2c_client *client) dev->ctrl_handler.lock = &dev->input_lock; dev->sd.ctrl_handler = &dev->ctrl_handler; - ret = media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); - if (ret) - gc2235_remove(client); + media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); return atomisp_register_i2c_module(&dev->sd, gcpdev, RAW_CAMERA); diff --git a/drivers/staging/media/atomisp/i2c/atomisp-mt9m114.c b/drivers/staging/media/atomisp/i2c/atomisp-mt9m114.c index 1c6643c442ef..b7a940fdbd0a 100644 --- a/drivers/staging/media/atomisp/i2c/atomisp-mt9m114.c +++ b/drivers/staging/media/atomisp/i2c/atomisp-mt9m114.c @@ -1581,11 +1581,7 @@ static int mt9m114_probe(struct i2c_client *client) /* REVISIT: Do we need media controller? */ ret = media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); - if (ret) { - mt9m114_remove(client); - return ret; - } - return 0; + return ret; } static const struct acpi_device_id mt9m114_acpi_match[] = { diff --git a/drivers/staging/media/atomisp/i2c/atomisp-ov2722.c b/drivers/staging/media/atomisp/i2c/atomisp-ov2722.c index 6a72691ed5b7..922774293bf4 100644 --- a/drivers/staging/media/atomisp/i2c/atomisp-ov2722.c +++ b/drivers/staging/media/atomisp/i2c/atomisp-ov2722.c @@ -993,8 +993,6 @@ static int ov2722_probe(struct i2c_client *client) dev->sd.entity.function = MEDIA_ENT_F_CAM_SENSOR; ret = media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); - if (ret) - ov2722_remove(client); return atomisp_register_i2c_module(&dev->sd, ovpdev, RAW_CAMERA); diff --git a/drivers/staging/media/atomisp/i2c/ov5693/atomisp-ov5693.c b/drivers/staging/media/atomisp/i2c/ov5693/atomisp-ov5693.c index 460a4e34c55b..8d5b74fb5d9c 100644 --- a/drivers/staging/media/atomisp/i2c/ov5693/atomisp-ov5693.c +++ b/drivers/staging/media/atomisp/i2c/ov5693/atomisp-ov5693.c @@ -1733,8 +1733,6 @@ static int ov5693_probe(struct i2c_client *client) dev->sd.ctrl_handler = &dev->ctrl_handler; ret = media_entity_pads_init(&dev->sd.entity, 1, &dev->pad); - if (ret) - ov5693_remove(client); return ret; out_free:
media_entity_pads_init() will not return 0 only if the 2nd parameter >= MEDIA_ENTITY_MAX_PADS (512), but 1 is passed, so checking the return value is redundant Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: ad85094b293e ("Revert "media: staging: atomisp: Remove driver"") Signed-off-by: Alexandra Diupina <adiupina@astralinux.ru> --- drivers/staging/media/atomisp/i2c/atomisp-gc2235.c | 4 +--- drivers/staging/media/atomisp/i2c/atomisp-mt9m114.c | 6 +----- drivers/staging/media/atomisp/i2c/atomisp-ov2722.c | 2 -- drivers/staging/media/atomisp/i2c/ov5693/atomisp-ov5693.c | 2 -- 4 files changed, 2 insertions(+), 12 deletions(-)