On Sun, 22 Nov 2020, Joe Perches wrote:
On Sun, 2020-11-22 at 08:49 -0800, James Bottomley wrote:
We can enforce sysfs_emit going forwards using tools like checkpatch
It's not really possible for checkpatch to find or warn about sysfs uses of sprintf. checkpatch is really just a trivial line-by-line parser and it has no concept of code intent.
Checkpatch does suffer from the limitations of regular expressions. But that doesn't stop people from using it. Besides, Coccinelle can do analyses that can't be done with regular expressions, so it's moot.
It just can't warn on every use of the sprintf family. There are just too many perfectly valid uses.
but there's no benefit and a lot of harm to be done by trying to churn the entire tree
Single uses of sprintf for sysfs is not really any problem.
But likely there are still several possible overrun sprintf/snprintf paths in sysfs. Some of them are very obscure and unlikely to be found by a robot as the logic for sysfs buf uses can be fairly twisty.
Logic errors of this kind are susceptible to fuzzing, formal methods, symbolic execution etc. No doubt there are other techniques that I don't know about.
But provably correct conversions IMO _should_ be done and IMO churn considerations should generally have less importance.
Provably equivalent conversions are provably churn. So apparently you're advocating changes that are not provably equivalent.
These are patches for code not that's not been shown to be buggy. Code which, after patching, can be shown to be free of a specific kind of theoretical bug. Hardly "provably correct".
The problem is, the class of theoretical bugs that can be avoided in this way is probably limitless, as is the review cost and the risk of accidental regressions. And the payoff is entirely theoretical.
Moreover, the patch review workload for skilled humans is being generated by the automation, which is completely backwards: the machine is supposed to be helping.