Hi again, On Wed, Aug 12, 2020 at 04:54:17AM +0200, Willy Tarreau wrote: > > Let me know about 1) and 2) above, and I will send a patch. > > You now get the idea, maybe my wording is not perfect and something is > more suitable, so feel free to propose anything along these lines :-)
Regarding a potential patch, I think we should really consider having new type, which is not exactly a bug but not a feature request either. The ones I'm having in mind are the valgrind and coverity reports, most of which are in fact 100% harmless but still potential bugs or "unclean" stuff, I don't really know how to qualify them. Maybe just "automated reports", which could even cover future tools. The issue is that it already happened to me twice to miss a real bug in the list when there were a burst of such reports occupying the main issues page. By nature they don't work the same way as bugs. They don't require the formalism of a real bug report, there are less round trips (i.e. I don't expect to see a "feedback required" status that often), they generally have no known impact so should be taken with less precedence than prod-blocking bugs, and can be handled by more people (especially the coverity reports). In addition, the valgrind reports present the risk to introduce real bugs when trying to fix them, just because the person looking at them may not necessarily know the affected area in deepest details, and it would be much safer to involve a knowledgeable maintainer. Also some of them will not be backported so there's an incentive to quickly act and close them, which is good because none should be seen rotting for a long time there. Having a special status will ease their listing and encourage eliminating them more regularly. Maybe we could add that as "test bot" (but some are really done by hand using a tool so that doesn't match). Actually I'm aware there's a slight difference between the coverity reports and valgrind reports, in that in the case of coverity it's a suspected issue while with valgrind it's a detected one. In the former case almost anyone can sort that out. In the second case, almost only the code's author knows and even sometimes it's hard, and a mistake done there becomes dramatic for stability. So maybe they're not exactly the same but in both cases they have no short term impact and some of them ought even not to be backported (which is why many of them are expected to be short lived). I'm open to ideas and suggestions. Cheers, Willy
