lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <46A60581.90800@austin.ibm.com>
Date:	Tue, 24 Jul 2007 08:58:25 -0500
From:	jschopp <jschopp@...tin.ibm.com>
To:	"Kok, Auke" <auke-jan.h.kok@...el.com>
CC:	Andy Whitcroft <apw@...dowen.org>, Andrew Morton <akpm@...l.org>,
	Randy Dunlap <rdunlap@...otime.net>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] update checkpatch.pl to version 0.08

> within the last 3 weeks, this script went from *really usable* to *a big 
> noise maker*.

As we (mostly Andy of late) add more checks (good) there is bound to be some code we just 
didn't forsee that generates false positives (bad).  You can see a consistent history of 
cleaning these up as quickly as people send them in.  Hopefully in the interim there 
aren't too many false positives and the script is still useful.  We do try to put the new 
tests through their paces before adding them in, but our imaginations are limited.

The goal has always been to err on the side of missing badness in code to avoid false 
positives. This way, when there is output it has a very high chance of not wasting your 
time.  Wait a couple weeks and it'll be there again.

> Bottom line: I really wish that I could have the script run in the old 
> behaviour before. While this level of verbosity is great for single-line 
> patches, it really completely wastes my time when I'm trying to get a 
> grasp for a 200k hunk piece of code.

I think it would be a great idea to have the script default to very conservative behavior 
and have a flag say --verbose to turn on checks that have a higher false positive rate 
(such as the multiple variable declarations per line).  This might also be a staging area 
for newer checks to get a chance to work out some kinks before being added to the default.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ