lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4B506378.3090507@s5r6.in-berlin.de>
Date:	Fri, 15 Jan 2010 13:45:44 +0100
From:	Stefan Richter <stefanr@...6.in-berlin.de>
To:	Julia Lawall <julia@...u.dk>
CC:	Mark Brown <broonie@...nsource.wolfsonmicro.com>,
	Pekka Enberg <penberg@...helsinki.fi>,
	David Miller <davem@...emloft.net>, adi@...apodia.org,
	nm127@...email.hu, david.vrabel@....com, linux-usb@...r.kernel.org,
	linux-kernel@...r.kernel.org, cocci@...u.dk,
	Andrew Morton <akpm@...ux-foundation.org>,
	Nicolas Palix <npalix@...u.dk>
Subject: Re: Changelog quality

Julia Lawall wrote:
> On Fri, 15 Jan 2010, Mark Brown wrote:
>> On Fri, Jan 15, 2010 at 11:05:21AM +0100, Julia Lawall wrote:
>>> On Fri, 15 Jan 2010, Pekka Enberg wrote:
>>>> It seems to me that the scripts are kernel specific so why don't we
>>>> put those useful scripts _within_ the kernel source tree and introduce
>>>> a "make coccinelle-check" target?

I guess many of these scripts are also applicable to other C programs.
But having such tests bundled with the kernel source and ready to be run
from make sounds good to me too.

>>> Indeed, perhaps a solution that would satisfy everyone would be to make a 
>>> place for scripts, perhaps with subdirectories for various tools, and then 
>>> when one submits a patch for tool X, one could then submit the script at 
>>> the same time (if it wasn't there already) and just refer to the script 
>>> that was used.  That way, if someone wants to know more about how the 
>>> change was made, they could look up the information, and if one does not, 
>>> then one would not be bother by having to scroll down to see the actual 
>>> patch.
>> This would also mean that other people could run and re-run the scripts
>> during development much more easily which would help improve the
>> coverage of new code.
> 
> On the other hand, one has to take into account the fact that at least in 
> my case, the patches that are submitted are the ones that I have carefully 
> checked for correctness.  Having a make target in the kernel might give 
> some suggestion of quality that is perhaps not appropriate?
> 
> julia

Surely some tests are more suitable for automation than others.  Those
who use these tests are probably aware though that the resulting reports
or patches require careful review.  This is similar as with reports from
checkpatch, sparse, lockdep etc., except that coccinelle already creates
a fix patch rather than just an error log.
-- 
Stefan Richter
-=====-==-=- ---= -====
http://arcgraph.de/sr/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ