| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Nov 2020 14:15:53 +0100 (CET)
From: Julia Lawall <julia.lawall@...ia.fr>
To: Markus Elfring <Markus.Elfring@....de>
cc: Sumera Priyadarsini <sylphrenadin@...il.com>,
Coccinelle <cocci@...teme.lip6.fr>,
Gilles Muller <Gilles.Muller@...6.fr>,
Nicolas Palix <nicolas.palix@...g.fr>,
kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [Cocci] [PATCH v2] coccinelle: locks: Add balancedlock.cocci
script
> > +++ b/scripts/coccinelle/locks/balancedlock.cocci
> …
> > +//# False positives may be generated due to locks released within a nested
> > +//# function call or a goto block.
> > +///
> > +// Confidence: Moderate
>
> How good does such information fit together?
>
What kind of response do you expect? There are some concerns, so it's not
High confidence. It works pretty well so it's not low confidence. So
it's moderate confidence. What else is there to say?
> …
> >+ (
> > +mutex_lock@p(E);
> > +|
> > +read_lock@p(E);
> > +|
> …
>
> Why did you not reorder the elements of such a SmPL disjunctions according to
> an usage incidence (which can be determined by another SmPL script like
> “report_lock_calls.cocci”)?
I don't recall ever seeing any evidence that it has an impact for function
calls. Furthermore, the numbers will change over time. So why change it?
> …
> > +msg = "This code segment might have an unbalanced lock."
> > +coccilib.org.print_todo(j0[0], msg)
>
> Please pass the string literal directly.
>
> +coccilib.org.print_todo(j0[0], "This code segment might have an unbalanced lock.")
The code is fine as it is.
julia
Powered by blists - more mailing lists