-
No AI Slop
AI is a powerful tool and the kernel community uses AI. However, if an AI writes something for you and you can’t be bothered to read it then don’t send it. Just delete it.
-
Smatching an Rsync Bug
An investigation into whether Smatch would have prevented a recent security issue in rsync.
-
Sleeping in Atomic Warnings
TL/DR; Smatch has a warning “warn: sleeping in atomic context”. People sometimes want to know why they don’t see these warnings when they run Smatch. It requires the cross function database. Generating the cross function database is really time consuming and probably not worth it. Instead try to reproduce the warning at runtime by enabling…
-
return 0 is better than return ret
There are a lot of people who write “return ret;” when they mean “return 0;” I feel like I’m the person who cares about this the most in the world, but hopefully after reading this blog you will notice it as well and it will annoy you.
-
When to use == 0
This is no longer a debate in the Linux kernel, but I saw some code written in out of date style recently and it was a moment of reminiscing. You used to see code like this: You should never use == NULL or != NULL. This rule is enforced by checkpatch. Comparing against zero is…
-
strcpy strncpy() strlcpy() and strscpy()
The kernel has a number of strcpy() functions that copy a string from one pointer to another. This blog is a short guide. strcpy() is dangerous because it has no bounds checking and can lead to a buffer overflow. strncpy() will not overflow the destination buffer. But the problem is that if it has to…
-
Ignore old warnings
I really believe in static checkers but sometimes static checker advice is wrong and harmful. For example, earlier in the week we made a buffer 16 bytes larger to silence checker false positive. Another time we got into a pointless argument about how to silence a different checker false positive. The best way to deal…
-
Writing a check for zero IRQ error codes
In the earliest git release of the Linux kernel the platform_get_irq() function used to return zero on error. It’s hard for me to know why this is. I do think that there is a sense where unsigned int is “cleaner” for this purpose. From a practical perspective negative error codes are standard. Also are we…
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
Static Analysis by Dan Carpenter 