On Wed, Apr 21, 2021 at 02:56:27AM -0500, Aditya Pakki wrote: > Greg, > > I respectfully ask you to cease and desist from making wild accusations > that are bordering on slander. > > These patches were sent as part of a new static analyzer that I wrote and > it's sensitivity is obviously not great. I sent patches on the hopes to get > feedback. We are not experts in the linux kernel and repeatedly making > these statements is disgusting to hear. > > Obviously, it is a wrong step but your preconceived biases are so strong > that you make allegations without merit nor give us any benefit of doubt. > > I will not be sending any more patches due to the attitude that is not only > unwelcome but also intimidating to newbies and non experts. You, and your group, have publicly admitted to sending known-buggy patches to see how the kernel community would react to them, and published a paper based on that work. Now you submit a new series of obviously-incorrect patches again, so what am I supposed to think of such a thing? They obviously were _NOT_ created by a static analysis tool that is of any intelligence, as they all are the result of totally different patterns, and all of which are obviously not even fixing anything at all. So what am I supposed to think here, other than that you and your group are continuing to experiment on the kernel community developers by sending such nonsense patches? When submitting patches created by a tool, everyone who does so submits them with wording like "found by tool XXX, we are not sure if this is correct or not, please advise." which is NOT what you did here at all. You were not asking for help, you were claiming that these were legitimate fixes, which you KNEW to be incorrect. A few minutes with anyone with the semblance of knowledge of C can see that your submissions do NOT do anything at all, so to think that a tool created them, and then that you thought they were a valid "fix" is totally negligent on your part, not ours. You are the one at fault, it is not our job to be the test subjects of a tool you create. Our community welcomes developers who wish to help and enhance Linux. That is NOT what you are attempting to do here, so please do not try to frame it that way. Our community does not appreciate being experimented on, and being "tested" by submitting known patches that are either do nothing on purpose, or introduce bugs on purpose. If you wish to do work like this, I suggest you find a different community to run your experiments on, you are not welcome here. Because of this, I will now have to ban all future contributions from your University and rip out your previous contributions, as they were obviously submitted in bad-faith with the intent to cause problems. *plonk* greg k-h
On Tue, Apr 20, 2021 at 01:10:08PM -0400, J. Bruce Fields wrote: > On Tue, Apr 20, 2021 at 09:15:23AM +0200, Greg KH wrote: > > If you look at the code, this is impossible to have happen. > > > > Please stop submitting known-invalid patches. Your professor is playing > > around with the review process in order to achieve a paper in some > > strange and bizarre way. > > > > This is not ok, it is wasting our time, and we will have to report this, > > AGAIN, to your university... > > What's the story here? Those commits are part of the following research: https://github.com/QiushiWu/QiushiWu.github.io/blob/main/papers/OpenSourceInsecurity.pdf They introduce kernel bugs on purpose. Yesterday, I took a look on 4 accepted patches from Aditya and 3 of them added various severity security "holes". Thanks
A szál itt kezdődik.