On Tue, 2018-06-26 at 09:16 +0800, Chengguang Xu wrote: > sizeof() will return unsigned value so in the error check > negative error code will be always larger than sizeof(). This looks like a general class of error in the kernel where a signed result that could be returning a -errno is tested against < or <= sizeof() A couple examples: drivers/input/mouse/elan_i2c_smbus.c: len = i2c_smbus_read_block_data(client, ETP_SMBUS_IAP_PASSWORD_READ, val); if (len < sizeof(u16)) { i2c_smbus_read_block_data can return a negative errno net/smc/smc_clc.c: len = kernel_sendmsg(smc->clcsock, &msg, &vec, 1, sizeof(struct smc_clc_msg_decline)); if (len < sizeof(struct smc_clc_msg_decline)) where kernel_sendmsg can return a negative errno There are probably others, I didn't look hard. Perhaps a cocci script to find these could be generated? -- To unsubscribe from this list: send the line "unsubscribe linux-s390" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html