Finding confusing code in the linux kernel: An interview w/ Prof. Justin Cappos
Description
The linux kernel is 28 million lines of code.
These are 28 million opportunities for attack.
In possibly one of the most widely depended on projects in the world.
Humans alone can't possibly defend this. Humans need to find every vulnerability. An attacker only needs to find one.
The future must automate defending it.
A few months ago I spoke with Prof. Justin Cappos at NYU Tandon School of Engineering about automating code quality.
His answers surprised me.
I've personally always hated linters. I'm very scientific. Very demure. Very mindful. Very logical.
Linters seemed arbitrary. Rules made up by pedants.
Justin's lab had an idea: Maybe we could measure the importance of these rules scientifically. We can actually figure out if a line of code is statistically confusing.
Why is confusing code a bigger problem than not enough whitespace?
Simple: It's harder to debug what you can't understand.
Using these techniques they found 3.6 million confusing lines of code in open repositories.
Hopefully these techniques lead to a safer kernel, and safer code for you!
Watch on Youtube
Accelerometer Podcast
Accelerometer Youtube
Anarchy
Anarchy Discord
Anarchy LLM-VM
Anarchy Twitter
Anarchy LinkedIn
Matthew Mirman LinkedIn
United States
