Consider this first pattern: void error(void); int check(void); void foo (void) { unsigned int ret; ret = check(); if (ret < 0) error(); } Here, the comparison against zero is a tautology: ret, which is unsigned, can never be negative. Thus the compiler will remove the error branch causing a bug. This pattern is caught by clang and gcc's -Wtype-limits. *However*, that diagnostic has many lost bullets. It will also complain on some legitimate things such as in this second pattern: void error(void); void bar (unsigned int val) { if (val < 0 || val > 42) error(); } Here, the author just want to do a range check. Yes, the val < 0 comparison is a tautology, but that time, it does not result in faulty code when optimised out by the compiler. There is thus a need for a check that will catch the first pattern but that will let the second one go through. The difference between the two patterns is that in the first one the value returned by the check() function used to be signed whereas in the second one val was always unsigned to begin with. Add a check in sparse to warn if a value which used to be signed gets assigned to an unsigned and then gets compared against zero, either val < 0 or val >= 0. As pointed out by Linus in his original message, a few false positives remain, especially when many inline functions and macros get involved, but the level of noise is nothing in comparison to the -Wtype-limits. Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> Link: https://lore.kernel.org/all/CAHk-=wjQCbRA1UEag-1-9yn08KNNqerTj++SCbbW80At=rg5RQ@mail.gmail.com/ Signed-off-by: Vincent Mailhol <mailhol@kernel.org> Signed-off-by: Chris Li <sparse@chrisli.org>