This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Coverity scans as part of CI efforts -- glibc 2.22.
- From: "Carlos O'Donell" <carlos at redhat dot com>
- To: GNU C Library <libc-alpha at sourceware dot org>
- Cc: Paul Eggert <eggert at cs dot ucla dot edu>
- Date: Thu, 27 Aug 2015 21:32:22 -0400
- Subject: Coverity scans as part of CI efforts -- glibc 2.22.
- Authentication-results: sourceware.org; auth=none
Community,
I ran glibc 2.22 through coverity's open source scanner after
finding that it did a good job on some RHEL 6 analysis work I was
doing (caught two serious malloc issues).
My eventual goal is to automate the analysis as part of our CI
efforts with the build bots.
You can see the project here:
https://scan.coverity.com/projects/gnu-c-library-glibc?tab=overview
My notes on the process are here:
https://sourceware.org/glibc/wiki/Coverity
The scan results should be available to the public, but require
a github or coverity account to be created. If you don't like this
I think I can share the emailed results, or have them forwarded to
a mailing list for every scan.
The initial project was created by James E. King, III. James and
I have talked about how to make use of this resources, and I'm
going to add this testing as an optional step to the release
process.
Paul Eggert has already filed several bugs related to the coverity
scan (BZ #18868, #18871, #18872, #18873). Some of these bugs are
real, while others are just lameness on our part.
Thoughts and comments welcome.
Cheers,
Carlos.