Justus Winter, le Tue 04 Feb 2014 10:46:01 +0100, a écrit : > Quoting Thomas Schwinge (2013-10-25 15:48:06) > > When I recently read about it somewhere, I've also had the idea about > > feeding the Hurd code into the Coverity scanner, which I think offers > > such a service for Free Software projects. I also thought about dping > > the same for GNU Mach and glibc, and for each of these, including the > > stub files generated by MIG, for "self-containedness". > > I setup a coverity project for GNU Mach: > > https://scan.coverity.com/projects/1307
I've gone through the results. There are the two bugs in device/net_io.c which I haven't fixed and can be concerning, since they would imply injecting a bogus BPF filter could make the kernel crash. I guess a thorough look at the whole code would be good to catch all such kinds of issues. There is also the assert(thread->wait_status = -1); which look like they could have been intentional, I don't know without looking closer at the source code. 1167452 is probably worth checking. The FPU fixups are definitely to be cherry-picked by the debian package. Samuel
