Hi, It is our pleasure to inform you that we were able to achieve 0 outstanding defects for the GRUB Coverity x86_64/EFI and ARM64/EFI runs. We did analysis of 629 issues and fixed 535 of them. The rest has been dismissed mostly as false positives. This work allowed us to improve overall GRUB code quality, reliability and security. We will continue using the Coverity to verify correctness of newly introduced code and existing one.
The Coverity analysis and fixing of reported issues was initiated by Andrei Borzenkov in 2014. Later Vladimir Serbinenko joined and together continued this work until 2017. We restarted using the Coverity analyzer in 2020, when we were fixing BootHole security vulnerability and other issues. It took us 3 years to do analysis of all Coverity issues not solved earlier. It was very tedious process requiring hundreds of hours of code analysis done by many people. We think it is important to name all, in alphabetical order, who tirelessly worked to null out all defects reported by the Coverity: - Alec Brown (Oracle), - Alexey Makhalov (VMware), - Andrei Borzenkov, - Chris Coulson (Canonical), - Daniel Axtens, - Darren Kenny (Oracle), - Glenn Washburn, - Jagannathan Raman (Oracle), - Jan Setje-Eilers (Oracle), - Konrad Rzeszutek Wilk (Oracle), - Marco A Benatto (Red Hat), - Patrick Steinhardt, - Paulo Flabiano Smorigo (Canonical), - Ross Philipson (Oracle), - Vladimir Serbinenko, - WANG Xuerui. Thank you for doing this work guys! This success would not be possible without you! Daniel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
