Dear coreboot folks,
Next to the Coverity Scan reports, sent to the list again [1], I wanted to remind everybody, that the Clang static analyzer scan-build is also checking the coreboot code, and the results are available online [2].
There are probably some false positives in there [3], but also some correct warnings. It’d be great if you keep an eye on the results, and maybe even run it yourself. It’s as easy as prepending `scan-build` to the Make call, or by selecting the option in the Kconfig menu.
scan-build make -j$(nproc)
Kind regards,
Paul
[1]: https://mail.coreboot.org/hyperkitty/list/coreboot@coreboot.org/thread/QFJRQ... [2]: https://coreboot.org/scan-build/ [3]: https://review.coreboot.org/c/coreboot/+/41420/9#message-9a65b4abc04834e2fcb...