[coreboot] How to deal with Coverity reports? (was: Missing Coverity reports)

Paul Menzel paulepanter at users.sourceforge.net
Mon Mar 14 21:37:55 CET 2016


Dear Stefan,


Am Sonntag, den 13.03.2016, 22:27 -0700 schrieb Stefan Reinauer:
> On 03/12/2016 01:51 PM, Paul Menzel wrote:

> > does Coverity still check the coreboot code base or have there been
> > changes? It’d be great to get it going again and to have the errors
> > fixed in code that is currently committed.
> 
> There are no automatic runs of coverity right now, but the plan is to
> continue having coverity check the code base.

That’s good to know. I think it’s very valuable.

> It would be nice to build a task force for fixing the issues found by
> coverity. Any takers?

What is the best plan? In my opinion, the author of the possibly
“suboptimal” code, should be responsible to fix it.

The maintainer of the affected system should probably come next in line
and contact the author, if they are not responding themselves.

Hopefully, that will deal with 90 % of the issues.

For the rest of the issues, a task force would indeed be nice. I would
try to tackle some issues, if I have some spare minutes. A lot of those
will be over my head though.


Thanks,

Paul
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part
URL: <http://www.coreboot.org/pipermail/coreboot/attachments/20160314/c6ed2c6f/attachment.asc>


More information about the coreboot mailing list