On Fri, Jun 19, 2015 at 3:59 PM, Bram Moolenaar <[email protected]> wrote: > > > Ben Fritz wrote: > > > On Friday, June 19, 2015 at 2:06:59 PM UTC-5, Bram Moolenaar wrote: > > > > > > > > This patch causes a segfault at eval.c::17177 due to a trivial reason. > > > > > > > > The attached patch fixes it. > > > > > > Thanks! Unfortunately valgrind does not find this kind of error. > > > > > > > It was a buffer size error...Coverity finds that kind of error (not > > sure about this one specifically) and I know Vim is included in their > > open-source scan (although you've been somewhat dismissive of the > > results in the past). > > > > Do you get to do on-demand scans of patches as they come out, or do > > they just run it every now and then on their own? I've used Coverity > > at work for a couple years but I don't know how their open-source > > stuff works. I'd be interested in bopping down errors as they pop up > > if I can initiate analysis and such...especially if that means I can > > maintain my compiler plugins for their tools easier at the same time. > > Coverity should run automatically. I haven't checked the output > recently. There used to be quite a few false positives, maybe it's > better now. > > I'm not sure the Vim results are available to others or can be made > available. >
According to https://scan.coverity.com/projects/241 Vim's last scan was in 2013. I gather contributors submit code somewhat manually (I'd guess they capture builds on their own and submit for analysis server-side or something). I signed up for an account on that page and requested access to Vim's project; I'm not sure who the admin for the project is (I assumed it would be you, Bram) but if I get access I'd be happy to start triaging issues and submitting the code for scans periodically. If I can't figure out patches I can at least forward issues that look like they could be real to the mailing list. But in my experience most of the issues Coverity finds have easy fixes that often don't even require a lot of familiarity with the code. Let me know (off-list if needed) if this isn't something you want me doing. I know there are contributors with a great deal more patches in their name than me but I figure I might be able to contribute a little more this way. :-) -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
