On Fr, 19 Jun 2015, Benjamin Fritz wrote: > On Fri, Jun 19, 2015 at 3:59 PM, Bram Moolenaar <[email protected]> wrote: > > > > > > Ben Fritz wrote: > > > > > On Friday, June 19, 2015 at 2:06:59 PM UTC-5, Bram Moolenaar wrote: > > > > > > > > > > This patch causes a segfault at eval.c::17177 due to a trivial reason. > > > > > > > > > > The attached patch fixes it. > > > > > > > > Thanks! Unfortunately valgrind does not find this kind of error. > > > > > > > > > > It was a buffer size error...Coverity finds that kind of error (not > > > sure about this one specifically) and I know Vim is included in their > > > open-source scan (although you've been somewhat dismissive of the > > > results in the past). > > > > > > Do you get to do on-demand scans of patches as they come out, or do > > > they just run it every now and then on their own? I've used Coverity > > > at work for a couple years but I don't know how their open-source > > > stuff works. I'd be interested in bopping down errors as they pop up > > > if I can initiate analysis and such...especially if that means I can > > > maintain my compiler plugins for their tools easier at the same time. > > > > Coverity should run automatically. I haven't checked the output > > recently. There used to be quite a few false positives, maybe it's > > better now. > > > > I'm not sure the Vim results are available to others or can be made > > available. > > > > According to https://scan.coverity.com/projects/241 Vim's last scan was in > 2013. I gather contributors submit code somewhat manually (I'd guess they > capture builds on their own and submit for analysis server-side or something). > > I signed up for an account on that page and requested access to Vim's project; > I'm not sure who the admin for the project is (I assumed it would be you, > Bram) > but if I get access I'd be happy to start triaging issues and submitting the > code for scans periodically. If I can't figure out patches I can at least > forward issues that look like they could be real to the mailing list. But in > my > experience most of the issues Coverity finds have easy fixes that often don't > even require a lot of familiarity with the code. > > Let me know (off-list if needed) if this isn't something you want me doing. I > know there are contributors with a great deal more patches in their name than > me but I figure I might be able to contribute a little more this way. :-)
Looks like you already got approved. I just uploaded a new build 7.4.749 for analysis. There should be results available soon. Best, Christian -- Wie man sein Kind nicht nennen sollte: Indy Kator -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
