From b431833c129e0d6402c6f7be8e6028e4b54e94fb Mon Sep 17 00:00:00 2001 From: Patrick Georgi Date: Thu, 7 Mar 2019 13:50:22 +0100 Subject: Docs/project_ideas: Add coverity scan cleanup project Change-Id: I16d9a7f7088254c5c207adc9299a8525bf38199f Signed-off-by: Patrick Georgi Reviewed-on: https://review.coreboot.org/c/coreboot/+/31805 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Rudolph Reviewed-by: Angel Pons --- Documentation/contributing/project_ideas.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/Documentation/contributing/project_ideas.md b/Documentation/contributing/project_ideas.md index 9a2d414048..da51246525 100644 --- a/Documentation/contributing/project_ideas.md +++ b/Documentation/contributing/project_ideas.md @@ -146,3 +146,23 @@ their bug reports. ### Mentors * Patrick Georgi + +## Make coreboot coverity clean +coreboot and several other of our projects are automatically tested +using Synopsys' free "Coverity Scan" service. While some fare pretty +good, like [em100](https://scan.coverity.com/projects/em100) at 0 known +defects, there are still many open issues in other projects, most notably +[coreboot](https://scan.coverity.com/projects/coreboot) itself (which +is also the largest codebase). + +Not all of the reports are actual issues, but the project benefits a +lot if the list of unhandled reports is down to 0 because that provides +a baseline when future changes reintroduce new issues: it's easier to +triage and handle a list of 5 issues rather than more than 350. + +This project would be going through all reports and handling them +appropriately: Figure out if reports are valid or not and mark them +as such. For valid reports, provide patches to fix the underlying issue. + +### Mentors +* Patrick Georgi -- cgit v1.2.3