Bug 190121

Summary: Static analysis by PVS-Studio
Product: Other Reporter: Pavel Belikov (belikov)
Component: OtherAssignee: other_other
Status: NEW ---    
Severity: normal CC: adobriyan, antmak.pub, quarckster
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 4.9-rc4 Subsystem:
Regression: No Bisected commit-id:

Description Pavel Belikov 2016-12-12 07:07:02 UTC 
To demonstrate the capabilities of our analyzer, we regularly perform analysis of open source projects. We had recently checked the Linux Kernel project.

Here is the link to the article about it: http://www.viva64.com/en/b/0460/
Official page of the analyzer: http://www.viva64.com/en/pvs-studio/

If you have any questions, or if you are interested in the evaluation of our static analyzer or in any other source code quality control services that our company provides, please contact us at support@viva64.com.
Comment 1 Alexey Dobriyan 2017-01-05 15:07:02 UTC 
When Coverity started to static check kernel, they ran a database with issues without all blog explanations. Do you have anything similar?

I mean, "30 min" "No timeout" is clever bug but extracting it from surrounding text can be annoying.
Comment 2 Pavel Belikov 2017-01-09 12:27:28 UTC 
(In reply to Alexey Dobriyan from comment #1)
> When Coverity started to static check kernel, they ran a database with
> issues without all blog explanations. Do you have anything similar?
> 
> I mean, "30 min" "No timeout" is clever bug but extracting it from
> surrounding text can be annoying.

The  article  is  not  intended to facilitate bug search in the source
code.  It  is  rather  meant  to demonstrate the analyzer's diagnostic
capabilities.  By  the  moment  of  posting  the  article,  the errors
discussed  there  might  become  obsolete  or line numbers may change.
Anyway,  this kind of report can't be treated as a convenient means to
help you fix bugs in the code.

You  should  also  keep  in  mind that in our articles we discuss only
those warnings that we find most interesting, as we don't aim at doing
a  full-blown  analysis  and  the  article  can't  give  you  complete
information  about  the  project.  That's  why we suggest that project
authors  check  the  most  recent version themselves. We can help with
that by providing a temporary license and user support.