April 2024 - OpenScanHub - Fedora Mailing-Lists

RFC: Flaws detected by static analyzers in Fedora 41 Core Critical Path Packages

by Siteshwar Vashisht

Hello, This is a follow up on my previous email[1] about OpenScanHub Prototype for Fedora. Thank you to those who have provided early feedback. Your help is truly appreciated! I am writing this message to get feedback from the community on possibly new defects identified by static analyzers in Core Critical Path packages that have changed in Fedora 41. TLDR: This report[2] contains 14188 identified defects. Please review the report and provide feedback. A mass scan was performed this week on the packages that have changed in Fedora 41. This report[2] contains all the new defects that have been identified in the core packages listed in Critical Path Packages. Please review the report and fix or report any defects to upstream that may be real bugs. Not all defects reported by OpenScanHub may be actual bugs, so please verify reported defects before investing time into fixing or reporting them. We hope this is helpful for the packages you maintain and for the upstream projects. Questions can be asked on the OpenScanHub mailing list[3]. If you want to see the full logs of the scans, they are available on the tasks[4] page. User documentation for performing a scan is available on the Fedora wiki[5]. If the feedback on this report is positive, there may be a possibility of increasing the scope of scans to cover a wider range of packages. Please remember this is currently an early production stage for OpenScanHub scanning. Constructive feedback is appreciated. Thank you! [1] https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.o... [2] https://svashisht.fedorapeople.org/f41-22-Apr-2024/ [3] https://lists.fedoraproject.org/archives/list/openscanhub@lists.fedorapro... [4] https://openscanhub.fedoraproject.org/task/ [5] https://fedoraproject.org/wiki/OpenScanHub

2 weeks

1
1
1 / 0

Re: Task [#1393] units-2.22-6.fc39 finished, state: CLOSED

by Siteshwar Vashisht

On Sat, Apr 6, 2024 at 4:26 PM <openscanhub(a)lists.fedoraproject.org> wrote: > Hostname: fedora-osh-hub-79d97bc9db-trrd6 > Task ID: 1393 > Build: units-2.22-6.fc39 > Task state: CLOSED > Task owner: svashisht > Task method: MockBuild > > Task URL: http://openscanhub.stg.fedoraproject.org/task/1393/ > Comment: > > > All defects > > CLANG_WARNING 13 > COMPILER_WARNING 4 > CPPCHECK_WARNING 5 > GCC_ANALYZER_WARNING 6 > > This is a test reply to a notification generated by OpenScanHub.

1 month, 2 weeks

1
0
0 / 0

Test

by Siteshwar Vashisht

This is a test message.

1 month, 2 weeks

1
0
0 / 0

2024

OpenScanHub April 2024 ----- 2024 ----- May 2024 April 2024 March 2024 February 2024 January 2024

OpenScanHub April 2024