From mboxrd@z Thu Jan 1 00:00:00 1970 From: Konrad Rzeszutek Wilk Subject: Re: Static analysis: Code weaknesses Date: Tue, 13 Mar 2012 12:47:08 -0400 Message-ID: <20120313164708.GE19228@phenom.dumpdata.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Jeffrey Karrels Cc: xen-devel@lists.xensource.com List-Id: xen-devel@lists.xenproject.org On Fri, Mar 09, 2012 at 10:10:52AM -0800, Jeffrey Karrels wrote: > Hello All, > > I am in the starting stages of research into static code analysis of > Xen (as well as correction/remediation). I noticed a lot of comments > towards code {sonar, surfer}, coverity, splint, etc in the forums, but > most of the activity was back from the 2006-2008 era. Is anyone active > in this area right now? I don't want to duplicate work and even better > it would be nice to get a group together with a specific common > objective. From a licensing perspective I am not sure how it works yet > as I know some of the commercial tools have very strict contracts on > releasing analysis output. With that said though perhaps others are > using commercial tools already and we could be steered to utilize > similar tools in order to collaborate. Have you looked at smatch and sparse? > > Thoughts? > > Jeff > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xen.org > http://lists.xen.org/xen-devel