Home | History | Annotate | Line # | Download | only in roadmaps
verification revision 1.1 
      1  1.1  dholland $NetBSD: verification,v 1.1 2017/01/13 10:14:58 dholland Exp $
      2  1.1  dholland 
      3  1.1  dholland NetBSD Verification Roadmap
      4  1.1  dholland ===========================
      5  1.1  dholland 
      6  1.1  dholland This roadmap covers things that we intend or would like to do pursuant
      7  1.1  dholland to verification and quality control.
      8  1.1  dholland 
      9  1.1  dholland The following elements, projects, and goals are relatively near-term:
     10  1.1  dholland 
     11  1.1  dholland  1. Cut down the Coverity backlog
     12  1.1  dholland  2. Deploy asan/ubsan
     13  1.1  dholland  3. Deploy clang-static-analyzer
     14  1.1  dholland 
     15  1.1  dholland The following elements, projects, and goals are longer-term:
     16  1.1  dholland 
     17  1.1  dholland  4. mint
     18  1.1  dholland  5. Database-driven program analyzer
     19  1.1  dholland 
     20  1.1  dholland The following elements, projects, and goals are rather blue-sky so far:
     21  1.1  dholland 
     22  1.1  dholland  6. Use Frama-C to verify fsck_ffs
     23  1.1  dholland 
     24  1.1  dholland 
     25  1.1  dholland Explanations
     26  1.1  dholland ============
     27  1.1  dholland 
     28  1.1  dholland 1. Cut down the Coverity backlog
     29  1.1  dholland 
     30  1.1  dholland Coverity provides us with free analysis reports, which we sometimes
     31  1.1  dholland handle and sometimes don't. Apparently though Linux has a lower number
     32  1.1  dholland of Coverity hits per line than we do; that seems fundamentally wrong
     33  1.1  dholland and something that should get attention. Most of the problems Coverity
     34  1.1  dholland finds are pretty easily fixed, or are false positives.
     35  1.1  dholland 
     36  1.1  dholland  - As of January 2017 coypu has been working on this. Christos often
     37  1.1  dholland    also fixes these.
     38  1.1  dholland  - There is currently no clear timeframe or release target.
     39  1.1  dholland  - Contact christos for further information.
     40  1.1  dholland 
     41  1.1  dholland 
     42  1.1  dholland 2. Deploy asan/ubsan
     43  1.1  dholland 
     44  1.1  dholland It ought to be possible to build any program in NetBSD, or the whole
     45  1.1  dholland world, using asan and/or ubsan. Currently there isn't an easy way to
     46  1.1  dholland do this. We should also do regular test runs with asan and ubsan
     47  1.1  dholland engaged.
     48  1.1  dholland 
     49  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     50  1.1  dholland  - There is currently no clear timeframe or release target.
     51  1.1  dholland  - Contact joerg (?) for further information.
     52  1.1  dholland 
     53  1.1  dholland 
     54  1.1  dholland 3. Deploy clang-static-analyzer
     55  1.1  dholland 
     56  1.1  dholland There is some makefile support for running clang-static-analyzer, but
     57  1.1  dholland it doesn't get done regularly. This should probably get added to the
     58  1.1  dholland autobuilds.
     59  1.1  dholland 
     60  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     61  1.1  dholland  - There is currently no clear timeframe or release target.
     62  1.1  dholland  - Contact joerg for further information.
     63  1.1  dholland 
     64  1.1  dholland 
     65  1.1  dholland 4. mint
     66  1.1  dholland 
     67  1.1  dholland A while back dholland started on a replacement for the existing lint,
     68  1.1  dholland since lint is not really smart enough to be useful and its code is
     69  1.1  dholland only marginally maintainable. The code is in othersrc, but it needs
     70  1.1  dholland some tidying before anyone else tries hacking on it.
     71  1.1  dholland 
     72  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     73  1.1  dholland  - There is currently no clear timeframe or release target.
     74  1.1  dholland  - Responsible: dholland
     75  1.1  dholland 
     76  1.1  dholland 
     77  1.1  dholland 5. Database-driven program analyzer
     78  1.1  dholland 
     79  1.1  dholland In the long run we would like to have a program analyzer that can
     80  1.1  dholland scale to the whole kernel and can do differential analyses across
     81  1.1  dholland different versions. This is a nontrivial project though.
     82  1.1  dholland 
     83  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     84  1.1  dholland  - There is currently no clear timeframe or release target.
     85  1.1  dholland  - Contact: dholland
     86  1.1  dholland 
     87  1.1  dholland 
     88  1.1  dholland 6. Use Frama-C to verify fsck_ffs
     89  1.1  dholland 
     90  1.1  dholland Frama-C is a framework for doing formal verification of C code using
     91  1.1  dholland (mostly) precondition/postcondition specs. It is not everything one
     92  1.1  dholland necessarily wants in a verification framework; but on the other hand
     93  1.1  dholland it exists and people do use it.
     94  1.1  dholland 
     95  1.1  dholland fsck_ffs seems like a good candidate for this because it's
     96  1.1  dholland mission-critical and what it needs to do is comparatively well
     97  1.1  dholland understood even in detail. However, the code may be too messy.
     98  1.1  dholland 
     99  1.1  dholland  - As of January 2017 nobody is known to be working on this.
    100  1.1  dholland  - There is currently no clear timeframe or release target.
    101  1.1  dholland  - Contact: dholland
    102