Home | History | Annotate | Line # | Download | only in roadmaps
verification revision 1.2 
      1  1.2     kamil $NetBSD: verification,v 1.2 2019/06/17 17:45:18 kamil Exp $
      2  1.1  dholland 
      3  1.1  dholland NetBSD Verification Roadmap
      4  1.1  dholland ===========================
      5  1.1  dholland 
      6  1.1  dholland This roadmap covers things that we intend or would like to do pursuant
      7  1.1  dholland to verification and quality control.
      8  1.1  dholland 
      9  1.1  dholland The following elements, projects, and goals are relatively near-term:
     10  1.1  dholland 
     11  1.1  dholland  1. Cut down the Coverity backlog
     12  1.1  dholland  3. Deploy clang-static-analyzer
     13  1.1  dholland 
     14  1.1  dholland The following elements, projects, and goals are longer-term:
     15  1.1  dholland 
     16  1.1  dholland  4. mint
     17  1.1  dholland  5. Database-driven program analyzer
     18  1.1  dholland 
     19  1.1  dholland The following elements, projects, and goals are rather blue-sky so far:
     20  1.1  dholland 
     21  1.1  dholland  6. Use Frama-C to verify fsck_ffs
     22  1.1  dholland 
     23  1.1  dholland 
     24  1.1  dholland Explanations
     25  1.1  dholland ============
     26  1.1  dholland 
     27  1.1  dholland 1. Cut down the Coverity backlog
     28  1.1  dholland 
     29  1.1  dholland Coverity provides us with free analysis reports, which we sometimes
     30  1.1  dholland handle and sometimes don't. Apparently though Linux has a lower number
     31  1.1  dholland of Coverity hits per line than we do; that seems fundamentally wrong
     32  1.1  dholland and something that should get attention. Most of the problems Coverity
     33  1.1  dholland finds are pretty easily fixed, or are false positives.
     34  1.1  dholland 
     35  1.1  dholland  - As of January 2017 coypu has been working on this. Christos often
     36  1.1  dholland    also fixes these.
     37  1.1  dholland  - There is currently no clear timeframe or release target.
     38  1.1  dholland  - Contact christos for further information.
     39  1.1  dholland 
     40  1.1  dholland 
     41  1.1  dholland 3. Deploy clang-static-analyzer
     42  1.1  dholland 
     43  1.1  dholland There is some makefile support for running clang-static-analyzer, but
     44  1.1  dholland it doesn't get done regularly. This should probably get added to the
     45  1.1  dholland autobuilds.
     46  1.1  dholland 
     47  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     48  1.1  dholland  - There is currently no clear timeframe or release target.
     49  1.1  dholland  - Contact joerg for further information.
     50  1.1  dholland 
     51  1.1  dholland 
     52  1.1  dholland 4. mint
     53  1.1  dholland 
     54  1.1  dholland A while back dholland started on a replacement for the existing lint,
     55  1.1  dholland since lint is not really smart enough to be useful and its code is
     56  1.1  dholland only marginally maintainable. The code is in othersrc, but it needs
     57  1.1  dholland some tidying before anyone else tries hacking on it.
     58  1.1  dholland 
     59  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     60  1.1  dholland  - There is currently no clear timeframe or release target.
     61  1.1  dholland  - Responsible: dholland
     62  1.1  dholland 
     63  1.1  dholland 
     64  1.1  dholland 5. Database-driven program analyzer
     65  1.1  dholland 
     66  1.1  dholland In the long run we would like to have a program analyzer that can
     67  1.1  dholland scale to the whole kernel and can do differential analyses across
     68  1.1  dholland different versions. This is a nontrivial project though.
     69  1.1  dholland 
     70  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     71  1.1  dholland  - There is currently no clear timeframe or release target.
     72  1.1  dholland  - Contact: dholland
     73  1.1  dholland 
     74  1.1  dholland 
     75  1.1  dholland 6. Use Frama-C to verify fsck_ffs
     76  1.1  dholland 
     77  1.1  dholland Frama-C is a framework for doing formal verification of C code using
     78  1.1  dholland (mostly) precondition/postcondition specs. It is not everything one
     79  1.1  dholland necessarily wants in a verification framework; but on the other hand
     80  1.1  dholland it exists and people do use it.
     81  1.1  dholland 
     82  1.1  dholland fsck_ffs seems like a good candidate for this because it's
     83  1.1  dholland mission-critical and what it needs to do is comparatively well
     84  1.1  dholland understood even in detail. However, the code may be too messy.
     85  1.1  dholland 
     86  1.1  dholland  - As of January 2017 nobody is known to be working on this.
     87  1.1  dholland  - There is currently no clear timeframe or release target.
     88  1.1  dholland  - Contact: dholland
     89