This is the mail archive of the
mailing list for the glibc project.
bug fixes prompted by recent Coverity scan
- From: Paul Eggert <eggert at cs dot ucla dot edu>
- To: Florian Weimer <fweimer at redhat dot com>, libc-alpha at sourceware dot org
- Date: Fri, 28 Aug 2015 08:49:30 -0700
- Subject: bug fixes prompted by recent Coverity scan
- Authentication-results: sourceware.org; auth=none
- References: <1440571321-20287-1-git-send-email-eggert at cs dot ucla dot edu> <55DD6115 dot 2040000 at redhat dot com>
Two things about the recently-proposed bug fixes prompted by the Coverity scan.
First, Coverity itself does the scan for me. They use the glibc source to debug
their scanner, and they send me their reports as a service to the community. I
don't control the parameters they use. I found the latest set of four fixes by
inspecting only the changes in reports from previous glibc. Most of the changes
were false alarms (this is typical) and I generally left the code alone for the
Second, there's a lot of bureaucracy involved in getting obvious bugs like these
fixed. The current distracting thread about ChangeLog style is a symptom of the
problem. In the old days I would have simply installed the fixes and moved on,
but now I'm being asked for testcases and bugzilla references and ChangeLog
style reformattting and whatnot and I don't want to upset anybody's applecart
nor do I want to bother with all that paperwork (hey, I'm just a volunteer!) so
I've done nothing to follow up, which is not good.
I can't help contrasting the somewhat offputting responses to my four glibc
Coverity scan patches with the quite-friendly response I got from the gettext
project when I filed the gettext-related patch upstream. Here's the entire
I ran "git send-email --firstname.lastname@example.org".
Within a few hours, Daiki Ueno replied "Thanks, applied."
It's a pleasure helping to fix gettext bugs. I wish I could say the same thing
about glibc. I realize glibc is a bigger project and needs more bureaucracy
yadda yadda yadda, but come on guys, we've gone off the deep end.
Anyway, to work through this little problem could you please install the patches
for BZ#18868, BZ#18871, BZ#18872, and BZ#18873, whenever you have the time? The
fixes themselves all have reasonable consensus, I think. Please feel free to dot
all the Is and cross all the Ts that I missed. Thanks.