← Back to context

Comment by st_goliath

4 years ago

> non-existent... static analysis .... Whats being done to address those issues?

Static analysis is being done[1][2], in addition, there are also CI test farms[3][4], fuzzing farms[5], etc. Linux is a project that enough large companies have a stake in that there are some willing to throw resources like this at it.

Human review is supposed to be done through the mailing list submission process. How well this works depends in my experience from ML to ML.

[1] https://www.kernel.org/doc/html/v4.15/dev-tools/coccinelle.h...

[2] https://scan.coverity.com/projects/linux

[3] https://cki-project.org/

[4] https://bottest.wiki.kernel.org/

[5] https://syzkaller.appspot.com/upstream

0 comments

st_goliath

Reply