[webkit-dev] Pre-proposal: Adding a Coverity instance for WebKIt
Hajime Morrita
morrita at chromium.org
Mon Sep 17 20:13:24 PDT 2012
On Tue, Sep 18, 2012 at 8:46 AM, Eric Seidel <eric at webkit.org> wrote:
> On Mon, Sep 17, 2012 at 6:35 PM, Benjamin Poulain <benjamin at webkit.org>
> wrote:
> > On Mon, Sep 17, 2012 at 4:11 PM, James Hawkins <jhawkins at chromium.org>
> > wrote:
> >>
> >> A few details:
> >> * Google will front the cost of the license (non-zero...very far from
> >> zero) and the infrastructure.
> >> * I'd leave it up to the WebKit leadership to decide who has access
> (most
> >> likely limited to WebKit committers for security purposes).
> >>
> >> The biggest rationale is to provide a strong defect signal for the
> entire
> >> WebKit community, which would directly impact the success of all
> >> WebKit-based projects. Coverity has provided free licenses for
> unsponsored
> >> (by larger corporations anyway) open-source projects; this has resulted
> in
> >> significant improvements [2] to the code bases of these projects, one of
> >> which I was directly involved with years ago (Wine).
> >
> >
> > I am a little skeptical of Coverity because of bad patches that
> originated
> > for its report (sometimes even discussed on webkit-dev). I think we
> should
> > keep in mind the tool also make many mistakes and we should not blindly
> > follows it.
> >
> > Could this be integrated with the EWS like a kind of advanced "style
> check"?
>
> I think this is a great idea, and would be trivial if coverity could
> be convinced to run on a diff file, or if we could wrap it in a script
> to only report errors on the changed lines. Either sounds very
>
And/Or are we going to allow inline annotations?
The practice Coverity suggested is to adding such annotations.
http://scan.coverity.com/best-practice.html
I personally think it's worth having inline annotations because it can also
help human code readers, so I'm curious what other folks think about that.
> doable. The EWS infrastructure is already in place once such a script
> exists.
> > Reporting possible improvements before patches lands would be more useful
> > than a separate bot.
> >
> > Benjamin
> >
> > _______________________________________________
> > webkit-dev mailing list
> > webkit-dev at lists.webkit.org
> > http://lists.webkit.org/mailman/listinfo/webkit-dev
> >
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> http://lists.webkit.org/mailman/listinfo/webkit-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20120918/020e9cb7/attachment.html>
More information about the webkit-dev
mailing list