[webkit-dev] Pre-proposal: Adding a Coverity instance for WebKIt
fpizlo at apple.com
Mon Sep 17 20:27:23 PDT 2012
Annotations to spoonfeed a static analysis would make me profoundly unhappy.
On Sep 17, 2012, at 8:13 PM, Hajime Morrita <morrita at chromium.org> wrote:
> On Tue, Sep 18, 2012 at 8:46 AM, Eric Seidel <eric at webkit.org> wrote:
>> On Mon, Sep 17, 2012 at 6:35 PM, Benjamin Poulain <benjamin at webkit.org> wrote:
>> > On Mon, Sep 17, 2012 at 4:11 PM, James Hawkins <jhawkins at chromium.org>
>> > wrote:
>> >> A few details:
>> >> * Google will front the cost of the license (non-zero...very far from
>> >> zero) and the infrastructure.
>> >> * I'd leave it up to the WebKit leadership to decide who has access (most
>> >> likely limited to WebKit committers for security purposes).
>> >> The biggest rationale is to provide a strong defect signal for the entire
>> >> WebKit community, which would directly impact the success of all
>> >> WebKit-based projects. Coverity has provided free licenses for unsponsored
>> >> (by larger corporations anyway) open-source projects; this has resulted in
>> >> significant improvements  to the code bases of these projects, one of
>> >> which I was directly involved with years ago (Wine).
>> > I am a little skeptical of Coverity because of bad patches that originated
>> > for its report (sometimes even discussed on webkit-dev). I think we should
>> > keep in mind the tool also make many mistakes and we should not blindly
>> > follows it.
>> > Could this be integrated with the EWS like a kind of advanced "style check"?
>> I think this is a great idea, and would be trivial if coverity could
>> be convinced to run on a diff file, or if we could wrap it in a script
>> to only report errors on the changed lines. Either sounds very
> And/Or are we going to allow inline annotations?
> The practice Coverity suggested is to adding such annotations.
> I personally think it's worth having inline annotations because it can also help human code readers, so I'm curious what other folks think about that.
>> doable. The EWS infrastructure is already in place once such a script
>> > Reporting possible improvements before patches lands would be more useful
>> > than a separate bot.
>> > Benjamin
>> > _______________________________________________
>> > webkit-dev mailing list
>> > webkit-dev at lists.webkit.org
>> > http://lists.webkit.org/mailman/listinfo/webkit-dev
>> webkit-dev mailing list
>> webkit-dev at lists.webkit.org
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the webkit-dev