[webkit-dev] Pre-proposal: Adding a Coverity instance for WebKIt

Brent Fulgham bfulgham at gmail.com
Mon Sep 17 21:20:15 PDT 2012

Hi Gang,

On Sep 17, 2012, at 4:11 PM, James Hawkins <jhawkins at chromium.org> wrote:

> TL;DR - If you have opinions one way or another about having a Coverity instance available for WebKit developers, please respond to this message.

I have used Coverity at on a couple of occasions, without modifying source code to help the static analyzer. While its rather high cost has prevented me from using it recently, I did think that it provided enough signal-to-noise that I really wish I still had it.

I think one of its main advantages is the ability to have it run over the entire source tree periodically to do larger-scale analysis than we can do looking at individual changesets.

Many of the bugs it found were of the 'uninitialized variable' type, but I did find that it could dredge up some very clever edge cases that were definitely worth fixing.

Since the cost to the project is effectively zero, I think we would be very foolish not to take advantage of this very generous offer.



More information about the webkit-dev mailing list