[webkit-dev] Pre-proposal: Adding a Coverity instance for WebKIt
oliver at apple.com
Tue Sep 18 10:24:03 PDT 2012
My preference would simply be to improve the Clang static analyser - it's free, open source, etc.
I periodically run that analyzer on JSC, but apparently their ToT code has many improvements over stable.
On Sep 17, 2012, at 9:20 PM, Brent Fulgham wrote:
> Hi Gang,
> On Sep 17, 2012, at 4:11 PM, James Hawkins <jhawkins at chromium.org> wrote:
>> TL;DR - If you have opinions one way or another about having a Coverity instance available for WebKit developers, please respond to this message.
> I have used Coverity at on a couple of occasions, without modifying source code to help the static analyzer. While its rather high cost has prevented me from using it recently, I did think that it provided enough signal-to-noise that I really wish I still had it.
> I think one of its main advantages is the ability to have it run over the entire source tree periodically to do larger-scale analysis than we can do looking at individual changesets.
> Many of the bugs it found were of the 'uninitialized variable' type, but I did find that it could dredge up some very clever edge cases that were definitely worth fixing.
> Since the cost to the project is effectively zero, I think we would be very foolish not to take advantage of this very generous offer.
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
More information about the webkit-dev