[webkit-dev] Pre-proposal: Adding a Coverity instance for WebKIt
Oliver Hunt
oliver at apple.com
Tue Sep 18 10:24:03 PDT 2012
My preference would simply be to improve the Clang static analyser - it's free, open source, etc.
I periodically run that analyzer on JSC, but apparently their ToT code has many improvements over stable.
--Oliver
On Sep 17, 2012, at 9:20 PM, Brent Fulgham wrote:
> Hi Gang,
>
> On Sep 17, 2012, at 4:11 PM, James Hawkins <jhawkins at chromium.org> wrote:
>
>> TL;DR - If you have opinions one way or another about having a Coverity instance available for WebKit developers, please respond to this message.
>
> I have used Coverity at on a couple of occasions, without modifying source code to help the static analyzer. While its rather high cost has prevented me from using it recently, I did think that it provided enough signal-to-noise that I really wish I still had it.
>
> I think one of its main advantages is the ability to have it run over the entire source tree periodically to do larger-scale analysis than we can do looking at individual changesets.
>
> Many of the bugs it found were of the 'uninitialized variable' type, but I did find that it could dredge up some very clever edge cases that were definitely worth fixing.
>
> Since the cost to the project is effectively zero, I think we would be very foolish not to take advantage of this very generous offer.
>
> Thanks,
>
> -Brent
>
> _______________________________________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> http://lists.webkit.org/mailman/listinfo/webkit-dev
More information about the webkit-dev
mailing list