[Webkit-unassigned] [Bug 104114] [META] [GTK] coverity warnings

Wed Jan 16 11:07:48 PST 2013

https://bugs.webkit.org/show_bug.cgi?id=104114

--- Comment #7 from Dan Winship <danw at gnome.org>  2013-01-16 11:09:34 PST ---
Created an attachment (id=183010)
 --> (https://bugs.webkit.org/attachment.cgi?id=183010&action=review)
gzipped coverity output

OK, apparently we are allowed to share the output, with the note that putting a "found by Coverity" or something in the ChangeLog entry is appreciated.

Note that many of these will be false positives (or style issues webkit apparently doesn't care about).

The coverity docs don't seem to be anywhere public on the web, but the error types with CWE designations (eg "ARRAY_VS_SINGLETON (CWE-119)") refer to error categories described on cwe.mitre.org. Of the remaining ones:

ASSERT_SIDE_EFFECT means code inside an assert statement has a side effect, and so the program will do something different if compiled with assertions disabled. These are usually false positives because they're in test programs, not real code.

COPY_PASTE_ERROR means it thinks it found a place where you did a copy/paste/rename, but didn't fully rename, or something like that.

OVERRUN is an apparent buffer overrun / array out-of-bounds access

PASS_BY_VALUE is when an egregiously large struct is passed by value (requiring lots of probably unnecessary copying).

Also, CHECKED_RETURN should really be called "UNCHECKED_RETURN", because that's what it means; it found some function that you normally check the return value of, and so it points out places where you *don't* check the return value

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.