Am 2015-02-12 22:21, schrieb Liviu Andronic:
Dear all, Recently I've discovered Coverity, a code checking tool, and went ahead and submitted the Geany code for static analysis by this service: https://scan.coverity.com/projects/1388
Coverity has uncovered ~55 implementation defects in the code base, with 25 or so of high severity (memory corruption, resource leaks, etc.) To view the defects, you need to connect with your Github account (or create one with Coverity) and request 'Add me to project' (which I shall then approve). Coverity provides overall metrics like defect density (Geany scores an impressive 0.23), but also classifies uncovered bugs by type and severity, and provides a nice UI trying to explain to the devels the specifics of the bug and how to address it (e.g. where it happens, why it's an issue, etc.)
This tool is being used by heavyweights like LibreOffice, the Linux Kernel, Firefox or Python to improve the robustness of their code base. I suspect that Coverity could prove invaluable when trying to hunt down frustrating implementation issues causing obscure bugs.
In any case the identified bugs are now ready for inspection by the devels, so feel free to drop by!
Any chance to get the info w/o creating an account?
Cheers, Frank