[Geany-Devel] using Coverity to audit the code base
Frank Lanitz
frank at xxxxx
Fri Feb 13 12:01:27 UTC 2015
Am 2015-02-12 22:21, schrieb Liviu Andronic:
> Dear all,
> Recently I've discovered Coverity, a code checking tool, and went
> ahead and submitted the Geany code for static analysis by this
> service:
> https://scan.coverity.com/projects/1388
>
> Coverity has uncovered ~55 implementation defects in the code
> base, with 25 or so of high severity (memory corruption, resource
> leaks, etc.) To view the defects, you need to connect with your Github
> account (or create one with Coverity) and request 'Add me to project'
> (which I shall then approve). Coverity provides overall metrics like
> defect density (Geany scores an impressive 0.23), but also classifies
> uncovered bugs by type and severity, and provides a nice UI trying to
> explain to the devels the specifics of the bug and how to address it
> (e.g. where it happens, why it's an issue, etc.)
>
> This tool is being used by heavyweights like LibreOffice, the Linux
> Kernel, Firefox or Python to improve the robustness of their code
> base. I suspect that Coverity could prove invaluable when trying to
> hunt down frustrating implementation issues causing obscure bugs.
>
> In any case the identified bugs are now ready for inspection by the
> devels, so feel free to drop by!
Any chance to get the info w/o creating an account?
Cheers,
Frank
More information about the Devel
mailing list