2012/1/19 David Tardon <[email protected]>: > Red Hat has been running coverity internally on all RHEL/Fedora rpms for > ~6 months now and a tool has been developed to simplify that for our > developers (i.e., send a source rpm, wait for results :-) The good news > is we are allowed to share the results. The not so good news is we only > have results for 3.4.3 (because we did not package anything newer at the > time of the last run) and the coverity tool seems to have problems with > C++11 stuff in libstdc++'s headers, so more recent runs are failing. > > When time permits (i.e., after 3.5.0 is out :-), I am going to think of > a way to do semiautomatic runs for master (let's say once a week) and > publish the results somewhere (probably splitted by category, to allow > more people to fix things without clashing with each other). Also create > an easy hack for it (or, better, one for each category?)
sounds great. > Note that the level of false positives is very high: the first run we > did found more than 3500 defects and my guesstimate is that more than 80 % > of them were false positives (I went through several categories--about > 500 defects in total--and fixed what I could, but I did not count :-) How to prevent false positives? could these be turned into easy hacks? They claim they're better then others on this. http://www.verifysoft.com/en_coverity_products_difference.html regards, -- Luc Castermans mailto:[email protected] _______________________________________________ LibreOffice mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/libreoffice
