> Am 29.01.2018 um 09:20 schrieb Richard Frith-Macdonald > <richard.frith-macdon...@theengagehub.com>: > > > >> On 22 Jan 2018, at 22:23, Fred Kiefer <fredkie...@gmx.de> wrote: >> >> >> In the meantime my connection with GNUstep has been confirmed and I was able >> to look at the found issues. Many of them are false positives mostly caused >> by Coverity expecting normal program continuation after NSException raise. >> Even so it did detect a few potential issues in base. I flagged some of the >> false positives so the more interesting bits are left over for somebody to >> look at. Especially the „time of check, time of use“ issues should be looked >> at. > > I think the few outstanding defects are all addressed now, > Looking at a link from the coverty report I found this: > > Open Source Defect Density > > GNUstep base: 999,026 line of code and 0.01 defect density > > Open Source Defect Density By Project Size > > Line of Code (LOC) Defect Density > Less than 100,000 0.35 > 100,000 to 499,999 0.5 > 500,000 to 1 million 0.7 > More than 1 million 0.65 > Note: Defect density is measured by the number of defects per 1,000 lines of > code, identified by the Coverity platform. The numbers shown above are from > our 2013 Coverity Scan Report, which analyzed 250 million lines of open > source code. > > While it would have been better if it hadn't found any defects, it's still > nice to see that our defect density is about a 70th of their normal finding > (presumably those ratings are mean values for projects in the four size > categories).
There is a problem with these numbers. Coverity did only analyse about one third of the Objective-C files in GNUstep base and most likely only the smaller files. Coverity at the moment has issues with Objective-C protocols and only works with files where there are no references to any. That means we don’t know how many of the 1 million lines where actually checked for defects. The number 0.01 is basically meaningless :-) Fred _______________________________________________ Gnustep-dev mailing list Gnustep-dev@gnu.org https://lists.gnu.org/mailman/listinfo/gnustep-dev
