On Tue, Sep 18, 2012 at 8:11 AM, James Hawkins <jhawk...@chromium.org> wrote: > Hey folks, > > TL;DR - If you have opinions one way or another about having a Coverity > instance available for WebKit developers, please respond to this message.
I don't have an opinion, but: > Coverity is a static analysis tool [1] which scans source code and reports > defects in the code. We've been using Coverity to find defects in Chrome > for a while now, and though there is sometimes a bit of subjectivity > involved in the defect types (e.g. whether a return value should be > checked), the signal is generally high. > > Off the top of my head, the following are the defects I spend most of my > time fixing: > * Uninitialized variables (including member variables). > - Chrome has had at least 4 crash fixes in the past few months due to this > defect (which were caught by Coverity). This sounds very useful. Do you know how this is done? If you have a class whose constructor calls a clear() function which sets all variables, will it warn about the constructor not initializing all members? If so, how do you suppress the warning in this case? (There was a thread on the clang mailing list on having a warning like this, and we couldn't come up with a good way to handle this case.) > * Passing large parameters by value. > - Generally a trivial fix. I don't have performance data to say what > affect fixing these hash, but 'death by a thousand cuts' eh? I have seen at least three crashes in the last few months that were cause by changes to fix this warning (something that used to be a copied object became a dangling reference). I'm not sure this warning is worth it. > * Forward/Reverse/I - Nulls. > - Coverity is very good at understanding when a value is NULL and the tool > will tell you which code paths are using a NULL value. > * Tons of security issue-causing defects. > > > I'd like to propose adding a Coverity instance for the WebKit community, but > I want to make sure there's general support before writing up the detailed > proposal. > > A few details: > * Google will front the cost of the license (non-zero...very far from zero) > and the infrastructure. > * I'd leave it up to the WebKit leadership to decide who has access (most > likely limited to WebKit committers for security purposes). > > The biggest rationale is to provide a strong defect signal for the entire > WebKit community, which would directly impact the success of all > WebKit-based projects. Coverity has provided free licenses for unsponsored > (by larger corporations anyway) open-source projects; this has resulted in > significant improvements [2] to the code bases of these projects, one of > which I was directly involved with years ago (Wine). > > Let me know if you love the idea or hate it. > > Thanks, > James > > > [1] http://www.coverity.com/products/static-analysis.html > [2] > http://softwareintegrity.coverity.com/coverity-scan-2011-open-source-integrity-report-registration.html > - registration required now :( > > > _______________________________________________ > webkit-dev mailing list > webkit-dev@lists.webkit.org > http://lists.webkit.org/mailman/listinfo/webkit-dev > _______________________________________________ webkit-dev mailing list webkit-dev@lists.webkit.org http://lists.webkit.org/mailman/listinfo/webkit-dev
