Re: [Libreoffice] Structural QA activities

2012/1/19 David Tardon <dtardon@redhat.com>:

> Red Hat has been running coverity internally on all RHEL/Fedora rpms for
> ~6 months now and a tool has been developed to simplify that for our
> developers (i.e., send a source rpm, wait for results :-) The good news
> is we are allowed to share the results. The not so good news is we only
> have results for 3.4.3 (because we did not package anything newer at the
> time of the last run) and the coverity tool seems to have problems with
> C++11 stuff in libstdc++'s headers, so more recent runs are failing.
>
> When time permits (i.e., after 3.5.0 is out :-), I am going to think of
> a way to do semiautomatic runs for master (let's say once a week) and
> publish the results somewhere (probably splitted by category, to allow
> more people to fix things without clashing with each other). Also create
> an easy hack for it (or, better, one for each category?)

sounds great.

> Note that the level of false positives is very high: the first run we
> did found more than 3500 defects and my guesstimate is that more than 80 %
> of them were false positives (I went through several categories--about
> 500 defects in total--and fixed what I could, but I did not count :-)

 How to prevent false positives? could these be turned into easy hacks?
They claim they're better then others on this.

http://www.verifysoft.com/en_coverity_products_difference.html

regards,

-- 
Luc Castermans
mailto:luc.castermans@gmail.com