Coverity static analysis of Upstart?
James Hunt
james.hunt at ubuntu.com
Fri Jun 3 08:55:59 UTC 2011
On 02/06/11 18:11, Andrew Pollock wrote:
> On Thu, Jun 02, 2011 at 05:54:46PM +0100, James Hunt wrote:
>> Hi All,
>>
>> I'm considering submitting Upstart (and NIH) to the Coverity Scan site
>> to allow the source code to be statically analysed:
>>
>> http://scan.coverity.com/about.html
>>
>> Any thoughts?
>>
>
> Any reason not to?
Hi Andrew,
Apologies for the somewhat terse mail, since it didn't really outline my
thoughts on this: I was wondering if anyone has a view on any viable OSS
equivalents to Coverity?
My personal view is that the OSS tooling in this area is lacking.
Although gcc has got a lot better over time wrt warnings and checks it
is IMHO no match for the likes of the commercial tools such as Coverity,
Klocwork, QA C/C++, etc.
It's a shame splint has languished for so long (it doesn't even handle
variadic macros). Maybe one day clang will provide similar capabilities...
For now, I've requested that Coverity consider scanning Upstart + libnih
(Upstream + Ubuntu). Let's see what happens...
Regards,
James.
More information about the upstart-devel
mailing list