Alvaro Herrera wrote:
> As far as I know we still haven't configured the coverity tools
> so that they don't report spurious errors in certain safe coding idioms
> we use, so our true defect density is likely to be lower than the article
> reports.
Actually, you'll be happy to hear that before this year's report and as part
of moving PostgreSQL to the latest version of analysis, we tuned analysis
results.
Among other things, the analysis now understands the various elog/
ereport(ERROR/PANIC) idioms which got rid of a lot of false positives,
and we also excluded generated code from analysis results.
I would expect the results to be quite relevant at this point - if there is
additional tuning to be done, please let us know at
scan-admin@coverity.com
Asya Kamsky
Coverity, Inc.
--
View this message in context: http://postgresql.1045698.n5.nabble.com/Postgres-code-quality-tp5514252p5516218.html
Sent from the PostgreSQL - advocacy mailing list archive at Nabble.com.
