kicad-developers team mailing list archive

Thread
Date

Re: Coverity scan.

To: kicad-developers@xxxxxxxxxxxxxxxxxxx
From: Bob Gustafson <bobgus@xxxxxxx>
Date: Tue, 17 Feb 2015 15:39:41 -0600
Authentication-results: smtp02.rcn.cmh.synacor.com smtp.mail=bobgus@xxxxxxx; spf=neutral; sender-id=neutral
Authentication-results: smtp02.rcn.cmh.synacor.com header.from=bobgus@xxxxxxx; sender-id=neutral
In-reply-to: <E163B66520994006BD5141A80D095E82@redhat.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
X_cmae_category: , ,

The Coverity scan is a great addition to KiCad development.

Clicking around on the Coverity site - KiCad defects per 1000 lines are
pretty good compared to those projects that allow one to view their
statistics. Java based projects seem to be in the 5+ defects/1000.

Running Coverity often (assuming changes are made often too) seem to
provide better/quicker results. One project in that category is
'coreboot' with 81,041,862 lines analyzed. Their defect number is 0.0
per 1000 (roundoff helps). They were last analyzed one hour ago.

Since KiCad also patches wxPython and Boost, maybe a scan including the
patched code would provide some useful information. wxWidgets is on the
Coverity list and has defects/1000 in KiCad's ballpark. A report might
be helpful in crafting useful patches for KiCad.

Bob G

On 02/16/2015 06:44 AM, Miguel Ángel Ajo wrote:

This is very nice!!!

I requested access :)

Miguel Ángel Ajo

On Monday, 16 de February de 2015 at 13:33, Nick Østergaard wrote:

There is a button in there to ask for access. FYI.

Den 16/02/2015 13.15 skrev "Brian Sidebotham"
<brian.sidebotham@xxxxxxxxx <mailto:brian.sidebotham@xxxxxxxxx>>:

On 15 February 2015 at 20:11, Wayne Stambaugh <stambaughw@xxxxxxxxx
<mailto:stambaughw@xxxxxxxxx>> wrote:
> Mark Roszko was kind enough to set up a Coverity scan for KiCad at
> https://scan.coverity.com/projects/3606?tab=analysis_settings. Thank
> you Mark.  I would at least like my lead developers to sign up and
have
> Mark give you access to see the scan results. If you see a high
> severity issue that is in your code, please make sure it's not a false
> positive and tag it as such or fix it if the issue is legitemate.  At
> the very least, we should shoot for no high severity issues.
Obviously,
> zero issues of any severity should be the goal but we have to start
> somewhere.
>
> On the whole, the KiCad error rate is not as bad as I thought it might
> be.  We are currently at 1.52 per 1000 lines of code.  The average for
> open source projects larger than 1M lines of code is 0.65.  Let's
see if
> we can do better than average.
>
> Cheers,
>
> Wayne
>

Thanks for setting this up Mark, Can you give me access?

I signed up with my GitHub account, so username should be
BrianSidebotham or brian.sidebotham[at]gmail,com

Best Regards,

Brian.

_______________________________________________

Follow ups

Re: Coverity scan.
From: Mark Roszko, 2015-02-21

References

Coverity scan.
From: Wayne Stambaugh, 2015-02-15
Re: Coverity scan.
From: Brian Sidebotham, 2015-02-16
Re: Coverity scan.
From: Nick Østergaard, 2015-02-16
Re: Coverity scan.
From: Miguel Ángel Ajo, 2015-02-16