/Misc/README.klocwork

http://unladen-swallow.googlecode.com/ · Unknown · 30 lines · 22 code · 8 blank · 0 comment · 0 complexity · 43e3430c4397b4a5cfac1297621e5a6a MD5 · raw file

  1. Klocwork has a static analysis tool (K7) which is similar to Coverity.
  2. They will run their tool on the Python source code on demand.
  3. The results are available at:
  4. https://opensource.klocwork.com/
  5. Currently, only Neal Norwitz has access to the analysis reports. Other
  6. people can be added by request.
  7. K7 was first run on the Python 2.5 source code in mid-July 2006.
  8. This is after Coverity had been making their results available.
  9. There were originally 175 defects reported. Most of these
  10. were false positives. However, there were numerous real issues
  11. also uncovered.
  12. Each warning has a unique id and comments that can be made on it.
  13. When checking in changes due to a K7 report, the unique id
  14. as reported by the tool was added to the SVN commit message.
  15. A comment was added to the K7 warning indicating the SVN revision
  16. in addition to any analysis.
  17. False positives were also annotated so that the comments can
  18. be reviewed and reversed if the analysis was incorrect.
  19. A second run was performed on 10-Aug-2006. The tool was tuned to remove
  20. some false positives and perform some additional checks. ~150 new
  21. warnings were produced, primarily related to dereferencing NULL pointers.
  22. Contact python-dev@python.org for more information.