/Misc/README.klocwork
Unknown | 30 lines | 22 code | 8 blank | 0 comment | 0 complexity | 43e3430c4397b4a5cfac1297621e5a6a MD5 | raw file
1 2Klocwork has a static analysis tool (K7) which is similar to Coverity. 3They will run their tool on the Python source code on demand. 4The results are available at: 5 6 https://opensource.klocwork.com/ 7 8Currently, only Neal Norwitz has access to the analysis reports. Other 9people can be added by request. 10 11K7 was first run on the Python 2.5 source code in mid-July 2006. 12This is after Coverity had been making their results available. 13There were originally 175 defects reported. Most of these 14were false positives. However, there were numerous real issues 15also uncovered. 16 17Each warning has a unique id and comments that can be made on it. 18When checking in changes due to a K7 report, the unique id 19as reported by the tool was added to the SVN commit message. 20A comment was added to the K7 warning indicating the SVN revision 21in addition to any analysis. 22 23False positives were also annotated so that the comments can 24be reviewed and reversed if the analysis was incorrect. 25 26A second run was performed on 10-Aug-2006. The tool was tuned to remove 27some false positives and perform some additional checks. ~150 new 28warnings were produced, primarily related to dereferencing NULL pointers. 29 30Contact python-dev@python.org for more information.