/Misc/README.klocwork
http://unladen-swallow.googlecode.com/ · Unknown · 30 lines · 22 code · 8 blank · 0 comment · 0 complexity · 43e3430c4397b4a5cfac1297621e5a6a MD5 · raw file
- Klocwork has a static analysis tool (K7) which is similar to Coverity.
- They will run their tool on the Python source code on demand.
- The results are available at:
- https://opensource.klocwork.com/
- Currently, only Neal Norwitz has access to the analysis reports. Other
- people can be added by request.
- K7 was first run on the Python 2.5 source code in mid-July 2006.
- This is after Coverity had been making their results available.
- There were originally 175 defects reported. Most of these
- were false positives. However, there were numerous real issues
- also uncovered.
- Each warning has a unique id and comments that can be made on it.
- When checking in changes due to a K7 report, the unique id
- as reported by the tool was added to the SVN commit message.
- A comment was added to the K7 warning indicating the SVN revision
- in addition to any analysis.
- False positives were also annotated so that the comments can
- be reviewed and reversed if the analysis was incorrect.
- A second run was performed on 10-Aug-2006. The tool was tuned to remove
- some false positives and perform some additional checks. ~150 new
- warnings were produced, primarily related to dereferencing NULL pointers.
- Contact python-dev@python.org for more information.