NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: static analysis on NetBSD code.

On Jan,Thursday 13 2011, at 11:18 AM, nikunj badjatya wrote:

> Hi All,
> I read about about Coverity tool and its deployment in NetBSD codes. "
> I myself have ran various Static Code Analyzers and found various issues
> with the NetBSD codes.
> 1. I want to know how much reliable are these SCA's ?
IMO they can indicate possibility of some problem, some of them can find 
some missing functions e.g. leaked fds etc.

> 2. And can anyone tell me about the way these SCA's work? as in to analyze
> say fread.c , What input does these tools supply to check the functionality
> of the code.
They parse code and look for unusual and probably problematic constructs. 
Some of these tools can look for memory leaks, leaked descriptors.

> 3. I couldnt find the Coverity Tool scan report for NetBSD codes. Can anyone
> provide me with it.?

It looks like NetBSD was removed from list of scanned projects.

> 4. Which is the best among all SCA's ?

See [1], [2], [3], [4] for list of well known and used static analyzers.




Home | Main Index | Thread Index | Old Index