Hi, Christian! On Feb 06, Christian Convey wrote:
Hey guys,
For those of you who missed it, I volunteered to try gettin MariaDB scanned as part of the Coverity Scan service. I just got the trunk scanned for the first time, and a lot of potential-problem reports came up. I did a spot check on one of them, and the report looks like a true-positive.
Coverity Scan reports: 178 high-impact problems 1020 medium-impact problems 47 low-impact problems.
MySQL was under the Coverity Scan twice (at least twice - that's what I've personally was involved in). The first report found about 300 defects, and about 200 of them were false positives, 50 of them were real, and others were not in the MySQL code. The second has found only about 20 defects, and only because Coverity has implemented new checkers since the first scan. I cannot believe that in the few years since the last report we've introduced 1200 new defects.
Any suggestions for how to get these looked at by the appropriate developers? It seems crazy for me to enter 1000+ bug reports into the bug tracker.
I believe I have the power to create new user accounts in Coverity Scan's MariaDB project, for any MariaDB developer who wants to see the results.
Okay, you can create an account for me. But it would be better if you could find which of those defects are real. Regards, Sergei