On 10 January 2008 at 14:40, "Aleksey Shipilev" <[EMAIL PROTECTED]> wrote: > Hi All, > > I've just recently noticed the tool [1] developed by Coverity, which > does static code analysis for projects. It seems to be used by major > OSS players as another opportunity for QA: that include but no limited > to Linux kernel, Samba, Perl, Python, PHP. Moreover, they recently > introduce Java support. Even though it's focus is security, judging > on reports it could detect memory leaks and other stability-important > stuff. I think it's worth to try scan Harmony. What do you think?
I'd also noticed that they had started accepting Java-based projects. I think we should ask them to scan Harmony code. Perhaps we should break it down a little rather than submitting the entire code base as one project. I also think we should *not* submit code - such as modules/concurrent - where we don't have the ability to fix the upstream versions ourselves. I'd be happy to contact them regarding scanning the classlib code if people think it would be a good idea. -Mark.
