[Python-Dev] Coverity Scan Spotlight Python

[Christian Heimes]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Am 30.08.2013 00:46, schrieb Antoine Pitrou:
> On Fri, 30 Aug 2013 00:10:27 +0200 Christian Heimes
> <christian at python.org> wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
>> 
>> Hello,
>> 
>> Coverity has published its "Coverity Scan Spotlight Python" a
>> couple of hours ago. It features a summary of Python's ecosystem,
>> an interview with me about Python core development and a defect
>> report. The report is awesome. We have reached a defect density
>> of .005 defects per 1,000 lines of code.
> 
> What is a defect? Isn't it a bit weird to keep having a non-zero
> defect density, if those defects are identified?
> 
> (or, if those defects are not bugs, what is the metric supposed to 
> measure?)

The last defect is http://bugs.python.org/issue18550
"internal_setblocking() doesn't check return value of fcntl()". It's
unlikely that the missing check is going to cause trouble. It's
tedious to fix it, too. At least one affected function can't signal an
error because it is defined as void.

Christian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSH9adAAoJEMeIxMHUVQ1FU+wQAKEQcZbCrOgD1vIzOdfZXgGV
qRHRqhhSoxfhApQ+zhCem/qPGNYBhQyZ4ReXVdCtlvd15p28oa5thFDO7wFfbaBm
iQ9mV6nUn3vWgKr2PueEtUrQFd80t4t97AHyU04KblBJjesq8tv5l26i2SGl5YtS
QWAJMi3zCbv2iZ2DlyjSs3zpGMzk2mj85dKYtU6ql+mKXH7utR3HUpFiHiL7sjCw
D6Q5leORscqoqRxSwNtaT+vAWold5cmWHaH2nGOKj6vaBGKQbFEXRuMAj0sKyPj/
h3N/o+8DAdWH4J3eP8RcIKsai65vmXnzc77s8V2t9kFbuqZn/6CyMwkhsGxsl86h
DyN24LhwcB+pK45KFBX92JEhYWQ8OumcfE3Hb/2wIHNFClEvMNSbh7N+5GzjXE0u
xpsPjQpT9cldhWOcbPpVFx77zDVvsQczGSiqeH90zKCT7T9AIwUOYrjA0GiO/Nm/
wDMbmyL2/EMkDrnZ+X1YIwWaZOBEQlQofSSVnd1/g0fMm+5kJrW44W1D4grt0hpK
TB2uApUCls4qdh3Juu630rMZNKm5/Tvfmtjr/mKHtRCcQvMmhRs2x901/I8ZdwQ+
AoL+yM2qPmsriSTkANGwZHJw2yzTJOv2PXG41ohitE2GdS10i5aRhySVepcjZx/k
Gn/FRAsP/AVKReqOVooF
=AyxK
-----END PGP SIGNATURE-----