Coverity scan of gnuplot code

> There's a press release from Coverity today:
> http://lwn.net/Articles/283179/
> saying that they are releasing
>   "2 years of analysis of more than 55 million lines of code on a recurring
>   basis from over 250 popular open source projects with Coverity PreventT, the
>   industry-leading static source code analysis solution."
>
> <...>
>
> Anyone interested in contacting them?
>  

> We already did an analysis of gnuplot some time ago, and I can put  
> that
> online quite quickly as soon as the new server is ready, but we'll  
> want
> to give you an updated build as well.
>
> Send me a list of developers who want a login to the database, and  
> I'll
> get their accounts set up as soon as it's online. If there's a
> particular person who wants to be the primary contact for us, please  
> let
> me know who that is as well.
>
> Thank You.

> There's a press release from Coverity today:
> http://lwn.net/Articles/283179/
> saying that they are releasing
> "2 years of analysis of more than 55 million lines of code on a  
> recurring
> basis from over 250 popular open source projects with Coverity  
> PreventT, the
> industry-leading static source code analysis solution."
>
> You may or may not recall that Coverity is a commercial outfit
> that started life as the "Stanford Checker".  As I understand it, it  
> uses
> a highly-modified C compiler to examine the code and report flawed  
> code
> paths, failures of initialization, and so on.  Anyhow, the point is  
> that
> gnuplot is one of the 250 code bases that they analyzed.  The press  
> release
> says that
> "Source code analysis from the Scan site is freely available
> to qualified open source projects at: http://scan.coverity.com"
>
> A quick look at that site doesn't make it obvious what one actually
> gets as part of the analysis, but I suppose it is worth pursuing.
> That's a lot of high-powered bug-checking already done for us.
> But I wonder what version of the code they checked?
> The site does say that if you work with them to reduce the number
> of bugs, they will re-run the analysis on a current source tree.
>
> Anyone interested in contacting them?
>
> --
> Ethan A Merritt
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2008.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> gnuplot-beta mailing list
> gnuplot-beta@...
> https://lists.sourceforge.net/lists/listinfo/gnuplot-beta

> Thanks!
> --brendan
>
>
> On May 20, 2008, at 5:07 PM, Ethan Merritt wrote:
>
> > There's a press release from Coverity today:
> > http://lwn.net/Articles/283179/
> > saying that they are releasing
> > "2 years of analysis of more than 55 million lines of code on a  
> > recurring
> > basis from over 250 popular open source projects with Coverity  
> > PreventT, the
> > industry-leading static source code analysis solution."
> >
> > You may or may not recall that Coverity is a commercial outfit
> > that started life as the "Stanford Checker".  As I understand it, it  
> > uses
> > a highly-modified C compiler to examine the code and report flawed  
> > code
> > paths, failures of initialization, and so on.  Anyhow, the point is  
> > that
> > gnuplot is one of the 250 code bases that they analyzed.  The press  
> > release
> > says that
> > "Source code analysis from the Scan site is freely available
> > to qualified open source projects at: http://scan.coverity.com"
> >
> > A quick look at that site doesn't make it obvious what one actually
> > gets as part of the analysis, but I suppose it is worth pursuing.
> > That's a lot of high-powered bug-checking already done for us.
> > But I wonder what version of the code they checked?
> > The site does say that if you work with them to reduce the number
> > of bugs, they will re-run the analysis on a current source tree.
> >
> > Anyone interested in contacting them?
> >
> > --
> > Ethan A Merritt
> >
> Hey Folks,
> I contacted Ethan off list and told him I would be interested in  
> following up with Coverity.
> After a couple of weeks, I finally got the following response:
>
> > We already did an analysis of gnuplot some time ago, and I can put  
> > that
> > online quite quickly as soon as the new server is ready, but we'll  
> > want
> > to give you an updated build as well.
> >
> > Send me a list of developers who want a login to the database, and  
> > I'll
> > get their accounts set up as soon as it's online. If there's a
> > particular person who wants to be the primary contact for us, please  
> > let
> > me know who that is as well.
> >
> > Thank You.