Friday, 7 November 2014

LibreOffice Coverity Defect Density 0.02

Coverity Defect Density: LibreOffice vs Average

We run LibreOffice through Coverity approximately once a week. According to Coverity's overview dashboard our current status is:

LibreOffice: 7,271,857 line of code and 0.02 defect density

Open Source Defect Density By Project Size

Line of Code (LOC) Defect Density
Less than 100,0000.35
100,000 to 499,9990.5
500,000 to 1 million0.7
More than 1 million0.65
Note: Defect density is measured by the number of defects per 1,000 lines of code, identified by the Coverity platform. The numbers shown above are from our 2013 Coverity Scan Report, which analyzed 250 million lines of open source code.
The "lines of code" here is 7,271,857 vs 9,500,825 in older reports because I'm now building against system-libraries instead of building those in-tree in order to speed up the process. Those "external" libraries have always been marked as "ignore in analysis" in coverity so that change has no effect on the defect density of our own code.

If anyone knows how we could rework our code or otherwise automatically silence https://communities.coverity.com/thread/2993 that would be great. This false positive keeps cropping up in uses of uno::Sequence so they keep popping up.

We're now at that happy place where we are getting a very small and manageable number of actually new warnings in "really" modified code each run rather than getting the same old one again and again as general refactoring perturbs the code enough that they get newly detected.