Disclaimer: I'm a former developer on the mozilla project and helped architect some parts of the mozilla codebase.
This is really bogus - many people have run code correctness tools on the mozilla/firefox codebase over the last few years and some good has indeed come out of it. There are always a few dangling pointers or missing null checks that could be added here and there. But to claim that there are 611 known, specific, real defects is just wrong.
With most of these tools the signal:noise ratio is very high. For example, most of these "dereferencing null" cases are either handled automatically by C++ template wrappers that do smart pointer management. Many of these "potential" memory leaks are handled automatically by XPCOM's refcounting.
To paraphrase jwz, (who normally I finally tremendously annoying) - these tools are helpful only if your time has no value.
This is not to say there aren't 141 other legitimate memory management defects lurking, but it takes a deeper (human) understanding of the codebase, as well as testing of actual codepaths in use, to flush them out.
To spend smart developers' time going over long reports of machine-generated lint would be a waste.
Posted by: Alec Flett | September 7, 2006 12:18 PM
I'd never trust a machine to analyze my code over a human.
I said this back when there was a Windows vs Linux discussion, Machines cannot verify code reliably and I'd trust a human before I'd trust one of them. Mozilla needs to do some code auditing (Like ReactOS) but do it for bug checking. Then merge the audited code with the Firefox 2.0 codebase.
