It would be nice to build a task force for fixing the issues found by coverity. Any takers?
What is the best plan? In my opinion, the author of the possibly “suboptimal” code, should be responsible to fix it.
Is our general goal just to triage or to actually fix (as in: change code so that they disappear) all Coverity errors? I think it's a great tool that occasionally really finds that one odd bug, but most of the issues I've looked at so far seem to be false positives of some sort or another (either because for some error types it really just guesses, or because of aggressive overinterpretation of the C standard). Some of those may be easy to fix, but others may not, and I don't think we should sacrifice speed or readability to make a tool happy. It would be ideal if we could just mark a certain issue that it found as "resolved" somehow (it already seems to report everything only once, but something more explicit with maybe a comment field would be nice).