I note that Department of Homeland Security funded Coverity Scan service for 3 years to find bugs in open source software using static analysis, resulting in more than 6000 bugs fixed.
(Coverity Scan contract expired in 2009, but Coverify found out finding bugs in open source software is a great marketing campaign anyway, and continued the service.)
(Coverity Scan contract expired in 2009, but Coverify found out finding bugs in open source software is a great marketing campaign anyway, and continued the service.)