Coverity Model
Sebastian Huber
sebastian.huber at embedded-brains.de
Fri Jul 19 08:57:44 UTC 2019
Hello,
you can add a model file to Coverity to reduce the false positive rate
of the static analysis. I didn't check that the RTEMS scan can profit
from this since we already supply a lot of code to the scan. What I
found interesting is that Qemu uses this:
https://github.com/qemu/qemu/blob/master/scripts/coverity-model.c
There is a comment in it:
" * The model file must be uploaded by an admin in the analysis settings of
* http://scan.coverity.com/projects/378"
So, it seems the open source project scan is (or at least was)
customizable. I my project settings view, I don't have analysis
settings. Joel, would you mind having a look at this?
Another option would be to add a model file (and other files which
configure Coverity) to the repository. Users with a full Coverity
installation can then check the RTEMS sources with a RTEMS project
defined setting. Code changes can then reference that the change was due
to a scan result which will is only available to users with access to a
full Coverity installation.
--
Sebastian Huber, embedded brains GmbH
Address : Dornierstr. 4, D-82178 Puchheim, Germany
Phone : +49 89 189 47 41-16
Fax : +49 89 189 47 41-09
E-Mail : sebastian.huber at embedded-brains.de
PGP : Public key available on request.
Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.
More information about the devel
mailing list