Coverity Model

Sebastian Huber sebastian.huber at
Fri Jul 19 08:57:44 UTC 2019


you can add a model file to Coverity to reduce the false positive rate 
of the static analysis. I didn't check that the RTEMS scan can profit 
from this since we already supply a lot of code to the scan. What I 
found interesting is that Qemu uses this:

There is a comment in it:

" * The model file must be uploaded by an admin in the analysis settings of

So, it seems the open source project scan is (or at least was) 
customizable. I my project settings view, I don't have analysis 
settings. Joel, would you mind having a look at this?

Another option would be to add a model file (and other files which 
configure Coverity) to the repository. Users with a full Coverity 
installation can then check the RTEMS sources with a RTEMS project 
defined setting. Code changes can then reference that the change was due 
to a scan result which will is only available to users with access to a 
full Coverity installation.

Sebastian Huber, embedded brains GmbH

Address : Dornierstr. 4, D-82178 Puchheim, Germany
Phone   : +49 89 189 47 41-16
Fax     : +49 89 189 47 41-09
E-Mail  : sebastian.huber at
PGP     : Public key available on request.

Diese Nachricht ist keine geschäftliche Mitteilung im Sinne des EHUG.

More information about the devel mailing list