[PATCH] Add model file for Coverity
Joel Sherrill
joel at rtems.org
Thu Jan 28 19:29:29 UTC 2021
I'm still not getting emails when the runs are finished but it looks like
it is done.
FWIW spi-sd-card.c seems to be the one I see everytime I load the defect
page.
The three in spi-sd-card.c look legitimate. Not sure what your approach
is for nibbling at them but at first glance, those look fixable.
And are there other directories we want to ignore defects in? I have been
on the
fence about the shell. One pass to ignore defects in third party code that
we haven't
modified might reduce the count.
On Thu, Jan 28, 2021 at 1:15 PM Joel Sherrill <joel at rtems.org> wrote:
>
>
> On Thu, Jan 28, 2021 at 1:11 PM Joel Sherrill <joel at rtems.org> wrote:
>
>>
>>
>> On Thu, Jan 28, 2021 at 12:44 PM Sebastian Huber <
>> sebastian.huber at embedded-brains.de> wrote:
>>
>>> On 28/01/2021 19:42, Sebastian Huber wrote:
>>>
>>> > +#define _CPU_Fatal_halt( _source, _error ) \
>>> > + do { \
>>> > + (void) _source; \
>>> > + (void) _error; \
>>> > + __coverity_panic__(); \
>>> > + } while( 0 )
>>>
>>> I am not sure if #define works for the models. The documentation
>>> mentions only real functions and types. I guess we have to try it out.
>>>
>>> Which built-in defines are used by Coverity? For example, is __GNUC__
>>> defined? What does it with __asm__ statements?
>>>
>>
>> No idea.
>>
>> They appear to do their best to hide the documentation from open source
>> users as best I can tell. They send you to stackoverflow. They used to
>> have
>> a support email. I did manage to find this but it wasn't easy (thanks
>> Google)
>>
>> https://scan.coverity.com/models
>>
>> I have found some examples and guidance from other open source projects.
>> But not much.
>>
>> https://fossies.org/linux/xen/misc/coverity/model.c
>>
>> There is this old blog about some things commonly flagged in Linux and
>> what they did.
>>
>> https://www.synopsys.com/blogs/software-security/gimme-a-break/
>>
>> Adding comments for intentional switch case fall throughs "nobreak" is
>> properly
>> a good idea without crossing into adding Coverity specific disables.
>>
>> Do you want Gedare or I to upload that and see what happens?
>>
>
> I added your model and it is automatically queued up to re-run the
> analysis.
> I guess we will see if it fixes things.
>
> Feel free to push it.
>
>>
>> --joel
>>
>>>
>>> --
>>> embedded brains GmbH
>>> Herr Sebastian HUBER
>>> Dornierstr. 4
>>> 82178 Puchheim
>>> Germany
>>> email: sebastian.huber at embedded-brains.de
>>> phone: +49-89-18 94 741 - 16
>>> fax: +49-89-18 94 741 - 08
>>>
>>> Registergericht: Amtsgericht München
>>> Registernummer: HRB 157899
>>> Vertretungsberechtigte Geschäftsführer: Peter Rasmussen, Thomas Dörfler
>>> Unsere Datenschutzerklärung finden Sie hier:
>>> https://embedded-brains.de/datenschutzerklaerung/
>>>
>>> _______________________________________________
>>> devel mailing list
>>> devel at rtems.org
>>> http://lists.rtems.org/mailman/listinfo/devel
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/devel/attachments/20210128/d51274a0/attachment-0001.html>
More information about the devel
mailing list