Difference between revisions of "Coverity Scan"

From YobiWiki
Jump to navigation Jump to search
Line 57: Line 57:
token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/832/upload_form >
token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/XXX/upload_form >
prebuild: git clean -d -f -x && autoreconf -vis && ./configure --with-drivers=all
prebuild: git clean -d -f -x && autoreconf -vis && ./configure --with-drivers=all
build: make
postbuild: make install
token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/XXX/upload_form >
prebuild: git clean -d -f -x && autoreconf -vis && ./configure
build: make
build: make
Libnfc postbuild is required to be able to compile libnfc-dependent components such as libfreefare

Revision as of 17:08, 24 September 2013

Some notes on my setup to use Coverity Scan for libnfc:



To isolate the tool I'm using it in a chroot created according to [1]:

sudo debootstrap wheezy /pathto/wheezy
sudo chroot /pathto/wheezy

cat > ./usr/sbin/policy-rc.d <<EOF
exit 101
chmod a+x ./usr/sbin/policy-rc.d
cp /bin/true /usr/bin/ischroot


Still in the chroot, a few utils to get & compile libnfc and to use coverity-submit:

apt-get install git
apt-get install autoconf libtool pkg-config make
apt-get install libusb-dev libpcsclite-dev
apt-get install python curl

Git clone

git clone https://code.google.com/p/libnfc/

coverity scan

Get the tool at https://scan.coverity.com/download and untar it in /opt


I got that helper script from here.
It requires xmlto to create the man page, which brings >700Mb of dependencies in the chroot so I preferred to compile the man page directly on the host

apt-get install xmlto
cd coverity-submit-1.9

The current script is using your password on an unencrypted channel (http) so I prefer to use the token rather than the password to do so:

sed -i 's/password/token/g' coverity-submit

Then in the chroot

cd coverity-submit-1.9
make install
man coverity-submit

It requires a config file so I created ~/.coverity-submit with

name: MyName
userid: myusername
email: my@email
tools: /opt/cov-analysis-linux64-6.6.1/bin

token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/XXX/upload_form >
prebuild: git clean -d -f -x && autoreconf -vis && ./configure --with-drivers=all
build: make
postbuild: make install

token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/XXX/upload_form >
prebuild: git clean -d -f -x && autoreconf -vis && ./configure
build: make

Libnfc postbuild is required to be able to compile libnfc-dependent components such as libfreefare


Coverity is recording in its report all environment variables so as some of them are still visible in the chroot environment I prefer to remove them first...

sudo chroot /pathto/wheezy
export LANG=C
git pull
coverity-submit -b $(git describe) -t $(git describe)

Configured components

In the dashboard:

Component name Pattern         Ignore in analysis	
lib            /libnfc/.*      No
examples       /examples/.*    No
utils          /utils/.*       No

Note that after configuration of components I had to logout from the "view defects" otherwise I could not open issues anymore