Coverity Scan

From YobiWiki
Jump to navigation Jump to search

Some notes on my setup to use Coverity Scan for libnfc:

Preparation

Chroot

To isolate the tool I'm using it in a chroot created according to [1]:

sudo debootstrap wheezy /pathto/wheezy
sudo chroot /pathto/wheezy

cat > ./usr/sbin/policy-rc.d <<EOF
#!/bin/sh
exit 101
EOF
chmod a+x ./usr/sbin/policy-rc.d
cp /bin/true /usr/bin/ischroot

Tools

Still in the chroot, a few utils to get & compile libnfc and to use coverity-submit:

apt-get install git
apt-get install autoconf libtool pkg-config make
apt-get install libusb-dev libpcsclite-dev
apt-get install python curl

Git clone

git clone https://code.google.com/p/libnfc/

coverity scan

Get the tool at https://scan.coverity.com/download and untar it in /opt

coverity-submit

I got that helper script from here. <be>It requires xmlto to create the man page, which brings >700Mb of dependencies in the chroot so I preferred to compile the man page directly on the host

apt-get install xmlto
cd coverity-submit-1.9
make

Then in the chroot

cd coverity-submit-1.9
make install
man coverity-submit

It requires a config file so I created ~/.coverity-submit with

[ALL]
name: MyName
userid: myusername
email: my@email
tools: /opt/cov-analysis-linux64-6.6.1/bin

[libnfc]
token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/832/upload_form >
prebuild: git clean -d -f -x && autoreconf -vis && ./configure --with-drivers=all
build: make

Usage

Coverity is recording in its report all environment variables so as some of them are still visible in the chroot environment I prefer to remove them first...

sudo chroot /pathto/wheezy
export LANG=C
unset XAUTHORITY
unset SUDO_USER
unset SUDO_COMMAND
unset HOSTNAME
git pull
coverity-submit -b $(git describe) -t $(git describe)

Configured components

In the dashboard:

Component name Pattern         Ignore in analysis	
lib            /libnfc/.*      No
examples       /examples/.*    No
utils          /utils/.*       No