Coverity Scan
Some notes on my setup to use Coverity Scan for libnfc:
Preparation
Chroot
To isolate the tool I'm using it in a chroot created according to [1]:
sudo debootstrap wheezy /pathto/wheezy
sudo chroot /pathto/wheezy
cat > ./usr/sbin/policy-rc.d <<EOF
#!/bin/sh
exit 101
EOF
chmod a+x ./usr/sbin/policy-rc.d
cp /bin/true /usr/bin/ischroot
Tools
Still in the chroot, a few utils to get & compile libnfc and to use coverity-submit:
apt-get install git
apt-get install autoconf libtool pkg-config make
apt-get install libusb-dev libpcsclite-dev
apt-get install python curl
Git clone
git clone https://code.google.com/p/libnfc/
coverity scan
Get the tool at https://scan.coverity.com/download and untar it in /opt
coverity-submit
I got that helper script from here.
It requires xmlto to create the man page, which brings >700Mb of dependencies in the chroot so I preferred to compile the man page directly on the host
apt-get install xmlto
cd coverity-submit-1.9
make
The current script is using your password on an unencrypted channel (http) so I prefer to use the token rather than the password to do so:
sed -i 's/password/token/g' coverity-submit
Then in the chroot
cd coverity-submit-1.9
make install
man coverity-submit
It requires a config file so I created ~/.coverity-submit with
[ALL]
name: MyName
userid: myusername
email: my@email
tools: /opt/cov-analysis-linux64-6.6.1/bin
[libnfc]
token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/XXX/upload_form >
prebuild: git clean -d -f -x && autoreconf -vis && ./configure --with-drivers=all
build: make
postbuild: make install
[libfreefare]
token: < here_comes_the_token_you_can_see_at https://scan.coverity.com/projects/XXX/upload_form >
prebuild: git clean -d -f -x && autoreconf -vis && ./configure
build: make
Libnfc postbuild is required to be able to compile libnfc-dependent components such as libfreefare
Usage
Coverity is recording in its report all environment variables so as some of them are still visible in the chroot environment I prefer to remove them first...
sudo chroot /pathto/wheezy
export LANG=C
unset XAUTHORITY
unset SUDO_USER
unset SUDO_COMMAND
unset HOSTNAME
git pull
coverity-submit -b $(git describe) -t $(git describe)
Configured components
In the dashboard:
Component name Pattern Ignore in analysis lib /libnfc/.* No examples /examples/.* No utils /utils/.* No
Note that after configuration of components I had to logout from the "view defects" otherwise I could not open issues anymore