[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v2 0/6] Automation of Coverity Scan uploads (via Docker)

From: Peter Maydell
Subject: [PATCH v2 0/6] Automation of Coverity Scan uploads (via Docker)
Date: Thu, 19 Mar 2020 19:33:17 +0000

v1 of this series was over a year ago:

I dusted it off and fixed some stuff because Paolo reports that the
machine he was previously using for uploads can't run the Coverity
tools any more.

The first four patches are fixes for problems that cause the Coverity
tool not to be able to scan everything.  The first one in particular
meant that every compilation unit failed, which would block uploads. 
The other 3 would reduce the scan coverage but weren't fatal.  (The
only remaining warnings in the log are where Coverity complains about
asm intrinsics system headers.)

With these scripts you can do an upload with
COVERITY_TOKEN=nnnnnnnnn ./scripts/coverity-scan/run-coverity-scan --docker
(where nnnnnnnn is the project's secret token which admins can
get from the Coverity web UI).

I did in fact do an upload to test it, so the currently visible
results on the website are the result of a scan on ce73691e258 plus
this series.

The new upload has +112 defects, which is quite a lot, but I don't
think it's so many that it is "defects we rejected as false positives
coming back again"; my guess is a combination of the fixes in the
first 4 patches increasing coverage plus we haven't run a test in a
while plus maybe the script has some more config options enabled that
Paolo's box did not.  (In the web UI defects that were dismissed as
FPs seem still to be considered present-but-dismissed, so I think
that's OK.)

Not much has changed since v1; I didn't get very much feedback
the first time around[*]. Docker still seems to do the "download
the Coverity tools" part more often than I expect. On the other
hand "actually automated with a script in the tree" beats "not
automated and currently broken" so maybe this patchset as it
stands is good enough, given that basically 1 or 2 people ever
will be running the script ?

[*] Eric will note that yes, the script still uses set -e.

(Like v1 this doesn't try to tie it into Travis, but we could
in theory do that some day, or have some other automated once
a week run of the script.)

-- PMM

Peter Maydell (6):
  osdep.h: Drop no-longer-needed Coverity workarounds
  thread.h: Fix Coverity version of qemu_cond_timedwait()
  thread.h: Remove trailing semicolons from Coverity qemu_mutex_lock()
  linux-user/flatload.c: Use "" for include of QEMU header target_flat.h
  scripts/run-coverity-scan: Script to run Coverity Scan build
  scripts/coverity-scan: Add Docker support

 include/qemu/osdep.h                       |  14 -
 include/qemu/thread.h                      |  12 +-
 linux-user/flatload.c                      |   2 +-
 MAINTAINERS                                |   5 +
 scripts/coverity-scan/coverity-scan.docker | 131 +++++++
 scripts/coverity-scan/run-coverity-scan    | 401 +++++++++++++++++++++
 6 files changed, 544 insertions(+), 21 deletions(-)
 create mode 100644 scripts/coverity-scan/coverity-scan.docker
 create mode 100755 scripts/coverity-scan/run-coverity-scan


reply via email to

[Prev in Thread] Current Thread [Next in Thread]