What is Coverity?

"Coverity Prevent is a static code analysis tool for C, C++, C# and Java source code. It is a commercial product which originated as the Stanford Checker, which used abstract interpretation to identify defects in source code." ​Wikipedia

​The Coverity Scan Initiative

​Dev FAQ

Haiku is currently a ​Rung 1 project.

Prerequisites for Use

1. Commit rights to Haiku's source repository
2. Coverity account (Ask Urias McCullough (umccullough@…) - he coordinates with Coverity's admins)
3. Accepting the TOS upon first login (see: ​http://scan.coverity.com/policy.html )

Workflow

• Log on to Coverity's website. (See account info you were given.)
• Look up a Haiku defect
• Assess and assign the defect. (To yourself, most likely.)
• Commit fixes to defects assigned to you. Mention the CID number in the commit message. ("Bug so and so. CID XXXX.")
• Mark the defect as resolved. Mentioning the commit revision number. ("fixed in rXXXXX")

Query hints

Use "Edit Query" button in the top right corner:

• Query for: "Individual Defects"
• Helpful to use File name to filter query - Example: servers/app - lists all defects in the app_server
• Listboxes support mult-select by holding down Shift or Ctrl key

Source to avoid

• 3rd party code?

Source that needs special treatment

• Kernel/app_server/input_server/registrar?

Please do

• some text here

Please don't

• some text here

Common defects and their resolutions

• some text here