|Version 9 (modified by 9 years ago) ( diff ),|
What is Coverity?
"Coverity Prevent is a static code analysis tool for C, C++, C# and Java source code. It is a commercial product which originated as the Stanford Checker, which used abstract interpretation to identify defects in source code." Wikipedia
Haiku is currently a Rung 1 project.
Prerequisites for Use
- Commit rights to Haiku's source repository
- Coverity account (Ask Urias McCullough (umccullough@…) - he coordinates with Coverity's admins)
- Accepting the TOS upon first login (see: http://scan.coverity.com/policy.html )
- Log on to Coverity's website. (See account info you were given.)
- Look up a Haiku defect
- Assess and assign the defect. (To yourself, most likely.)
- Commit fixes to defects assigned to you. Mention the CID number in the commit message. ("Bug so and so. CID XXXX.")
- Mark the defect as resolved. Mentioning the commit revision number. ("fixed in rXXXXX")
Use "Edit Query" button in the top right corner:
- Query for: "Individual Defects"
- Helpful to use File name to filter query - Example: servers/app - lists all defects in the app_server
- Listboxes support mult-select by holding down Shift or Ctrl key
Source to avoid
- 3rd party code?
Source that needs special treatment
- some text here
- some text here
Common defects and their resolutions
- STACK_USE - Not really a bug. It turns out that the new version of the Coverity software automatically enabled this checker with default values, when it had been disabled before. This checker is usually used to analyze for defects in kernel or embedded system code which have tight stack limits. For Haiku, "Ignore" is probably the best resolution for now.
Users with accounts already