From: "Mcnamara, John" <john.mcnamara@intel.com>
To: Stephen Hemminger <stephen@networkplumber.org>,
"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [dpdk-dev] New Coverity warnings
Date: Tue, 8 Dec 2015 17:19:39 +0000 [thread overview]
Message-ID: <B27915DBBA3421428155699D51E4CFE2023FEE64@IRSMSX103.ger.corp.intel.com> (raw)
In-Reply-To: <20151208085004.2d4440f5@xeon-e3>
Hi,
Stephen, thanks for highlighting this.
For the last few analysis runs I have been generating some automatic emails from these summary emails and git blame. There is an example below.
I'd like to do this for all of the open defects but can't find a way to generate a similar report for existing defects. Also, assigning defects within the web app doesn't seem to email the assignee. The open source version of Coverity scan doesn't seem to have a web services interface like the commercial version (you get what you pay for) so I can't easily query it.
If anyone knows more about automating Coverity scan let me know.
But as Stephen says there are a lot of low-lying fruit that could be fixed:
http://scan.coverity.com/projects/dpdk-data-plane-development-kit
John.
P.S. Sample email based on Coverity report:
Hi,
This is an automated email in relation to a new Coverity static code analysis
issue in DPDK. Details of the issue are below.
The email has been sent to you because you have been identified as the author
or maintainer of the code where the defect appears.
There are several possible scenarios:
* The defect identified isn't a real issue: In this case you can edit the
defect online and change the defect "Classification" to "False Positive" or
"Intentional" and change the "Action" to "Ignore". You should also update
the "Severity", add yourself as the "Owner" and add a comment note.
* The defect is a real issue: In this case you should submit a patch to fix
the issues. The patch should include the following information in addition
to the usual comments and signoff:
Coverity issue: 120412
Fixes: b4aee0fb9c6d ("examples/ip_pipeline: reconfigure thread binding dynamically")
In Coverity you should update the Classification, Severity, Action (to "Fix
required" or "Fix Submitted"), Owner and a Comment if necessary.
* The defect wasn't introduced by you. The line where the defect occurs may
not be the source of the defect. If this is the case then let the actual
author of the defect know by forwarding this email with a note or reply to
the sender of this automated email: <john.mcnamara@intel.com>
You can review the defects online at:
http://scan.coverity.com/projects/dpdk-data-plane-development-kit
If you aren't registered for the DPDK Coverity you can do so here:
http://scan.coverity.com/users/sign_up
Git commit data and Coverity defect information below.
Commit data
===========
Commit: examples/ip_pipeline: reconfigure thread binding dynamically
Id: b4aee0fb9c6d4fee771271d6c03a65dc27ba024a
Author: Piotr Azarewicz
Email: piotrx.t.azarewicz@intel.com
Date: Thu Oct 29 15:36:53 2015 +0100
Defect information
==================
/examples/ip_pipeline/thread_fe.c: 338 in app_pipeline_thread_cmd_push()
*** CID 120412: Code maintainability issues (SIZEOF_MISMATCH)
332 /* Check for available slots in the application commands array */
333 n_cmds = RTE_DIM(thread_cmds) - 1;
334 if (n_cmds > APP_MAX_CMDS - app->n_cmds)
335 return -ENOMEM;
336
337 /* Push thread commands into the application */
>>> CID 120412: Code maintainability issues (SIZEOF_MISMATCH)
>>> Passing argument "&app->cmds[app->n_cmds]" of type "cmdline_parse_ctx_t *" and argument "n_cmds * 8UL /* sizeof (cmdline_parse_ctx_t *) */" to function "memcpy" is suspicious. In this case, "sizeof (cmdline_parse_ctx_t *)" is equal to "sizeof (cmdline_parse_ctx_t)", but this is not a portable assumption.
338 memcpy(&app->cmds[app->n_cmds],
339 thread_cmds,
340 n_cmds * sizeof(cmdline_parse_ctx_t *));
341
342 for (i = 0; i < n_cmds; i++)
34
prev parent reply other threads:[~2015-12-08 17:19 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-08 16:50 Stephen Hemminger
2015-12-08 17:19 ` Mcnamara, John [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=B27915DBBA3421428155699D51E4CFE2023FEE64@IRSMSX103.ger.corp.intel.com \
--to=john.mcnamara@intel.com \
--cc=dev@dpdk.org \
--cc=stephen@networkplumber.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).