From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by dpdk.org (Postfix) with ESMTP id 20F043784 for ; Tue, 8 Dec 2015 18:19:43 +0100 (CET) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga102.jf.intel.com with ESMTP; 08 Dec 2015 09:19:42 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.20,400,1444719600"; d="scan'208";a="867305959" Received: from irsmsx154.ger.corp.intel.com ([163.33.192.96]) by orsmga002.jf.intel.com with ESMTP; 08 Dec 2015 09:19:41 -0800 Received: from irsmsx103.ger.corp.intel.com ([169.254.3.13]) by IRSMSX154.ger.corp.intel.com ([169.254.12.98]) with mapi id 14.03.0248.002; Tue, 8 Dec 2015 17:19:40 +0000 From: "Mcnamara, John" To: Stephen Hemminger , "dev@dpdk.org" Thread-Topic: [dpdk-dev] New Coverity warnings Thread-Index: AQHRMdiaEHGl7gii1ky4vZwEU1M5cZ7BUCkQ Date: Tue, 8 Dec 2015 17:19:39 +0000 Message-ID: References: <20151208085004.2d4440f5@xeon-e3> In-Reply-To: <20151208085004.2d4440f5@xeon-e3> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [163.33.239.182] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] New Coverity warnings X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Dec 2015 17:19:44 -0000 Hi, Stephen, thanks for highlighting this. For the last few analysis runs I have been generating some automatic emails= from these summary emails and git blame. There is an example below. I'd like to do this for all of the open defects but can't find a way to gen= erate a similar report for existing defects. Also, assigning defects within= the web app doesn't seem to email the assignee. The open source version of= Coverity scan doesn't seem to have a web services interface like the comme= rcial version (you get what you pay for) so I can't easily query it. If anyone knows more about automating Coverity scan let me know. But as Stephen says there are a lot of low-lying fruit that could be fixed: http://scan.coverity.com/projects/dpdk-data-plane-development-kit John. P.S. Sample email based on Coverity report: Hi, This is an automated email in relation to a new Coverity static code analys= is issue in DPDK. Details of the issue are below. The email has been sent to you because you have been identified as the auth= or or maintainer of the code where the defect appears. There are several possible scenarios: * The defect identified isn't a real issue: In this case you can edit the defect online and change the defect "Classification" to "False Positive" = or "Intentional" and change the "Action" to "Ignore". You should also update the "Severity", add yourself as the "Owner" and add a comment note. * The defect is a real issue: In this case you should submit a patch to fix the issues. The patch should include the following information in additio= n to the usual comments and signoff: Coverity issue: 120412 Fixes: b4aee0fb9c6d ("examples/ip_pipeline: reconfigure thread binding = dynamically") In Coverity you should update the Classification, Severity, Action (to "F= ix required" or "Fix Submitted"), Owner and a Comment if necessary. * The defect wasn't introduced by you. The line where the defect occurs may not be the source of the defect. If this is the case then let the actual author of the defect know by forwarding this email with a note or reply t= o the sender of this automated email: You can review the defects online at: http://scan.coverity.com/projects/dpdk-data-plane-development-kit If you aren't registered for the DPDK Coverity you can do so here: http://scan.coverity.com/users/sign_up Git commit data and Coverity defect information below. Commit data =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Commit: examples/ip_pipeline: reconfigure thread binding dynamically Id: b4aee0fb9c6d4fee771271d6c03a65dc27ba024a Author: Piotr Azarewicz Email: piotrx.t.azarewicz@intel.com Date: Thu Oct 29 15:36:53 2015 +0100 Defect information =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D /examples/ip_pipeline/thread_fe.c: 338 in app_pipeline_thread_cmd_push() *** CID 120412: Code maintainability issues (SIZEOF_MISMATCH) 332 /* Check for available slots in the application commands ar= ray */ 333 n_cmds =3D RTE_DIM(thread_cmds) - 1; 334 if (n_cmds > APP_MAX_CMDS - app->n_cmds) 335 return -ENOMEM; 336 =20 337 /* Push thread commands into the application */ >>> CID 120412: Code maintainability issues (SIZEOF_MISMATCH) >>> Passing argument "&app->cmds[app->n_cmds]" of type "cmdline_parse_c= tx_t *" and argument "n_cmds * 8UL /* sizeof (cmdline_parse_ctx_t *) */" to= function "memcpy" is suspicious. In this case, "sizeof (cmdline_parse_ctx_= t *)" is equal to "sizeof (cmdline_parse_ctx_t)", but this is not a portabl= e assumption. 338 memcpy(&app->cmds[app->n_cmds], 339 thread_cmds, 340 n_cmds * sizeof(cmdline_parse_ctx_t *)); 341 =20 342 for (i =3D 0; i < n_cmds; i++) 34