They are fixed now and few other issues, too.PS: CID 129217 and 129216 should be the last two from the unchecked dynamic_cast type
Coverity
Forum rules
Be nice to others! Respect the FreeCAD code of conduct!
Be nice to others! Respect the FreeCAD code of conduct!
Re: Coverity
Re: Coverity
Great! Thank you for all the work, I was thinking we will need about a year to come this farwmayer wrote:They are fixed now and few other issues, too.PS: CID 129217 and 129216 should be the last two from the unchecked dynamic_cast type
I am doing now a new build from commit 8360, results should be up later today or tomorrow...
Re: Coverity
Below is the summary of the latest results. There were a few fixes that seem not to have satisfied the analyse algorithms and are still shown as defects but in general things look much better
There are also about 20 issues that were marked to be ignored but are not yet... To successfully ignore an issue the Classification should be set to either “False positive” or “Intentional”. Here is a quite from the Python Coverity Guide https://docs.python.org/devguide/coverity.html
Version: 0.17.8360
Last Analyzed: Sep 04, 2016
Lines of Code Analyzed: 1,906,445
Lines of Code in Selected Components: 1,150,545
Defect Density: 0.17
Defect changes since previous build dated Aug 07, 2016
Newly detected: 20
Eliminated: 381
Defects by status for current build
Total defects: 460
Outstanding: 195
Dismissed: 45
Fixed: 220
There are also about 20 issues that were marked to be ignored but are not yet... To successfully ignore an issue the Classification should be set to either “False positive” or “Intentional”. Here is a quite from the Python Coverity Guide https://docs.python.org/devguide/coverity.html
Analysis MetricsFalse positive and intentional issues
If the problem is listed under Known limitations then please set the classification to either “False positive” or “Intentional”, the action to “Ignore”, owner to your own account and add a comment why the issue is considered false positive or intentional.
Version: 0.17.8360
Last Analyzed: Sep 04, 2016
Lines of Code Analyzed: 1,906,445
Lines of Code in Selected Components: 1,150,545
Defect Density: 0.17
Defect changes since previous build dated Aug 07, 2016
Newly detected: 20
Eliminated: 381
Defects by status for current build
Total defects: 460
Outstanding: 195
Dismissed: 45
Fixed: 220
Re: Coverity
I have reset the 29 issues that were marked as "Action:Fix submitted" in previous build but were not resolved with the new build, back to "Action:Undecided" (changes can always be viewed in the triage history).
I have also marked the issues from this commit https://github.com/FreeCAD/FreeCAD/pull ... cd3fedeca4 as "Action:Fix submitted".
I have also marked the issues from this commit https://github.com/FreeCAD/FreeCAD/pull ... cd3fedeca4 as "Action:Fix submitted".
Re: Coverity
I did another build from commit 8585 because I wanted to test if results for python will be included, unfortunately they were not and I guess that at the moment mixed (eg C++ and python) analyse is not supported...
Re: Coverity
Sort of related to this topic, via https://www.schneier.com/blog/archives/ ... re_co.html
New C++ Secure Coding Standard
http://www.sei.cmu.edu/news/article.cfm ... &year=2017
https://www.securecoding.cert.org/confl ... pageId=637
New C++ Secure Coding Standard
http://www.sei.cmu.edu/news/article.cfm ... &year=2017
https://www.securecoding.cert.org/confl ... pageId=637
Re: Coverity
I did a new Coverity build today from commit 11222 : 17 new, 39 fixed... A positive trend
84 of the remaining 145 reported issues are in "src/Mod/Robot/App/kdl_cp/", "src/Mod/Path/libarea/" and "src/Mod/Mesh/App/WildMagic4/". Are this something we would review and fix or should I add them on ignore list for now, as we did with other 3rd party code?
84 of the remaining 145 reported issues are in "src/Mod/Robot/App/kdl_cp/", "src/Mod/Path/libarea/" and "src/Mod/Mesh/App/WildMagic4/". Are this something we would review and fix or should I add them on ignore list for now, as we did with other 3rd party code?
Re: Coverity
I think we did fixing here and there in all these 3 libs already, so they are not "pure" anymore (for libarea we could even say that we have the official one, now). But I don't know if someone will ever take the hassle of fixing all the warnings in them...
-
- Veteran
- Posts: 2190
- Joined: Tue Jan 03, 2017 10:55 am
Re: Coverity
Interesting. I'll take a look at libarea when I have time, maybe in a week or two.
Re: Coverity
Latest results include python, as it is the first time that python results are included in the analysis, they should be reviewed with some extra care to see how useful they are...