чт, 1 авг. 2019 г. в 15:23, Dinko Korunic <dinko.koru...@gmail.com>:
> Hi Илья, > > Haproxy Coverity project token is: 9Zw8bB4a > Given that it’s per-project token, that can be hardcoded in TravisCI > configuration without any issues. > > In regards to notification mails, well for now I think that can have your > and my mail for now until we think of something better. Willy, any > suggestions here? Those mails which come from Coverity usually confirm a > code submission for analysis, defect status changes and a state of defects > for a current build. > > Илья, given that you have been doing Coverity for extended periods of time > in SoftEther projects, did you have any luck with custom Coverity Scan > function models yet? > I don't know how models could help. personally, I see that after Willy does some "bug is fixed" commit, Coverity reports "null pointer deerefence is resolved" Coverity is very good in catching null pointer derefence (even if we do not know how it might be exploited). Currently, haproxy has tens of them unresolved. > > > Kind regards, > D. > > > On 1 Aug 2019, at 11:59, Илья Шипицин <chipits...@gmail.com> wrote: > > also, I've no idea what to specify in COVERITY_SCAN_NOTIFICATION_EMAIL > (which is mandatory) > > чт, 1 авг. 2019 г. в 12:32, Dinko Korunic <dinko.koru...@gmail.com>: > >> Hey Илья, >> >> Looks fine and clean. I guess that we would use existing project name >> (Haproxy) or you would like to continue with your own? >> >> Last, I wonder do we really need verbose (V=1) builds and do you think if >> they make sense for Coverity builds? >> >> >> Thanks, >> D. >> >> On 30 Jul 2019, at 10:35, Илья Шипицин <chipits...@gmail.com> wrote: >> >> Dinko, >> >> please have a look >> >> https://github.com/chipitsine/haproxy/blob/coverity/.travis.yml#L37-L45 >> >> >> what do you think (if we will move that to >> https://github.com/haproxy/haproxy) ? >> >> ср, 17 июл. 2019 г. в 16:36, Dinko Korunic <dinko.koru...@gmail.com>: >> >>> Dear Илья, >>> >>> I’ve increased your access level to Contributor/Member. I terms of >>> Travis-CI scans, there are some catch22s with current Coverity suite as it >>> is compiled against ancient glibc and ancient kernel headers and >>> requires vsyscall=emulate kernel boot option to properly work — not sure if >>> that will be possible on Travis VMs at all. >>> >>> I have actual weekly builds that are auto-published to our Coverity Scan >>> account and they well, require manual interventions, flagging and some day >>> to day work to get to more usable levels — let me know if you need a hand >>> with this. You should have all the access required for doing so right now. >>> >>> >>> Kind regards, >>> D. >>> >>> On 17 Jul 2019, at 13:18, Илья Шипицин <chipits...@gmail.com> wrote: >>> >>> Hello, yep, contributor/member would be nice. Also, I can setup >>> automated travis-ci scans >>> >>> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic <dinko.koru...@gmail.com> >>> wrote: >>> >>>> Hey Илья, >>>> >>>> Let me know if you would like Contributor/Member role for your account >>>> on Haproxy Coverity account. I was initially more involved and I have >>>> started configuring modules and parts of code blocks into coherent units, >>>> but stopped at some point due to lack of time and interest. >>>> >>>> There have been a lot of false positives however, I dare to say even in >>>> excessive volumes. >>>> >>>> > On 17 Jul 2019, at 07:48, Илья Шипицин <chipits...@gmail.com> wrote: >>>> > >>>> > Hello, I played with Coverity. Definitely it shows "issues resolved" >>>> after bugfixes pushed to git. I know Willy does not like static analysis >>>> because of noise. Anyway, it finds bugs, why not to use it? >>>> >>>> >>>> Kind regards, >>>> D. >>>> >>>> -- >>>> Dinko Korunic ** Standard disclaimer applies ** >>>> Sent from OSF1 osf1v4b V4.0 564 alpha >>>> >>>> >>>> >>> -- >>> Dinko Korunic ** Standard disclaimer applies ** >>> Sent from OSF1 osf1v4b V4.0 564 alpha >>> >>> >> >> -- >> Dinko Korunic ** Standard disclaimer applies ** >> Sent from OSF1 osf1v4b V4.0 564 alpha >> >> > -- > Dinko Korunic ** Standard disclaimer applies ** > Sent from OSF1 osf1v4b V4.0 564 alpha > >
