Re: Coverity scans?

[Tim Düsterhus]

Dinko,

Am 01.08.19 um 12:20 schrieb Dinko Korunic:
> Haproxy Coverity project token is: *snip*
> Given that it’s per-project token, that can be hardcoded in TravisCI 
> configuration without any issues.

I'm not sure if the token is meant to kept secret, but I wanted to let
you know that you sent it to the public mailing list.

Best regards
Tim Düsterhus

Re: Coverity scans?

[Илья Шипицин]

чт, 1 авг. 2019 г. в 15:23, Dinko Korunic :

> Hi Илья,
>
> Haproxy Coverity project token is: 9Zw8bB4a
> Given that it’s per-project token, that can be hardcoded in TravisCI
> configuration without any issues.
>
> In regards to notification mails, well for now I think that can have your
> and my mail for now until we think of something better. Willy, any
> suggestions here? Those mails which come from Coverity usually confirm a
> code submission for analysis, defect status changes and a state of defects
> for a current build.
>
> Илья, given that you have been doing Coverity for extended periods of time
> in SoftEther projects, did you have any luck with custom Coverity Scan
> function models yet?
>

I don't know how models could help.
personally, I see that after Willy does some "bug is fixed" commit,
Coverity reports "null pointer deerefence is resolved"
Coverity is very good in catching null pointer derefence (even if we do not
know how it might be exploited). Currently, haproxy has tens of them
unresolved.



>
>
> Kind regards,
> D.
>
>
> On 1 Aug 2019, at 11:59, Илья Шипицин  wrote:
>
> also, I've no idea what to specify in COVERITY_SCAN_NOTIFICATION_EMAIL
> (which is mandatory)
>
> чт, 1 авг. 2019 г. в 12:32, Dinko Korunic :
>
>> Hey Илья,
>>
>> Looks fine and clean. I guess that we would use existing project name
>> (Haproxy) or you would like to continue with your own?
>>
>> Last, I wonder do we really need verbose (V=1) builds and do you think if
>> they make sense for Coverity builds?
>>
>>
>> Thanks,
>> D.
>>
>> On 30 Jul 2019, at 10:35, Илья Шипицин  wrote:
>>
>> Dinko,
>>
>> please have a look
>>
>> https://github.com/chipitsine/haproxy/blob/coverity/.travis.yml#L37-L45
>>
>>
>> what do you think (if we will move that to
>> https://github.com/haproxy/haproxy) ?
>>
>> ср, 17 июл. 2019 г. в 16:36, Dinko Korunic :
>>
>>> Dear Илья,
>>>
>>> I’ve increased your access level to Contributor/Member. I terms of
>>> Travis-CI scans, there are some catch22s with current Coverity suite as it
>>> is compiled against ancient glibc and ancient kernel headers and
>>> requires vsyscall=emulate kernel boot option to properly work — not sure if
>>> that will be possible on Travis VMs at all.
>>>
>>> I have actual weekly builds that are auto-published to our Coverity Scan
>>> account and they well, require manual interventions, flagging and some day
>>> to day work to get to more usable levels — let me know if you need a hand
>>> with this. You should have all the access required for doing so right now.
>>>
>>>
>>> Kind regards,
>>> D.
>>>
>>> On 17 Jul 2019, at 13:18, Илья Шипицин  wrote:
>>>
>>> Hello, yep, contributor/member would be nice. Also, I can setup
>>> automated travis-ci scans
>>>
>>> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic 
>>> wrote:
>>>
 Hey Илья,

 Let me know if you would like Contributor/Member role for your account
 on Haproxy Coverity account. I was initially more involved and I have
 started configuring modules and parts of code blocks into coherent units,
 but stopped at some point due to lack of time and interest.

 There have been a lot of false positives however, I dare to say even in
 excessive volumes.

 > On 17 Jul 2019, at 07:48, Илья Шипицин  wrote:
 >
 > Hello, I played with Coverity. Definitely it shows "issues resolved"
 after bugfixes pushed to git. I know Willy does not like static analysis
 because of noise. Anyway, it finds bugs, why not to use it?


 Kind regards,
 D.

 --
 Dinko Korunic   ** Standard disclaimer applies **
 Sent from OSF1 osf1v4b V4.0 564 alpha



>>> --
>>> Dinko Korunic   ** Standard disclaimer applies **
>>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>>
>>>
>>
>> --
>> Dinko Korunic   ** Standard disclaimer applies **
>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>
>>
> --
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
>
>

Re: Coverity scans?

[Dinko Korunic]

Hi Илья,

Haproxy Coverity project token is: 9Zw8bB4a
Given that it’s per-project token, that can be hardcoded in TravisCI 
configuration without any issues.

In regards to notification mails, well for now I think that can have your and 
my mail for now until we think of something better. Willy, any suggestions 
here? Those mails which come from Coverity usually confirm a code submission 
for analysis, defect status changes and a state of defects for a current build.

Илья, given that you have been doing Coverity for extended periods of time in 
SoftEther projects, did you have any luck with custom Coverity Scan function 
models yet?


Kind regards,
D.


> On 1 Aug 2019, at 11:59, Илья Шипицин  wrote:
> 
> also, I've no idea what to specify in COVERITY_SCAN_NOTIFICATION_EMAIL (which 
> is mandatory)
> 
> чт, 1 авг. 2019 г. в 12:32, Dinko Korunic  >:
> Hey Илья,
> 
> Looks fine and clean. I guess that we would use existing project name 
> (Haproxy) or you would like to continue with your own?
> 
> Last, I wonder do we really need verbose (V=1) builds and do you think if 
> they make sense for Coverity builds?
> 
> 
> Thanks,
> D.
> 
>> On 30 Jul 2019, at 10:35, Илья Шипицин > > wrote:
>> 
>> Dinko,
>> 
>> please have a look
>> 
>> https://github.com/chipitsine/haproxy/blob/coverity/.travis.yml#L37-L45 
>> 
>> 
>> 
>> what do you think (if we will move that to 
>> https://github.com/haproxy/haproxy ) ?
>> 
>> ср, 17 июл. 2019 г. в 16:36, Dinko Korunic > >:
>> Dear Илья,
>> 
>> I’ve increased your access level to Contributor/Member. I terms of Travis-CI 
>> scans, there are some catch22s with current Coverity suite as it is compiled 
>> against ancient glibc and ancient kernel headers and requires 
>> vsyscall=emulate kernel boot option to properly work — not sure if that will 
>> be possible on Travis VMs at all.
>> 
>> I have actual weekly builds that are auto-published to our Coverity Scan 
>> account and they well, require manual interventions, flagging and some day 
>> to day work to get to more usable levels — let me know if you need a hand 
>> with this. You should have all the access required for doing so right now.
>> 
>> 
>> Kind regards,
>> D.
>> 
>>> On 17 Jul 2019, at 13:18, Илья Шипицин >> > wrote:
>>> 
>>> Hello, yep, contributor/member would be nice. Also, I can setup automated 
>>> travis-ci scans
>>> 
>>> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic >> > wrote:
>>> Hey Илья,
>>> 
>>> Let me know if you would like Contributor/Member role for your account on 
>>> Haproxy Coverity account. I was initially more involved and I have started 
>>> configuring modules and parts of code blocks into coherent units, but 
>>> stopped at some point due to lack of time and interest.
>>> 
>>> There have been a lot of false positives however, I dare to say even in 
>>> excessive volumes.
>>> 
>>> > On 17 Jul 2019, at 07:48, Илья Шипицин >> > > wrote:
>>> > 
>>> > Hello, I played with Coverity. Definitely it shows "issues resolved" 
>>> > after bugfixes pushed to git. I know Willy does not like static analysis 
>>> > because of noise. Anyway, it finds bugs, why not to use it?
>>> 
>>> 
>>> Kind regards,
>>> D.
>>> 
>>> -- 
>>> Dinko Korunic   ** Standard disclaimer applies **
>>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>> 
>>> 
>> 
>> -- 
>> Dinko Korunic   ** Standard disclaimer applies **
>> Sent from OSF1 osf1v4b V4.0 564 alpha
>> 
>> 
> 
> -- 
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
> 

-- 
Dinko Korunic   ** Standard disclaimer applies **
Sent from OSF1 osf1v4b V4.0 564 alpha

Re: Coverity scans?

[Илья Шипицин]

also, I've no idea what to specify in COVERITY_SCAN_NOTIFICATION_EMAIL
(which is mandatory)

чт, 1 авг. 2019 г. в 12:32, Dinko Korunic :

> Hey Илья,
>
> Looks fine and clean. I guess that we would use existing project name
> (Haproxy) or you would like to continue with your own?
>
> Last, I wonder do we really need verbose (V=1) builds and do you think if
> they make sense for Coverity builds?
>
>
> Thanks,
> D.
>
> On 30 Jul 2019, at 10:35, Илья Шипицин  wrote:
>
> Dinko,
>
> please have a look
>
> https://github.com/chipitsine/haproxy/blob/coverity/.travis.yml#L37-L45
>
>
> what do you think (if we will move that to
> https://github.com/haproxy/haproxy) ?
>
> ср, 17 июл. 2019 г. в 16:36, Dinko Korunic :
>
>> Dear Илья,
>>
>> I’ve increased your access level to Contributor/Member. I terms of
>> Travis-CI scans, there are some catch22s with current Coverity suite as it
>> is compiled against ancient glibc and ancient kernel headers and
>> requires vsyscall=emulate kernel boot option to properly work — not sure if
>> that will be possible on Travis VMs at all.
>>
>> I have actual weekly builds that are auto-published to our Coverity Scan
>> account and they well, require manual interventions, flagging and some day
>> to day work to get to more usable levels — let me know if you need a hand
>> with this. You should have all the access required for doing so right now.
>>
>>
>> Kind regards,
>> D.
>>
>> On 17 Jul 2019, at 13:18, Илья Шипицин  wrote:
>>
>> Hello, yep, contributor/member would be nice. Also, I can setup automated
>> travis-ci scans
>>
>> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic 
>> wrote:
>>
>>> Hey Илья,
>>>
>>> Let me know if you would like Contributor/Member role for your account
>>> on Haproxy Coverity account. I was initially more involved and I have
>>> started configuring modules and parts of code blocks into coherent units,
>>> but stopped at some point due to lack of time and interest.
>>>
>>> There have been a lot of false positives however, I dare to say even in
>>> excessive volumes.
>>>
>>> > On 17 Jul 2019, at 07:48, Илья Шипицин  wrote:
>>> >
>>> > Hello, I played with Coverity. Definitely it shows "issues resolved"
>>> after bugfixes pushed to git. I know Willy does not like static analysis
>>> because of noise. Anyway, it finds bugs, why not to use it?
>>>
>>>
>>> Kind regards,
>>> D.
>>>
>>> --
>>> Dinko Korunic   ** Standard disclaimer applies **
>>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>>
>>>
>>>
>> --
>> Dinko Korunic   ** Standard disclaimer applies **
>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>
>>
>
> --
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
>
>

Re: Coverity scans?

[Илья Шипицин]

чт, 1 авг. 2019 г. в 12:32, Dinko Korunic :

> Hey Илья,
>
> Looks fine and clean. I guess that we would use existing project name
> (Haproxy) or you would like to continue with your own?
>

I would move to "haproxy/haproxy"
however, proper token must be set in travis-ci environment (if token is not
set, build is skipped)


>
> Last, I wonder do we really need verbose (V=1) builds and do you think if
> they make sense for Coverity builds?
>

I'll polish it for a few days and will submit a patch


>
>
> Thanks,
> D.
>
> On 30 Jul 2019, at 10:35, Илья Шипицин  wrote:
>
> Dinko,
>
> please have a look
>
> https://github.com/chipitsine/haproxy/blob/coverity/.travis.yml#L37-L45
>
>
> what do you think (if we will move that to
> https://github.com/haproxy/haproxy) ?
>
> ср, 17 июл. 2019 г. в 16:36, Dinko Korunic :
>
>> Dear Илья,
>>
>> I’ve increased your access level to Contributor/Member. I terms of
>> Travis-CI scans, there are some catch22s with current Coverity suite as it
>> is compiled against ancient glibc and ancient kernel headers and
>> requires vsyscall=emulate kernel boot option to properly work — not sure if
>> that will be possible on Travis VMs at all.
>>
>> I have actual weekly builds that are auto-published to our Coverity Scan
>> account and they well, require manual interventions, flagging and some day
>> to day work to get to more usable levels — let me know if you need a hand
>> with this. You should have all the access required for doing so right now.
>>
>>
>> Kind regards,
>> D.
>>
>> On 17 Jul 2019, at 13:18, Илья Шипицин  wrote:
>>
>> Hello, yep, contributor/member would be nice. Also, I can setup automated
>> travis-ci scans
>>
>> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic 
>> wrote:
>>
>>> Hey Илья,
>>>
>>> Let me know if you would like Contributor/Member role for your account
>>> on Haproxy Coverity account. I was initially more involved and I have
>>> started configuring modules and parts of code blocks into coherent units,
>>> but stopped at some point due to lack of time and interest.
>>>
>>> There have been a lot of false positives however, I dare to say even in
>>> excessive volumes.
>>>
>>> > On 17 Jul 2019, at 07:48, Илья Шипицин  wrote:
>>> >
>>> > Hello, I played with Coverity. Definitely it shows "issues resolved"
>>> after bugfixes pushed to git. I know Willy does not like static analysis
>>> because of noise. Anyway, it finds bugs, why not to use it?
>>>
>>>
>>> Kind regards,
>>> D.
>>>
>>> --
>>> Dinko Korunic   ** Standard disclaimer applies **
>>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>>
>>>
>>>
>> --
>> Dinko Korunic   ** Standard disclaimer applies **
>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>
>>
>
> --
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
>
>

Re: Coverity scans?

[Dinko Korunic]

Hey Илья,

Looks fine and clean. I guess that we would use existing project name (Haproxy) 
or you would like to continue with your own?

Last, I wonder do we really need verbose (V=1) builds and do you think if they 
make sense for Coverity builds?


Thanks,
D.

> On 30 Jul 2019, at 10:35, Илья Шипицин  wrote:
> 
> Dinko,
> 
> please have a look
> 
> https://github.com/chipitsine/haproxy/blob/coverity/.travis.yml#L37-L45 
> 
> 
> 
> what do you think (if we will move that to https://github.com/haproxy/haproxy 
> ) ?
> 
> ср, 17 июл. 2019 г. в 16:36, Dinko Korunic  >:
> Dear Илья,
> 
> I’ve increased your access level to Contributor/Member. I terms of Travis-CI 
> scans, there are some catch22s with current Coverity suite as it is compiled 
> against ancient glibc and ancient kernel headers and requires 
> vsyscall=emulate kernel boot option to properly work — not sure if that will 
> be possible on Travis VMs at all.
> 
> I have actual weekly builds that are auto-published to our Coverity Scan 
> account and they well, require manual interventions, flagging and some day to 
> day work to get to more usable levels — let me know if you need a hand with 
> this. You should have all the access required for doing so right now.
> 
> 
> Kind regards,
> D.
> 
>> On 17 Jul 2019, at 13:18, Илья Шипицин > > wrote:
>> 
>> Hello, yep, contributor/member would be nice. Also, I can setup automated 
>> travis-ci scans
>> 
>> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic > > wrote:
>> Hey Илья,
>> 
>> Let me know if you would like Contributor/Member role for your account on 
>> Haproxy Coverity account. I was initially more involved and I have started 
>> configuring modules and parts of code blocks into coherent units, but 
>> stopped at some point due to lack of time and interest.
>> 
>> There have been a lot of false positives however, I dare to say even in 
>> excessive volumes.
>> 
>> > On 17 Jul 2019, at 07:48, Илья Шипицин > > > wrote:
>> > 
>> > Hello, I played with Coverity. Definitely it shows "issues resolved" after 
>> > bugfixes pushed to git. I know Willy does not like static analysis because 
>> > of noise. Anyway, it finds bugs, why not to use it?
>> 
>> 
>> Kind regards,
>> D.
>> 
>> -- 
>> Dinko Korunic   ** Standard disclaimer applies **
>> Sent from OSF1 osf1v4b V4.0 564 alpha
>> 
>> 
> 
> -- 
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
> 
> 

-- 
Dinko Korunic   ** Standard disclaimer applies **
Sent from OSF1 osf1v4b V4.0 564 alpha

Re: Coverity scans?

[Илья Шипицин]

Dinko,

please have a look

https://github.com/chipitsine/haproxy/blob/coverity/.travis.yml#L37-L45


what do you think (if we will move that to
https://github.com/haproxy/haproxy) ?

ср, 17 июл. 2019 г. в 16:36, Dinko Korunic :

> Dear Илья,
>
> I’ve increased your access level to Contributor/Member. I terms of
> Travis-CI scans, there are some catch22s with current Coverity suite as it
> is compiled against ancient glibc and ancient kernel headers and
> requires vsyscall=emulate kernel boot option to properly work — not sure if
> that will be possible on Travis VMs at all.
>
> I have actual weekly builds that are auto-published to our Coverity Scan
> account and they well, require manual interventions, flagging and some day
> to day work to get to more usable levels — let me know if you need a hand
> with this. You should have all the access required for doing so right now.
>
>
> Kind regards,
> D.
>
> On 17 Jul 2019, at 13:18, Илья Шипицин  wrote:
>
> Hello, yep, contributor/member would be nice. Also, I can setup automated
> travis-ci scans
>
> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic 
> wrote:
>
>> Hey Илья,
>>
>> Let me know if you would like Contributor/Member role for your account on
>> Haproxy Coverity account. I was initially more involved and I have started
>> configuring modules and parts of code blocks into coherent units, but
>> stopped at some point due to lack of time and interest.
>>
>> There have been a lot of false positives however, I dare to say even in
>> excessive volumes.
>>
>> > On 17 Jul 2019, at 07:48, Илья Шипицин  wrote:
>> >
>> > Hello, I played with Coverity. Definitely it shows "issues resolved"
>> after bugfixes pushed to git. I know Willy does not like static analysis
>> because of noise. Anyway, it finds bugs, why not to use it?
>>
>>
>> Kind regards,
>> D.
>>
>> --
>> Dinko Korunic   ** Standard disclaimer applies **
>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>
>>
>>
> --
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
>
>

Re: Coverity scans?

[Илья Шипицин]

ср, 17 июл. 2019 г. в 16:36, Dinko Korunic :

> Dear Илья,
>
> I’ve increased your access level to Contributor/Member. I terms of
> Travis-CI scans, there are some catch22s with current Coverity suite as it
> is compiled against ancient glibc and ancient kernel headers and
> requires vsyscall=emulate kernel boot option to properly work — not sure if
> that will be possible on Travis VMs at all.
>

it is possible to run scan on travis-ci, have a look

https://github.com/SoftEtherVPN/SoftEtherVPN/blob/master/.ci/coverity.sh

I am goind to add "if: type == cron" so, coverity scan will not slow smoke
testing

I see the whole picture as following

1) coverity token is set in travis-ci interface
2) builds are scheduled on cron only
3) build checks whether token is defined or not



>
> I have actual weekly builds that are auto-published to our Coverity Scan
> account and they well, require manual interventions, flagging and some day
> to day work to get to more usable levels — let me know if you need a hand
> with this. You should have all the access required for doing so right now.
>
>
> Kind regards,
> D.
>
> On 17 Jul 2019, at 13:18, Илья Шипицин  wrote:
>
> Hello, yep, contributor/member would be nice. Also, I can setup automated
> travis-ci scans
>
> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic 
> wrote:
>
>> Hey Илья,
>>
>> Let me know if you would like Contributor/Member role for your account on
>> Haproxy Coverity account. I was initially more involved and I have started
>> configuring modules and parts of code blocks into coherent units, but
>> stopped at some point due to lack of time and interest.
>>
>> There have been a lot of false positives however, I dare to say even in
>> excessive volumes.
>>
>> > On 17 Jul 2019, at 07:48, Илья Шипицин  wrote:
>> >
>> > Hello, I played with Coverity. Definitely it shows "issues resolved"
>> after bugfixes pushed to git. I know Willy does not like static analysis
>> because of noise. Anyway, it finds bugs, why not to use it?
>>
>>
>> Kind regards,
>> D.
>>
>> --
>> Dinko Korunic   ** Standard disclaimer applies **
>> Sent from OSF1 osf1v4b V4.0 564 alpha
>>
>>
>>
> --
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
>
>

Re: Coverity scans?

[Dinko Korunic]

Dear Илья,

I’ve increased your access level to Contributor/Member. I terms of Travis-CI 
scans, there are some catch22s with current Coverity suite as it is compiled 
against ancient glibc and ancient kernel headers and requires vsyscall=emulate 
kernel boot option to properly work — not sure if that will be possible on 
Travis VMs at all.

I have actual weekly builds that are auto-published to our Coverity Scan 
account and they well, require manual interventions, flagging and some day to 
day work to get to more usable levels — let me know if you need a hand with 
this. You should have all the access required for doing so right now.


Kind regards,
D.

> On 17 Jul 2019, at 13:18, Илья Шипицин  wrote:
> 
> Hello, yep, contributor/member would be nice. Also, I can setup automated 
> travis-ci scans
> 
> On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic  > wrote:
> Hey Илья,
> 
> Let me know if you would like Contributor/Member role for your account on 
> Haproxy Coverity account. I was initially more involved and I have started 
> configuring modules and parts of code blocks into coherent units, but stopped 
> at some point due to lack of time and interest.
> 
> There have been a lot of false positives however, I dare to say even in 
> excessive volumes.
> 
> > On 17 Jul 2019, at 07:48, Илья Шипицин  > > wrote:
> > 
> > Hello, I played with Coverity. Definitely it shows "issues resolved" after 
> > bugfixes pushed to git. I know Willy does not like static analysis because 
> > of noise. Anyway, it finds bugs, why not to use it?
> 
> 
> Kind regards,
> D.
> 
> -- 
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
> 
> 

-- 
Dinko Korunic   ** Standard disclaimer applies **
Sent from OSF1 osf1v4b V4.0 564 alpha

Re: Coverity scans?

[Илья Шипицин]

Hello, yep, contributor/member would be nice. Also, I can setup automated
travis-ci scans

On Wed, Jul 17, 2019, 3:27 PM Dinko Korunic  wrote:

> Hey Илья,
>
> Let me know if you would like Contributor/Member role for your account on
> Haproxy Coverity account. I was initially more involved and I have started
> configuring modules and parts of code blocks into coherent units, but
> stopped at some point due to lack of time and interest.
>
> There have been a lot of false positives however, I dare to say even in
> excessive volumes.
>
> > On 17 Jul 2019, at 07:48, Илья Шипицин  wrote:
> >
> > Hello, I played with Coverity. Definitely it shows "issues resolved"
> after bugfixes pushed to git. I know Willy does not like static analysis
> because of noise. Anyway, it finds bugs, why not to use it?
>
>
> Kind regards,
> D.
>
> --
> Dinko Korunic   ** Standard disclaimer applies **
> Sent from OSF1 osf1v4b V4.0 564 alpha
>
>
>

Re: Coverity scans?

[Dinko Korunic]

Hey Илья,

Let me know if you would like Contributor/Member role for your account on 
Haproxy Coverity account. I was initially more involved and I have started 
configuring modules and parts of code blocks into coherent units, but stopped 
at some point due to lack of time and interest.

There have been a lot of false positives however, I dare to say even in 
excessive volumes.

> On 17 Jul 2019, at 07:48, Илья Шипицин  wrote:
> 
> Hello, I played with Coverity. Definitely it shows "issues resolved" after 
> bugfixes pushed to git. I know Willy does not like static analysis because of 
> noise. Anyway, it finds bugs, why not to use it?


Kind regards,
D.

-- 
Dinko Korunic   ** Standard disclaimer applies **
Sent from OSF1 osf1v4b V4.0 564 alpha