buildframework/helium/doc/src/manual/coverity.rst
author y4jin
Tue, 23 Nov 2010 14:07:04 +0800
changeset 705 67449e76cb84
parent 645 b8d81fa19e7d
permissions -rw-r--r--
Fix the illegal word scanned by sfchecksource tools
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
628
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     1
.. index::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     2
  module: Coverity Prevent Tool
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     3
  
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     4
========================
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     5
Coverity Prevent Tool
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     6
========================
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     7
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     8
.. contents::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
     9
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    10
This document describes requirements and how to run Coverity Prevent tool with sbs builds using Helium. 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    11
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    12
Introduction
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    13
-------------------------
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    14
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    15
- Coverity Prevent analyzes source code to find defects early in the development cycle, reducing the risks associated with coding. Included with Prevent are workflow tools that track and manage defects from initial discovery through final resolution.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    16
- With high precision, Coverity Prevent analyzes source code and detects critical software defects in the following categories:
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    17
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    18
 **Quality**
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    19
  Coverity Prevent detects bugs at compile-time that can cause run-time crashes. For example: memory leaks, use-after-free errors, and illegal pointer accesses.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    20
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    21
 **Security** 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    22
  Early during development, Coverity Prevent can detect the security vulnerabilities that hackers can exploit and help you eliminate serious problems, such as denial of service, data or memory corruption, and privilege escalation. Vulnerabilities detected can include buffer overruns, integer overflows, format string errors, and SQL injection attacks.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    23
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    24
 **Concurrency**
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    25
  Coverity Prevent can detect errors in multi-threaded programs that, given the complexity of concurrent programming, can be extremely difficult to track down or reproduce. Detected defects include potential deadlocks or misuse of locks.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    26
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    27
Description
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    28
-------------------------
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    29
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    30
- Coverity Prevent tool is integrated with Helium to measure C++ code coverage.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    31
- Helium does measure C++ code coverage and gives output results in the format of HTML and errors could be submitted to remote database server.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    32
- Helium runs coverity prevet tool commands, in sequential using targets. Those targets are defined below..
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    33
- Helium runs Coverity Prevent tool targets if ``coverity.enabled`` is set to ``true``
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    34
- Coverity command can be run using the ``<hlm:coverity>`` task.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    35
- Coverity task will validate is the command passed to task is starts with ``cov-`` and then it will run the command.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    36
- Coverity command options can passed through the datatypes ``<hlm:coverityoptions>`` or ``<hlm:arg>``.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    37
- Below example shows how parameters can be passed to coverity command:
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    38
   
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    39
.. code-block:: xml
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    40
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    41
        <hlm:coverity command="cov-link" dir="${build.drive}/">
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    42
            <hlm:arg name="--dir" value="${coverity.inter.dir}"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    43
            <hlm:arg name="--collect" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    44
            <hlm:arg name="-of" value="${coverity.link.dir}/all.link"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    45
        </hlm:coverity>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    46
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    47
.. code-block:: xml
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    48
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    49
        <hlm:coverityoptions id="coverity.analyze.options">
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    50
            <hlm:arg name="--dir" value="${coverity.analyze.dir}"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    51
            <hlm:arg name="--all" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    52
            <hlm:arg name="--symbian" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    53
            <hlm:arg name="--append" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    54
            <hlm:arg name="--enable-callgraph-metrics" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    55
        </hlm:coverityoptions>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    56
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    57
        <hlm:coverity command="cov-analyze" dir="${build.drive}/">
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    58
            <hlm:coverityoptions refid="coverity.analyze.options"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    59
        </hlm:coverity>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    60
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    61
Helium Targets
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    62
--------------------------
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    63
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    64
Coverity configure
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    65
::::::::::::::::::::::::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    66
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    67
 The ``cov-configure`` command configures a compiler or family of compilers. By default, if no other configuration file or directory is specified, 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    68
 the configuration is created at <install_dir>/config/coverity_config.xml. Each invocation of cov-configure adds a compiler configuration 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    69
 in its own subdirectory of the directory containing the coverity_config.xml file, and coverity_config.xml contains an include directive for 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    70
 that compiler-specific configuration.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    71
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    72
- These configuration files are generated by ``run-coverity-configure`` target.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    73
- If the configuration options need to be changed, then define a ``coverity.config.options`` reference in the respective configuration file.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    74
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    75
Ex:
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    76
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    77
.. code-block:: xml
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    78
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    79
        <hlm:coverityoptions id="coverity.config.options">
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    80
            <hlm:arg name="--config" value="${coverity.config.dir}/coverity_config.xml"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    81
            <hlm:arg name="--template" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    82
            <hlm:arg name="--comptype" value="armcc"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    83
            <hlm:arg name="--compiler" value="armcc.exe"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    84
        </hlm:coverityoptions>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    85
  
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    86
Coverity build
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    87
::::::::::::::::::::::::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    88
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    89
 The cov-build command intercepts all calls to the compiler invoked by the build system.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    90
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    91
 Usually the cov-build command name and option can prefix the original build command. However, if the build command depends on features 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    92
 of the command shell that usually invokes it, such as certain shell variables or non-alphanumeric arguments, you can invoke it using a 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    93
 wrapper script. This preserves the original behavior because the build command is again invoked directly by the kind of shell on which 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    94
 it depends. 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    95
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    96
- Coverity Prevent tool build command integrated with SBS task. 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    97
- Coverity task extends the "sbstask", so what ever the arguments we pass for sbstask will remain same for coverity tool also.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    98
- For example 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
    99
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   100
.. code-block:: xml
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   101
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   102
        <hlm:coveritybuild  sbsinput="@{sbs.input}" 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   103
                            sysdeffile="${build.drive}/output/build/canonical_system_definition_${sysdef.configuration}.xml"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   104
                            layerpatternsetref="${sbs.patternset}" 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   105
                            workingdir="${build.drive}/" 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   106
                            execute="true"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   107
                            failonerror="false"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   108
                            outputlog="${sbs.log.file}" 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   109
                            cleanlog = "${sbs.clean.log}"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   110
                            erroroutput="${sbs.log.file}.sbs_error.log"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   111
                            statslog="${sbs.log.file}.info.xml">
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   112
                <hlm:coverityoptions refid="coverity.build.options"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   113
        </hlm:coveritybuild>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   114
     
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   115
- In above example Coverity Prevent tool is integrated with sbs using task "coveritybuild".
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   116
- This task is slightly difference from sbstask as it accepts the coverity tool parameters required while running coverity tool.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   117
- In the above example we have mentioned "coverity.build.options" which are required for cov-build command.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   118
- coverityoptions datatype will follow below syntax.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   119
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   120
.. code-block:: xml
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   121
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   122
        <hlm:coverityoptions id="coverity.build.options">
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   123
            <arg name="--config" value="${coverity.config.dir}/coverity_config.xml"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   124
            <arg name="--dir" value="${coverity.inter.dir}"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   125
            <arg name="--auto-diff" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   126
            <arg name="--preprocess-first" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   127
            <arg name="--record-only" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   128
        </hlm:coverityoptions>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   129
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   130
- Internally "coveritybuild" task will run the "cov-build" with parameters passed with "<hlm:coverityoptions>" datatype and sbs commands.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   131
- Above arguments are passed by default in helium. If it is required to remove/change the default parameters (by helium)into cov-build, 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   132
  we need to override the datatype "coverityoptions".
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   133
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   134
- Command resulted for above example is shown below with "@{sbs.input} = dfs_build_input_armv5".
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   135
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   136
    | cov-build.exe --auto-diff  --record-only  --config Y:/output/coverity/config/coverity_config.xml 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   137
    | --preprocess-first  --dir Y:/output/coverity/intermediate sbs -s Y:/output/build/canonical_system_definition_dfs_build.xml 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   138
    | -c armv5 -k --logfile Y:/output/logs/compile/ido_helloworld_tb92_blr_ci_9.2.30_armv5_dfs_build.log 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   139
    | --makefile=Y:/output/logs/compile/ido_helloworld_tb92_blr_ci_9.2.30_armv5_dfs_build
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   140
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   141
Coverity emit
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   142
::::::::::::::::::::::::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   143
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   144
 The ``cov-emit`` command parses a source file and outputs it into a directory (emit repository) that can later be analyzed with ``cov-analyze``. 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   145
 The ``cov-emit`` command is typically called by ``cov-translate``, which is in turn typically called by ``cov-build`` (``cov-emit`` is a low-level command 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   146
 and is not normally called directly). 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   147
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   148
 Re-running the cov-build with replay option will reduce the build time by ~ 20% 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   149
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   150
 - Coverity emit command run by target ``run-coverity-emit``.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   151
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   152
Coverity analyze
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   153
::::::::::::::::::::::::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   154
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   155
 Sometimes the same file is compiled several times with different command-line options. Due to the inherent difficulty of tracking linkage 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   156
 information, the ``cov-analyze`` command cannot automatically determine which files are linked together. To avoid errors in function call 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   157
 resolution (especially in C code, which doesn't have any name mangling), use the ``cov-link`` command to get this information. 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   158
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   159
 and also
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   160
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   161
 working with link files is faster than collecting data from the intermediate directory multiple times
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   162
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   163
 So run the ``cov-link`` commands and analyze the database using ``cov-analyze`` command.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   164
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   165
- Coverity code analysis is done by target ``run-coverity-analyze``.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   166
- Analysis is done in 2 stages. First runs ``cov-link`` and then ``cov-analyze`` command.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   167
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   168
**cov-link command**
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   169
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   170
  1. Run cov-link with the --collect and -of options to collect linkage information on all files compiled in an emit directory.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   171
  
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   172
  2. Create one or more additional link files by filtering information using either an argument or a portion of the pathname that 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   173
     was used during command-line compilation. Compiled files are identified based on:
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   174
   * A portion of the pathname to the file when it was compiled. Use the -s option to specify a Perl regular expression to use when looking 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   175
     at the pathname.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   176
   
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   177
   * The options given on the command line when it was compiled. Use the -a, -r, -na, and -nr options to group by command-line options.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   178
    
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   179
  3. Use the link files created in the previous steps, and the emit repository in the original intermediate directory, to create a new intermediate directory with an emit repository with resolved function calls. Then use cov-analyze on the new intermediate directory.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   180
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   181
**cov-analyze**
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   182
 command analyzes the code previously parsed and emitted into an intermediate directory. The result is a set of XML files 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   183
 in the <intermediate_directory>/c/output directory that contain a description of the defects. The cov-analyze command also stores analysis 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   184
 information in the intermediate directory, which speeds up future runs.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   185
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   186
 A log file with information about the checkers used in the analysis, including notices of crashes, is created at 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   187
 <intermediate_directory>/c/output/analysis-log.txt.gz. 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   188
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   189
 Note that behind the scenes, cov-analyze actually calls cov-internal-analyze-c to run the analysis. If you look at running processes, 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   190
 both cov-analyze and cov-internal-analyze-c are listed. During an analysis, cov-analyze monitors cov-internal-analyze-c, and can 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   191
 seamlessly restart the analysis in case of failure.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   192
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   193
 - ``coverity.analyze.options`` could be set if it required to disable/enable the checkers.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   194
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   195
  .. code-block:: xml
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   196
 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   197
    <hlm:coverityoptions id="coverity.analyze.options">
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   198
        <hlm:arg name="--dir" value="${coverity.analyze.dir}"/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   199
        <hlm:arg name="--all" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   200
        <hlm:arg name="--symbian" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   201
        <hlm:arg name="--append" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   202
        <hlm:arg name="--enable-callgraph-metrics" value=""/>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   203
    </hlm:coverityoptions>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   204
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   205
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   206
Coverity defect manager
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   207
:::::::::::::::::::::::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   208
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   209
 The ``cov-commit-defects`` command takes defects stored as *.errors.xml files in the <intermediate directory>/<domain>/output directory and 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   210
 commits them to the Defect Manager database as a new product run. Once committed, you can view the defects in the Defect Manager alongside 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   211
 the source code that generated them. The defect XML files are created by the ``cov-analyze``command, which scan and evaluate the 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   212
 preprocessed source files in the <intermediate directory>/<domain>/emit directory.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   213
        
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   214
- Coverity defects can be submitted to a remote coverity defect database using the ``run-commit-defects`` target.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   215
- To enable the target user should set ``coverity.commit.defects.enabled`` to ``true`` and ``coverity.enabled`` to ``true``.
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   216
- Username and Password for the Coverity Defect Manager  should be set in the `.netrc file`_::
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   217
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   218
    machine coverity login <user name> password <password>
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   219
645
b8d81fa19e7d helium_12.0.0-63b64366f9cf
wbernard
parents: 628
diff changeset
   220
.. _`.netrc file`: configuring.html?highlight=netrc#passwords
b8d81fa19e7d helium_12.0.0-63b64366f9cf
wbernard
parents: 628
diff changeset
   221
628
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   222
.. csv-table:: Coverity feature flags
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   223
   :header: "Flags to set", "Action performed", "Allowed value"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   224
   
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   225
   ":hlm-t:`coverity.commit.defects.enabled`", "If user wants to commit the defects using existing intermediate folder and run target 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   226
   ``run-commit-defects``", "true/false"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   227
   ":hlm-t:`coverity.commit.defects.enabled` and `coverity.enabled`", "If user want to generate the intermididate folder and then commit 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   228
   defects, first intermediate folders will get generated and defects will commited into database. By default this build sequence will 
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   229
   happen.", "true/false"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   230
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   231
- Below properties must be set for defects to be committed to the database:
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   232
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   233
.. csv-table:: Coverity defect manager properties
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   234
   :header: "Property name", "Description"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   235
   
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   236
   ":hlm-t:`coverity.defect.manager.server`", "Coverity defect manager server/IP address. Ex: server.domain.extension or 100.220.530.101"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   237
   ":hlm-t:`coverity.defect.manager.port`", "Coverity defect manager HTTP port number"
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   238
   ":hlm-t:`coverity.defect.manager.product`", "Coverity defect manager product/platform to submit the coverity errors."
7c4a911dc066 helium_11.0.0-e00f171ca185
wbernard
parents:
diff changeset
   239