wiki:GCI/Coding/CoverityIssues

Version 1 (modified by Joel Sherrill, on Sep 12, 2018 at 3:34:09 PM) (diff)

New Page

PAGE_TITLE

Table of Contents

  1. PAGE_TITLE
    1. Overview
    2. Tickets

Overview

Coverity Scan is a static analyzer that can identify various types of potential software defects. Coverity offers free use of this analyzer for free software projects. Issues identified for RTEMS at at https://scan.coverity.com/projects/rtems.

Coverity Scan identifies POTENTIAL issues. Some may be real bugs. Others may indicate that Coverity Scan does not have full awareness of the program life. For example, memory allocated during RTEMS initialization may appear to be leaked because it is never freed. But this deliberate and the issue marked as such in Coverity Scan.

For the purposes of Google Code-In, you will need to get an account on Coverity Scan and request access to the RTEMS Project. Then find an issue which is not included in the list of tickets below. File a ticket at https://devel.rtems.org against 5.1 using ticket #3514 as a guide.

  • The title should have an English summary and (CID number).
  • The summary should include the offending code with some context.
  • If you can provide any insight into the issue, please feel free to add it. If the RTEMS source code has a copyright that indicates it originated in another project, please do make note of that. It is sometimes possible just to check the original source to see if the issue is fixed.

Tickets

The following open tickets correspond to Coverity issues.

Ticket Summary Owner
#2926 Coverity Reports Multiple Out of Bounds Accesses in rtd-mdreloc-sparc.c chrisj@…
#3514 Resource Leak in hexdump-parse.c (CID 26032)
#3544 Coverity flags use of uninitialized variable in e500-mmu.c Sebastian Huber
#3570 Resource leak in flashdisk.c (CID 1439298)
#3597 Variable tmp_dirent not initialized CID 1440356