[Gluster-devel] Coverity scan - how does it ignore dismissed defects & annotations?
amukherj at redhat.com
Fri May 3 09:46:49 UTC 2019
On Fri, 3 May 2019 at 14:59, Xavi Hernandez <jahernan at redhat.com> wrote:
> Hi Atin,
> On Fri, May 3, 2019 at 10:57 AM Atin Mukherjee <amukherj at redhat.com>
>> I'm bit puzzled on the way coverity is reporting the open defects on GD1
>> component. As you can see from , technically we have 6 open defects and
>> all of the rest are being marked as dismissed. We tried to put some
>> additional annotations in the code through  to see if coverity starts
>> feeling happy but the result doesn't change. I still see in the report it
>> complaints about open defect of GD1 as 25 (7 as High, 18 as medium and 1 as
>> Low). More interestingly yesterday's report claimed we fixed 8 defects,
>> introduced 1, but the overall count remained as 102. I'm not able to
>> connect the dots of this puzzle, can anyone?
> Maybe we need to modify all dismissed CID's so that Coverity considers
> them again and, hopefully, mark them as solved with the newer updates. They
> have been manually marked to be ignored, so they are still there...
After yesterday’s run I set the severity for all of them to see if
modifications to these CIDs make any difference or not. So fingers crossed
till the next report comes :-) .
> Just a thought, I'm not sure how this really works.
Same here, I don’t understand the exact workflow and hence seeking
>>  https://scan.coverity.com/projects/gluster-glusterfs/view_defects
>>  https://review.gluster.org/#/c/22619/
>> Gluster-devel mailing list
>> Gluster-devel at gluster.org
- Atin (atinm)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gluster-devel