Re: New Defects reported by Coverity Scan for Zephyr


Leandro Pereira
 

Jammy,

On 11/16/2017 06:30 PM, Jammy Zhou wrote:
Is there some tool to do the scan locally?
Running Coverity locally requires a license; the Zephyr project has a free license that's kindly offered for open source projects, so there are some limitations as to the frequency of code scans. Since the scans are made periodically and the whole tree is compiled while capturing data for Coverity, it's better if just one person runs it.

There are alternatives to Coverity out there that might find the same bugs; some are even open source. Maybe it's possible to use Clang Static Analyzer and cppcheck.

Cheers,
Leandro

Join devel@lists.zephyrproject.org to automatically receive all group messages.