coverity-prevent | 易学教程

Coverity SA - excluding boost, stlport errors

阅读更多关于 Coverity SA - excluding boost, stlport errors

问题 The defects discovered by coverity SA including errors of STLPort, Boost, Qt libs as well, Is there any way to exclude these errors while running cov-build or cov-analyze? 回答1: There are several ways to exclude these libraries. At the highest level, you can choose to exclude them during build or analysis and then there won't be any results for them in the UI, unfortunately that also means that you will not get as complete of a view of your own errors in your own code, since analysis does

Resource leak during object creation

阅读更多关于 Resource leak during object creation

问题 I have the following code for creation of a node inside a graph. I'm getting resource leak error when I run a static checking tool (coverity). I would appreciate if you can point out how to improve the code: class node { public : explicit node(std::string& name) : m_name(name) { } void setlevel(int level) { m_level = level; } private : ... } class graph { public : void populateGraph() { std::string nodeName = getNodeName(); /* I get error saying variable from new not freed or pointed-to in

Silencing false positives in Coverity Prevent

阅读更多关于 Silencing false positives in Coverity Prevent

问题 I am using Coverity Prevent on a C++ project. Is there some way of flagging false positives directly in the source code? 回答1: Coverity Static Analysis supports source code annotations. They are described in the manual - since I don't know what version you're using I can't tell you exactly what section but it's in the book called "Checker Reference" in a section on "Models and Annotations." 来源： https://stackoverflow.com/questions/3557639/silencing-false-positives-in-coverity-prevent

“x = ++x” is it really undefined?

阅读更多关于 “x = ++x” is it really undefined?

问题 I am using Coverity Prevent on a project to find errors. It reports an error for this expression (The variable names are of course changed): x= (a>= b) ? ++x: 0; The message is: EVALUATION_ORDER defect: In " x=(a>= b) ? ++x: 0; ", " x " is written in " x " (the assignment LHS) and written in " (a>= b) ? ++x: 0; " but the order in which the side effects take place is undefined because there is no intervening sequence point. END OF MESSAGE While I can understand that " x = x++ " is undefined,

“x = ++x” is it really undefined?

阅读更多关于 “x = ++x” is it really undefined?

I am using Coverity Prevent on a project to find errors. It reports an error for this expression (The variable names are of course changed): x= (a>= b) ? ++x: 0; The message is: EVALUATION_ORDER defect: In " x=(a>= b) ? ++x: 0; ", " x " is written in " x " (the assignment LHS) and written in " (a>= b) ? ++x: 0; " but the order in which the side effects take place is undefined because there is no intervening sequence point. END OF MESSAGE While I can understand that " x = x++ " is undefined, this one is a bit harder for me. Is this one a false positive or not? AnT Conditional operator ?: has a