Re: Coverity scan findings

2019-09-11 Thread GARDAIS Ionel
it depends on how haproxy is built (number of flags) BQ_BEGIN we use most of available options when testing on coverity [ https://github.com/haproxy/haproxy/blob/master/.travis.yml#L8 | https://github.com/haproxy/haproxy/blob/master/.travis.yml#L8 ] can you share build command ? we may

Re: Coverity scan findings

2019-09-11 Thread Willy Tarreau
On Wed, Sep 11, 2019 at 10:08:46AM +0200, GARDAIS Ionel wrote: > Please note that Sonarqube is scanning haproxy code too. > Results are available at https://sonarcloud.io/dashboard?id=haproxy Ah indeed. > Some results are false positive but some are worth looking at. Well, I've already lost one

Re: Coverity scan findings

2019-09-11 Thread Илья Шипицин
it depends on how haproxy is built (number of flags) we use most of available options when testing on coverity https://github.com/haproxy/haproxy/blob/master/.travis.yml#L8 can you share build command ? we may also set up sonar in travis-ci schedules. (personally, I find sonar too much noisy,

Re: Coverity scan findings

2019-09-11 Thread GARDAIS Ionel
> On Tue, Sep 10, 2019 at 08:29:38PM +0500, ??? wrote: > > those findings are mostly mess (maybe, except few real bugs). > > I do not mind sharing those findings with community, Willy ? > > we need more manpower here. > > Oh no problem! I'm not the one asking to hide bugs, the more

Re: Coverity scan findings

2019-09-11 Thread Willy Tarreau
On Tue, Sep 10, 2019 at 08:29:38PM +0500, ??? wrote: > those findings are mostly mess (maybe, except few real bugs). > I do not mind sharing those findings with community, Willy ? > we need more manpower here. Oh no problem! I'm not the one asking to hide bugs, the more eyeballs on bug

Re: Coverity scan findings

2019-09-11 Thread Willy Tarreau
Hi Ilya, On Thu, Aug 08, 2019 at 12:45:33PM +0500, ??? wrote: > Hello, > > coverity found tens of "null pointer dereference". > also, there's a good correlation, after "now fixed, good catch" coverity > usually dismiss some bug. > > should we revisit those findings ? Not necessarily.

Re: Coverity scan findings

2019-09-10 Thread Dinko Korunic
Hi Dave, Just browse to https://scan.coverity.com/projects/haproxy and make a request for access, I’ll gladly add you to the project. > On 10 Sep 2019, at 16:49, Dave Chiluk wrote: > > Are these scans publicly available *(I'm looking for a link)?