[Kde-imaging] digiKam registered as new project for Coverity SCAN

Gilles Caulier caulier.gilles at gmail.com
Thu Feb 14 18:56:01 UTC 2013


...another one very difficult to found for an human who review code :

877

CID 981482 (#1 of 1): Structurally dead code (UNREACHABLE)unreachable: Since
the loop increment "++it;" is unreachable, the loop body will never execute
more than once.
  878        for (it = oldIds.find(info.id) ; (it != oldIds.end()) && (it.
key() == info.id) ; ++it)
  879        {
  880            found = true;
  881            break;
  882        }

My fix :

http://commits.kde.org/digikam/51f78bd749d135b29ad3c3c20bfbef5790d99060

Gilles Caulier


2013/2/14 Gilles Caulier <caulier.gilles at gmail.com>

> If you are not convinced by SCAN tool, i found 2 great infine loop bugs in
> trace :
>
> 364void ImportFilterModel::slotRowsAboutToBeRemoved(const QModelIndex&
> /*parent*/, int start, int end)
>  365{
>  366    QList<CamItemInfo> infos;
>  367
>
> non_progress_update: Update "i++" makes no progress toward falsifying the
> loop condition "i > end".
>
> CID 981140 (#1 of 1): Infinite loop (INFINITE_LOOP)loop_top: Top of the
> loop.
>
> loop_condition: If "i > end" is initially true then it will remain true.
> 368    for (int i = start; i > end; i++)
>  369    {
>  370        infos << camItemInfo(index(i, 0));
>
> loop_bottom: Bottom of the loop.
> 371    }
>
> ...
>
> 352void ImportFilterModel::slotRowsInserted(const QModelIndex& /*parent*/
> , int start, int end)
> 353{
> 354    QList<CamItemInfo> infos;
> 355
>
> non_progress_update: Update "i++" makes no progress toward falsifying the
> loop condition "i > end".
>
> CID 981139 (#1 of 1): Infinite loop (INFINITE_LOOP)loop_top: Top of the
> loop.
>
> loop_condition: If "i > end" is initially true then it will remain true.
> 356    for (int i = start; i > end; i++)
> 357    {
> 358        infos << camItemInfo(index(i, 0));
>
> loop_bottom: Bottom of the loop.
> 359    }
>
> Gilles
>
>
>
> 2013/2/13 Gilles Caulier <caulier.gilles at gmail.com>
>
>> Hi all developers,
>>
>> I registered digiKam to Coverity static analyse program dedicated for
>> open-source project :
>>
>> http://scan.coverity.com/
>> http://en.wikipedia.org/wiki/Coverity#Scan_.28Open_Source.29
>>
>> As you already see my previous mail about traces generated with this tool
>> by Red Hat team, i step the stage to use Coverity as default static
>> code analyzer to detect programming errors.
>>
>> I compiled and submitted a first tarball to SCAN web interface (500Mb of
>> db file), and 30mns later i receive a mail to said that analyse is ready to
>> be read through Coverity Connect Manager.
>>
>> Web interface is really nice to use and to parse important errors. It's
>> really  more suitable than an export to text list as Red Hat sent me
>> previously.
>>
>> I recommend to all developers who want to improve source code to take an
>> account to Coverity SCAN web interface.
>>
>> To register you, please send me your information :
>>
>> - user name
>> - email :
>> - given name
>> - family name
>>
>> ... in fact all information to field in this page :
>> http://scan.coverity.com/create_user.html
>>
>> Later, when your account will be created, you will need to login to
>> Connect Manager
>>
>> scan5.coverity.com:8080
>>
>> with your Username and a password sent to you in a private mail. You will
>> be able to take a look to all trace generated by my scans loaded.
>>
>> I plan to process scan upload to Coverity server automatically each week
>> end using a script, as other main Open-Source projects do...
>>
>> I waiting your info to process registration
>>
>> Best
>>
>> Gilles Caulier
>>
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-imaging/attachments/20130214/630b4f41/attachment-0001.html>


More information about the Kde-imaging mailing list