Coverity: Suppressing false positives with code annotations

It’s possible to set false positives to “intentional” by adding an annotation to the code. As an example, suppose the system detects that the x local variable can be NULL when it is dereferenced in the following code:
int* bla = NULL;
*bla = 35;
This produces a FORWARD_NULL defect. The defect has the event tag “var_deref_op”. To supress an error and automatically set the status of the error to “intentional” simply add:
// coverity[EVENT_TAG_NAME] 
-> C++ Comment
/* coverity[EVENT_TAG_NAME] */
-> C comment
above the reported error line. 
In the example:
// coverity[var_deref_op]
/* coverity[var_deref_op] */
A code annotation always has to appear at the beginning of a C comment (/* coverity[…] ) or a C++ comment (// coverity[…] ) and applies to the first line of code after the comment that is neither empty (white space) nor a comment. For C comments, the next line is actually the current line, if there is code on the current line: /* coverity[EVENT_TAG_NAME] */ CppStatement;
This entry was posted in Uncategorized. Bookmark the permalink.

2 Responses to Coverity: Suppressing false positives with code annotations

  1. esraymond says:

    How can I suppress multiple events? coverity[foo,bar] doesn’t seem to work, suppressing foo only and not bar.

  2. doclazy says:

    I don’t remember the manual(3 years before), but i would try to just write each annotation on a separate line?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.