Package Details: cov-analysis 2019.03-1

Git Clone URL: https://aur.archlinux.org/cov-analysis.git (read-only)
Package Base: cov-analysis
Description: Coverity Scan Build Tool for C/C++ - REQUIRES MANUAL DOWNLOAD
Upstream URL: https://scan.coverity.com/download
Licenses: custom
Submitter: 1ace
Maintainer: 1ace
Last Packager: 1ace
Votes: 2
Popularity: 0.000054
First Submitted: 2016-05-01 23:39
Last Updated: 2019-06-26 22:13

Pinned Comments

1ace commented on 2019-02-02 23:53

To those getting a segfault: coverity has built their tool using an ancient version of glibc which they statically linked. That glibc was using a deprecated kernel API, which has been disabled (for security reasons) since kernel 4.8. They need to recompile their tool with a more recent version of glibc so that it can be used on modern Linux. They are aware of the issue (they talk about it on the front page of https://scan.coverity.com, although they got confused between sysctl and linux cmdline), but they still haven't done it 2 years later.

In the mean time, the kernel feature can be re-enabled by adding vsyscall=emulate to your Linux command line, although it requires the kernel to be compiled with CONFIG_X86_VSYSCALL_EMULATION=y (which is still the case of the official linux package as of today). You can check that by running zgrep CONFIG_X86_VSYSCALL_EMULATION /process/config.gz.

Latest Comments

pcmoore commented on 2019-06-30 19:19

FYI: it appears the checksums need to be updated. The currently available Linux x86_64 package does not match the checksum in the PKGBUILD:

md5sum cov-analysis-linux64-2019.03.tar.gz

d0d7d7df9d6609e578f85096a755fb8f ...

sha256sum cov-analysis-linux64-2019.03.tar.gz

808190e72ae2059076c2afb8bb3f85cced5b2deb7ce80011d9b88b732d5c3d85 ...

1ace commented on 2019-02-02 23:53

To those getting a segfault: coverity has built their tool using an ancient version of glibc which they statically linked. That glibc was using a deprecated kernel API, which has been disabled (for security reasons) since kernel 4.8. They need to recompile their tool with a more recent version of glibc so that it can be used on modern Linux. They are aware of the issue (they talk about it on the front page of https://scan.coverity.com, although they got confused between sysctl and linux cmdline), but they still haven't done it 2 years later.

In the mean time, the kernel feature can be re-enabled by adding vsyscall=emulate to your Linux command line, although it requires the kernel to be compiled with CONFIG_X86_VSYSCALL_EMULATION=y (which is still the case of the official linux package as of today). You can check that by running zgrep CONFIG_X86_VSYSCALL_EMULATION /process/config.gz.

pmatos commented on 2018-10-17 07:41

Am I the only one getting a segmentation fault when running cov-build?

dkorzhevin commented on 2018-03-21 15:22

Thanks for maintaining this package!

pcmoore commented on 2017-06-27 12:54

I'm not sure if it is possible, but it would be nice to see a notice/warning message that the tarball needs to be downloaded manually (perhaps even display the URL?) instead of just a file missing error when the correct tarball is not present on the local system.

Regardless, thanks for maintaining this package.