FYI: I had similar problems to @Rucikir and found that the bsdtar/$PATH fixes suggested by @csslayer solved the problem.
@1ace, can we get an update to the package?
Search Criteria
Package Details: cov-analysis 2019.03-1
| Git Clone URL: | https://aur.archlinux.org/cov-analysis.git (read-only) |
|---|---|
| Package Base: | cov-analysis |
| Description: | Coverity Scan Build Tool for C/C++ - REQUIRES MANUAL DOWNLOAD |
| Upstream URL: | https://scan.coverity.com/download |
| Licenses: | |
| Submitter: | 1ace |
| Maintainer: | 1ace |
| Last Packager: | 1ace |
| Votes: | 2 |
| Popularity: | 0.000003 |
| First Submitted: | 2016-05-01 23:39 |
| Last Updated: | 2019-06-26 22:13 |
Dependencies (2)
- java-environment (jdk5, jdk9-openj9-bin, tuxjdk, jdk7-openjdk-infinality, java-8-openjdk-shenandoah, jdk8-openjdk-infinality, java-gcj-compat, jdk10-openjdk-openj9-bin, jdk9, zulu-10-bin, jdk-devel, jdk10, jdk-dcevm, jdk8-arm, jdk8-arm64, jdk8-openjdk-shenandoah, jdk8-openjdk-jetbrains, jdk6, jdk-arm, jdk12-openj9-bin, zulu-12-bin, jetbrains-jre, jetbrains-jre8, java-openjdk-bin, jdk13-openj9-bin, java-openjdk-ea-bin, jdk8, jdk11, jdk8-openj9-bin, jdk7, jdk11-adoptopenjdk, zulu-embedded-jdk11, jdk, jdk-openj9-bin, jdk-adoptopenjdk, zulu-11-bin, jdk12, amazon-corretto-8, amazon-corretto-11, jdk11-openj9-bin, jdk8-jetbrains, jdk8-graalvm-bin, jdk7r1-j9-bin, jdk7-j9-bin, jdk8-j9-bin, jdk-jetbrains, jdk11-graalvm-bin, jdk-openjdk, jdk10-openjdk, jdk11-openjdk, jdk7-openjdk, jdk8-openjdk)
- libarchive (libarchive-git) (make)
Required by (1)
- coverity-submit (optional)
Sources (3)
Latest Comments
pcmoore commented on 2019-11-14 20:40
csslayer commented on 2019-11-04 08:03
For the latest version for the tar, bsdtar --strip-components=1 -xf "${srcdir}/${_tarball}" (1 instead of 2) should be used. And also the PATH need to be updated to /opt/cov-analysis/bin accordingly.
Rucikir commented on 2019-08-06 18:05
I have this error when I try cov-build:
[ERROR] Failed to initialize ICU, try using the --prevent-root option.
How do I fix it?
pcmoore commented on 2019-06-30 19:19
FYI: it appears the checksums need to be updated. The currently available Linux x86_64 package does not match the checksum in the PKGBUILD:
md5sum cov-analysis-linux64-2019.03.tar.gz
d0d7d7df9d6609e578f85096a755fb8f ...
sha256sum cov-analysis-linux64-2019.03.tar.gz
808190e72ae2059076c2afb8bb3f85cced5b2deb7ce80011d9b88b732d5c3d85 ...
1ace commented on 2019-02-02 23:53
To those getting a segfault: coverity has built their tool using an ancient version of glibc which they statically linked. That glibc was using a deprecated kernel API, which has been disabled (for security reasons) since kernel 4.8. They need to recompile their tool with a more recent version of glibc so that it can be used on modern Linux. They are aware of the issue (they talk about it on the front page of https://scan.coverity.com, although they got confused between sysctl and linux cmdline), but they still haven't done it 2 years later.
In the mean time, the kernel feature can be re-enabled by adding vsyscall=emulate to your Linux command line, although it requires the kernel to be compiled with CONFIG_X86_VSYSCALL_EMULATION=y (which is still the case of the official linux package as of today). You can check that by running zgrep CONFIG_X86_VSYSCALL_EMULATION /process/config.gz.
pmatos commented on 2018-10-17 07:41
Am I the only one getting a segmentation fault when running cov-build?
dkorzhevin commented on 2018-03-21 15:22
Thanks for maintaining this package!
pcmoore commented on 2017-06-27 12:54
I'm not sure if it is possible, but it would be nice to see a notice/warning message that the tarball needs to be downloaded manually (perhaps even display the URL?) instead of just a file missing error when the correct tarball is not present on the local system.
Regardless, thanks for maintaining this package.
Pinned Comments
1ace commented on 2019-02-02 23:53
To those getting a segfault: coverity has built their tool using an ancient version of glibc which they statically linked. That glibc was using a deprecated kernel API, which has been disabled (for security reasons) since kernel 4.8. They need to recompile their tool with a more recent version of glibc so that it can be used on modern Linux. They are aware of the issue (they talk about it on the front page of https://scan.coverity.com, although they got confused between sysctl and linux cmdline), but they still haven't done it 2 years later.
In the mean time, the kernel feature can be re-enabled by adding
vsyscall=emulateto your Linux command line, although it requires the kernel to be compiled with CONFIG_X86_VSYSCALL_EMULATION=y (which is still the case of the officiallinuxpackage as of today). You can check that by runningzgrep CONFIG_X86_VSYSCALL_EMULATION /process/config.gz.