Package Details: cov-analysis 2019.03-3

Git Clone URL: https://aur.archlinux.org/cov-analysis.git (read-only, click to copy)
Package Base: cov-analysis
Description: Coverity Scan Build Tool for C/C++ - REQUIRES MANUAL DOWNLOAD
Upstream URL: https://scan.coverity.com/download
Licenses: custom
Submitter: 1ace
Maintainer: 1ace
Last Packager: 1ace
Votes: 2
Popularity: 0.000000
First Submitted: 2016-05-01 23:39
Last Updated: 2020-01-22 11:21

Pinned Comments

1ace commented on 2019-02-02 23:53

To those getting a segfault: coverity has built their tool using an ancient version of glibc which they statically linked. That glibc was using a deprecated kernel API, which has been disabled (for security reasons) since kernel 4.8. They need to recompile their tool with a more recent version of glibc so that it can be used on modern Linux. They are aware of the issue (they talk about it on the front page of https://scan.coverity.com, although they got confused between sysctl and linux cmdline), but they still haven't done it 2 years later.

In the mean time, the kernel feature can be re-enabled by adding vsyscall=emulate to your Linux command line, although it requires the kernel to be compiled with CONFIG_X86_VSYSCALL_EMULATION=y (which is still the case of the official linux package as of today). You can check that by running zgrep CONFIG_X86_VSYSCALL_EMULATION /proc/config.gz.

Latest Comments

1 2 Next › Last »

1ace commented on 2020-01-22 15:26

@pcmoore: for that .tar.gz patch, are you sure? on my machine makepkg extracts the gz and we're left with a .tar.
Please make sure you didn't have an old build directory around with random old files :)

pcmoore commented on 2020-01-22 15:22

A patch somewhat like the following is also needed:

diff --git a/PKGBUILD b/PKGBUILD
index 24fc6e0..1f6bf4f 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -19,7 +19,7 @@ sha256sums_i686=('a0e6c35db1effbbc33194f5aa8db63619911306314c>
 sha256sums_x86_64=('808190e72ae2059076c2afb8bb3f85cced5b2deb7ce80011d9b88b732d>

 package() {
-  tar=$(echo *.tar)
+  tar=$(echo *.tar.gz)
   msg2 "Extracting $tar with bsdtar"
   install -dm755 "$pkgdir/opt/$pkgname"
   cd "$pkgdir/opt/$pkgname"

1ace commented on 2020-01-22 15:22

@pcmoore: I just downloaded it a few hours ago, and noticing that the hash had updated without them bumping the version number I updated the hash (see 0cc1589ca525)

If you're seeing yet another hash, that means it's become impossible to have a stable has to check against, which means I'll need to give up on that and allow anything (ie. 'SKIP' as the hash to check against) :/

pcmoore commented on 2020-01-22 15:18

It looks like the x86_64 checksum needs to be updated:

808190e72ae2059076c2afb8bb3f85cced5b2deb7ce80011d9b88b732d5c3d85 cov-analysis-linux64-2019.03.tar.gz

pcmoore commented on 2019-11-14 20:40

FYI: I had similar problems to @Rucikir and found that the bsdtar/$PATH fixes suggested by @csslayer solved the problem.

@1ace, can we get an update to the package?

csslayer commented on 2019-11-04 08:03

For the latest version for the tar, bsdtar --strip-components=1 -xf "${srcdir}/${_tarball}" (1 instead of 2) should be used. And also the PATH need to be updated to /opt/cov-analysis/bin accordingly.

Rucikir commented on 2019-08-06 18:05

I have this error when I try cov-build:

[ERROR] Failed to initialize ICU, try using the --prevent-root option.

How do I fix it?

pcmoore commented on 2019-06-30 19:19

FYI: it appears the checksums need to be updated. The currently available Linux x86_64 package does not match the checksum in the PKGBUILD:

md5sum cov-analysis-linux64-2019.03.tar.gz

d0d7d7df9d6609e578f85096a755fb8f ...

sha256sum cov-analysis-linux64-2019.03.tar.gz

808190e72ae2059076c2afb8bb3f85cced5b2deb7ce80011d9b88b732d5c3d85 ...

1ace commented on 2019-02-02 23:53

To those getting a segfault: coverity has built their tool using an ancient version of glibc which they statically linked. That glibc was using a deprecated kernel API, which has been disabled (for security reasons) since kernel 4.8. They need to recompile their tool with a more recent version of glibc so that it can be used on modern Linux. They are aware of the issue (they talk about it on the front page of https://scan.coverity.com, although they got confused between sysctl and linux cmdline), but they still haven't done it 2 years later.

In the mean time, the kernel feature can be re-enabled by adding vsyscall=emulate to your Linux command line, although it requires the kernel to be compiled with CONFIG_X86_VSYSCALL_EMULATION=y (which is still the case of the official linux package as of today). You can check that by running zgrep CONFIG_X86_VSYSCALL_EMULATION /proc/config.gz.

pmatos commented on 2018-10-17 07:41

Am I the only one getting a segmentation fault when running cov-build?