3

I've set up a project to use Coverity Scan.

Under Analysis Settings→Project Components I have

Component name  Pattern              Ignore in analysis     
cxxopts         .*/src/cxxopts.hpp         Yes  
STL             /usr/include/c++/.*        Yes

but still when I go to View defects I see 9 issues, all from files like /usr/include/c++/5.4.1/functional. How do I actually exclude them?

Confusingly, the Overview tab shows

12 Total defects
2 Outstanding
7 Dismissed
3 Fixed

even though View defects shows 9 issues (is that the 7+2? Why are some outstanding and some dismissed, when all should be ignored?)

unhammer
  • 4,306
  • 2
  • 39
  • 52

1 Answers1

2

It looks like a regex pattern, in which case the "++" likely needs some form of escaping. I'm not sure which form, because I don't know how the strings are being interpreted or what kind of regex syntax is being used, but some variant of the following should work:

/usr/include/c\+\+/.*
/usr/include/c\\+\\+/.*
/usr/include/c\\\+\\\+/.*

If none of these work, I'd suggest contacting scan-admin@coverity.com (listed as the contact email for questions on the scan website).

This would also explain why the overview shows results from these files at all.

Ryan Ulch
  • 46
  • 4
  • Doh, how did I miss that … `/usr/include/.*` at least seems to exclude the stuff, though I still haven't found out which escaping to use (even `[+]` didn't have an effect from what I could tell). – unhammer Oct 17 '17 at 12:02
  • A bit too soon, `/usr/include/c\+\+/.*` seems to work :-) – unhammer Oct 17 '17 at 12:21