I am Dave Jing Tian, an Assistant Professor in the Department of Computer Science at Purdue University working on system security. My research involves embedded systems, operating systems, trusted and confidential computing, and hardware security and trust. All opinions are my own.
- 229,353 hits
All blogs on this website are licensed under a Creative Commons Attribution 4.0 International License.
Tag Archives: Coverity
cccmt is used to parse the METRICS.errors.xml generated by cov-analyze of Coverity to produce a Code Complexity Metrics (CCM) report of different functions. SAX is used to parse XML file instead of DOM as the XML file may be very … Continue reading
Recently we encountered a serious bug like the code below – destructor function delete one member ptr, which was never init’d. At first, we were assuming checker UNINIT could help figure it out as we do not see any difference … Continue reading
This post shows a potential bug in printing unsigned long long, which cost David, Leo and me a few days for debugging. One product got segv on cPSB lab – a platform based on MontaVista Linux and PowerPC CPU. Back … Continue reading
A recent software bug caused a serious data damage in our customer’s side, which is using an uninit sturcture member. This post gives a practical comparison between kinds of static code analysis tools for this specific bug among popular commerical … Continue reading
This post is focusing on general idea of Coverity Modeling based on Coverity 4.5.1 and Coverity 5.4.1 including why and how to do Coverity Modeling. Of course, Coverity official document would always be a good reference to start with. More … Continue reading
I have been responsible for Coverity tool integration/test/support in ALU LCP (Linux Control Platform) dept for nearly 2 years. In this post, I would share a ksh tool/framework wrote on 2009 for Coverity modeling build automation. However, I would not … Continue reading