[PATCH 0/3] Travis CI patches

[claudius....@siemens.com]

From: Claudius Heine <c...@denx.de>

Hi,

this patchset contains patches for travis CI.

NOTICE: The last patch of this patchset is not final. We need first the coverity key.

Cheers,
Claudius

Claudius Heine (3):
travis: added travis build script to build in parallel
travis: added cppcheck target for statically testing the code
travis: added coverity scan results submissions

.travis-build.sh | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.travis.yml | 32 +++++++++++++++++-------
2 files changed, 97 insertions(+), 9 deletions(-)
create mode 100755 .travis-build.sh

--
2.14.1

[claudius....@siemens.com]

From: Claudius Heine <c...@denx.de>

This commit allows travis to spawn multiple builders in parallel
for both currently supported architectures.

Signed-off-by: Claudius Heine <c...@denx.de>
---
.travis-build.sh | 31 +++++++++++++++++++++++++++++++
.travis.yml | 14 +++++---------
2 files changed, 36 insertions(+), 9 deletions(-)
create mode 100755 .travis-build.sh

diff --git a/.travis-build.sh b/.travis-build.sh
new file mode 100755
index 0000000..56786ab
--- /dev/null
+++ b/.travis-build.sh
@@ -0,0 +1,31 @@
+#!/bin/bash
+
+set -euo pipefail
+
+TARGET="${TARGET-"$1"}"
+
+prepare_build()
+{
+ autoreconf -fi
+ mkdir build
+ cd build
+}
+case "$TARGET" in
+ native)
+ prepare_build
+ ../configure
+ exec make check
+ ;;
+ i586)
+ sudo apt-get install --no-install-recommends \
+ --target-release xenial libcmocka-dev:i386
+ prepare_build
+ ../configure --with-gnuefi-lib-dir=/usr/lib32 CFLAGS=-m32 \
+ host_alias=i586-linux
+ exec make check
+ ;;
+ *)
+ exit -1
+ ;;
+esac
+
diff --git a/.travis.yml b/.travis.yml
index df4a0db..dae0337 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -10,6 +10,10 @@
# the COPYING file in the top-level directory.
#

+env:
+ matrix:
+ - TARGET=native
+ - TARGET=i586
language: c

compiler:
@@ -24,12 +28,4 @@ install:
- sudo apt-get install --no-install-recommends --target-release xenial libcmocka-dev

script:
- - autoreconf -fi
- - mkdir build-x86_64 && cd build-x86_64
- - ../configure
- - make check
- # Switch to 32-bit (libcmocka-dev can only be installed in one variant)
- - sudo apt-get install --no-install-recommends --target-release xenial libcmocka-dev:i386
- - mkdir ../build-i586 && cd ../build-i586
- - ../configure --with-gnuefi-lib-dir=/usr/lib32 CFLAGS=-m32 host_alias=i586-linux
- - make check
+ - ./.travis-build.sh
--
2.14.1

[claudius....@siemens.com]

From: Claudius Heine <c...@denx.de>

This commit adds cppcheck as a travis target. Raised issues are
suppressed and should be fixed in further commits.

Signed-off-by: Claudius Heine <c...@denx.de>
---

.travis-build.sh | 43 +++++++++++++++++++++++++++++++++++++++++++
.travis.yml | 1 +
2 files changed, 44 insertions(+)

diff --git a/.travis-build.sh b/.travis-build.sh
index 56786ab..c1d16cd 100755
--- a/.travis-build.sh
+++ b/.travis-build.sh
@@ -10,6 +10,21 @@ prepare_build()
mkdir build
cd build
}
+
+install_cppcheck()
+{
+ git clone https://github.com/danmar/cppcheck.git
+ cd cppcheck
+ git checkout 1.80
+ make SRCDIR=build CFGDIR=/usr/share/cppcheck HAVE_RULES=no -j2
+ sudo make install
+ # On travis cppcheck ignores CFGDIR. Instead, it looks in $PWD. Compare
+ # strace output.
+ sudo install -m644 ./cfg/* ../
+ cd ..
+ rm -rf cppcheck
+}
+
case "$TARGET" in
native)
prepare_build
@@ -24,6 +39,34 @@ case "$TARGET" in
host_alias=i586-linux
exec make check
;;
+ cppcheck)
+ install_cppcheck
+ sup_error=""
+ sup_warn="--suppress=invalidScanfArgType_int:tools/ebgpart.c"
+ sup_info=""
+ sup_perf="--suppress=invalidscanf:tools/ebgpart.c"
+ sup_style="\
+ --suppress=unusedFunction:tools/bg_utils.c \
+ --suppress=unusedFunction:utils \
+ --suppress=unusedFunction:swupdate-adapter/ebgenv.c \
+ --suppress=unusedFunction:main.c \
+ --suppress=unusedFunction:tools/tests/test_environment.c \
+ --suppress=unusedFunction:env/fatvars.c"
+ suppress="$sup_error $sup_warn $sup_info $sup_perf $sup_style"
+ enable="--enable=all --check-config"
+ includes="-I include \
+ -I tools \
+ -I swupdate-adapter \
+ -I /usr/include \
+ -I /usr/include/linux \
+ -I /usr/include/efi \
+ -I /usr/include/efi/x86_64 \
+ -I /usr/include/x86_64-linux-gnu"
+ # Exit code '1' is returned if arguments are not valid or if no input
+ # files are provided. Compare 'cppcheck --help'.
+ exec cppcheck -f -q --error-exitcode=2 --std=posix \
+ $enable $suppress $includes .
+ ;;
*)
exit -1
;;
diff --git a/.travis.yml b/.travis.yml
index dae0337..4fa4045 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -14,6 +14,7 @@ env:
matrix:
- TARGET=native
- TARGET=i586
+ - TARGET=cppcheck
language: c

compiler:
--
2.14.1

[claudius....@siemens.com]

From: Claudius Heine <c...@denx.de>

Signed-off-by: Claudius Heine <c...@denx.de>
---

.travis.yml | 19 ++++++++++++++++++-
1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/.travis.yml b/.travis.yml
index 4fa4045..db7c1f6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -15,6 +15,10 @@ env:
- TARGET=native
- TARGET=i586
- TARGET=cppcheck
+ global:
+ # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created
+ # via the "travis encrypt" command using the project repo's public key
+ - secure: ""
language: c

compiler:
@@ -22,11 +26,24 @@ compiler:

sudo: required

+before_install:
+ - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
+
install:
- sudo apt-get install gcc-multilib gnu-efi libpci-dev libz-dev:i386
- sudo apt-add-repository 'deb http://archive.ubuntu.com/ubuntu xenial universe'
- sudo apt-get update -qq

- sudo apt-get install --no-install-recommends --target-release xenial libcmocka-dev

+addons:
+ coverity_scan:
+ project:
+ name: "siemens/efibootguard"
+ description: "Build submitted via Travis CI"
+ notification_email: efibootg...@googlegroups.com
+ build_command_prepend: "autoreconf -fi; ./configure; make clean"
+ build_command: "make"
+ branch_pattern: coverity_scan
+
script:
- - ./.travis-build.sh
+ - if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then ./.travis-build.sh ; fi
--
2.14.1

[Jan Kiszka]

On 2017-09-26 15:22, [ext] claudius....@siemens.com wrote:
> From: Claudius Heine <c...@denx.de>
>
> Signed-off-by: Claudius Heine <c...@denx.de>
> ---
> .travis.yml | 19 ++++++++++++++++++-
> 1 file changed, 18 insertions(+), 1 deletion(-)
>
> diff --git a/.travis.yml b/.travis.yml
> index 4fa4045..db7c1f6 100644
> --- a/.travis.yml
> +++ b/.travis.yml
> @@ -15,6 +15,10 @@ env:
> - TARGET=native
> - TARGET=i586
> - TARGET=cppcheck
> + global:
> + # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created
> + # via the "travis encrypt" command using the project repo's public key
> + - secure: ""

Don't get the role of this statement yet, specifically not from the
comment. We don't have this in Jailhouse as well. So, either this
statement is unneeded, or we have a gap in our Jailhouse config.

> language: c
>
> compiler:
> @@ -22,11 +26,24 @@ compiler:
>
> sudo: required
>
> +before_install:
> + - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-

Something is missing here, must end with
"/etc/ssl/certs/ca-certificates.crt"

> +
> install:
> - sudo apt-get install gcc-multilib gnu-efi libpci-dev libz-dev:i386
> - sudo apt-add-repository 'deb http://archive.ubuntu.com/ubuntu xenial universe'
> - sudo apt-get update -qq
> - sudo apt-get install --no-install-recommends --target-release xenial libcmocka-dev
>
> +addons:
> + coverity_scan:
> + project:
> + name: "siemens/efibootguard"
> + description: "Build submitted via Travis CI"
> + notification_email: efibootg...@googlegroups.com
> + build_command_prepend: "autoreconf -fi; ./configure; make clean"

make clean is unneeded.

> + build_command: "make"
> + branch_pattern: coverity_scan
> +
> script:
> - - ./.travis-build.sh
> + - if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then ./.travis-build.sh ; fi
>

Jan

--
Siemens AG, Corporate Technology, CT RDA ITP SES-DE
Corporate Competence Center Embedded Linux

[Jan Kiszka]

On 2017-09-26 15:22, [ext] claudius....@siemens.com wrote:

Is anything that trusty (1.61 / 1.66) or xenial (1.72) provides in terms
of cppcheck too old? If yes, the build should not flood the logs with
tons of warnings like it does right now (not a good sign for this
cppversion version...).

Jan

[Jan Kiszka]

Looking at the (presumably) relevant output of the cppcheck run,

(information) Couldn't find path given by -I 'swupdate-adapter/'
[/usr/include/libio.h:49]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[/usr/include/stdio.h:83]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[include/env_api.h:20]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[/usr/include/wchar.h:39]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[include/env_api.h:29]: (information) Include file: "config.h" not found.
[/usr/include/x86_64-linux-gnu/zconf.h:427]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[/usr/include/bits/stdio-lock.h:23]: (information) Include file: <lowlevellock.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[include/ebgpart.h:43]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[/usr/include/wchar.h:88]: (information) Skipping configuration '_GLIBCPP_USE_NAMESPACES;__WINT_TYPE__;_WINT_T;__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
[/usr/include/wchar.h:88]: (information) Skipping configuration '_WINT_T;__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
[/usr/include/wchar.h:88]: (information) Skipping configuration '__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
[tools/tests/test_api.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[tools/tests/test_api.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[tools/tests/test_environment.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[tools/tests/test_environment.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[tools/tests/test_partitions.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
[tools/tests/test_partitions.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.

it seems there is still some work needed to fine tune the setting prior
to activating this.

[Jan Kiszka]

On 2017-09-26 15:22, [ext] claudius....@siemens.com wrote:

Thanks, merged to next.

[Claudius Heine]

Hi Jan,

Hmm... I prefer to have a fixed version, because results of cppcheck
vary a lot between versions. About warnings compiling cppcheck, I just
trust that the cppcheck developers know what they are doing. We cannot
see the compile errors that coverity prints out.

You are right with this one! Will fix this in the next version.

> [/usr/include/x86_64-linux-gnu/zconf.h:427]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [/usr/include/bits/stdio-lock.h:23]: (information) Include file: <lowlevellock.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [include/ebgpart.h:43]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [/usr/include/wchar.h:88]: (information) Skipping configuration '_GLIBCPP_USE_NAMESPACES;__WINT_TYPE__;_WINT_T;__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
> [/usr/include/wchar.h:88]: (information) Skipping configuration '_WINT_T;__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
> [/usr/include/wchar.h:88]: (information) Skipping configuration '__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
> [tools/tests/test_api.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_api.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_environment.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_environment.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_partitions.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_partitions.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
>
> it seems there is still some work needed to fine tune the setting prior
> to activating this.

In those other messages complains about some missing includes it does
not need, because they are part of the stl.

I can try to hide those messages.

I only look at those logs if travis writes me an email. So for me they
don't really need them to be pretty, the result is what matters.

Cheers,
Claudius

--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-54 Fax: (+49)-8142-66989-80 Email: c...@denx.de

[Claudius Heine]

Hi Jan,

On 09/27/2017 09:25 AM, Jan Kiszka wrote:
> On 2017-09-26 15:22, [ext] claudius....@siemens.com wrote:
>> From: Claudius Heine <c...@denx.de>
>>
>> Signed-off-by: Claudius Heine <c...@denx.de>
>> ---
>> .travis.yml | 19 ++++++++++++++++++-
>> 1 file changed, 18 insertions(+), 1 deletion(-)
>>
>> diff --git a/.travis.yml b/.travis.yml
>> index 4fa4045..db7c1f6 100644
>> --- a/.travis.yml
>> +++ b/.travis.yml
>> @@ -15,6 +15,10 @@ env:
>> - TARGET=native
>> - TARGET=i586
>> - TARGET=cppcheck
>> + global:
>> + # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created
>> + # via the "travis encrypt" command using the project repo's public key
>> + - secure: ""
>
> Don't get the role of this statement yet, specifically not from the
> comment. We don't have this in Jailhouse as well. So, either this
> statement is unneeded, or we have a gap in our Jailhouse config.

You need to insert the security token you get from coverity here. I
deleted mine before sending this patch.

>
>> language: c
>>
>> compiler:
>> @@ -22,11 +26,24 @@ compiler:
>>
>> sudo: required
>>
>> +before_install:
>> + - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
>
> Something is missing here, must end with
> "/etc/ssl/certs/ca-certificates.crt"

That is exactly how coverity suggets setting up travis with it. I trust
they know what they are doing here and it seems to work well.

>
>> +
>> install:
>> - sudo apt-get install gcc-multilib gnu-efi libpci-dev libz-dev:i386
>> - sudo apt-add-repository 'deb http://archive.ubuntu.com/ubuntu xenial universe'
>> - sudo apt-get update -qq
>> - sudo apt-get install --no-install-recommends --target-release xenial libcmocka-dev
>>
>> +addons:
>> + coverity_scan:
>> + project:
>> + name: "siemens/efibootguard"
>> + description: "Build submitted via Travis CI"
>> + notification_email: efibootg...@googlegroups.com
>> + build_command_prepend: "autoreconf -fi; ./configure; make clean"
>
> make clean is unneeded.

Yes.

Also the first coverity report is now viewable.

Thanks,
Claudius

>
>> + build_command: "make"
>> + branch_pattern: coverity_scan
>> +
>> script:
>> - - ./.travis-build.sh
>> + - if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then ./.travis-build.sh ; fi
>>
>
> Jan
>

--

[Jan Kiszka]

Selecting one from a specific Ubuntu release provides you exactly this.
So, unless there is need to go for 1.80, let's go for a packaged version.

So, I don't care about the email report because the web log seems more
complete. Anyway, both should be clean.

Another finding: I'm not sure if we should run all variants for the
coverity scan. They seem to overwrite each other, generating multiple
reports per run. And cppcheck should definitely NOT be run for coverity
builds.

Jan

[Jan Kiszka]

Still no explanation why we need "- secure:".

OK, I will try removing that statement to see if there is a real need
(unlikely, given that Jailhouse also works fine without it).

>
>>
>>>   language: c
>>>     compiler:
>>> @@ -22,11 +26,24 @@ compiler:
>>>     sudo: required
>>>   +before_install:
>>> +      - echo -n | openssl s_client -connect scan.coverity.com:443 |
>>> sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a
>>> /etc/ssl/certs/ca-
>>
>> Something is missing here, must end with
>> "/etc/ssl/certs/ca-certificates.crt"
>
> That is exactly how coverity suggets setting up travis with it. I trust
> they know what they are doing here and it seems to work well.
>

Then your patch is buggy, cutting off the line early.

[Claudius Heine]

Hi,

Other versions of it have other messages, then I have to redo those
suppressed parameters.

I can do that, but I am not really convinced about the usefulness.

So hiding them is better?

> Another finding: I'm not sure if we should run all variants for the
> coverity scan. They seem to overwrite each other, generating multiple
> reports per run. And cppcheck should definitely NOT be run for coverity
> builds.

That should not be the case anyway, because this build script is only
called if coverity was not called:

if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then ./.travis-build.sh ; fi

But you are right that coverity is called for each different environment
variable. That should be fixed. Now sure how yet.

[Claudius Heine]

Ok, if you like.

>
>>
>>>
>>>>   language: c
>>>>     compiler:
>>>> @@ -22,11 +26,24 @@ compiler:
>>>>     sudo: required
>>>>   +before_install:
>>>> +      - echo -n | openssl s_client -connect scan.coverity.com:443 |
>>>> sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a
>>>> /etc/ssl/certs/ca-
>>>
>>> Something is missing here, must end with
>>> "/etc/ssl/certs/ca-certificates.crt"
>>
>> That is exactly how coverity suggets setting up travis with it. I trust
>> they know what they are doing here and it seems to work well.
>>
>
> Then your patch is buggy, cutting off the line early.

Nope. If its wrong then coverities setup page is buggy.

Claudius

[Jan Kiszka]

You could pass COVERITY_SCAN_BRANCH to the script and filter on one
variant that should be built in that case.

Jan

[Claudius Heine]

Hi,

Will do that.

[Jan Kiszka]

Works perfectly. You can pick up the change from current coverity_scan
branch, including the fix for the certs stuff.

[Claudius Heine]

Hi,

If it works ok, but I am not feeling completely comfortable using it
different from how its documented.

Claudius

[Jan Kiszka]

OK, to clarify this: There are two ways to get secure vars into your
build. One is based on encrypting the var via a local tool (travis
encrypt SOMEVAR="secretvalue"), the other is using the web interface and
storing the var securely there. For Jailhouse and now also for EFI Boot
Guard, we chose the second path. That makes the secure statement
obsolete (and the empty one was useless anyway).

Jan

[Claudius Heine]

Hi,

Installing cppcheck to travis is not so smooth:

The following packages have unmet dependencies:
cppcheck : Depends: libstdc++6 (>= 5.2) but 4.8.4-2ubuntu1~14.04.3
is to be installed

I think I'll stay with building 1.80.

[Claudius Heine]

Hi,

Ah, ok that makes sense. So you have setup this key elsewhere.

> That makes the secure statement
> obsolete (and the empty one was useless anyway).

If was empty because I removed my key and as I said in the cover letter
that it needs to be replaced by the real key when merging this patch.

[Jan Kiszka]

OK, that's a valid reason.

Jan

[Claudius Heine]

Hi Jan,

On 09/27/2017 09:34 AM, Jan Kiszka wrote:

> Looking at the (presumably) relevant output of the cppcheck run,
>
> (information) Couldn't find path given by -I 'swupdate-adapter/'
> [/usr/include/libio.h:49]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [/usr/include/stdio.h:83]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [include/env_api.h:20]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [/usr/include/wchar.h:39]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [include/env_api.h:29]: (information) Include file: "config.h" not found.
> [/usr/include/x86_64-linux-gnu/zconf.h:427]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [/usr/include/bits/stdio-lock.h:23]: (information) Include file: <lowlevellock.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [include/ebgpart.h:43]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [/usr/include/wchar.h:88]: (information) Skipping configuration '_GLIBCPP_USE_NAMESPACES;__WINT_TYPE__;_WINT_T;__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
> [/usr/include/wchar.h:88]: (information) Skipping configuration '_WINT_T;__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
> [/usr/include/wchar.h:88]: (information) Skipping configuration '__WINT_TYPE__' since the value of '__WINT_TYPE__' is unknown. Use -D if you want to check it. You can use -U to skip it explicitly.
> [tools/tests/test_api.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_api.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_environment.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_environment.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_partitions.c:14]: (information) Include file: <stdarg.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
> [tools/tests/test_partitions.c:16]: (information) Include file: <stdbool.h> not found. Please note: Cppcheck does not need standard library headers to get proper results.
>
> it seems there is still some work needed to fine tune the setting prior
> to activating this.

I am currently preparing the new patch. But here is a questions about
suppressing the found issues.

How should I proceed:

- Don't suppress any non-obvious issues and fix or suppress them in
later patches.

- Suppress all found issues and fix or justify them in later patches.

In this patchset I tried the second option, but Andreas prefered the
first one. Chooseing the first one would be easier for me, but travis
will show that the build failed until all issues are resolved one way or
another.

Our input?

[Jan Kiszka]

>   - Suppress all found issues and fix or justify them in later patches.
>
> In this patchset I tried the second option, but Andreas prefered the
> first one. Chooseing the first one would be easier for me, but travis
> will show that the build failed until all issues are resolved one way or
> another.
>
> Our input?

Go with option 1, only suppress false positives (if possible with
reasonable effort). We may relax the overall success status of the build
until we addressed them all.

Jan