How do I get the event tags for a Coverity issue?

Question

If I am looking at an issue in the Coverity user interface, how do I get the event tag or tags? I need to know a tag in order to suppress the finding using code annotations, as described in the question "How can I disable coverity checking using code annotation?" but I'm not seeing it or maybe don't know where to look.

Answer 1

The event tag is the first identifier-like word in each line of commentary that makes up the issue report.

For example, on Github, RcppCore/Rcpp issue 760 contains a screenshot that I have reproduced at half-size resolution with some annotations:

Zooming in on the code panel:

There are three events here:

1. alloc_fn: Storage is returned from allocation function operator new.
2. noescape: Resource new Rcpp::Rostream<true>::Buffer is not freed or pointed-to in basic_ostream. ...
3. leaked_storage: Failing to save or free storage allocated by new Rcpp::Rostream<true>::Buffer leaks it.

The event tags are "alloc_fn", "noescape", and "leaked_storage".

In this instance, all of them are associated with the same line of code (line 49), but in general they may appear on different lines and spread across multiple files.

To navigate to all of the events, use the Occurrences panel:

The Occurrences panel shows all of the events, organized into a tree, where child nodes are events in callee functions. The entire list is generally ordered in program execution order, although some events may be chronologically disconnected, for example if the finding involves multiple execution paths.

Each entry in the Occurrences panel has an event number (again, nominally chronological), the event tag, and the file name and line number. Clicking on an entry navigates to that event in the code panel.

Here are a couple related Synopsys support articles:

• how to add code annotation? I do not know which name should exist with //coverity[]
• Is there a document that lists all defect 'events' with their name and descriptions?