I just discovered that there is another tool similar to Coverity for scanning. It gives different results, and might be useful. The scans of github open source projects is already done.
See: https://lgtm.com/projects/g/DPDK/dpdk Shows 19 errors, 263 warnings and 111 recommendations. Of course, some of these are bogus. For example, tool thinks are scripts are Python 2.
