Hey Anton, can you provide a sample scan? I'm interested to see if it
catches different memory access violations, or if it gets the same ones
we've already seen reported by clang-tidy. For example are these
violations in the reports:
------------------------------
"/work/mxnet/3rdparty/dmlc-core/include/dmlc/concurrentqueue.h:3443:24:
warning: Access to field 'capacity' results in a dereference of a null
pointer (loaded from variable 'mainHash')
[clang-analyzer-core.NullDereference]"
---------------------------
/work/mxnet/3rdparty/mshadow/mshadow/./tensor.h:64:23: warning:
Assigned value is garbage or undefined
[clang-analyzer-core.uninitialized.Assign]
this->shape_[i] = s[i];"
-------------------------
/usr/bin/../lib/gcc/x86_64-linux-gnu/8.0.1/../../../../include/c++/8.0.1/ext/atomicity.h:67:29:
warning: Use of memory after it is freed
[clang-analyzer-cplusplus.NewDelete]
--------------------------
-Kellen
On Fri, Nov 2, 2018 at 2:20 AM Anton Chernov <mecher...@gmail.com> wrote:
> Dear MXNet community,
>
> I had investigated the possibility to adopt Coverity static analysis tools
> for the MXNet project and it turned out that there is a tool provided by
> Synopsys for open-source projects:
>
> https://scan.coverity.com
>
> The tool works nicely with GitHub [1] and I found that a scan for a fork
> (from @apeforest) [2] was already set up. I can not tell how long ago the
> scan was performed, but at the time of writing the project page shows 5
> illegal memory access errors, that I think would be worth investigating.
>
> If there is interest I would suggest that we would setup a Coverity scan
> for the main repository instead of a fork and people that have interest
> managing and fixing issues would request add them to the project.
>
> I would appreciate feedback for this proposal and help from people having
> rights for the main repository to set things up.
>
> Best regards,
> Anton
>
> [1] https://scan.coverity.com/github
> [2] https://scan.coverity.com/projects/apeforest-incubator-mxnet
>
