Thanks a lot, I think is very beneficial that we invest in these kind of tooling for code quality. As a developer I wonder, do we have actionable items for looking at / fixing these issues or right now is done in an informational / good will basis?
Is there a way to colorize this output? Pedro. On Fri, Nov 2, 2018 at 5:10 PM kellen sunderland < kellen.sunderl...@gmail.com> wrote: > Reference scan here (I believe I also count 5 memory violations): > > http://jenkins.mxnet-ci.amazon-ml.com/blue/rest/organizations/jenkins/pipelines/incubator-mxnet/branches/master/runs/1856/nodes/104/log/?start=0 > > -Kellen > > On Fri, Nov 2, 2018 at 9:07 AM kellen sunderland < > kellen.sunderl...@gmail.com> wrote: > > > Hey Anton, can you provide a sample scan? I'm interested to see if it > > catches different memory access violations, or if it gets the same ones > > we've already seen reported by clang-tidy. For example are these > > violations in the reports: > > ------------------------------ > > "/work/mxnet/3rdparty/dmlc-core/include/dmlc/concurrentqueue.h:3443:24: > > warning: Access to field 'capacity' results in a dereference of a null > > pointer (loaded from variable 'mainHash') > > [clang-analyzer-core.NullDereference]" > > > > --------------------------- > > > > /work/mxnet/3rdparty/mshadow/mshadow/./tensor.h:64:23: warning: Assigned > value is garbage or undefined [clang-analyzer-core.uninitialized.Assign] > > this->shape_[i] = s[i];" > > > > ------------------------- > > > > > > > /usr/bin/../lib/gcc/x86_64-linux-gnu/8.0.1/../../../../include/c++/8.0.1/ext/atomicity.h:67:29: > warning: Use of memory after it is freed > [clang-analyzer-cplusplus.NewDelete] > > > > -------------------------- > > > > -Kellen > > > > > > > > On Fri, Nov 2, 2018 at 2:20 AM Anton Chernov <mecher...@gmail.com> > wrote: > > > >> Dear MXNet community, > >> > >> I had investigated the possibility to adopt Coverity static analysis > tools > >> for the MXNet project and it turned out that there is a tool provided by > >> Synopsys for open-source projects: > >> > >> https://scan.coverity.com > >> > >> The tool works nicely with GitHub [1] and I found that a scan for a fork > >> (from @apeforest) [2] was already set up. I can not tell how long ago > the > >> scan was performed, but at the time of writing the project page shows 5 > >> illegal memory access errors, that I think would be worth investigating. > >> > >> If there is interest I would suggest that we would setup a Coverity scan > >> for the main repository instead of a fork and people that have interest > >> managing and fixing issues would request add them to the project. > >> > >> I would appreciate feedback for this proposal and help from people > having > >> rights for the main repository to set things up. > >> > >> Best regards, > >> Anton > >> > >> [1] https://scan.coverity.com/github > >> [2] https://scan.coverity.com/projects/apeforest-incubator-mxnet > >> > > >