[ofiwg] Coverity static analysis tool for Libfabric

Jeff Squyres (jsquyres) jsquyres at cisco.com
Mon Feb 16 08:29:54 PST 2015

Short version

If you're a libfabric core or provider committer, please sign up for a Coverity account so that you can see the issues that Coverity has found in your part of the libfabric code base:


Conveniently, you can use your Github ID for SSO with Coverity.

More detail

The good people at Coverity make their "scan" tool freely available for open source projects.  The "scan" tool uses static code analysis to find a surprising number of potential and real bugs.  

It's pretty fantastic, actually.

Here's my previous experience with Coverity:

- 80% of the things it finds are in error paths that aren't tested well/often.
- 15% are "oh yah, that could happen -- we should fix that" things
- 4% are "that'll never happen, but we should fix it anyway" things
- 1% are "holy #@$%@#$%!!!  That is an incredibly subtle bug that we never would have found!" things

Over the weekend, I signed up libfabric and updated the libfabric nightly cron scripts to upload a new build to Coverity whenever there is a new nightly tarball.

Please use the blue "Add me to the project" button to get added to the libfabric Coverity project so that you can see the defects, claim yours, and then fix them:


As noted above, you can use your Github ID for SSO to Coverity, which is pretty convenient.


Jeff Squyres
jsquyres at cisco.com
For corporate legal information go to: http://www.cisco.com/web/about/doing_business/legal/cri/

More information about the ofiwg mailing list