Open BenWibking opened 7 months ago
Baseline scan: https://scan.coverity.com/projects/quokka-astro-quokka?tab=overview
It found several unhandled exceptions, which would crash the code. However, this is intentional in our code, since the cases where an exception is thrown, something is misconfigured or has gone wrong that we can't continue the simulation.
It also found several cases where using auto
instead of auto &
led to large objects being copied. This is also the case for several function arguments that should be converted to pass-by-reference. This happened mostly in the cooling code. It also happens when passing the quokka::grid
object in setInitialConditionsOnGrid
.
The Coverity build capture tool is installed on moth, and can successfully analyze and upload a build. This could now be automated using Azure Pipelines.
Describe the proposal Coverity is a static analysis tool. Proprietary, but free for open source projects. It can only be run a limited number of times per week, but we can configure it to run as a cron job, or a cron-like job using Azure DevOps (https://learn.microsoft.com/en-us/azure/devops/pipelines/process/scheduled-triggers) or GitHub Actions (https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule).
Describe alternatives you've considered We could alternatively just use clang-tidy, which is open source and will run on every PR. However, Weiqun says that Coverity has found bugs in AMReX that were missed by clang-tidy.