Static Analysis
Pages: 1 2
Dominic Plunkett (2556) 34 posts |
I’ve run cppcheck ( http://cppcheck.sourceforge.net/ ) on some of the c source. I think cppcheck finds a few issues, but it is a little beyond me. It does have a few false positives and style issues aren’t interesting. Could a more knowledgeable person have a look ? |
Martin Avison (27) 1494 posts |
You need to be more specific about the sources checked, and the issues found. If cppcheck is a little beyond you (and probably me) I am intrigued why you ran it? |
Dominic Plunkett (2556) 34 posts |
For instance in :\BCM2835Dev\mixed\RiscOS\Sources\Video\Render\SprExtend\c\jdhuff.c This function near the end of what I have copied appear to access a member off the end of an array static void allocate_registers(asm_workspace wp, workspace *ws) |
Dominic Plunkett (2556) 34 posts |
In \BCM2835Dev\castle\RiscOS\Sources\FileSys\ImageFS\DOSFS\c\OpsFile.c at line 561 possibly leaks memaddr? |
Rick Murray (539) 13850 posts |
I hope there is sanitisation further down so it can’t ever consider R15 to be an available register! |
Sprow (202) 1158 posts |
There are at least 2 other memory leaks in DOSFS once you spot the pattern, such are the perils of copy and paste. There’s also a leak in MSDOStoSTRING, but as that’s trimmed out by the preprocessor your static analysis tool probably skipped it. |
Steve Pampling (1551) 8172 posts |
Useful contribution by Dom then. |
Dominic Plunkett (2556) 34 posts |
BCM2835Dev\mixed\RiscOS\Sources\HWSupport\USB\Controllers\DWCDriver\c\port.c \BCM2835Dev\castle\RiscOS\Sources\FileSys\ImageFS\DOSFS\c\DOSnaming.c |
Dominic Plunkett (2556) 34 posts |
\BCM2835Dev\castle\RiscOS\Sources\Programmer\RTSupport\c\module.c \BCM2835Dev\castle\RiscOS\Sources\Toolbox\Gadgets\c\TextMan.c \BCM2835Dev\castle\RiscOS\Sources\Apps\Draw\c\DrawGrid.c \BCM2835Dev\castle\RiscOS\Sources\Apps\Draw\c\DrawGrid.c |
Dominic Plunkett (2556) 34 posts |
I’ve only cheery picked some issues that look wrong to me. There are many other warnings etc which may need looking into, but is beyond me. cppcheck is free. |
John Williams (567) 768 posts |
I do admire the optimism inherent in “cheery picking”! More seriously, I’m with Steve on “Useful contribution”, though it’ll take someone distinctly cleverer than I to do something about it. |
Jeffrey Lee (213) 6048 posts |
What’s the performance of cppcheck like? I’m wondering how hard it would be to extend the shared makefiles to add a static analysis build target. Potentially this could be on Unix (there’s partial support for cross-compilation in the build system) or on RISC OS (if cppcheck is easy enough to get building and isn’t too slow) |
Dominic Plunkett (2556) 34 posts |
cppcheck on my 5 year old laptop does about 500 c files in 90 seconds. |
Rick Murray (539) 13850 posts |
This would be a useful thing to have, if anybody feels up to porting it? |
Chris Mahoney (1684) 2165 posts |
It does indeed seem useful; I ran it on my own apps and found a buffer overflow but it’d certainly be more useful if I didn’t have to use Windows to do it! With that said, I haven’t looked at the source so no idea how portable it is. [Edit: It claims that “Any C++11 compiler should work.” I have a suspicion that CFront isn’t going to handle this one!] |
Rick Murray (539) 13850 posts |
GCC? |
Jeffrey Lee (213) 6048 posts |
Yep, seems to be pretty straightforward to build the CLI tool with GCC – just a couple of minor fixes needed. Potentially we could build the GUI too, but I doubt I’ll try that. Performance seems to be acceptable. I’ll do a bit more tweaking and testing and then upload a build somewhere. |
Jeffrey Lee (213) 6048 posts | |
Chris Mahoney (1684) 2165 posts |
It crossed my mind, but I haven’t really followed it since I’ve used the DDE for my own stuff. Thanks! Will test it out tonight and make sure that it finds the same error as the Windows version did :) Edit: Yup! |
Martin Avison (27) 1494 posts |
@Jeffrey: Thanks – that will be most useful. Though it is considerably faster on my PC, may be more useful on my Iyonix. |
Jeffrey Lee (213) 6048 posts |
It doesn’t look like there’s any concept of functions which can potentially return null pointers. That’s a bit disappointing. Ideally we’d want to be able to craft a rule for something like _swix which would say “This function may return null. If the return value is non-null, none of the output variables will have been updated”. Maybe I should do a bit of research and see if there’s a static analysis tool which is more suitable (the main developer of cppcheck seems to be against the idea of introducing features that will lead to lots of false-positives, but when checking code for an OS I think a more paranoid tool would be better) |
Rick Murray (539) 13850 posts |
Just a bit . . . I think there are many of my functions that return NULL if nothing went wrong. This isn’t a problem for us, or for C, so…? Still, it’ll be useful for looking for other things I’ve screwed up. ;-) |
Michael Drake (88) 336 posts |
We run a whole load of static analysis on NetSurf: http://ci.netsurf-browser.org/jenkins/view/Static%20Analysis/ CppCheck is good for the front ends that are cross-compiled. For the core code, Clang’s scan-build and particularly Coverity are much better. Not sure if RISC OS would be eligible for the Coverity Scan open-source tool: https://scan.coverity.com/ |
Jeffrey Lee (213) 6048 posts |
Probably not – several of the things in their “how to register” FAQ look like they go against assorted clauses of the Castle licence. And having to submit the source code to a remote server and then wait X amount of time for the report to come back isn’t going to be very useful when dealing with the initial teething troubles. |
Rick Murray (539) 13850 posts |
“Your project license terms must not place restrictions on other software that is distributed along with your project.” I take it then that they don’t permit GPL licenced software…? ;-) |
Pages: 1 2