From: Jeff King <peff@peff.net>
To: Chris Packham <judge.packham@gmail.com>
Cc: git@vger.kernel.org, gitter.spiros@gmail.com
Subject: Re: [RFC/PATCH] Makefile: add cppcheck target
Date: Tue, 13 Dec 2016 07:28:54 -0500 [thread overview]
Message-ID: <20161213122854.pphyp342tstxbbqe@sigill.intra.peff.net> (raw)
In-Reply-To: <20161213121510.5o5axuwzztbxcvfd@sigill.intra.peff.net>
On Tue, Dec 13, 2016 at 07:15:10AM -0500, Jeff King wrote:
> I think these last two are a good sign that we need to be feeding the
> list of source files to cppcheck. I tried your patch and it also started
> looking in t/perf/build, which are old versions of git built to serve
> the performance-testing suite.
>
> See the way that the "tags" target is handled for a possible approach.
Maybe something like this:
diff --git a/Makefile b/Makefile
index 8b5976d88..e7684ae63 100644
--- a/Makefile
+++ b/Makefile
@@ -2638,4 +2638,6 @@ cover_db_html: cover_db
.PHONY: cppcheck
cppcheck:
- cppcheck --force --quiet --inline-suppr $(CPPCHECK_ADD) .
+ $(FIND_SOURCE_FILES) |\
+ grep -v ^t/t |\
+ xargs cppcheck --force --quiet --inline-suppr $(CPPCHECK_ADD)
> My main complaint with any static checker is how we can handle false
> positives. [...]
Here's what that generates on my machine, with annotations:
[builtin/am.c:766]: (error) Resource leak: in
Correct.
[builtin/notes.c:260]: (error) Memory pointed to by 'buf' is freed twice.
[builtin/notes.c:264]: (error) Memory pointed to by 'buf' is freed twice.
Nope. It appears not to understand that die() does not return.
[builtin/rev-list.c:391]: (error) Uninitialized variable: reaches
[builtin/rev-list.c:391]: (error) Uninitialized variable: all
These are "int foo = foo" (which is ugly, and maybe we can get rid of
if compilers have gotten smart enough to figure it out).
[compat/nedmalloc/malloc.c.h:4646]: (error) Memory leak: mem
Hard to tell, but I think this is wrong and is confused by pointer
arithmetic on the malloc chunks.
[compat/regex/regcomp.c:3086]: (error) Memory leak: sbcset
Nope, this return is hit only when sbcset is NULL. The tool is
presumably confused by a conditional hidden inside a macro.
[compat/regex/regcomp.c:3634]: (error) Memory leak: sbcset
[compat/regex/regcomp.c:3086]: (error) Memory leak: mbcset
[compat/regex/regcomp.c:3634]: (error) Memory leak: mbcset
I didn't look at these, but presumably similar.
[compat/regex/regcomp.c:2802]: (error) Uninitialized variable: table_size
[compat/regex/regcomp.c:2805]: (error) Uninitialized variable: table_size
Not sure, but it looks like this function declares another inline
function inside its scope, and that confuses the tool.
[compat/regex/regcomp.c:532]: (error) Memory leak: fastmap
Nope. Tool seems confused by hiding free() in a macro.
[contrib/examples/builtin-fetch--tool.c:420]: (error) Uninitialized variable: lrr_count
[contrib/examples/builtin-fetch--tool.c:427]: (error) Uninitialized variable: lrr_list
More "int foo = foo". Might be worth omitting contrib/examples (or
possibly contrib/ entirely) from the check.
[t/helper/test-hashmap.c:125]: (error) Memory leak: entries
[t/helper/test-hashmap.c:125]: (error) Memory leak: hashes
Correct (but unimportant).
So I think it is capable of finding real problems, but I think we'd need
some way of squelching false positives, preferably in a way that carries
forward as the code changes (so not just saying "foo.c:1234 is a false
positive", which will break when it becomes "foo.c:1235").
-Peff
next prev parent reply other threads:[~2016-12-13 12:29 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-13 9:22 [RFC/PATCH] Makefile: add cppcheck target Chris Packham
2016-12-13 9:32 ` Chris Packham
2016-12-13 9:37 ` stefan.naewe
2016-12-13 12:15 ` Jeff King
2016-12-13 12:28 ` Jeff King [this message]
2016-12-14 8:23 ` Chris Packham
2016-12-14 8:33 ` Chris Packham
2016-12-14 11:18 ` Jeff King
2016-12-14 9:27 ` [RFC/PATCHv2] " Chris Packham
2016-12-14 11:24 ` Jeff King
2016-12-14 14:46 ` Jeff King
2016-12-15 23:22 ` [RFC/PATCH] Makefile: suppress some cppcheck false-positives Chris Packham
2016-12-16 18:43 ` Junio C Hamano
2016-12-16 22:16 ` Jeff King
[not found] ` <6ABA4AA4-BD5C-4178-BB3B-91CA045EA2AD@gmail.com>
2016-12-17 7:31 ` [RFC/PATCHv2] Makefile: add cppcheck target Chris Packham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161213122854.pphyp342tstxbbqe@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=git@vger.kernel.org \
--cc=gitter.spiros@gmail.com \
--cc=judge.packham@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).