-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Look into static analysis options #180
Comments
A good start will be to always check the source code (especially new source code) with CppCheck 2.1 (or more) http://cppcheck.sourceforge.net/ |
As long as the code compiles with clang (which may be worthwhile on its own for diagnostics/compiler-portability reasons), we should give the clang-analyzer a whirl as well. |
Let's start with cppcheck. @tarunik can you work on that? My thought is to detect cppcheck and (if present) create a new build target "analysis" which is built by default as part of "make all", which runs cppcheck and displays all detected error messages. This should be optional and gracefully degrade if the user doesn't have cppcheck installed. |
Yeah -- it looks like CMake has built-in support for at least cppcheck and clang-tidy (albeit not the full clang-analyzer?): https://blog.kitware.com/static-checks-with-cmake-cdash-iwyu-clang-tidy-lwyu-cpplint-and-cppcheck/ |
Oh even better. Add cppcheck integration and send a PR when you're ready? We'll close this ticket when that's done, then think about other static analyzers in the future if we see a need for it. |
This currently works with cppcheck on Linux using CMake's built-in support.
Did you want static analysis mode to require all the static analyzers to be present? (so far, it'll be cppcheck and clang-analyzer, clang-tidy will likely go on the list as well) |
Ideally it should detect each individually and enable as many as it find and knows how to use. |
Note that this causes g++ to spit out a spurious warning about ignoring a linker input file since it's not linking anything. This warning is utterly harmless and only appears in ANALYZE=true mode.
Add static analyzer support (CPPCheck and clang-analyzer, at the moment) for #180
Merged, tested, and fixed a bunch of findings. On my machine, cppcheck fails silently (no errors displayed but nonzero exit code) on VICPSocketTransport.cpp. |
No description provided.
The text was updated successfully, but these errors were encountered: