Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow users to pass project args to the "static-analysis" cppcheck reusable workflow #607

Closed
3 tasks done
jphickey opened this issue Oct 31, 2022 · 0 comments · Fixed by #608
Closed
3 tasks done

Allow users to pass project args to the "static-analysis" cppcheck reusable workflow #607

jphickey opened this issue Oct 31, 2022 · 0 comments · Fixed by #608
Assignees
@jphickey
Labels
enhancement

Comments

@jphickey
Copy link
Contributor

Checklist (Please check before submitting)

  • I reviewed the Contributing Guide.
  • I reviewed the cFS README.md file to see if the feature is in the major future work.
  • I performed a cursory search to see if the feature request is relevant, not redundant, nor in conflict with other tickets.

Is your feature request related to a problem? Please describe.
The issue observed in nasa/osal#1324 is due to the fact that cppcheck is being executed in each C source file in isolation. In this case it does not see the definition of UT_DEFAULT_STUB and thus does not know how to examine this line.

Describe the solution you'd like
cppcheck allows command line options to specify various project-specific preprocessor settings, such as -D and -U options to specify if a macro is set or unset, respectively, as well as -I option(s) indicating where to find include files.

Furthermore, with CMake, the -DCMAKE_EXPORT_COMPILE_COMMANDS=ON option causes cmake to export a json file containing the full include path being used, which can then be passed to cppcheck via the --project option. With this, the code will be examined using the configuration that is actually being compiled.

Describe alternatives you've considered

  1. Skip checking of UT stubs in general (but stubs could have bugs like uninitialized vars and things that cppcheck could flag)
  2. Remove use of UT_DEFAULT_STUB, as this will not be checkable unless the definition of this macro is also supplied.

Additional context
Using --project causes cppcheck to be much more thorough in its results. In particular, it now "sees" the common_types.h file and the ifdef macros that exist in there, and it will check each macro both ways. The upside to this is it finds more potential issues, particularly with ifdef branches that aren't regularly used, but the downside is that it significantly increases the runtime of cppcheck as it tests all the permutations. This may need to be limited if it becomes excessive.

Requester Info
Joseph Hickey, Vantage Systems, Inc.
@jphickey jphickey self-assigned this Oct 31, 2022
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Fix nasa#607, rework static-analysis workflow
db9e5b7 
Updates the static analysis workflow:
 - Make it work with the latest Ubuntu and Cppcheck
 - Allow callers to pass in a project configuration to get "real"
   macro definitions and include paths
 - Streamlined - only generate XML outputs, then use XSLT to convert
   that to text, rather than running the tool twice.
 - Streamlined - merge the two XML outputs into one, before converting
   to sarif and uploading
 - Streamlined - Call the sarif conversion tool directly, rather than
   going through a 3rd party action.
@jphickey jphickey mentioned this issue Nov 2, 2022
Merged
2 tasks
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, use ref_name and repository in Reuse Static Analysis
ce74197
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, use direct branch name
37bc81e
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, use direct branch name
631a9f7
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, use alternate xslt path
201153e
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, use alternate xslt path
02342ee
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, alternate error display
43b5701
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, trying alternate step report
7907602
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, table formatted report
361312d
jphickey added a commit to jphickey/cFS that referenced this issue Nov 2, 2022
@jphickey
Update nasa#607, table formatted report
22c73ce
jphickey added a commit to jphickey/cFS that referenced this issue Nov 3, 2022
@jphickey
Fix nasa#607, rework static-analysis workflow
6ade2f9 
Updates the static analysis workflow:
 - Make it work with the latest Ubuntu and Cppcheck
 - Allow callers to pass in a project configuration to get "real"
   macro definitions and include paths
 - Streamlined - only generate XML outputs, then use XSLT to convert
   that to text, rather than running the tool twice.
 - Streamlined - merge the two XML outputs into one, before converting
   to sarif and uploading
 - Streamlined - Call the sarif conversion tool directly, rather than
   going through a 3rd party action.
This was referenced Nov 3, 2022
Closed
Merged
dzbaker added a commit that referenced this issue Nov 3, 2022
@dzbaker
Merge pull request #608 from jphickey/fix-607-static-analysis
7f0db67 
Fix #607, rework static-analysis workflow
jphickey added a commit that referenced this issue Sep 11, 2023
@jphickey
Fix #607, rework static-analysis workflow
7e08d92 
Updates the static analysis workflow:
 - Make it work with the latest Ubuntu and Cppcheck
 - Allow callers to pass in a project configuration to get "real"
   macro definitions and include paths
 - Streamlined - only generate XML outputs, then use XSLT to convert
   that to text, rather than running the tool twice.
 - Streamlined - merge the two XML outputs into one, before converting
   to sarif and uploading
 - Streamlined - Call the sarif conversion tool directly, rather than
   going through a 3rd party action.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jphickey jphickey

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix #607, rework static-analysis workflow jphickey/cFS
1 participant
@jphickey