doc: Document how to analyze Bitcoin Core using Clang Static Analysis, clang-tidy and cppcheck #18920

pull practicalswift wants to merge 3 commits into bitcoin:master from practicalswift:static-analysis-clang-tidy changing 1 files +55 −0
  1. practicalswift commented at 10:17 am on May 9, 2020: contributor

    Document how to analyze Bitcoin Core using Clang Static Analysis, clang-tidy and cppcheck.

    As requested by Sjors (#14676) and others :)

  2. fanquake added the label Docs on May 9, 2020
  3. practicalswift renamed this:
    doc: Document how to analyze Bitcoin Core using clang-tidy
    doc: Document how to analyze Bitcoin Core using clang-tidy and cppcheck
    on May 9, 2020
  4. practicalswift force-pushed on May 9, 2020
  5. doc: Document how to analyze Bitcoin Core using clang-tidy d51e0c01c4
  6. doc: Document how to analyze Bitcoin Core using cppcheck 03c5cb61bb
  7. doc: Document how to analyze Bitcoin Core using Clang Static Analyzer bbfbdcf2ba
  8. practicalswift force-pushed on May 9, 2020
  9. practicalswift renamed this:
    doc: Document how to analyze Bitcoin Core using clang-tidy and cppcheck
    doc: Document how to analyze Bitcoin Core using Clang Static Analysis, clang-tidy and cppcheck
    on May 9, 2020
  10. in doc/analysis.md:13 in bbfbdcf2ba
     8+
     9+```
    10+$ git clone https://github.com/bitcoin/bitcoin
    11+$ cd bitcoin/
    12+$ ./autogen.sh
    13+$ CC=clang CXX=clang++ ./configure --with-incompatible-bdb --disable-ccache
    


    jonatack commented at 12:18 pm on May 9, 2020:
    It may be helpful to mention why ccache needs to be disabled.
  11. jonatack commented at 12:21 pm on May 9, 2020: member
    Concept ACK. Good idea. I think each guide could begin with a sentence on why/what and not just how. Could squash to one commit.
  12. in doc/analysis.md:52 in bbfbdcf2ba
    47+$ make
    48+$ cd ..
    49+# Analyze source code files ...
    50+$ cppcheck/bin/cppcheck --language=c++ -D__cplusplus -DCLIENT_VERSION_BUILD \
    51+    -DCLIENT_VERSION_IS_RELEASE -DCLIENT_VERSION_MAJOR -DCLIENT_VERSION_MINOR \
    52+    -DCLIENT_VERSION_REVISION -DCOPYRIGHT_YEAR -DDEBUG
    


    jonatack commented at 12:27 pm on May 9, 2020:
    missing backslash at EOL

    jonatack commented at 12:31 pm on May 9, 2020:

    heh, nice example!

    0$ cppcheck/bin/cppcheck --language=c++ -D__cplusplus .../... src/net_processing.cpp
    1src/net_processing.cpp:936:17: error: Same iterator is used with different containers 'mapOrphanTransactions' and 'itPrev.second'. [iterators1]
    2        itPrev->second.erase(it);
    3                ^
    4src/limitedmap.h:72:39: style: Same iterators expression are used for algorithm. [sameIteratorExpression]
    5        iterator itTarget = map.erase(itIn, itIn);
    
  13. in doc/analysis.md:14 in bbfbdcf2ba
     9+```
    10+$ git clone https://github.com/bitcoin/bitcoin
    11+$ cd bitcoin/
    12+$ ./autogen.sh
    13+$ CC=clang CXX=clang++ ./configure --with-incompatible-bdb --disable-ccache
    14+$ scan-build --use-cc=clang --use-c++=clang++ make
    


    jonatack commented at 1:06 pm on May 9, 2020:
    If this is OS-specific, I think it’s necessary to state that. It seems to be, from looking at https://clang-analyzer.llvm.org/ and https://clang-analyzer.llvm.org/scan-build.html after seeing scan-build: 'ccc-analyzer' does not exist at '/usr/local/bin/ccc-analyzer' here and not finding a linux version.
  14. in doc/analysis.md:34 in bbfbdcf2ba
    29+$ make all
    30+$ chmod +x bear/bear
    31+$ cd ..
    32+$ bear/bear/bear -l $(pwd)/bear/libear/libear.so make
    33+# Analyze source code files ...
    34+$ clang-tidy src/test/crypto_tests.cpp
    


    jonatack commented at 1:44 pm on May 9, 2020:
    Is this also OS-specific?
  15. fanquake commented at 12:55 pm on May 19, 2020: member
    I think I’d rather see this kind of documentation added to the devwiki (happy to help with that). That way it can be maintained / updated easier, without having to add even more documentation to this repo. There’s also already other similar guides available, i.e I have one here: https://github.com/fanquake/core-review/blob/master/clang-tools.md.
  16. MarcoFalke commented at 1:07 pm on May 19, 2020: member

    There is also bitcoin-core/docs, if the devwiki or fanquake/core-review are insufficient places to put this.

    In general I agree with @fanquake that documentation to compile with any imaginable compiler or checker or sanitizer or … should probably be maintained outside of this repository. The project here is too big and moving too slow to keep every single piece of documentation up-to-date at all times. Also, we should be considerate of the precious review resource in this repository and use it on Bitcoin Core itself and not on integration of Bitcoin Core with meta developer tools.

  17. practicalswift closed this on May 19, 2020

  18. practicalswift commented at 2:03 pm on May 19, 2020: contributor

    @fanquake

    Feel free to take what you need from this PR and move to the appropriate place. Closing this PR :) @marcofalke

    In general I agree with @fanquake that documentation to compile with any imaginable compiler or checker or sanitizer or … should probably be maintained outside of this repository. The project here is too big and moving too slow to keep every single piece of documentation up-to-date at all times. Also, we should be considerate of the precious review resource in this repository and use it on Bitcoin Core itself and not on integration of Bitcoin Core with meta developer tools.

    Personally I think we as a project have historically vastly underused the available tooling that is typically used in security critical projects to tame C++ (sanitizers, etc.). In other words I don’t think we run the risk of using, integrating or documenting “too much” tooling (quite the opposite TBH!), but I see your point regarding moving the documentation to another repo :)

  19. MarcoFalke commented at 2:17 pm on May 19, 2020: member
    If one of the tools turns out to be useful for the greater project (for example be an optional but recommended tool for developers), I think it can surely be added to the documentation here.
  20. jonatack commented at 2:33 pm on May 19, 2020: member

    Feel free to take what you need from this PR and move to the appropriate place. Closing this PR :)

    Thanks for this info @practicalswift. Like @fanquake, I’ve been compiling info like this in a separate repository for my own reference and anyone else who may find it helpful.

  21. jonatack commented at 2:36 pm on May 19, 2020: member

    similar guides available, i.e I have one here: fanquake/core-review:clang-tools.md@master .

    Thanks @fanquake for the reminder to spend more time looking at the excellent info in core-review.

  22. MarcoFalke referenced this in commit f13e03cda2 on Jan 7, 2021
  23. practicalswift deleted the branch on Apr 10, 2021
  24. DrahtBot locked this on Aug 16, 2022

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-19 00:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me