[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 0/4] Static analyser finding deviation

  • To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
  • From: Luca Fancellu <Luca.Fancellu@xxxxxxx>
  • Date: Tue, 29 Nov 2022 13:02:57 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=BwJxTQzCAK4Ik4PjUdgys7HuwYY4hrtUhi1z+4rd9G0=; b=hYrLQ1Q0TDhPwqvaFV/1GBIGIr83WqTvKEdgMCD1XZnkoKhnCVJHGW6FKTcS2sPEB3yJfdjJ8Hahd+9IZXBheBiyl37rphEP47oEe1lMQWSF3jXS0H2YK7wjPKMI5Su3NC6XJ4stplwv4cUR0mRK1N9E1gtj3x5QcI8DCjcvGiDAnwVN5KVHNq9LR3eDo6Gx1g5QD3aOJ4t3/kD4GSEPcYHdVsXVMAacCAKP/N+j/ZIhD/eNvJGmPGE/UhKJxBlVPrkMSnasypfVlzFIJWVZleHrfYcfjOcFPYqgAZlBMFcz0I7mtsvLu/35LE9J4akT0KXz4/uRAf464Uk9zWOT3Q==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=J69l+jOPqW7cRA/CU6AS4R4FX3z+5x+kaD40Pnl5BGRT/CALnStzGmGFTts1rjpdVndBSvaRT9Yzkl4enJ1VXUqMbTSyurTRGkuJ47E84+46jAU2LmO2Hm8+PULidQngdW5+5c1Dn0nqpkg79bCLKt2QfZub+LeSbU1qA7CYO/4eVP7xAkC30Ltxags6/pa/FPZqiOUEdQLm3Een5pZkzWJgD7KdxjXafgnY2Xuh12wAbC/waNYKPsWPUfyquXEMVWEVm4mdLSzieCHc5pHfXD/N4uNqB4VmUFtvPZsa3GDXoiLzx0rQEhN+gGV/LI7fZz4H8a3f+b7sdpmbiqoICQ==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;
  • Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Bertrand Marquis <Bertrand.Marquis@xxxxxxx>, Wei Chen <Wei.Chen@xxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Wei Liu <wl@xxxxxxx>
  • Delivery-date: Tue, 29 Nov 2022 13:03:34 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Thread-index: AQHZAzNMLbhXl7Jpp0uxGRE1XtEGda5VJQuAgACDlwCAADbEgA==
  • Thread-topic: [PATCH 0/4] Static analyser finding deviation

> On 29 Nov 2022, at 09:46, Luca Fancellu <Luca.Fancellu@xxxxxxx> wrote:
> 
> 
> 
>> On 29 Nov 2022, at 01:55, Stefano Stabellini <sstabellini@xxxxxxxxxx> wrote:
>> 
>> On Mon, 28 Nov 2022, Luca Fancellu wrote:
>>> This serie introduces a way to suppress a static analyser finding providing 
>>> a
>>> proper justification for it.
>>> The process is explained in the docs/misra/documenting-violations.rst 
>>> document
>>> that this serie will provide.
>>> The tools currently supported are eclair, coverity and cppcheck, but the 
>>> design
>>> is open to support many other static analysis tool.
>>> 
>>> The changes are split between the first two patches to reduce the review 
>>> effort,
>>> the first patch is introducing the deviation process for the eclair and 
>>> coverity
>>> tools, this is because their analysis system is similar.
>>> 
>>> The second patch is introducing the same deviation process for cppcheck,
>>> modifying the current way it is called from the makefile and improving its
>>> analysis.
>>> 
>>> The third patch is a fix for a tool used for cppcheck and the fourth patch
>>> is an example of how a deviation can be applied for some MISRA findings.
> 
> Hi Stefano,
> 
>> 
>> I tried testing this series with:
>> 
>> # scripts/xen-analysis.py --build-only --cppcheck-html --run-cppcheck 
>> --cppcheck-bin=/local/repos/cppcheck/cppcheck 
>> --cppcheck-html-bin=/local/repos/cppcheck/htmlreport/cppcheck-htmlreport
>> 
>> But I get this error:
>> 
>> ERROR: Can't find cppcheck version or version is not 2.7
>> 
>> 
>> Note that my cppcheck is 2.7.4:
>> 
>> # ./cppcheck --version
>> Cppcheck 2.7.4
> 
> Yes this is a bug, I’m strictly checking for 2.7, I will modify it to 2.7.x 
> if you agree
> 
>> 
>> 
>> After removing the version check in cppcheck_analysis.py, the process
>> starts correctly.
>> 
>> Also, where is the output html report created by cppcheck-html by
>> default?
> 
> 
> The html output should be in the xen folder 
> [xen_repo]/xen/cppcheck-htmlreport/html but when you specify --build-only the 
> reports are not generated, only the build phase is executed.
> 
> Have you tried without --build-only to test the report generations?

However I’ve found another bug, when building using your command line (at least 
on my x86 machine)

I have that xen is not building and it’s ending with this:

ld    -melf_x86_64  -T arch/x86/xen.lds -N prelink.o --build-id=sha1 \
    ./common/symbols-dummy.o -o ./.xen-syms.0
nm -pa --format=sysv ./.xen-syms.0 \
        | ./tools/symbols --all-symbols --sort-by-name --sysv --sort \
        >./.xen-syms.0.S
make -f ./Rules.mk obj=. ./.xen-syms.0.o
  CC      .xen-syms.0.o
ld    -melf_x86_64  -T arch/x86/xen.lds -N prelink.o --build-id=sha1 \
    ./.xen-syms.0.o -o ./.xen-syms.1
nm -pa --format=sysv ./.xen-syms.1 \
        | ./tools/symbols --all-symbols --sort-by-name --sysv --sort 
--error-dup \
        >./.xen-syms.1.S
make -f ./Rules.mk obj=. ./.xen-syms.1.o
  CC      .xen-syms.1.o
ld    -melf_x86_64  -T arch/x86/xen.lds -N prelink.o --build-id=sha1 \
    --orphan-handling=warn ./.xen-syms.1.o -o xen-syms
nm -pa --format=sysv ./xen-syms \
        | ./tools/symbols --all-symbols --xensyms --sysv --sort \
        >./xen-syms.map
rm -f ./.xen-syms.[0-9]* ./..xen-syms.[0-9]*
  HOSTCC  arch/x86/efi/mkreloc
Checking arch/x86/efi/mkreloc.c ...
Checking arch/x86/efi/mkreloc.c: CPPCHECK=1;...
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
nm: 'arch/x86/efi/relocs-dummy.o': No such file
echo "Will strip debug info from xen.efi"
Will strip debug info from xen.efi
ld -mi386pep --subsystem=10 --strip-debug --image-base=0x --stack=0,0 
--heap=0,0 --section-alignment=0x200000 --file-alignment=0x20 
--major-image-version=4 --minor-image-version=17 --major-os-version=2 
--minor-os-version=0 --major-subsystem-version=2 --minor-subsystem-version=0 
--build-id=sha1 -T arch/x86/efi.lds -N prelink.o arch/x86/efi/relocs-dummy.o 
./common/symbols-dummy.o -b pe-x86-64 arch/x86/efi/buildid.o -o ./.xen.efi.0x.0 
&&  ld -mi386pep --subsystem=10 --strip-debug --image-base=0x --stack=0,0 
--heap=0,0 --section-alignment=0x200000 --file-alignment=0x20 
--major-image-version=4 --minor-image-version=17 --major-os-version=2 
--minor-os-version=0 --major-subsystem-version=2 --minor-subsystem-version=0 
--build-id=sha1 -T arch/x86/efi.lds -N prelink.o arch/x86/efi/relocs-dummy.o 
./common/symbols-dummy.o -b pe-x86-64 arch/x86/efi/buildid.o -o ./.xen.efi.0x.0 
&& :
ld: cannot find arch/x86/efi/relocs-dummy.o: No such file or directory
ld: cannot find arch/x86/efi/buildid.o: No such file or directory
arch/x86/Makefile:207: recipe for target 'xen.efi' failed
make[2]: *** [xen.efi] Error 1
build.mk:90: recipe for target 'xen' failed
make[1]: *** [xen] Error 2
Makefile:585: recipe for target 'xen' failed
make: *** [xen] Error 2
make: Leaving directory '/data_sdc1/lucfan01/kirkstone_xen/xen/xen'
ERROR: Build error occured when running:
make -C /data_sdc1/lucfan01/kirkstone_xen/xen/xen  
CC="/data_sdc1/lucfan01/kirkstone_xen/xen/xen/tools/cppcheck-cc.sh 
--compiler=gcc --cppcheck-cmd=cppcheck 
--cppcheck-build-dir=/data_sdc1/lucfan01/kirkstone_xen/xen/xen/build-dir-cppcheck
 --max-ctu-depth=10 --enable=style,information,missingInclude 
--template='{file}({line},{column}):{id}:{severity}:{message}' 
--relative-paths=/data_sdc1/lucfan01/kirkstone_xen/xen/xen --inline-suppr 
--suppressions-list=/data_sdc1/lucfan01/kirkstone_xen/xen/xen/suppression-list.txt
 --suppress='unmatchedSuppression:*generated/compiler-def.h' 
--include=/data_sdc1/lucfan01/kirkstone_xen/xen/xen/include/xen/config.h 
-DCPPCHECK 
--cppcheck-plat=/data_sdc1/lucfan01/kirkstone_xen/xen/xen/tools/cppcheck-plat 
--ignore-path=tools/ --cppcheck-html --“ build


I’ve investigated why and it turns out that this line 94 in 
xen/xen/arch/x86/arch.mk:

XEN_BUILD_EFI := $(call if-success,$(CC) $(CFLAGS) -c $(srctree)/$(efi-check).c 
-o $(efi-check).o,y)

is calling the compiler on a c file, so the wrapper is using cppcheck on it, 
but seems that $(ARCH) variable is not set at this point so the call fails and 
you don’t see why because the output is silenced.

The fix is simple:

diff --git a/xen/scripts/xen_analysis/cppcheck_analysis.py 
b/xen/scripts/xen_analysis/cppcheck_analysis.py
index e5c2f3be3e85..646826851f0b 100644
--- a/xen/scripts/xen_analysis/cppcheck_analysis.py
+++ b/xen/scripts/xen_analysis/cppcheck_analysis.py
@@ -181,6 +181,7 @@ def generate_cppcheck_deps():
 
     cppcheck_cc_flags = """--compiler={} --cppcheck-cmd={} {}
  --cppcheck-plat={}/cppcheck-plat --ignore-path=tools/
+ --ignore-path=arch/x86/efi/check.c
 """.format(xen_cc, settings.cppcheck_binpath, cppcheck_flags,
            settings.tools_dir)
 
This will instruct the cppcheck-cc.sh wrapper to don’t call the cppcheck code 
on the *arch/x86/efi/check.c file.

I will add it in the next serie version as well as all the comments in the serie

Cheers,
Luca

> 
> Cheers,
> Luca

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.