diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-09-15 16:40:11 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-09-15 16:40:11 -0400 |
| commit | 76c33f7ff46df47df0cc880595c4d943d50f019b (patch) | |
| tree | 11448ec9afd6990160ce6212c020d3c2630448d6 /scripts | |
| parent | c1deabd3b0c9e2701696afc80ac8392f0efda2c7 (diff) | |
| parent | a28e239b171c1a69fd32b6583bca0559f7116445 (diff) | |
| download | tor-76c33f7ff46df47df0cc880595c4d943d50f019b.tar.gz tor-76c33f7ff46df47df0cc880595c4d943d50f019b.zip | |
Merge branch 'scan-build-032'
Diffstat (limited to 'scripts')
| -rwxr-xr-x[-rw-r--r--] | scripts/test/scan-build.sh | 55 |
1 files changed, 43 insertions, 12 deletions
diff --git a/scripts/test/scan-build.sh b/scripts/test/scan-build.sh index 36e69e6d00..bc602e61a5 100644..100755 --- a/scripts/test/scan-build.sh +++ b/scripts/test/scan-build.sh @@ -5,37 +5,68 @@ # This script is used for running a bunch of clang scan-build checkers # on Tor. +# These don't seem to cause false positives in our code, so let's turn +# them on. CHECKERS="\ - -disable-checker deadcode.DeadStores \ - -enable-checker alpha.core.CastSize \ + -enable-checker alpha.core.CallAndMessageUnInitRefArg \ -enable-checker alpha.core.CastToStruct \ + -enable-checker alpha.core.Conversion \ + -enable-checker alpha.core.FixedAddr \ -enable-checker alpha.core.IdenticalExpr \ + -enable-checker alpha.core.PointerArithm \ -enable-checker alpha.core.SizeofPtr \ - -enable-checker alpha.security.ArrayBoundV2 \ + -enable-checker alpha.core.TestAfterDivZero \ -enable-checker alpha.security.MallocOverflow \ -enable-checker alpha.security.ReturnPtrRange \ - -enable-checker alpha.unix.SimpleStream + -enable-checker alpha.unix.BlockInCriticalSection \ + -enable-checker alpha.unix.Chroot \ + -enable-checker alpha.unix.PthreadLock \ + -enable-checker alpha.unix.PthreadLock \ + -enable-checker alpha.unix.SimpleStream \ + -enable-checker alpha.unix.Stream \ -enable-checker alpha.unix.cstring.BufferOverlap \ -enable-checker alpha.unix.cstring.NotNullTerminated \ - -enable-checker alpha.unix.cstring.OutOfBounds \ - -enable-checker alpha.core.FixedAddr \ + -enable-checker alpha.valist.CopyToSelf \ + -enable-checker alpha.valist.Uninitialized \ + -enable-checker alpha.valist.Unterminated \ + -enable-checker security.FloatLoopCounter \ -enable-checker security.insecureAPI.strcpy \ - -enable-checker alpha.unix.PthreadLock \ - -enable-checker alpha.core.PointerArithm \ - -enable-checker alpha.core.TestAfterDivZero \ " +# These have high false-positive rates. +EXTRA_CHECKERS="\ + -enable-checker alpha.security.ArrayBoundV2 \ + -enable-checker alpha.unix.cstring.OutOfBounds \ + -enable-checker alpha.core.CastSize \ +" + +# These don't seem to generate anything useful +NOISY_CHECKERS="\ + -enable-checker alpha.clone.CloneChecker \ + -enable-checker alpha.deadcode.UnreachableCode \ +" + +if test "x$SCAN_BUILD_OUTPUT" != "x"; then + OUTPUTARG="-o $SCAN_BUILD_OUTPUT" +else + OUTPUTARG="" +fi + scan-build \ $CHECKERS \ ./configure +make clean + scan-build \ - $CHECKERS \ - make -j2 -k + $CHECKERS $OUTPUTARG \ + make -j5 -k +CHECKERS="\ +" # This one gives a false positive on every strcmp. # -enable-checker alpha.core.PointerSub # Needs work -# alpha.unix.MallocWithAnnotations ?? +# -enable-checker alpha.unix.MallocWithAnnotations |