summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-09-15 16:40:11 -0400
committerNick Mathewson <nickm@torproject.org>2017-09-15 16:40:11 -0400
commit76c33f7ff46df47df0cc880595c4d943d50f019b (patch)
tree11448ec9afd6990160ce6212c020d3c2630448d6 /scripts
parentc1deabd3b0c9e2701696afc80ac8392f0efda2c7 (diff)
parenta28e239b171c1a69fd32b6583bca0559f7116445 (diff)
downloadtor-76c33f7ff46df47df0cc880595c4d943d50f019b.tar.gz
tor-76c33f7ff46df47df0cc880595c4d943d50f019b.zip
Merge branch 'scan-build-032'
Diffstat (limited to 'scripts')
-rwxr-xr-x[-rw-r--r--]scripts/test/scan-build.sh55
1 files changed, 43 insertions, 12 deletions
diff --git a/scripts/test/scan-build.sh b/scripts/test/scan-build.sh
index 36e69e6d00..bc602e61a5 100644..100755
--- a/scripts/test/scan-build.sh
+++ b/scripts/test/scan-build.sh
@@ -5,37 +5,68 @@
# This script is used for running a bunch of clang scan-build checkers
# on Tor.
+# These don't seem to cause false positives in our code, so let's turn
+# them on.
CHECKERS="\
- -disable-checker deadcode.DeadStores \
- -enable-checker alpha.core.CastSize \
+ -enable-checker alpha.core.CallAndMessageUnInitRefArg \
-enable-checker alpha.core.CastToStruct \
+ -enable-checker alpha.core.Conversion \
+ -enable-checker alpha.core.FixedAddr \
-enable-checker alpha.core.IdenticalExpr \
+ -enable-checker alpha.core.PointerArithm \
-enable-checker alpha.core.SizeofPtr \
- -enable-checker alpha.security.ArrayBoundV2 \
+ -enable-checker alpha.core.TestAfterDivZero \
-enable-checker alpha.security.MallocOverflow \
-enable-checker alpha.security.ReturnPtrRange \
- -enable-checker alpha.unix.SimpleStream
+ -enable-checker alpha.unix.BlockInCriticalSection \
+ -enable-checker alpha.unix.Chroot \
+ -enable-checker alpha.unix.PthreadLock \
+ -enable-checker alpha.unix.PthreadLock \
+ -enable-checker alpha.unix.SimpleStream \
+ -enable-checker alpha.unix.Stream \
-enable-checker alpha.unix.cstring.BufferOverlap \
-enable-checker alpha.unix.cstring.NotNullTerminated \
- -enable-checker alpha.unix.cstring.OutOfBounds \
- -enable-checker alpha.core.FixedAddr \
+ -enable-checker alpha.valist.CopyToSelf \
+ -enable-checker alpha.valist.Uninitialized \
+ -enable-checker alpha.valist.Unterminated \
+ -enable-checker security.FloatLoopCounter \
-enable-checker security.insecureAPI.strcpy \
- -enable-checker alpha.unix.PthreadLock \
- -enable-checker alpha.core.PointerArithm \
- -enable-checker alpha.core.TestAfterDivZero \
"
+# These have high false-positive rates.
+EXTRA_CHECKERS="\
+ -enable-checker alpha.security.ArrayBoundV2 \
+ -enable-checker alpha.unix.cstring.OutOfBounds \
+ -enable-checker alpha.core.CastSize \
+"
+
+# These don't seem to generate anything useful
+NOISY_CHECKERS="\
+ -enable-checker alpha.clone.CloneChecker \
+ -enable-checker alpha.deadcode.UnreachableCode \
+"
+
+if test "x$SCAN_BUILD_OUTPUT" != "x"; then
+ OUTPUTARG="-o $SCAN_BUILD_OUTPUT"
+else
+ OUTPUTARG=""
+fi
+
scan-build \
$CHECKERS \
./configure
+make clean
+
scan-build \
- $CHECKERS \
- make -j2 -k
+ $CHECKERS $OUTPUTARG \
+ make -j5 -k
+CHECKERS="\
+"
# This one gives a false positive on every strcmp.
# -enable-checker alpha.core.PointerSub
# Needs work
-# alpha.unix.MallocWithAnnotations ??
+# -enable-checker alpha.unix.MallocWithAnnotations