Cppcheck project for a inten
Static source code analysis tool for C and C++ code
Brought to you by:
danielmarjamaki
Menu
▾
▴
Hello,
I am an intern and my project for the spring is to take cppcheck's extensible ability and add a few rule sets too it.
Specifically my boss would like me to add all of the MISRA rules along with a few other rule sets.
This is to include writing code for it too check to see if I added these rules correctly.
After reading through the documents I am not sure exatcly where a good place to begin would be, I am not even sure if this is a fesible project to accomplish in a 8-10 week long sprint.
Any advice would be greatly appreciated.
Thank you
Alex
Implementing all the rules in 8-10 weeks is probably a bit agressive. As Daniel says most of the rules that can be easily cheked are already in place.
As a place to start I would suggest you try to tackle some of the outstanding false positives in the current rules. Digging into and learning why some of the current rules have FP would be a great introduction into how things are done and what sort of stuff is possible.
If you search trac for 'misra' in the description then you will find several tickets for FPs and many of them have test cases.
Personally FPs are the biggest source of frustration with cppchecks MISRA rules and my team.
This sounds great. Help with Cppcheck development is highly appreciated.
I would not say that 8-10 weeks is enough to "add all MISRA rules along with few other rule sets".
In my humble opinion you should start with some relatively simple rule.
The MISRA addon has various rules but as you probably saw the addon is not complete. I am guessing that most "low hanging fruit" is taken already. But maybe we can find something there. Do you want to implement MISRA C rules or MISRA C++ rules?
Is there some rule that you spontaneously feel could be relatively simple to check? For instance a simple semantic check would be a good start.
I guess that MISRA C 2012 rule 6.2 might be a good start. Example code:
If you have any alternative ideas please let me know.
one more question; do you want to implement rules in python or C++? If you prefer python then most of the MISRA rules are applicable. If you prefer C++ then I think we should look at other rules that are less stylistic.
If you think that implementing MISRA rule 6.2 sounds like a good idea. Here are some get started info;
put the example code I wrote in a file. Run cppcheck on the file and use
--dump. A dump output file should be created.In the dump file you can lookup the information for "x". It says something like:
Now try to modify our misra.py file. Whenever there is a token that match:
- the "valueType-sign" attribute is "signed".
- the "valueType-bits" attribute is "1".
.. then I think a 6.2 warning can be written.
Modify the addons/test/misra-test.c. You can more or less add the code I wrote in that file. The comment should say
// 6.2.After you have this working ... create a pull request on github.
Thank you for the advice. I am going to have a meeting with my boss later today and see how he would like to proceed. I am a little out of my element since I am a beginner programmer and unfortunately my school doesn't really cover linux nor command line so I think I will be facing a rather steep learning curve on this project.
After meeting with my boss we have decided that my project will mainly be focusing on how to add simple rules to cppcheck. If I have time I will attempt to go after some of the MISRA c rules, but that will be after I managed to figure out how to implement some of the simple rules that our organization would like to see implemented and tested.
I appreciate your advice and I will remain active on here.
Thank you
Alex
I have been trying with out success to add a simple rule. I have followed the documentation to implement the rule described in the documentation of if (p) free P and that has led me no where. The command of cppcheck --rule doesn't seem to work either. Any help to get me going would be greatly appreciated. I beleive if I can get the example to work I should be able to get a fair amount of the simple rules I want to implement done using just the regular expersions.
Thank you
Alex
Make sure you are building cppcheck with
-DHAVE_RULES=1Thank you!
Does cpp check recognize unsigned char? When I run rule=".+" it seems to drop the unsigned part and just print out char name and so on. If it doesn't recognize unsigned char is there a way I can add this type to cpp check?
Is there a way to turn off the preprocessing so it would be easier to use the regular expressions matching for rules? I am trying to write rules for how variables should be named, but the preprocessing seems to remove the variables and their names.
Is there a way to use rule=".+" with the raw info to see how cpp check is breaking out the tokens in the code before preprocessing happens. I found out how to use rules with raw set in the tokenlist but it would be great to see what cppcheck is doing when it is running with raw
Sorry for the late reply. In the addons you can check this.
In the rules you have the option to use the "raw" token list somehow. I would assume that the "unsigned" is not missing in that.
As far as I remember you add
<tokenlist>raw</tokenlist>in the rule file.I am afraid that my rules knowledge is very rusty. I haven't actually used it myself.
Can you please try one of the addons for this instead?
The "addons/namingng.py" is best. As far as I know that requires that you create a simple configuration file in json that specify your naming conventions.