The OpenSAF build system has support for several open-source static code analysis tools:
Cppcheck is a tool that can detect bugs in C and C++, without producing too many false positives. It is avaliable as a package in many modern Linux distributions. If you are using an up-to-date version of Ubuntu, you can install it using the following command:
sudo apt-get install cppcheck cppcheck-gui
Note that cppcheck-gui was not included in old versions of Ubuntu. If you are using an old version of Ubuntu, you are recommended to download, build and install the cppcheck tool manually.
Now that you have cppcheck installed on your build server, you can analyze the OpenSAF source code by typing the following command at the top of the OpenSAF source tree:
make cppcheck.xml
Once the analysis is complete, you can view the result by typing the following command:
cppcheck-gui cppcheck.xml
An alternative is to use the cppcheck-htmlreport tool to generarte HTML pages that can be viewed in a web browser:
cppcheck-htmlreport --title=OpenSAF --file=cppcheck.xml --report-dir=$HOME/cppcheck --source-dir=.
firefox $HOME/cppcheck/index.html &
Shellcheck is a tool for analyzing shell scripts. To install it on ubuntu, run the following command:
sudo apt-get install shellcheck
To run shellcheck on the shell scripts in OpenSAF, type the following command in any directory in the OpenSAF source code tree:
make shellcheck
This command will analyse all shell scripts in the current directory and subdirectories, and the result will be printed on your terminal.
Cpplint is a tool for checking that C++ source code follows the Google C++ Style Guide (which is the coding standard we follow in OpenSAF). To run the cpplint tool, type the following command in any directory in the OpenSAF source code tree:
make cpplint
This command will download the cpplint tool and run it to analyze the C++ source code files in the current directory and all subdirectories. The result will be printed on your terminal.
Checkpatch is a tool for checking that C source code follows the Linux kernel coding style (which should be used for legacy code written in C). To run the checkpatch tool, type the following command in any directory in the OpenSAF source code tree:
make checkpatch
This command will download the checkpatch tool and run it to analyze the C++ source code files in the current directory and all subdirectories. The result will be printed on your terminal.