scan-build.sh 2.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980
  1. #!/bin/sh
  2. # Copyright 2014 The Tor Project, Inc
  3. # See LICENSE for licensing information
  4. #
  5. # This script is used for running a bunch of clang scan-build checkers
  6. # on Tor.
  7. # These don't seem to cause false positives in our code, so let's turn
  8. # them on.
  9. CHECKERS="\
  10. -enable-checker alpha.core.CallAndMessageUnInitRefArg \
  11. -enable-checker alpha.core.CastToStruct \
  12. -enable-checker alpha.core.Conversion \
  13. -enable-checker alpha.core.FixedAddr \
  14. -enable-checker alpha.core.IdenticalExpr \
  15. -enable-checker alpha.core.PointerArithm \
  16. -enable-checker alpha.core.SizeofPtr \
  17. -enable-checker alpha.core.TestAfterDivZero \
  18. -enable-checker alpha.security.MallocOverflow \
  19. -enable-checker alpha.security.ReturnPtrRange \
  20. -enable-checker alpha.unix.BlockInCriticalSection \
  21. -enable-checker alpha.unix.Chroot \
  22. -enable-checker alpha.unix.PthreadLock \
  23. -enable-checker alpha.unix.PthreadLock \
  24. -enable-checker alpha.unix.SimpleStream \
  25. -enable-checker alpha.unix.Stream \
  26. -enable-checker alpha.unix.cstring.BufferOverlap \
  27. -enable-checker alpha.unix.cstring.NotNullTerminated \
  28. -enable-checker alpha.valist.CopyToSelf \
  29. -enable-checker alpha.valist.Uninitialized \
  30. -enable-checker alpha.valist.Unterminated \
  31. -enable-checker security.FloatLoopCounter \
  32. -enable-checker security.insecureAPI.strcpy \
  33. "
  34. # These have high false-positive rates.
  35. EXTRA_CHECKERS="\
  36. -enable-checker alpha.security.ArrayBoundV2 \
  37. -enable-checker alpha.unix.cstring.OutOfBounds \
  38. -enable-checker alpha.core.CastSize \
  39. "
  40. # These don't seem to generate anything useful
  41. NOISY_CHECKERS="\
  42. -enable-checker alpha.clone.CloneChecker \
  43. -enable-checker alpha.deadcode.UnreachableCode \
  44. "
  45. if test "x$SCAN_BUILD_OUTPUT" != "x"; then
  46. OUTPUTARG="-o $SCAN_BUILD_OUTPUT"
  47. else
  48. OUTPUTARG=""
  49. fi
  50. scan-build \
  51. $CHECKERS \
  52. ./configure
  53. scan-build \
  54. make clean
  55. # Make this not get scanned for dead assignments, since it has lots of
  56. # dead assignments we don't care about.
  57. scan-build \
  58. $CHECKERS \
  59. -disable-checker deadcode.DeadStores \
  60. make -j5 -k ./src/ext/ed25519/ref10/libed25519_ref10.a
  61. scan-build \
  62. $CHECKERS $OUTPUTARG \
  63. make -j5 -k
  64. CHECKERS="\
  65. "
  66. # This one gives a false positive on every strcmp.
  67. # -enable-checker alpha.core.PointerSub
  68. # Needs work
  69. # -enable-checker alpha.unix.MallocWithAnnotations