Add the cmake files for running static code analysis with the Polyspace
tools in the west build. The analysis leverages the compilation database.
Options for the analysis are documented in doc/develop/sca/polyspace.rst.
Analysis results are printed as command line output and provided as CSV.
Manually tested on v4.0.0 with various sample applications.
Signed-off-by: Martin Becker <mbecker@mathworks.com>
Get eclair specific option file variable via zephyr_get.
This is also needed if the sca is invoked with sysbuild so it uses
the intended file.
Signed-off-by: Simon Hein <Shein@baumer.com>
Add a cmake file which uses the cmake options feature
and include it inot the sca.cmake file to set up and describe
the options for the ECLAIR tool.
Signed-off-by: Simon Hein <Shein@baumer.com>
Add the ECLAIR calls for the zephyr cmake environment to call
ECLAIR while the firmware is build by replacing the actual compiler
call and setup the eclair environment and call the compiler through
the eclair.
The Integration accepts a kconfig file for configuring the
analysis and the generation of the reports. The path of the
kconfig file should be provided via the variable ECLAIR_CONFIG.
db_generation.ecl has be created and introduced instead of
reports.ecl because the report generation is handled by the
sca.cmake directly.
Signed-off-by: Simon Hein <Shein@baumer.com>
Add the Eclair configuration files, which are needed to
configure the static code analysis tool for the zephyr
coding guidelines.
Signed-off-by: Simon Hein <Shein@baumer.com>
If we're running in a twister context, use the information as sane
defaults for CodeChecker.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
Normally the return code of `CodeChecker analyze` and `CodeChecker parse`
is suppressed, so all the enabled commands can execute instead of
crashing the build.
Add a new option, `CODECHECKER_PARSE_EXIT_STATUS`, to permit failing the
build if `CodeChecker parse` returns non-zero.
Signed-off-by: Noah Pendleton <noah.pendleton@gmail.com>
Let find_program in codechecker/sca.cmake search for both 'CodeChecker'
and 'codechecker'. Before this change, I wasn't able to run CodeChecker
because cmake couldn't find it. (Ubuntu 23.10, CodeChecker 6.21.0 installed
via snap)
Signed-off-by: Benedikt Streicher <streicher.b@posteo.de>
The analyze step for codechecker can have errors. These are printed out
to the console, allow to keep processing results for other succeeded
analysis.
Signed-off-by: Pieter De Gendt <pieter.degendt@basalte.be>
This commit adds Parasoft C++test as a Static Analyser using Zephyr's SCA
framework.
By specifing -DZEPHYR_SCA_VARIANT=cpptest to west build, a cpptestscan.bdf
file will be generated under builddir/sca/cpptest/.
Signed-off-by: Yasushi SHOJI <yashi@spacecubics.com>
This commit enhances the clarity of the build log by adding the "SCA"
prefix to the "Found" messages generated by sca/*/sca.cmake. This change
improves the readability of the `west build` log for users who may not be
familiar with these tools, providing more informative and understandable
output.
Signed-off-by: Yasushi SHOJI <yashi@spacecubics.com>
Enable GCC builtin static analysis in Zephyr's static code analysis
(SCA) infra.
When this option is enabled GCC performs a static analysis and
can point problems like:
sample.c
+ int *j;
+
+ if (j != NULL) {
+ printf("j != NULL\n");
output:
${ZEPHYR_BASE}/samples/userspace/hello_world_user/src/main.c:30:12:
warning: use of uninitialized value 'j' [CWE-457]
[-Wanalyzer-use-of-uninitialized-value]
30 | if (j != NULL) {
| ^
'main': events 1-2
|
| 25 | int *j;
| | ^
| | |
| | (1) region created on stack here
|......
| 30 | if (j != NULL) {
| | ~
| | |
| | (2) use of uninitialized value 'j' here
Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
There are some situations like #67035 where sparse aborts and returns an
error code before the compiler has generated the .obj file; without any
clear indication that the .obj is missing (in normal situations sparse
prints warnings and _does_ creates the .obj file)
Also, builds are parallel by default and sparse runs tend to be massive
walls of text which all conspires to make it totally impossible to find
the relevant error message. Instead, we get an link-time error.
The only clear indication is the exit code. So catch it and abort the
build ASAP thanks to COMMAND_ERROR_IS_FATAL.
More generally speaking, the default behavior of execute_process() to
ignore errors is crazy. How frequently does a build system run commands
that do NOT matter?
Signed-off-by: Marc Herbert <marc.herbert@intel.com>
Sparse support was original introduced in #43776.
This commit introduces sparse support as part of Zephyr SCA tool
infrastructure.
The implementation in this commit has some benefits over existing
support:
- It does not required users to set `REAL_CC` in environment before
invoking build command.
This reduces risk of user mistakes, such as
- REAL_CC being different from CMAKE_C_COMPILER.
- User running CMake in one terminal / environment where REAL_CC is
defined but invoking the build command in a different terminal /
environment where REAL_CC is not defined or defined differently.
- It improve user experience as the user no longer has to define /
re-define REAL_CC when building for different architecture, like
switching from arm to xtensa, as this is now handled in CMake.
- CMAKE_C_COMPILER is not overwriting, this can be important for other
tools which calls the C compiler for pre-processing purposes, such
as devicetree and linker script generation.
Signed-off-by: Torsten Rasmussen <Torsten.Rasmussen@nordicsemi.no>
