Confirm
709
edits
Changes
refresh the static analysis page
== Current Status ==
* '''Custom static analyses''': We have a clang plugin with a number of Gecko-specific checks. There's terse documentation on the attributes we use to drive some of the checks [https://dxr.mozilla.org/mozilla-central/source/mfbt/Attributes.h#341 here]. Some checks are just good hygiene (e.g. MOZ_IMPLICIT), some checks exist to help you do the right thing (e.g. MOZ_MUST_OVERRIDE, MOZ_RAII, MOZ_MUST_USE), and some checks exist to prevent security bugs (e.g. MOZ_NON_MEMMOVABLE and related attributes). The checker currently runs on every push we do, on Windows, Mac, and Linux.
* '''clang upstream analyses''': For every patch, at review phase, we run a bunch of [https://scansearchfox.coverity.comorg/mozilla-central/source/tools/projectsclang-tidy/firefox Coverityconfig.yaml clang analyzer and clang tidy]''': runs their code checker on Firefox every couple of days and throws all the problems into a nicely searchable databasecheckers.
* Develop code rewriting [[Pork]] tools.** Automate part of deCOMtamination. [[Gecko'''Compiler warnings''':DeCOMtamination Algorithm]]** Automation all of ownership cleanups (see below).* Develop static analysis [https://developer.mozilla.org/en-US/docs/DXR DXR] tool, then:** Clean up uses our compilers have a number of obsolete APIwarnings. [[Gecko:Obsolete API]]** [https://bugzilla.mozilla.org/show_bug.cgi?id=1022814 Automatically identify unused or hardly-used code].** Ownership analysis:*** Strong/weak pointers.*** Optional annotations for strong vs. weak pointer.*** Finding raw pointers that should be weak or strong.*** Static cycle detection.*** Static reference-counting elimination.** "Who We try to turn on as many as we can point to" analysis.* Auto-generate traverse and unlink methods for the [https://bugzilla.mozilla.org/show_bug.cgi?id=XPCOMGC Cycle Collector]** Oink finds outgoing pointers, generates iterators.* Check and enforce exception safety.** Find stack pointers to malloc'ed temporary hazards.** Refactoring opportunities arising from exceptions.* Control flow analysis** Find lock/unlock pairs that need try-catch.** A [http://osl.cs.uiuc.edu/~ksen/cute/ CUTE] "plusplus" (CUTE++) make warnings on [[Pork]]* Generate patches to convert from nsresults to C++ exceptions.* Identify C++ to convert to JS2...** ... and translate it automatically.** C++ candidate most Mozilla code uses only scriptable interfaces, stringsfatal, primitivesi.* Canonicalization:** Replace XPCOM portability veneer with std-C++ equivalentse.** Replace NSPR C portability veneer with std-C equivalents?* Enforce confidentiality properties:** Chrome never evals a content-tainted string.** C++ never snprintfs using a content-tainted string.* SpiderMonkey Exact-GC safety bugs. See the [[GC_SafetySpec]] page for the latest.** "Not stored in your build will fail if the heap" pointer dataflow analysiscompiler warns. '''Implemented in Oink''': finding pointers to stack stored on heap/global is now a feature of Oink; have not tried it yet on Mozilla.* Dataflow enforcement of correct API usage (CQual++):** String character set encoding mistakes.* More dataflow enforcement (beyond the reach of CQual++):** Unit analysis (twips vs. pixels) We generally turn off fatal warnings for layout third-party code, and rendering.* Code metrics, sometimes attempt to compare to similar open source projects:** Virtual method declaration and call populations.** Cohesion, coupling, other modularity measuresget fixes for the warnings pushed upstream. See also: [[Static Analysis/Installing the Oink Stack]]
