Static Analysis: Difference between revisions

Latest revision as of 18:19, 10 September 2020

Content moved here: https://firefox-source-docs.mozilla.org/code-quality/static-analysis.html

@@ Line 1: / Line 1: @@
-Applications for [http://www.cubewano.org/oink/ Oink] static analysis tools for [[Mozilla 2]]:
+Content moved here:
+https://firefox-source-docs.mozilla.org/code-quality/static-analysis.html
-* Develop the AST-pattern-matching [http://weblogs.mozillazine.org/roadmap/archives/2006/11/oinkbased_patch_generation.html patch generation] tool.
-** Automate part of deCOMtamination. [[Gecko:DeCOMtamination Algorithm]]
-* "Semantic grep" (super-LXR) tasks:
-** Clean up uses of obsolete API. [[Gecko:Obsolete API]]
-** Automatically identify unused or hardly-used code.
-* Check and enforce exception safety.
-** Find stack pointers to malloc'ed temporary hazards.
-** Refactoring opportunities arising from exceptions.
-* Control flow analysis
-** Find lock/unlock pairs that need try-catch.
-** [http://www.spinroot.com/uno/ UNO] port or rip-off for general analysis.
-** A [http://osl.cs.uiuc.edu/~ksen/cute/ CUTE] "plusplus" (CUTE++) on Oink.
-* Generate patches to convert from nsresults to C++ exceptions.
-* Identify C++ to convert to JS2...
-** ... and translate it automatically.
-** C++ candidate code uses only scriptable interfaces, strings, primitives.
-* Replace XPCOM or NSPR portability with std-C++ equivalents.
-* Enforce confidentiality properties:
-** Chrome never evals a content-tainted string.
-** C++ never snprintfs using a content-tained string.
-* Enforce correct API usage:
-** Exact-GC safety bugs.
-** String character set encoding mistakes.
-** Unit (twips vs. pixels) checking for layout.
-* Measure code complexity:
-** Virtual method declaration and call populations.
-** Cohesion, coupling, other modularity measures.
-** Compare to other open source projects of similar scope.

Static Analysis: Difference between revisions

Latest revision as of 18:19, 10 September 2020

Navigation menu

Search