|
|
| (26 intermediate revisions by 11 users not shown) |
| Line 1: |
Line 1: |
| Applications for [http://www.cubewano.org/oink/ Oink] static analysis tools for [[Mozilla 2]]:
| | Content moved here: |
| | | https://firefox-source-docs.mozilla.org/code-quality/static-analysis.html |
| * Develop the AST-pattern-matching [http://weblogs.mozillazine.org/roadmap/archives/2006/11/oinkbased_patch_generation.html patch generation] tool.
| |
| * Automate part of deCOMtamination. [[Gecko:DeCOMtamination Algorithm]]
| |
| * Clean up uses of obsolete API. [[Gecko:Obsolete API]]
| |
| * Automatically identify unused or hardly-used code.
| |
| * Check and enforce exception safety.
| |
| * Generate patches to convert from nsresults to C++ exceptions.
| |
| * Identify C++ to convert to JS2...
| |
| ** ... and translate it automatically.
| |
| ** C++ candidate code uses only scriptable interfaces, strings, primitives.
| |
| * Replace XPCOM or NSPR portability with std-C++ equivalents.
| |
| * Enforce confidentiality properties:
| |
| ** Chrome never evals a content-tainted string.
| |
| ** C++ never snprintfs using a content-tained string.
| |
| * Enforce correct API usage:
| |
| ** Exact-GC safety bugs.
| |
| ** String character set encoding mistakes.
| |
| ** Unit (twips vs. pixels) checking for layout.
| |
| * Measure code complexity:
| |
| ** Virtual method declaration and call populations.
| |
| ** Cohesion, coupling, other modularity measures.
| |
| ** Compare to other open source projects of similar scope.
| |