Static Analysis

From MozillaWiki
Revision as of 00:22, 29 November 2006 by Brendan (talk | contribs)
Jump to navigation Jump to search

Applications for Oink static analysis tools for Mozilla 2:

  • Develop the AST-pattern-matching patch generation tool.
  • "Semantic grep" (super-LXR) tasks:
    • Clean up uses of obsolete API. Gecko:Obsolete API
    • Automatically identify unused or hardly-used code.
  • Check and enforce exception safety.
    • Find stack pointers to malloc'ed temporary hazards.
    • Refactoring opportunities arising from exceptions.
  • Control flow analysis
    • Find lock/unlock pairs that need try-catch.
    • UNO port or rip-off for general analysis.
    • A CUTE "plusplus" (CUTE++) on Oink.
  • Generate patches to convert from nsresults to C++ exceptions.
  • Identify C++ to convert to JS2...
    • ... and translate it automatically.
    • C++ candidate code uses only scriptable interfaces, strings, primitives.
  • Canonicalization:
    • Replace XPCOM portability veneer with std-C++ equivalents.
    • Replace NSPR C portability veneer with std-C equivalents?
  • Enforce confidentiality properties:
    • Chrome never evals a content-tainted string.
    • C++ never snprintfs using a content-tained string.
  • Enforce correct API usage:
    • Exact-GC safety bugs.
    • String character set encoding mistakes.
    • Unit (twips vs. pixels) checking for layout.
  • Measure code complexity:
    • Virtual method declaration and call populations.
    • Cohesion, coupling, other modularity measures.
    • Compare to other open source projects of similar scope.
Retrieved from "https://wiki.mozilla.org/index.php?title=Static_Analysis&oldid=43430"