build-unit-test-docker: add cppcheck static analysis tool
Add the cppcheck static analysis tool. This tool's output is only for
information while it's being tuned. The tool is meant to find security
flaws in cpp as well as finding performance improvements and style. In
this case, the style improvements have been primarily scope reduction
or using a standard library algorithm instead of a raw mechanism.
The author of a patch should check the log output from their presubmit
to see if this tool has identified anything. The reviewers can also
check.
The tuning here refers to the configuration. This tool was chosen
partially because it's under very active development and partially
because it's very quick.
If cppcheck reports a false positive, please file an issue against that
project including the pertinent information.
Change-Id: Ia43d4b9d0995dfa6667c2a8b09d072931936e437
Signed-off-by: Patrick Venture <venture@google.com>
diff --git a/scripts/unit-test.py b/scripts/unit-test.py
index 16ffa11..1cf615b 100755
--- a/scripts/unit-test.py
+++ b/scripts/unit-test.py
@@ -399,6 +399,20 @@
check_call_cmd(root, 'cat', os.path.join(root, 'test-suite.log'))
raise Exception('Unit tests failed')
+def run_cppcheck(top_dir):
+ try:
+ # http://cppcheck.sourceforge.net/manual.pdf
+ ignore_list = ['-i%s' % path for path in os.listdir(top_dir) \
+ if path.endswith('-src') or path.endswith('-build')]
+ ignore_list.extend(('-itest', '-iscripts'))
+ params = ['cppcheck', '-j', str(multiprocessing.cpu_count()),
+ '--enable=all']
+ params.extend(ignore_list)
+ params.append('.')
+
+ check_call_cmd(top_dir, *params)
+ except CalledProcessError:
+ raise Exception('Cppcheck failed')
def maybe_run_valgrind(top_dir):
"""
@@ -542,6 +556,7 @@
run_unit_tests(top_dir)
maybe_run_valgrind(top_dir)
maybe_run_coverage(top_dir)
+ run_cppcheck(top_dir)
os.umask(prev_umask)
@@ -556,6 +571,7 @@
check_call_cmd(top_dir, 'ctest', '.')
maybe_run_valgrind(top_dir)
maybe_run_coverage(top_dir)
+ run_cppcheck(top_dir)
else:
print "Not a supported repo for CI Tests, exit"