Codan - a C/C++ static analysis framework for CDT
Upcoming SlideShare
Loading in...5

Codan - a C/C++ static analysis framework for CDT



Eclipse Con 2011 Presentation

Eclipse Con 2011 Presentation
Codan - a C/C++ static analysis framework for CDT



Total Views
Views on SlideShare
Embed Views



5 Embeds 676 489 171 13 2 1



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • Launch Control – run menu on resource, listener on editor changes, builder Profile Editor – problems preferences for project and workspace Markers – ui support for markers in eclipse (Problems view, including filtering and navigation) Problem Details View – view that show extra details for given error, can include more advance traces, links to other relevant problems, more attributes, documentation. It is not implemented yet. Builder – codan builder – runs checkers for given launch mode, only enabled checkers are launched Registry – checkers registry and problem profiles, stored as eclipse preferences, external integration can create external “profiles” that can be used by external tools directly (i.e. lint profile based on user selection) Reporter – interface that creates markers Checker – internal codan checker, note: external checker would not reporter interface it will probably use output error parser to create markers instead
  • Mode of launch – user can redefine default checker behavior regarding when to run it. For example some light checker can be run while you editing the code, while other only when you do a project build Parameters – is a way to customize a checker, for example if checker is for naming convention – its parameter is the pattern of naming convention rule Currently it supports only profile for workspace and project specific, later I am planning to add support for named profiles. i.e. “Security” vs “Code Style” vs “Compiler Problems with Quick Fixes”
  • This checker uses C/C++ AST – usually this model is used using visitor pattern reportProblem is method of reporter API that allows to print an error (or generate marker). So this is minimum what you have to do, so it is very easy and useful (I hope)
  • Problem parsers are part of CDT not codan Profile generator service is not implemented yet

Codan - a C/C++ static analysis framework for CDT Codan - a C/C++ static analysis framework for CDT Presentation Transcript

  • Codan: a C/C++ Static Analysis Framework for CDT Alena Laskavaia March, 2011
  • Agenda
    • Codan – stands for - “ Cod e An alysis”
    • An overview of the framework
    • The user interface
    • The development status
    • How to create and integrate a simple internal checker
    • How to integrate external tool such as lint
    • What API provided to aid in writing a checker
  • Goal
    • Goal is to create a common components and API that are shared between static analysis tools, such as:
      • User Interface to control the Problems enablement and parameters
      • Different launch modes (as you type, on demand, as a builder)
      • A view to display additional problem information
      • Generic Marker type for problems with extra fields
      • API to log the problems
      • Abstract classes for checkers
      • Sample checkers
      • JUnit testing framework
      • QuickFix base classes
    • Besides the framework there is also a “Checkers Feature” which has few actual checkers and quick fixes for them
  • Codan Users
    • Tool Vendors
      • To create plugins containing end-user checkers and templates
    • Software Architects, Process Enforcement people
      • To create customized new checkers, based on templates (no programming involved)
      • To create problems profiles
    • Developer, Tester, Code Inspector
      • To check for errors as you type and have a quick way to fix them, during development
      • To find bugs, security violations, API violations, coding standard violations during debugging, testing, code inspection or before code commit
  • Codan – a black box architecture Checkers Eclipse Platform CDT Codan C/C++ Codan
  • Internal Architecture Profile Editor (Preferences) Launch Control Problem Details (View) Builder Registry Reporter Checker Checker Checker Markers
  • Plugins
    • Plugins in /cvsroot/tools/org.eclipse.cdt/codan
    • org.eclipse.cdt.codan-feature – codan feature
    • org.eclipse.cdt.codan.core – generic core components, registry, builder, abstract checkers, all model interfaces
    • org.eclipse.cdt.codan.core.cxx – C/C++ specific core components, abstract checkers, etc
    • org.eclipse.cdt.codan.checkers – actual C/C++ cherckers
    • org.eclipse.cdt.codan.checkers.ui – UI support for specific checkers, such as quick fix, parameter controls, detail view controls, etc
    • org.eclipse.cdt.codan.ui – generic UI, preferences, launch, etc
    • org.eclipse.cdt.codan.ui.cxx – specific C/C++ ui control, such CEditor listeners
    • org.eclipse.cdt.codan.core.test – junit testing framework and tests for checkers
    • org.eclipse.cdt.codan.examples – examples of checkers
  • Profile Editor (Problem Preferences)
    • Either checker enabled or not
    • Severity of the Problem
    • Info – description, message
    • Customization: edit message, parameters, scope, launching options
  • Launch Control
    • Run on demand from context menu
    Run with Build Run as you type
  • Problem Markers & Quick Fix
    • Codan problem markers
    • Categories for grouping
    • Quick Fixes
    • Special menu commands: Customize...,Show in Problem Details view
    • Released in CDT 7.0 as optional feature
    • Framework Features
      • Pluggable checkers, base classes for generic checker and C/C++ AST checkers
      • Customizable problems with severity, enablement, categories
      • Parametrized checkers (limited ui support)
      • Problem details view (extendable)
    • Only handful of checker available for end-users
    Codan in CDT 7.0
  • Development Status CDT 8.0
    • Framework
      • Generic framework for Quick Fix
      • Base classes for simplified junits (code samples are read from comments)
      • Better support for marker generation (tries to update markers instead of delete/insert)
      • Common scope filters for checkers (excluded/included files)
      • Individually controlled launch parameters
      • Editing configuration of multiple problems
    • Checker & Quick Fixes Added
      • Problem Binding checker (which produces dozens of problems) and Quick Fixes such as “Create Local Variable”, etc
      • Assignment to itself checker
      • Fall-through case checker
      • Scanf format vulnerability security checker
      • Return style checker
  • How to create Internal Checker
    • Define a problem
    • Create extension to define your checker and problem(s) it can find, define a new category or assign to existing one
    • Extend abstract checker that supports a given model, and implement it. Current base classes: AbstractCheckerWithProblemPreferences (Resource), AbstractCIndexChecker (Index), AbstractIndexAstChecker (C/C++ AST per compilation unit), AbstractAstFunctionChecker (C/C++ AST per function).
    • Create a quick fix for the problem (optional)
    • Creation extension to problem view (optional)
    • Create a junit test cases
  • Internal Checker – Example (Extension)
    • <extension
    • point= &quot;org.eclipse.cdt.codan.core.checkers&quot; >
    • </checker>
    • <checker
    • class= &quot;org.eclipse.cdt.codan.internal.checkers.StatementHasNoEffectChecker&quot;
    • id= &quot;org.eclipse.cdt.codan.internal.checkers.StatementHasNoEffectChecker&quot;
    • name= &quot;StatementHasNoEffectChecker&quot; >
    • <problem
    • category= &quot;org.eclipse.cdt.codan.core.categories.ProgrammingProblems&quot;
    • defaultSeverity= &quot;Warning&quot;
    • id= &quot;org.eclipse.cdt.codan.internal.checkers.StatementHasNoEffectProblem&quot;
    • name= &quot;Statement has no effect&quot; >
    • messagePattern= &quot;Statement has no effect ''{0}''&quot;
    • />
    • </checker>
    • </extension>
    • Define a problem: Find a statements that do not do anything therefore suspicious, such as “a;”
    • Create an extension:
  • Internal Checker – Example (Code)
    • public class StatementHasNoEffectChecker extends AbstractIndexAstChecker {
    • private static final String ER_ID = &quot;org.eclipse.cdt.codan.internal.checkers.StatementHasNoEffectProblem&quot; ; //$NON-NLS-1$
    • public void processAst(IASTTranslationUnit ast) {
    • ast.accept( new CheckStmpVisitor());
    • }
    • class CheckStmpVisitor extends ASTVisitor {
    • CheckStmpVisitor() {
    • shouldVisitStatements = true ;
    • }
    • public int visit(IASTStatement stmt) {
    • if (stmt instanceof IASTExpressionStatement) {
    • if (hasNoEffect(((IASTExpressionStatement) stmt).getExpression())) {
    • reportProblem( ER_ID , stmt);
    • }
    • }
    • return PROCESS_SKIP ;
    • }
    • See full code of this checker in codan project:
    • org.eclipse.cdt/codan/org.eclipse.cdt.codan.checkers/src/org/eclipse/cdt/codan/internal/checkers/
    • Pick a Model: C/C++ AST
    • Extending AbstractIndexAstChecker
  • Internal Checker – Example (Junit Test)
    • public class StatementHasNoEffectCheckerTest extends CheckerTestCase {
    • @Override
    • public void setUp() throws Exception {
    • super .setUp();
    • enableProblems(StatementHasNoEffectChecker. ER_ID );
    • }
    • // main() {
    • // int a;
    • // a; // error here on line 3
    • // }
    • public void testExpression() throws IOException {
    • loadCodeAndRun(getAboveComment());
    • checkErrorLine(3);
    • }
    • ...
    • Create JUnit tests
  • How to create External Checker
    • If tool is integrated with build system already
      • Either a) adjust tool output to match one of the recognized error patterns (such as gcc)
      • b) create an error parser for your tool using an API or UI
    • If you want user to control problem profile for the tool
      • Create a “checker” for the tool you running
      • Register problems or group of problems tools creates
      • Add a listener for profile changes to generate external problems profile (when using make integrated tool) or add listener to a build and re-generate tools input files just before the build
    • If tool is not integrated with build implement a checker as launcher of the tool (get projects option such as includes and defines from CDT and query profile when starting the checker)
    • Extend problems view to show addition problem information/documentation
    • Implement Quick Fixes
  • What API provided to aid in writing a checker
    • File Text – platform/java
    • Token list – CDT - scanner and preprocessor
    • Comments and Pre-processor directives – CDT - scanner
    • Language AST – CDT – parser (AST view for debugging)
    • Bindings – provided by CDT - indexer
    • Control Flow Graph – CDT - codan (CFG view for debugging)
    • Data Flow Graph – todo in codan
    • Call Graph – CDT - indexer
    • Abstract Checker classes – CDT – codan
    • Base classes for quick fix – codan
    • AST re-write utilities for quick fix - CDT
  • Questions?
    • More information: