Merge pull request #964 from rnkovacs/pre-selection

Create checker pre-selection profiles
Ericsson · Oct 13, 2017 · 9249060 · 9249060
2 parents c298c2c + 8a0c5b7
commit 9249060
Show file tree

Hide file tree

Showing 7 changed files with 365 additions and 86 deletions.
diff --git a/config/config.json b/config/config.json
@@ -9,45 +9,175 @@
       "ld_preload" : "LD_PRELOAD",
       "codechecker_workspace" : "CODECHECKER_WORKSPACE"
   },
+  "available_profiles": {
+      "default" : "High-quality standard checks with a low false positive rate.",
+      "sensitive" : "Default checks + more comprehensive checks with a low false positive rate.",
+      "extreme" : "Sensitive checks + more comprehensive checks with a manageable false positive rate."
+  },
   "checker_config": {
-      "clangsa_checkers" : [
-          {"core" : true },
-          {"unix" : true },
-          {"deadcode" : true },
-          {"cplusplus" : true },
-          {"security.insecureAPI.UncheckedReturn" : true },
-          {"security.insecureAPI.getpw" : true },
-          {"security.insecureAPI.gets" : true },
-          {"security.insecureAPI.mktemp" : true },
-          {"security.insecureAPI.mkstemp" : true },
-          {"security.insecureAPI.vfork" : true }
-      ],
-      "clang-tidy_checkers" : [
-          {"bugprone-suspicious-memset-usage" : true },
-          {"clang-diagnostic-" : true },
-          {"cert-fio38-c" : true },
-          {"cert-dcl58-cpp" : true },
-          {"google-global-names-in-headers" : true },
-          {"misc-assert-side-effect" : true },
-          {"misc-dangling-handle" : true },
-          {"misc-inaccurate-erase" : true },
-          {"misc-incorrect-roundings" : true },
-          {"misc-move-forwarding-reference" : true },
-          {"misc-move-constructor-init" : true },
-          {"misc-move-const-arg" : true },
-          {"misc-noexcept-move-constructor" : true },
-          {"misc-non-copyable-objects" : true },
-          {"misc-redundant-expression" : true },
-          {"misc-sizeof-container" : true },
-          {"misc-sizeof-expression" : true },
-          {"misc-string-compare" : true },
-          {"misc-string-constructor" : true },
-          {"misc-suspicious-enum-usage" : true },
-          {"misc-suspicious-missing-comma" : true },
-          {"misc-suspicious-semicolon" : true },
-          {"misc-swapped-arguments" : true },
-          {"misc-undelegated-constructor" : true },
-          {"misc-unused-raii" : true }
-      ]
-  }
+      "clangsa_checkers" : {
+        "alpha.core.BoolAssignment" : ["sensitive", "extreme"],
+        "alpha.core.CallAndMessageUnInitRefArg" : ["extreme"],
+        "alpha.core.CastSize" : ["sensitive", "extreme"],
+        "alpha.core.Conversion" : ["sensitive", "extreme"],
+        "alpha.core.DynamicTypeChecker" : ["sensitive", "extreme"],
+        "alpha.core.FixedAddr" : ["extreme"],
+        "alpha.core.IdenticalExpr" : ["extreme"],
+        "alpha.core.SizeofPtr" : ["sensitive", "extreme"],
+        "alpha.core.TestAfterDivZero" : ["sensitive", "extreme"],
+        "alpha.cplusplus.DeleteWithNonVirtualDtor" : ["sensitive", "extreme"],
+        "alpha.cplusplus.IteratorRange" : ["sensitive", "extreme"],
+        "alpha.cplusplus.MisusedMovedObject" : ["sensitive", "extreme"],
+        "alpha.security.ArrayBound" : ["extreme"],
+        "alpha.security.ArrayBoundV2" : ["extreme"],
+        "alpha.security.MallocOverflow" : ["sensitive", "extreme"],
+        "alpha.security.ReturnPtrRange" : ["sensitive", "extreme"],
+        "alpha.security.taint.TaintPropagation" : ["sensitive", "extreme"],
+        "alpha.unix.BlockInCriticalSection" : ["sensitive", "extreme"],
+        "alpha.unix.Chroot" : ["sensitive", "extreme"],
+        "alpha.unix.PthreadLock" : ["sensitive", "extreme"],
+        "alpha.unix.SimpleStream" : ["sensitive", "extreme"],
+        "alpha.unix.Stream" : ["sensitive", "extreme"],
+        "alpha.unix.cstring.BufferOverlap" : ["sensitive", "extreme"],
+        "alpha.unix.cstring.NotNullTerminated" : ["sensitive", "extreme"],
+        "alpha.unix.cstring.OutOfBounds" : ["sensitive", "extreme"],
+        "apiModeling.google.GTest" : ["default", "sensitive", "extreme"],
+        "core.CallAndMessage" : ["default", "sensitive", "extreme"],
+        "core.DivideZero" : ["default", "sensitive", "extreme"],
+        "core.DynamicTypePropagation" : ["default", "sensitive", "extreme"],
+        "core.NonNullParamChecker" : ["default", "sensitive", "extreme"],
+        "core.NullDereference" : ["default", "sensitive", "extreme"],
+        "core.StackAddressEscape" : ["default", "sensitive", "extreme"],
+        "core.UndefinedBinaryOperatorResult" : ["default", "sensitive", "extreme"],
+        "core.VLASize" : ["default", "sensitive", "extreme"],
+        "core.builtin.BuiltinFunctions" : ["default", "sensitive", "extreme"],
+        "core.builtin.NoReturnFunctions" : ["default", "sensitive", "extreme"],
+        "core.uninitialized.ArraySubscript" : ["default", "sensitive", "extreme"],
+        "core.uninitialized.Assign" : ["default", "sensitive", "extreme"],
+        "core.uninitialized.Branch" : ["default", "sensitive", "extreme"],
+        "core.uninitialized.CapturedBlockVariable" : ["default", "sensitive", "extreme"],
+        "core.uninitialized.UndefReturn" : ["default", "sensitive", "extreme"],
+        "cplusplus.NewDelete" : ["default", "sensitive", "extreme"],
+        "cplusplus.NewDeleteLeaks" : ["default", "sensitive", "extreme"],
+        "cplusplus.SelfAssignment" : ["default", "sensitive", "extreme"],
+        "deadcode.DeadStores" : ["default", "sensitive", "extreme"],
+        "nullability.NullPassedToNonnull" : ["default", "sensitive", "extreme"],
+        "nullability.NullReturnedFromNonnull" : ["default", "sensitive", "extreme"],
+        "nullability.NullableDereferenced" : ["sensitive", "extreme"],
+        "nullability.NullablePassedToNonnull" : ["sensitive", "extreme"],
+        "nullability.NullableReturnedFromNonnull" : ["sensitive", "extreme"],
+        "optin.mpi.MPI-Checker" : ["sensitive", "extreme"],
+        "optin.portability.UnixAPI" : ["sensitive", "extreme"],
+        "security.FloatLoopCounter" : ["default", "sensitive", "extreme"],
+        "security.insecureAPI.UncheckedReturn" : ["default", "sensitive", "extreme"],
+        "security.insecureAPI.getpw" : ["default", "sensitive", "extreme"],
+        "security.insecureAPI.gets" : ["default", "sensitive", "extreme"],
+        "security.insecureAPI.mkstemp" : ["default", "sensitive", "extreme"],
+        "security.insecureAPI.mktemp" : ["default", "sensitive", "extreme"],
+        "security.insecureAPI.rand" : ["default", "sensitive", "extreme"],
+        "security.insecureAPI.vfork" : ["default", "sensitive", "extreme"],
+        "unix.API" : ["default", "sensitive", "extreme"],
+        "unix.Malloc" : ["default", "sensitive", "extreme"],
+        "unix.MallocSizeof" : ["default", "sensitive", "extreme"],
+        "unix.MismatchedDeallocator" : ["default", "sensitive", "extreme"],
+        "unix.StdCLibraryFunctions" : ["default", "sensitive", "extreme"],
+        "unix.Vfork" : ["default", "sensitive", "extreme"],
+        "unix.cstring.BadSizeArg" : ["default", "sensitive", "extreme"],
+        "unix.cstring.NullArg" : ["default", "sensitive", "extreme"],
+        "valist.CopyToSelf" : ["default", "sensitive", "extreme"],
+        "valist.Uninitialized" : ["default", "sensitive", "extreme"],
+        "valist.Unterminated" : ["default", "sensitive", "extreme"]
+      },
+      "clang-tidy_checkers" : {
+        "boost-use-to-string" : ["sensitive", "extreme"],
+        "bugprone-integer-division" : ["default", "sensitive", "extreme"],
+        "bugprone-suspicious-memset-usage" : ["default", "sensitive", "extreme"],
+        "bugprone-undefined-memory-manipulation" : ["default", "sensitive", "extreme"],
+        "cert-dcl21-cpp" : ["sensitive", "extreme"],
+        "cert-dcl50-cpp" : ["sensitive", "extreme"],
+        "cert-dcl58-cpp" : ["default", "sensitive", "extreme"],
+        "cert-dcl59-cpp" : ["sensitive", "extreme"],
+        "cert-env33-c" : ["sensitive", "extreme"],
+        "cert-err34-c" : ["extreme"],
+        "cert-err52-cpp" : ["sensitive", "extreme"],
+        "cert-err58-cpp" : ["sensitive", "extreme"],
+        "cert-flp30-c" : ["sensitive", "extreme"],
+        "cert-msc50-cpp" : ["sensitive", "extreme"],
+        "cppcoreguidelines-interfaces-global-init" : ["extreme"],
+        "cppcoreguidelines-no-malloc" : ["sensitive", "extreme"],
+        "cppcoreguidelines-owning-memory" : ["sensitive", "extreme"],
+        "cppcoreguidelines-pro-type-const-cast" : ["extreme"],
+        "cppcoreguidelines-pro-type-member-init" : ["extreme"],
+        "cppcoreguidelines-pro-type-reinterpret-cast" : ["sensitive", "extreme"],
+        "cppcoreguidelines-pro-type-static-cast-downcast" : ["sensitive", "extreme"],
+        "cppcoreguidelines-pro-type-vararg" : ["sensitive", "extreme"],
+        "cppcoreguidelines-slicing" : ["sensitive", "extreme"],
+        "cppcoreguidelines-special-member-functions" : ["default", "sensitive", "extreme"],
+        "google-build-explicit-make-pair" : ["sensitive", "extreme"],
+        "google-build-namespaces" : ["default", "sensitive", "extreme"],
+        "google-build-using-namespace" : ["sensitive", "extreme"],
+        "google-default-arguments" : ["extreme"],
+        "google-explicit-constructor" : ["sensitive", "extreme"],
+        "google-global-names-in-headers" : ["default", "sensitive", "extreme"],
+        "google-runtime-member-string-references" : ["sensitive", "extreme"],
+        "google-runtime-operator" : ["sensitive", "extreme"],
+        "misc-argument-comment" : ["sensitive", "extreme"],
+        "misc-assert-side-effect" : ["default", "sensitive", "extreme"],
+        "misc-bool-pointer-implicit-conversion" : ["default", "sensitive", "extreme"],
+        "misc-dangling-handle" : ["default", "sensitive", "extreme"],
+        "misc-definitions-in-headers" : ["default", "sensitive", "extreme"],
+        "misc-fold-init-type" : ["default", "sensitive", "extreme"],
+        "misc-forward-declaration-namespace" : ["default", "sensitive", "extreme"],
+        "misc-forwarding-reference-overload" : ["default", "sensitive", "extreme"],
+        "misc-inaccurate-erase" : ["default", "sensitive", "extreme"],
+        "misc-incorrect-roundings" : ["default", "sensitive", "extreme"],
+        "misc-inefficient-algorithm" : ["default", "sensitive", "extreme"],
+        "misc-lambda-function-name" : ["default", "sensitive", "extreme"],
+        "misc-macro-repeated-side-effects" : ["default", "sensitive", "extreme"],
+        "misc-misplaced-const" : ["default", "sensitive", "extreme"],
+        "misc-misplaced-widening-cast" : ["default", "sensitive", "extreme"],
+        "misc-move-const-arg" : ["default", "sensitive", "extreme"],
+        "misc-move-constructor-init" : ["default", "sensitive", "extreme"],
+        "misc-move-forwarding-reference" : ["default", "sensitive", "extreme"],
+        "misc-multiple-statement-macro" : ["sensitive", "extreme"],
+        "misc-new-delete-overloads" : ["default", "sensitive", "extreme"],
+        "misc-noexcept-move-constructor" : ["default", "sensitive", "extreme"],
+        "misc-non-copyable-objects" : ["default", "sensitive", "extreme"],
+        "misc-redundant-expression" : ["default", "sensitive", "extreme"],
+        "misc-sizeof-container" : ["default", "sensitive", "extreme"],
+        "misc-sizeof-expression" : ["default", "sensitive", "extreme"],
+        "misc-static-assert" : ["sensitive", "extreme"],
+        "misc-string-compare" : ["default", "sensitive", "extreme"],
+        "misc-string-constructor" : ["default", "sensitive", "extreme"],
+        "misc-string-integer-assignment" : ["sensitive", "extreme"],
+        "misc-string-literal-with-embedded-nul" : ["default", "sensitive", "extreme"],
+        "misc-suspicious-enum-usage" : ["default", "sensitive", "extreme"],
+        "misc-suspicious-missing-comma" : ["default", "sensitive", "extreme"],
+        "misc-suspicious-semicolon" : ["default", "sensitive", "extreme"],
+        "misc-suspicious-string-compare" : ["sensitive", "extreme"],
+        "misc-swapped-arguments" : ["default", "sensitive", "extreme"],
+        "misc-throw-by-value-catch-by-reference" : ["default", "sensitive", "extreme"],
+        "misc-unconventional-assign-operator" : ["default", "sensitive", "extreme"],
+        "misc-undelegated-constructor" : ["default", "sensitive", "extreme"],
+        "misc-uniqueptr-reset-release" : ["default", "sensitive", "extreme"],
+        "misc-unused-alias-decls" : ["sensitive", "extreme"],
+        "misc-unused-raii" : ["default", "sensitive", "extreme"],
+        "misc-unused-using-decls" : ["sensitive", "extreme"],
+        "misc-use-after-move" : ["default", "sensitive", "extreme"],
+        "misc-virtual-near-miss" : ["default", "sensitive", "extreme"],
+        "modernize-deprecated-headers" : ["sensitive", "extreme"],
+        "modernize-replace-auto-ptr" : ["sensitive", "extreme"],
+        "modernize-replace-random-shuffle" : ["sensitive", "extreme"],
+        "mpi-buffer-deref" : ["sensitive", "extreme"],
+        "mpi-type-mismatch" : ["sensitive", "extreme"],
+        "performance-faster-string-find" : ["sensitive", "extreme"],
+        "performance-for-range-copy" : ["sensitive", "extreme"],
+        "performance-implicit-conversion-in-loop" : ["sensitive", "extreme"],
+        "performance-inefficient-string-concatenation" : ["sensitive", "extreme"],
+        "performance-inefficient-vector-operation" : ["sensitive", "extreme"],
+        "performance-type-promotion-in-math-fn" : ["sensitive", "extreme"],
+        "performance-unnecessary-copy-initialization" : ["sensitive", "extreme"],
+        "performance-unnecessary-value-param" : ["sensitive", "extreme"]
+      }
+    }
 }
diff --git a/docs/user_guide.md b/docs/user_guide.md
@@ -132,7 +132,7 @@ usage: CodeChecker check [-h] [-o OUTPUT_DIR] [-q] [-f]
                          [--add-compiler-defaults]
                          [--saargs CLANGSA_ARGS_CFG_FILE]
                          [--tidyargs TIDY_ARGS_CFG_FILE]
-                         [-e checker/checker-group] [-d checker/checker-group]
+                         [-e checker/group/profile] [-d checker/group/profile]
                          [--print-steps]
                          [--verbose {info,debug,debug_analyzer}]
 
@@ -188,8 +188,8 @@ cross translation unit analysis arguments:
 
 checker configuration:
 
-  -e checker/checker-group, --enable checker/checker-group
-  -d checker/checker-group, --disable checker/checker-group
+  -e checker/group/profile, --enable checker/group/profile
+  -d checker/group/profile, --disable checker/group/profile
 
 output arguments:
   --print-steps
@@ -308,8 +308,8 @@ usage: CodeChecker analyze [-h] [-j JOBS] [-i SKIPFILE] -o OUTPUT_PATH
                            [--capture-analysis-output]
                            [--saargs CLANGSA_ARGS_CFG_FILE]
                            [--tidyargs TIDY_ARGS_CFG_FILE]
-                           [-e checker/checker-group]
-                           [-d checker/checker-group] [--enable-all]
+                           [-e checker/group/profile]
+                           [-d checker/group/profile] [--enable-all]
                            [--verbose {info,debug,debug_analyzer}]
                            logfile [logfile ...]
 
@@ -493,12 +493,12 @@ available checkers in the binaries installed on your system.
 ~~~~~~~~~~~~~~~~~~~~~
 checker configuration:
 
-  -e checker/checker-group, --enable checker/checker-group
-                        Set a checker (or checker group) to BE USED in the
-                        analysis.
-  -d checker/checker-group, --disable checker/checker-group
-                        Set a checker (or checker group) to BE PROHIBITED from
-                        use in the analysis.
+  -e checker/group/profile, --enable checker/group/profile
+                        Set a checker (or checker group or checker profile)
+                        to BE USED in the analysis.
+  -d checker/group/profile, --disable checker/group/profile
+                        Set a checker (or checker group or checker profile)
+                        to BE PROHIBITED from use in the analysis.
   --enable-all          Force the running analyzers to use almost every
                         checker available. The checker groups 'alpha.',
                         'debug.' and 'osx.' (on Linux) are NOT enabled
@@ -509,21 +509,37 @@ checker configuration:
                         WISELY AND AT YOUR OWN RISK!
 ~~~~~~~~~~~~~~~~~~~~~
 
-Both `--enable` and `--disable` take individual checkers or checker groups as
-their argument and there can be any number of such flags specified.
-
-For example
+Both `--enable` and `--disable` take individual checkers, checker groups or
+checker profiles as their argument and there can be any number of such flags
+specified. Flag order is important, subsequent options **overwrite** previously
+specified ones. For example
 
 ~~~
---enable core --disable core.uninitialized --enable core.uninitialized.Assign
+--enable extreme --disable core.uninitialized --enable core.uninitialized.Assign
 ~~~
 
-will enable every `core` checker which is not `core.uninitialized`, but
-`core.uninitialized.Assign` will also be enabled.
+will enable every checker of the `extreme` profile that do not belong to the
+ `core.uninitialized` group, with the exception of `core.uninitialized.Assign`,
+which will be enabled after all.
 
 Disabling certain checkers - such as the `core` group - is unsupported by
 the LLVM/Clang community, and thus discouraged.
 
+
+#### Checker profiles
+
+Checker profiles describe custom sets of enabled checks which can be specified
+in the `{INSTALL_DIR}/config/config.json` file. Three built-in options are
+available grouping checkers by their quality (measured by their false positive
+rate): `default`, `sensitive` and `extreme`. Detailed information about profiles
+can be retrieved by the `CodeChecker checkers` command.
+
+Note: `list` is a reserved keyword used to show all the available profiles and
+thus should not be used as a profile name. Profile names should also be
+different from checker(-group) names as they are enabled using the same syntax
+and coinciding names could cause unintended behavior.
+
+
 #### `--enable-all`
 
 Specifying `--enable-all` will "force" CodeChecker to enable **every** checker
@@ -792,7 +808,8 @@ providing a quick overview on which checkers are available in the analyzers.
 
 ~~~~~~~~~~~~~~~~~~~~~
 usage: CodeChecker checkers [-h] [--analyzers ANALYZER [ANALYZER ...]]
-                            [--details] [--only-enabled | --only-disabled]
+                            [--details] [--profile {PROFILE/list}]
+                            [--only-enabled | --only-disabled]
                             [-o {rows,table,csv,json}]
                             [--verbose {info,debug,debug_analyzer}]
 
@@ -805,6 +822,10 @@ optional arguments:
                         Show checkers only from the analyzers specified.
   --details             Show details about the checker, such as description,
                         if available.
+  --profile {PROFILE/list}
+                        List checkers enabled by the selected profile.
+                        'list' is a special option showing details about
+                        profiles collectively.
   --only-enabled        Show only the enabled checkers.
   --only-disabled       Show only the disabled checkers.
   -o {rows,table,csv,json}, --output {rows,table,csv,json}