From d80ae6aec325f8af7aacafaf47469c4e46090792 Mon Sep 17 00:00:00 2001 From: Christoph Scholtes Date: Sun, 25 Feb 2024 07:59:08 -0700 Subject: [PATCH] Add static analysis capability using cppcheck. --- Dockerfile | 1 + Makefile | 37 ++++++++++++++++++++++++++++++++++--- README.md | 28 +++++++++++++++++++++++----- 3 files changed, 58 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6117d3f..8005ab4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,5 +31,6 @@ COPY MacOSX11.1.sdk.tar.* /home/build/rack-plugin-toolchain/ RUN JOBS=$JOBS make toolchain-mac RUN JOBS=$JOBS make toolchain-win RUN JOBS=$JOBS make toolchain-lin +RUN JOBS=$JOBS make toolchain-cppcheck RUN rm MacOSX11.1.sdk.tar.* diff --git a/Makefile b/Makefile index 721bc63..cd5bd1f 100644 --- a/Makefile +++ b/Makefile @@ -17,7 +17,7 @@ export JOBS_CT_NG := endif RACK_SDK_VERSION := 2.4.1 -DOCKER_IMAGE_VERSION := 13 +DOCKER_IMAGE_VERSION := 14 all: toolchain-all rack-sdk-all @@ -26,7 +26,7 @@ all: toolchain-all rack-sdk-all # Toolchain build -toolchain-all: toolchain-lin toolchain-win toolchain-mac +toolchain-all: toolchain-lin toolchain-win toolchain-mac toolchain-cppcheck crosstool-ng := $(LOCAL_DIR)/bin/ct-ng @@ -108,6 +108,24 @@ $(toolchain-mac): rm -rf osxcross +CPPCHECK_VERSION := 2.13.0 +toolchain-cppcheck := $(LOCAL_DIR)/cppcheck/bin/cppcheck +toolchain-cppcheck: $(toolchain-cppcheck) +$(toolchain-cppcheck): + wget --continue "https://github.com/danmar/cppcheck/archive/refs/tags/$(CPPCHECK_VERSION).tar.gz" + tar xvf $(CPPCHECK_VERSION).tar.gz + cd cppcheck-$(CPPCHECK_VERSION) && mkdir build + cd cppcheck-$(CPPCHECK_VERSION)/build \ + && cmake .. \ + -DUSE_MATCHCOMPILER=ON \ + -DUSE_THREADS=ON \ + -DCMAKE_INSTALL_PREFIX=$(LOCAL_DIR)/cppcheck \ + && cmake --build . -j \ + && cmake --install . + rm $(CPPCHECK_VERSION).tar.gz + rm -rf cppcheck-$(CPPCHECK_VERSION) + + toolchain-clean: rm -rf local osxcross .build build.log .config @@ -228,6 +246,16 @@ plugin-build-clean: rm -rf $(PLUGIN_BUILD_DIR) +# Static Analysis + +static-analysis-cppcheck: export PATH := $(LOCAL_DIR)/cppcheck/bin:$(PATH) +static-analysis-cppcheck: toolchain-cppcheck + cd $(PLUGIN_DIR) && cppcheck src/ -isrc/dep --std=c++11 -j $(shell nproc) -q --error-exitcode=1 2>&1 | tee cppcheck-results.log + + +plugin-analyze: static-analysis-cppcheck + + # Docker helpers @@ -334,6 +362,9 @@ docker-plugin-build-lin-x64: mkdir -p $(PLUGIN_BUILD_DIR) $(DOCKER_RUN) -c "$(MAKE) plugin-build-lin-x64 $(MFLAGS)" +docker-plugin-analyze: + $(DOCKER_RUN) -c "$(MAKE) plugin-analyze $(MFLAGS)" + .NOTPARALLEL: -.PHONY: all plugin-build +.PHONY: all plugin-build plugin-analyze diff --git a/README.md b/README.md index 25fccf2..1fa9fe9 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ **Cross-compile** VCV Rack plugins for all supported platforms with a single command on any GNU/Linux-based distribution. +**Analyze** plugin source code using open source static analysis tools (for example: cppcheck). + ## Supported platforms and architectures The following platforms and architectures are supported by the VCV Rack Plugin Toolchain: @@ -57,6 +59,14 @@ make -j$(nproc) plugin-build PLUGIN_DIR=... Built plugin packages are placed in the `plugin-build/` directory. +Analyze your plugin source code. + +```bash +make -j$(nproc) plugin-analyze PLUGIN_DIR=... +``` + +Analysis results will be captured in a results file in the plugin source directory. + ### Docker toolchain build *Works on any operating system with [Docker](https://www.docker.com/) installed.* @@ -72,26 +82,34 @@ make docker-build *Optional*: Pass number of jobs to use to for the tool chain build with the `JOBS` environment variable. ```bash -JOBS=8 make docker-build +JOBS=$(nproc) make docker-build ``` -(`-j8` will not work due to the different build systems used in the toolchain build process.) +(Just passing `-j$(nproc)` directly will not work due to the different build systems used in the toolchain build process.) Build your plugin. + ```bash -make -j8 docker-plugin-build PLUGIN_DIR=... +make -j$(nproc) docker-plugin-build PLUGIN_DIR=... ``` -You may replace 8 with your desired number of parallel jobs, such as your number of logical cores. Built plugin packages are placed in the `plugin-build/` directory. +Analyze plugin source code. + +```bash +make -j$(nproc) docker-plugin-analyze PLUGIN_DIR=... +``` + +Analysis results will be captured in a results file in the plugin source directory. + #### Notes for building and using the Docker-based toolchain on macOS - Ensure that Docker Desktop has sufficient amount of resources (RAM, disk space) allocated to build the toolchain! - You may have to add `MAKE=make` to the build command:: ```bash -MAKE=make make -j8 docker-plugin-build PLUGIN_DIR=... +MAKE=make make -j$(nproc) docker-plugin-build PLUGIN_DIR=... ``` ### Rack SDK management