1.. _docs-automated-analysis: 2 3================== 4Automated analysis 5================== 6 7The correctness and style of Pigweed's source code is continuously verified 8using a suite of automated tools. We also make it easy to use the same tools 9to verify the code of projects using Pigweed. 10 11------- 12Summary 13------- 14On presubmit or in CI we verify Pigweed using: 15 16* pylint 17* mypy 18* clang-tidy 19* AddressSanitizer (asan) 20* ThreadSanitizer (tsan) 21* UndefinedBehaviorSanitizer (ubsan) 22* OSS-Fuzz 23 24The rest of this document discusses these tools and their configuration in 25greater detail, and how to use them in your own project. 26 27-------------- 28Analysis tools 29-------------- 30 31Static analysis 32=============== 33 34PyLint 35------ 36`PyLint`_ is a customizable Python linter. Pigweed complies with almost all 37the default checks; see `.pylintrc`_ for details. PyLint detects problems such 38as overly broad catch statements, unused arguments/variables, and mutable 39default parameter values. 40 41For upstream Pigweed, PyLint can be run with ``ninja python.lint.pylint`` or 42``ninja python.lint``. It's also included in a variety of presubmit steps, 43like ``static_analysis`` and ``python_checks.gn_python_check``. See the 44`Enabling analysis for your project`_ section to learn how to run PyLint on 45your Pigweed-based project. 46 47.. _PyLint: https://pylint.org/ 48.. _.pylintrc: https://cs.opensource.google/pigweed/pigweed/+/main:.pylintrc 49 50Mypy 51---- 52Python 3 allows for `type annotations`_ for variables, function arguments, and 53return values. Most, but not all, of Pigweed's Python code has type 54annotations, and these annotations have caught real bugs in code that didn't 55yet have unit tests. `Mypy`_ is an analysis tool that enforces these 56annotations. 57 58Mypy helps find bugs like when a string is passed into a function that expects 59a list of strings---since both are iterables this bug might otherwise be hard 60to track down. 61 62Mypy can be run with ``ninja python.lint.mypy`` or ``ninja python.lint``. It's 63also included in a variety of presubmit steps, like ``static_analysis`` and 64``python_checks.gn_python_check``. 65 66.. _type annotations: https://docs.python.org/3/library/typing.html 67.. _Mypy: http://mypy-lang.org/ 68 69clang-tidy 70---------- 71`clang-tidy`_ is a C++ "linter" and static analysis tool. It identifies 72bug-prone patterns (e.g., use after move), non-idiomatic usage (e.g., creating 73``std::unique_ptr`` with ``new`` rather than ``std::make_unique``), and 74performance issues (e.g., unnecessary copies of loop variables). 75 76While powerful, clang-tidy defines a very large number of checks, many of which 77are special-purpose (e.g., only applicable to FPGA HLS code, or code using the 78`Abseil`_ library) or have high false positive rates. Pigweed enables over 50 79checks which are relevant to an embedded C/C++ library and have good 80signal-to-noise ratios. The full list of Pigweed's checks is in `.clang-tidy`_. 81 82We do not currently enable the `Clang Static Analyzers`_ because they suffer 83from false positives, and their findings are time-consuming to manually verify. 84 85clang-tidy can be run with ``ninja static_analysis`` or ``pw presubmit --step 86static_analysis``. Note that as a static analysis tool, clang-tidy will not 87produce any runnable binaries: it simply analyzes the source files. 88 89.. _clang-tidy: https://clang.llvm.org/extra/clang-tidy/ 90.. _Abseil: https://abseil.io/ 91.. _.clang-tidy: https://cs.opensource.google/pigweed/pigweed/+/main:.clang-tidy 92.. _Clang Static Analyzers: https://clang-analyzer.llvm.org/available_checks.html 93 94 95Clang sanitizers 96================ 97We run all of Pigweed's unit tests with the additional instrumentation 98described in this section. For more detail about these sanitizers, see the 99`Github documentation`_. 100 101* asan: `AddressSanitizer`_ detects memory errors such as out-of-bounds access 102 and use-after-free. 103* msan: `MemorySanitizer`_ detects reads of uninitialized memory. 104* tsan: `ThreadSanitizer`_ detects data races. 105* ubsan: `UndefinedBehaviorSanitizer`_ is a fast undefined behavior detector. 106 We use the default ``-fsanitize=undefined`` option. 107 108.. note:: 109 Pigweed does not currently support msan. See https://bugs.pigweed.dev/560 110 for details. 111 112The exact configurations we use for these sanitizers are in 113`pw_toolchain/host_clang/BUILD.gn <https://cs.opensource.google/pigweed/pigweed/+/main:pw_toolchain/host_clang/BUILD.gn>`_. 114You can see the current status of the sanitizer builds in the `Pigweed CI 115console`_, as ``pigweed-linux-san-*``. 116 117Unlike clang-tidy, the clang sanitizers are runtime instrumentation: the 118instrumented binary needs to be run for issues to be detected. 119 120.. _Github documentation: https://github.com/google/sanitizers 121.. _AddressSanitizer: https://clang.llvm.org/docs/AddressSanitizer.html 122.. _MemorySanitizer: https://clang.llvm.org/docs/MemorySanitizer.html 123.. _Pigweed CI console: https://ci.chromium.org/p/pigweed/g/pigweed/console 124.. _ThreadSanitizer: https://clang.llvm.org/docs/ThreadSanitizer.html 125.. _UndefinedBehaviorSanitizer: https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html 126 127 128Fuzzers 129======= 130`Fuzz testing`_ detects errors in software by providing it with randomly 131generated inputs. We use `OSS-fuzz`_ to continuously uncover potential 132vulnerabilities in Pigweed. `Dashboard with Pigweed's latest results`_. See 133the :ref:`module-pw_fuzzer` module documentation for more details. 134 135.. _Dashboard with Pigweed's latest results: https://oss-fuzz-build-logs.storage.googleapis.com/index.html#pigweed 136.. _Fuzz testing: https://en.wikipedia.org/wiki/Fuzzing 137.. _OSS-fuzz: https://github.com/google/oss-fuzz 138 139.. _Enabling analysis for your project: 140 141---------------------------------- 142Enabling analysis for your project 143---------------------------------- 144 145PyLint and Mypy 146=============== 147PyLint and Mypy can be configured to run every time your project is built by 148adding ``python.lint`` to your default build group. (You can also add one or both 149individually using ``python.lint.mypy`` and ``python.lint.pylint``.) Likewise, 150these can be added to individual presubmit steps (`examples`_). You can also 151directly include the `python_checks.gn_python_lint`_ presubmit step. 152 153.. _examples: https://cs.opensource.google/search?q=file:pigweed_presubmit.py%20%22python.lint%22&sq=&ss=pigweed%2Fpigweed 154.. _python_checks.gn_python_lint: https://cs.opensource.google/pigweed/pigweed/+/main:pw_presubmit/py/pw_presubmit/python_checks.py?q=file:python_checks.py%20gn_python_lint&ss=pigweed%2Fpigweed 155 156clang-tidy 157========== 158`pw_toolchain/static_analysis_toolchain.gni`_ provides the 159``pw_static_analysis_toolchain`` template that can be used to create a build 160group performing static analysis. See :ref:`module-pw_toolchain` documentation 161for more details. This group can then be added as a presubmit step using 162pw_presubmit. 163 164You can place a ``.clang-tidy`` file at the root of your repository to control 165which checks are executed. See the `clang documentation`_ for a discussion of how 166the tool chooses which ``.clang-tidy`` files to apply when run on a particular 167source file. 168 169.. _pw_toolchain/static_analysis_toolchain.gni: https://cs.opensource.google/pigweed/pigweed/+/main:pw_toolchain/static_analysis_toolchain.gni 170.. _clang documentation: https://clang.llvm.org/extra/clang-tidy/ 171 172Clang sanitizers 173================ 174There are two ways to enable sanitizers for your build. 175 176GN args on debug toolchains 177--------------------------- 178If you are already building your tests with one of the following toolchains (or 179a toolchain derived from one of them): 180 181* ``pw_toolchain_host_clang.debug`` 182* ``pw_toolchain_host_clang.speed_optimized`` 183* ``pw_toolchain_host_clang.size_optimized`` 184 185you can enable the clang sanitizers simply by setting the gn arg 186``pw_toolchain_SANITIZERS`` to the desired subset of 187``["address", "thread", "undefined"]``. 188 189Example 190^^^^^^^ 191If your project defines a toolchain ``host_clang_debug`` that is derived from 192one of the above toolchains, and you'd like to run the ``pw_executable`` target 193``sample_binary`` defined in the ``BUILD.gn`` file in ``examples/sample`` with 194asan, you would run, 195 196.. code-block:: bash 197 198 gn gen out --args='pw_toolchain_SANITIZERS=["address"]' 199 ninja -C out host_clang_debug/obj/example/sample/bin/sample_binary 200 out/host_clang_debug/obj/example/sample/bin/sample_binary 201 202Sanitizer toolchains 203-------------------- 204Otherwise, instead of using ``gn args`` you can build your tests with the 205appropriate toolchain from the following list (or a toolchain derived from one 206of them): 207 208* ``pw_toolchain_host_clang.asan`` 209* ``pw_toolchain_host_clang.ubsan`` 210* ``pw_toolchain_host_clang.tsan`` 211 212See the :ref:`module-pw_toolchain` module documentation for more 213about Pigweed toolchains. 214 215Fuzzers 216======= 217See the :ref:`module-pw_fuzzer` module documentation. 218 219