= Static Analysis =

[http://en.wikipedia.org/wiki/Static_code_analysis Static analysis] is a technique for
finding bugs just by looking at source code without actually running it.
That's great, because it can find bugs that are really hard to trigger.

== Coverity ==

[http://coverity.com Coverity] is a commercial static analysis service that runs
continuous scans of many open source apps, including Wine.
A summary of results is online at [http://scan.coverity.com/rung1.html];
it shows Wine has 0.2 defects per thousand lines of code, which
compares favorably with other projects.

To see the detailed results, see http://scan.coverity.com/devfaq.html
which says "Locate your project on the Full List of the Scan ladder, and click the Log In link. Account requests must be approved by the project's official contacts."  Our official contacts are
[http://www.winehq.org/pipermail/wine-devel/2007-March/055416.html Paul Vriens] and
[http://www.winehq.org/pipermail/wine-devel/2007-March/055428.html Jan Zerebecki].
Contact them or scan-admin at coverity for access.

When posting patches to fix bugs found by Coverity, please include "Coverity" in the subject line.

Here are two ways to look for Coverity-related Wine patches:
 * [http://www.google.com/search?q=coverity+inurl%3Awine-patches+site%3Awinehq.org  in wine-patches]
 * [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=coverity&sr=1 in git]  (14 in month ending Jan 15 2010)

== PVS-Studio ==
[http://www.viva64.com/ PVS-Studio] is a static analysis tool that integrates into Visual Studio.
See http://www.viva64.com/en/a/0076/ for a report of errors analyzing ReactOS code with PVS-Studio.
According to http://www.winehq.org/pipermail/wine-devel/2011-December/093599.html, many but not all of the warnings it raised have already been fixed in Wine.

== Old Smatch ==

Smatch is an open source static analysis tool. The old and obsolete version is based on a hacked gcc-3.1.1 with some perl modules and scripts. But it is still useful for Wine and "low cost" to run.

When posting patches to fix bugs found by Smatch, please include "Smatch" in the subject line.

Michael Stefaniuc says that one of these days he's going to stop using the old Smatch and switch to Coccinelle [IRC 15 Jan 2010]. It is way easier to prototype new ideas in Coccinelle.

Here are three ways to look for Smatch-related Wine patches:
 * [http://www.google.com/search?q=smatch+inurl%3Awine-patches+site%3Awinehq.org in wine-patches]
 * [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=smatch&sr=1 in git] (1 in month ending Jan 15 2010, 3 in previous month)
 * [http://people.redhat.com/mstefani/wine/smatch/results.html table of detailed results from Michael Stefaniuc]

== Smatch ==
[http://smatch.sourceforge.net/ Smatch] is an open source static analysis tool. The new Smatch is based on sparse, the checker used by the Linux Kernel.

Smatch has some built in Wine checks.


== Coccinelle ==

[http://coccinelle.lip6.fr Coccinelle] is yet another open source static analysis tool.

Students at Aalborg University say [http://www.winehq.org/pipermail/wine-devel/2008-May/065508.html they found a number of bugs with it] in 2008.
Paul Vriens and Michael Stefaniuc are using it since 2009.

When posting patches to fix bugs found by Coccinelle, please include "Coccinelle" in the subject line.

Here are two ways to look for Coccinelle-related Wine patches:
 * [http://www.google.com/search?q=coccinelle+inurl%3Awine-patches+site%3Awinehq.org in wine-patches]
 * [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=coccinelle&sr=1 in git] (12 in month ending Jan 15 2010)
 * [http://people.redhat.com/mstefani/wine/coccinelle/ Some Wine specific cocci scripts]

[[Anchor(clang)]]
== Clang Static Analyzer ==

[http://clang.llvm.org/ Clang] (the C-language front end to the [http://www.llvm.org/ LLVM compiler]) includes a new static analysis tool currently named the [http://clang-analyzer.llvm.org/ Clang Static Analyzer].

Download [http://download.myreactos.com/Amine/wine-scan-build-2011-01-20.tar.bz2 checker-report] for a checker report on Wine, or [http://austinenglish.com/logs/clang_analyzer/index.html browse it online].

Henri Verbeet has started submitting patches to fix these warnings; the first is http://winehq.org/pipermail/wine-patches/2008-October/062650.html

When posting patches to fix bugs found by Clang, please include "LLVM/Clang" in the subject line.

Here are two ways to look for Clang-related Wine patches:
 * [http://www.google.com/search?q=clang+inurl%3Awine-patches+site%3Awinehq.org  in wine-patches]
 * [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=clang&sr=1 in git] (none in month ending Jan 15, 2010; five in previous month.)

See also: the ["Clang"] page in this Wiki.

== Saturn ==

[http://saturn.stanford.edu/ Saturn] is the second static analysis tool out of Stanford (the first was MC aka the Stanford Checker, which became Coverity).
Their tool can be downloaded for free, and there is a mailing list for discussing it.

[http://www.winehq.org/pipermail/wine-patches/2009-January/068399.html The first patch from somebody using Saturn] was posted on 26 Jan 2009.

When posting patches to fix bugs found by Saturn, please include "(Saturn)" in the subject line.

Here are two ways to look for Saturn-related Wine patches:
 * [http://www.google.com/search?q=saturn+inurl%3Awine-patches+site%3Awinehq.org  in wine-patches]
 * [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=saturn&sr=1 in git] (none so far?)

== Flawfinder ==

Students at Aalborg University say they [http://www.winehq.org/pipermail/wine-devel/2008-May/065508.html found a number of bugs] using [http://www.emn.fr/x-info/coccinelle/ Coccinelle] and [http://www.dwheeler.com/flawfinder/ Flawfinder].

There [http://www.winehq.org/pipermail/wine-devel/2008-August/068714.html was a discussion] about adding Flawfinder to PatchWatcher (which went a bit off-topic due to mailman sending out duplicate messages), but there were [http://www.winehq.org/pipermail/wine-devel/2008-September/068814.html too many false positives] for it to be much use.

== sixgill.org ==

[http://sixgill.org/ sixgill] is a new static code analysis tool that has not yet been used in Wine.  Mozilla's static analysis team makes use of it and recommends it in [http://www.galois.com/blog/2010/07/09/galois-tech-talk-video-large-scale-static-analysis-at-mozilla/?ftw this video].

----
CategoryQualityAssurance CategoryDevelopment