https://wiki.winehq.org/index.php?title=Static_Analysis&feed=atom&action=historyStatic Analysis - Revision history2024-03-29T13:06:54ZRevision history for this page on the wikiMediaWiki 1.41.0https://wiki.winehq.org/index.php?title=Static_Analysis&diff=3987&oldid=prevAlex Henrie: /* PVS-Studio */ removed mention of ReactOS2022-06-18T00:51:46Z<p><span dir="auto"><span class="autocomment">PVS-Studio: </span> removed mention of ReactOS</span></p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 00:51, 18 June 2022</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l17">Line 17:</td>
<td colspan="2" class="diff-lineno">Line 17:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* The [http://www.viva64.com/en/b/0352/ second analysis] from October 2015, which also includes fixes since the first run. </div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* The [http://www.viva64.com/en/b/0352/ second analysis] from October 2015, which also includes fixes since the first run. </div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* The [http://www.viva64.com/en/b/0272/ first analysis] in August 2014.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* The [http://www.viva64.com/en/b/0272/ first analysis] in August 2014.</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">* A [http://www.viva64.com/en/a/0076/ ReactOS analysis] that also covers Wine code too, from September 2011.</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Bugs reported by PVS-Studio [https://bugs.winehq.org/buglist.cgi?list_id=250262&product=Wine&query_format=advanced&short_desc=PVS-Studio&short_desc_type=allwordssubstr in WineHQ's Bugzilla].</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>* Bugs reported by PVS-Studio [https://bugs.winehq.org/buglist.cgi?list_id=250262&product=Wine&query_format=advanced&short_desc=PVS-Studio&short_desc_type=allwordssubstr in WineHQ's Bugzilla].</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
</table>Alex Henriehttps://wiki.winehq.org/index.php?title=Static_Analysis&diff=1920&oldid=prevKyleAuble: Add "See Also" section2016-02-29T08:38:34Z<p>Add "See Also" section</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 08:38, 29 February 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l44">Line 44:</td>
<td colspan="2" class="diff-lineno">Line 44:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>If you're interested in possibly using Smatch to debug Wine, the official Smatch documentation (which is a bit scanty) is included in the Smatch source. If you do fix any bugs found with it, don't forget to add '''(Smatch)''' to the subject line of your patch. You can also see all Smatch-related patches in the [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=smatch&sr=1 Wine git tree].</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>If you're interested in possibly using Smatch to debug Wine, the official Smatch documentation (which is a bit scanty) is included in the Smatch source. If you do fix any bugs found with it, don't forget to add '''(Smatch)''' to the subject line of your patch. You can also see all Smatch-related patches in the [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=smatch&sr=1 Wine git tree].</div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;"></ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">== See Also ==</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">* [[Code Coverage]] is a complementary technique for checking possible execution paths</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">* [[Wine and Valgrind]] has info on using the Valgrind suite to debug Wine at runtime</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">* [[Debugging Hints]] lists some issues that regularly pop up when hacking on Wine</ins></div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Development]] [[Category:Quality Assurance]] [[Category:Third Party]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Development]] [[Category:Quality Assurance]] [[Category:Third Party]]</div></td></tr>
</table>KyleAublehttps://wiki.winehq.org/index.php?title=Static_Analysis&diff=1919&oldid=prevKyleAuble: Finish updating page (removed a couple abandoned programs)2016-02-29T08:33:02Z<p>Finish updating page (removed a couple abandoned programs)</p>
<table style="background-color: #fff; color: #202122;" data-mw="interface">
<col class="diff-marker" />
<col class="diff-content" />
<col class="diff-marker" />
<col class="diff-content" />
<tr class="diff-title" lang="en">
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">← Older revision</td>
<td colspan="2" style="background-color: #fff; color: #202122; text-align: center;">Revision as of 08:33, 29 February 2016</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l1">Line 1:</td>
<td colspan="2" class="diff-lineno">Line 1:</td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">{{Wip}}</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[http://en.wikipedia.org/wiki/Static_code_analysis Static analysis] is a technique for finding bugs just by looking at source code without actually running it. That's great because it can find bugs that are really hard to trigger.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[http://en.wikipedia.org/wiki/Static_code_analysis Static analysis] is a technique for finding bugs just by looking at source code without actually running it. That's great because it can find bugs that are really hard to trigger.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l17">Line 17:</td>
<td colspan="2" class="diff-lineno">Line 15:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Here are some other reports done by PVS-Studio for Wine code:</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Here are some other reports done by PVS-Studio for Wine code:</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> </del>* The [http://www.viva64.com/en/b/0352/ second analysis] from October 2015, which also includes fixes since the first run. </div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* The [http://www.viva64.com/en/b/0352/ second analysis] from October 2015, which also includes fixes since the first run. </div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> </del>* The [http://www.viva64.com/en/b/0272/ first analysis] in August 2014.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* The [http://www.viva64.com/en/b/0272/ first analysis] in August 2014.</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> </del>* A [http://www.viva64.com/en/a/0076/ ReactOS analysis] that also covers Wine code too, from September 2011.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* A [http://www.viva64.com/en/a/0076/ ReactOS analysis] that also covers Wine code too, from September 2011.</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"> </del>* Bugs reported by PVS-Studio [https://bugs.winehq.org/buglist.cgi?list_id=250262&product=Wine&query_format=advanced&short_desc=PVS-Studio&short_desc_type=allwordssubstr in WineHQ's Bugzilla].</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>* Bugs reported by PVS-Studio [https://bugs.winehq.org/buglist.cgi?list_id=250262&product=Wine&query_format=advanced&short_desc=PVS-Studio&short_desc_type=allwordssubstr in WineHQ's Bugzilla].</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Besides these scans, PVS-Studio has provided some of the developers (Michael Stefaniuc and Nikolay Sivov) with the raw data from these analyses, as well as temporary licenses for PVS-Studio. The data can be shared freely with Wine developers, though as XML it is hard to read but beautiful to process.</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>Besides these scans, PVS-Studio has provided some of the developers (Michael Stefaniuc and Nikolay Sivov) with the raw data from these analyses, as well as temporary licenses for PVS-Studio. The data can be shared freely with Wine developers, though as XML it is hard to read but beautiful to process.</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l34">Line 34:</td>
<td colspan="2" class="diff-lineno">Line 32:</td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>When posting patches to fix bugs found by Clang, please include '''(Clang)''' in the subject line; as with the other tools, you can see all [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=clang&sr=1 Clang-related patches in our git history].</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>When posting patches to fix bugs found by Clang, please include '''(Clang)''' in the subject line; as with the other tools, you can see all [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=clang&sr=1 Clang-related patches in our git history].</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>== Flawfinder ==</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">== Old / Unused Tools ==</ins></div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">=</ins>== Flawfinder <ins style="font-weight: bold; text-decoration: none;">=</ins>==</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">Students at </del>Aalborg University <del style="font-weight: bold; text-decoration: none;">say they [http://www.winehq.org/pipermail/wine-devel/2008-May/065508.html found a number of bugs] using [http://www.emn.fr/x-info/coccinelle/ Coccinelle] and </del>[http://www.dwheeler.com/flawfinder/ Flawfinder]<del style="font-weight: bold; text-decoration: none;">.</del></div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">The same students from </ins>Aalborg University <ins style="font-weight: bold; text-decoration: none;">mentioned above also tried out </ins>[http://www.dwheeler.com/flawfinder/ Flawfinder], <ins style="font-weight: bold; text-decoration: none;">another open</ins>-<ins style="font-weight: bold; text-decoration: none;">source </ins>static analysis tool. <ins style="font-weight: bold; text-decoration: none;">Instead </ins>of <ins style="font-weight: bold; text-decoration: none;">trying to rigorously determine faulty code logic</ins>, <ins style="font-weight: bold; text-decoration: none;">Flawfinder only scans </ins>the <ins style="font-weight: bold; text-decoration: none;">source code for C constructs that commonly expose security flaws</ins>. <ins style="font-weight: bold; text-decoration: none;">Think of it as </ins>a version of <ins style="font-weight: bold; text-decoration: none;"><tt>grep</tt> that's already been house</ins>-<ins style="font-weight: bold; text-decoration: none;">trained</ins>.</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">There [http://www.winehq.org/pipermail/wine-devel/2008-August/068714.html was a discussion] about adding Flawfinder to PatchWatcher (which went a bit off-topic due to mailman sending out duplicate messages)</del>, <del style="font-weight: bold; text-decoration: none;">but there were [http://www.winehq.org/pipermail/wine</del>-<del style="font-weight: bold; text-decoration: none;">devel/2008-September/068814.html too many false positives] for it to be much use.</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">== sixgill.org ==</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">[http://sixgill.org/ sixgill] is a new </del>static <del style="font-weight: bold; text-decoration: none;">code </del>analysis tool <del style="font-weight: bold; text-decoration: none;">that has not yet been used in Wine</del>. <del style="font-weight: bold; text-decoration: none;"> Mozilla's static analysis team makes use </del>of <del style="font-weight: bold; text-decoration: none;">it and recommends it in [http://www.galois.com/blog/2010/07/09/galois-tech-talk-video-large-scale-static-analysis-at-mozilla/?ftw this video].</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div> </div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">= Old / Unused Tools =</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">== Smatch ==</del></div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">Smatch is an open source static analysis tool based on sparse</del>, the <del style="font-weight: bold; text-decoration: none;">checker used by the Linux kernel</del>. <del style="font-weight: bold; text-decoration: none;">The obsolete version was based on </del>a version of <del style="font-weight: bold; text-decoration: none;">gcc</del>-<del style="font-weight: bold; text-decoration: none;">3.1.1 hacked to dump its intermediate representation of the code, along with some perl modules and scripts to analyze the dumped IR code</del>.</div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">MichaelStefaniuc adapted an existing script in the old Smatch </del>to <del style="font-weight: bold; text-decoration: none;">find code paths with missing `LeaveCriticalSection`</del>'s<del style="font-weight: bold; text-decoration: none;">. Scripts to find some other useful things like fd, DC</del>, <del style="font-weight: bold; text-decoration: none;">and GDI object leaks should be easy to write. Michael also created a </del>[http://<del style="font-weight: bold; text-decoration: none;">people</del>.<del style="font-weight: bold; text-decoration: none;">redhat</del>.<del style="font-weight: bold; text-decoration: none;">com</del>/<del style="font-weight: bold; text-decoration: none;">mstefani</del>/wine/<del style="font-weight: bold; text-decoration: none;">smatch</del>/ <del style="font-weight: bold; text-decoration: none;">page with more info</del>] <del style="font-weight: bold; text-decoration: none;">on using Smatch </del>to <del style="font-weight: bold; text-decoration: none;">test Wine. However, at least as of Jan 2010, he expressed some interest in switching over to Coccinelle because it seemed to make prototyping </del>much <del style="font-weight: bold; text-decoration: none;">easier</del>.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">There [http://www.winehq.org/pipermail/wine-devel/2008-August/068714.html was a discussion] about adding Flawfinder </ins>to <ins style="font-weight: bold; text-decoration: none;">Wine</ins>'s <ins style="font-weight: bold; text-decoration: none;">patch-watcher at one point</ins>, <ins style="font-weight: bold; text-decoration: none;">but Flawfinder returned </ins>[http://<ins style="font-weight: bold; text-decoration: none;">www</ins>.<ins style="font-weight: bold; text-decoration: none;">winehq</ins>.<ins style="font-weight: bold; text-decoration: none;">org</ins>/<ins style="font-weight: bold; text-decoration: none;">pipermail</ins>/wine<ins style="font-weight: bold; text-decoration: none;">-devel</ins>/<ins style="font-weight: bold; text-decoration: none;">2008-September</ins>/<ins style="font-weight: bold; text-decoration: none;">068814.html too many false positives</ins>] to <ins style="font-weight: bold; text-decoration: none;">be </ins>much <ins style="font-weight: bold; text-decoration: none;">use</ins>.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">You can also see all </del>Smatch<del style="font-weight: bold; text-decoration: none;">-related patches in the </del>[http://<del style="font-weight: bold; text-decoration: none;">source</del>.<del style="font-weight: bold; text-decoration: none;">winehq</del>.<del style="font-weight: bold; text-decoration: none;">org</del>/<del style="font-weight: bold; text-decoration: none;">git</del>/<del style="font-weight: bold; text-decoration: none;">wine</del>.git/<del style="font-weight: bold; text-decoration: none;">?a=search&h=HEAD&st=commit&s=smatch&sr=1 Wine git tree]</del>.</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">=== </ins>Smatch <ins style="font-weight: bold; text-decoration: none;">===</ins></div></td></tr>
<tr><td colspan="2" class="diff-side-deleted"></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>[http://<ins style="font-weight: bold; text-decoration: none;">repo</ins>.<ins style="font-weight: bold; text-decoration: none;">or</ins>.<ins style="font-weight: bold; text-decoration: none;">cz</ins>/<ins style="font-weight: bold; text-decoration: none;">w</ins>/<ins style="font-weight: bold; text-decoration: none;">smatch</ins>.git <ins style="font-weight: bold; text-decoration: none;">Smatch] is an open-source static analysis tool based on sparse, the checker used by the Linux kernel. A while back, Michael Stefaniuc adapted an existing script for Smatch Mark 1 (which was based not on sparse, but a modified version of GCC) to find code paths with missing <tt>LeaveCriticalSection<</ins>/<ins style="font-weight: bold; text-decoration: none;">tt> statements</ins>.</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">=== Saturn ===</del></div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Scripts to find other useful things like GDI object leaks might not be too hard to write; Michael even created a </ins>[http://<ins style="font-weight: bold; text-decoration: none;">people</ins>.<ins style="font-weight: bold; text-decoration: none;">redhat</ins>.<ins style="font-weight: bold; text-decoration: none;">com</ins>/<ins style="font-weight: bold; text-decoration: none;">mstefani/wine/smatch/ page with more info</ins>] <ins style="font-weight: bold; text-decoration: none;">on using Smatch </ins>to <ins style="font-weight: bold; text-decoration: none;">test Wine. However</ins>, <ins style="font-weight: bold; text-decoration: none;">he began experimenting with Coccinelle in Jan 2010 because </ins>it <ins style="font-weight: bold; text-decoration: none;">seemed </ins>to <ins style="font-weight: bold; text-decoration: none;">make prototyping much easier</ins>.</div></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>[http://<del style="font-weight: bold; text-decoration: none;">saturn</del>.<del style="font-weight: bold; text-decoration: none;">stanford</del>.<del style="font-weight: bold; text-decoration: none;">edu</del>/ <del style="font-weight: bold; text-decoration: none;">Saturn</del>] <del style="font-weight: bold; text-decoration: none;">was the second static analysis tool </del>to <del style="font-weight: bold; text-decoration: none;">originate at Stanford University (the first one</del>, <del style="font-weight: bold; text-decoration: none;">MC aka the Stanford Checker, would become Coverity). The tool is still free to download and there is a mailing list for discussing </del>it<del style="font-weight: bold; text-decoration: none;">, though neither seems </del>to <del style="font-weight: bold; text-decoration: none;">have been updated in years</del>.</div></td><td colspan="2" class="diff-side-added"></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker" data-marker="−"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">Although no patches based on Saturn results were ever committed </del>to Wine, a [http://<del style="font-weight: bold; text-decoration: none;">www</del>.winehq.org/<del style="font-weight: bold; text-decoration: none;">pipermail</del>/wine<del style="font-weight: bold; text-decoration: none;">-patches</del>/<del style="font-weight: bold; text-decoration: none;">2009-January/068399.html first patch was submitted in Jan 2009</del>].</div></td><td class="diff-marker" data-marker="+"></td><td style="color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">If you're interested in possibly using Smatch </ins>to <ins style="font-weight: bold; text-decoration: none;">debug </ins>Wine, <ins style="font-weight: bold; text-decoration: none;">the official Smatch documentation (which is </ins>a <ins style="font-weight: bold; text-decoration: none;">bit scanty) is included in the Smatch source. If you do fix any bugs found with it, don't forget to add '''(Smatch)''' to the subject line of your patch. You can also see all Smatch-related patches in the </ins>[http://<ins style="font-weight: bold; text-decoration: none;">source</ins>.winehq.org/<ins style="font-weight: bold; text-decoration: none;">git</ins>/wine<ins style="font-weight: bold; text-decoration: none;">.git</ins>/<ins style="font-weight: bold; text-decoration: none;">?a=search&h=HEAD&st=commit&s=smatch&sr=1 Wine git tree</ins>].</div></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><br></td></tr>
<tr><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Development]] [[Category:Quality Assurance]] [[Category:Third Party]]</div></td><td class="diff-marker"></td><td style="background-color: #f8f9fa; color: #202122; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #eaecf0; vertical-align: top; white-space: pre-wrap;"><div>[[Category:Development]] [[Category:Quality Assurance]] [[Category:Third Party]]</div></td></tr>
</table>KyleAublehttps://wiki.winehq.org/index.php?title=Static_Analysis&diff=1918&oldid=prevKyleAuble: Begin moving over Static Analysis page2016-02-29T05:19:45Z<p>Begin moving over Static Analysis page</p>
<p><b>New page</b></p><div>{{Wip}}<br />
<br />
[http://en.wikipedia.org/wiki/Static_code_analysis Static analysis] is a technique for finding bugs just by looking at source code without actually running it. That's great because it can find bugs that are really hard to trigger.<br />
<br />
== Current Tools ==<br />
=== Coverity ===<br />
[http://coverity.com Coverity] is a static analysis service that offers free, periodic scans to many open source apps, including Wine. You can see a result summary for the most recent scan at [https://scan.coverity.com/projects/wine Wine's Coverity page].<br />
<br />
To see detailed results, after setting up an account (you can also just login with an existing Github account), you need to be granted access rights as a member of the project. Our official contacts are [http://www.winehq.org/pipermail/wine-devel/2007-March/055416.html Paul Vriens] and [http://www.winehq.org/pipermail/wine-devel/2007-March/055428.html Jan Zerebecki] so you'll want to email them to request privileges.<br />
<br />
When posting patches to fix bugs found by Coverity, please include '''(Coverity)''' in the subject line. If you're interested, you can see a [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=coverity&sr=1 list of Coverity-related patches in Wine].<br />
<br />
=== PVS-Studio ===<br />
[http://www.viva64.com/ PVS-Studio] is a commercial static analysis tool, and the developing company kindly runs [http://www.viva64.com/en/a/0084/ scans on open source projects] from time to time. For those interested in purchasing the tool, it integrates into Visual Studio and has a deeper knowledge of the Windows API.<br />
<br />
While this has the benefit of finding unique defects in Wine, there are also a ton of "intended behaviour" cases, especially in the Wine tests. Nevertheless, quite a few [https://source.winehq.org/git/wine.git/search/HEAD?pg=0;s=PVS-Studio;st=commit Wine commits] can be credited to PVS-Studio. If you submit a patch to fix a bug found by PVS-Studio, be sure to include '''(PVS-Studio)''' in the subject line.<br />
<br />
Here are some other reports done by PVS-Studio for Wine code:<br />
* The [http://www.viva64.com/en/b/0352/ second analysis] from October 2015, which also includes fixes since the first run. <br />
* The [http://www.viva64.com/en/b/0272/ first analysis] in August 2014.<br />
* A [http://www.viva64.com/en/a/0076/ ReactOS analysis] that also covers Wine code too, from September 2011.<br />
* Bugs reported by PVS-Studio [https://bugs.winehq.org/buglist.cgi?list_id=250262&product=Wine&query_format=advanced&short_desc=PVS-Studio&short_desc_type=allwordssubstr in WineHQ's Bugzilla].<br />
<br />
Besides these scans, PVS-Studio has provided some of the developers (Michael Stefaniuc and Nikolay Sivov) with the raw data from these analyses, as well as temporary licenses for PVS-Studio. The data can be shared freely with Wine developers, though as XML it is hard to read but beautiful to process.<br />
<br />
=== Coccinelle ===<br />
[http://coccinelle.lip6.fr Coccinelle] is an open source static analysis tool developed jointly by several French research institutes. Students at Aalborg University say [http://www.winehq.org/pipermail/wine-devel/2008-May/065508.html they found a number of bugs with it] in 2008; both Paul Vriens and Michael Stefaniuc have been using it since 2009 too.<br />
<br />
When posting patches to fix bugs found by Coccinelle, don't forget to include '''(Coccinelle)''' in the subject line. You can see a list of all [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=coccinelle&sr=1 Coccinelle-motivated patches in Wine's git history]. Michael Stefaniuc has also shared [http://people.redhat.com/mstefani/wine/coccinelle/ some Wine-oriented Coccinelle scripts] you might find interesting.<br />
<br />
=== Clang Static Analyzer ===<br />
[http://clang.llvm.org/ Clang] (the C-language front end to the [http://www.llvm.org/ LLVM compiler]) includes a new static analysis tool currently named the [http://clang-analyzer.llvm.org/ Clang Static Analyzer]. Henri Verbeet was the first to submit patches fixing errors detected by the Clang Static Analyzer, the [http://winehq.org/pipermail/wine-patches/2008-October/062650.html first one coming in October 2008].<br />
<br />
When posting patches to fix bugs found by Clang, please include '''(Clang)''' in the subject line; as with the other tools, you can see all [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=clang&sr=1 Clang-related patches in our git history].<br />
<br />
== Flawfinder ==<br />
<br />
Students at Aalborg University say they [http://www.winehq.org/pipermail/wine-devel/2008-May/065508.html found a number of bugs] using [http://www.emn.fr/x-info/coccinelle/ Coccinelle] and [http://www.dwheeler.com/flawfinder/ Flawfinder].<br />
<br />
There [http://www.winehq.org/pipermail/wine-devel/2008-August/068714.html was a discussion] about adding Flawfinder to PatchWatcher (which went a bit off-topic due to mailman sending out duplicate messages), but there were [http://www.winehq.org/pipermail/wine-devel/2008-September/068814.html too many false positives] for it to be much use.<br />
<br />
== sixgill.org ==<br />
<br />
[http://sixgill.org/ sixgill] is a new static code analysis tool that has not yet been used in Wine. Mozilla's static analysis team makes use of it and recommends it in [http://www.galois.com/blog/2010/07/09/galois-tech-talk-video-large-scale-static-analysis-at-mozilla/?ftw this video].<br />
<br />
= Old / Unused Tools =<br />
== Smatch ==<br />
Smatch is an open source static analysis tool based on sparse, the checker used by the Linux kernel. The obsolete version was based on a version of gcc-3.1.1 hacked to dump its intermediate representation of the code, along with some perl modules and scripts to analyze the dumped IR code.<br />
<br />
MichaelStefaniuc adapted an existing script in the old Smatch to find code paths with missing `LeaveCriticalSection`'s. Scripts to find some other useful things like fd, DC, and GDI object leaks should be easy to write. Michael also created a [http://people.redhat.com/mstefani/wine/smatch/ page with more info] on using Smatch to test Wine. However, at least as of Jan 2010, he expressed some interest in switching over to Coccinelle because it seemed to make prototyping much easier.<br />
<br />
You can also see all Smatch-related patches in the [http://source.winehq.org/git/wine.git/?a=search&h=HEAD&st=commit&s=smatch&sr=1 Wine git tree].<br />
<br />
=== Saturn ===<br />
[http://saturn.stanford.edu/ Saturn] was the second static analysis tool to originate at Stanford University (the first one, MC aka the Stanford Checker, would become Coverity). The tool is still free to download and there is a mailing list for discussing it, though neither seems to have been updated in years.<br />
<br />
Although no patches based on Saturn results were ever committed to Wine, a [http://www.winehq.org/pipermail/wine-patches/2009-January/068399.html first patch was submitted in Jan 2009].<br />
<br />
[[Category:Development]] [[Category:Quality Assurance]] [[Category:Third Party]]</div>KyleAuble