blob: b860a47556deb8f934406ee289918796fc46e94c [file] [log] [blame]
Shruti Gupta57b80382024-04-24 11:35:18 +01001.. SPDX-License-Identifier: BSD-3-Clause
2.. SPDX-FileCopyrightText: Copyright TF-RMM Contributors.
3
4*************************
5Cppcheck Application Note
6*************************
7
8Cppcheck is an open source static analysis tool for C/C++. In addition to
9various static analysis, it also has an addon to verify compliance with MISRA
10C 2012. Please refer to `Cppcheck Project Page`_ for details on Cppcheck.
11
12Cppcheck can be run standalone or along with MISRA addon from within the RMM
13build system. TF-RMM aims to have 0 outstanding errors with the recommended
14Cppcheck version mentioned :ref:`here<tool_dependencies>`.
15
16Installing Cppcheck
17===================
18
19Cppcheck can be installed directly from various package managers or built from
20source. However installing from package manager can get you an outdated
21version.
22
23For building from source, please refer to `Cppcheck GitHub`_ for downloading
24recommended version and build guidelines. Once Cppcheck is built, add both
25Cppcheck bin folder and Cppcheck-htmlreport folder to PATH. The latter
26is used to convert Cppcheck XML output into user friendly html report.
27
28.. code-block:: bash
29
30 export PATH=$cppcheck_root/build/bin:$cppcheck_root/htmlreport:$PATH
31 cppcheck --version
32
33The Cppcheck version should report the recommended version.
34
35Invoking Cppcheck rule within TF-RMM build system
36=================================================
37
38If you own a valid copy of a MISRA rules file, copy the file to the below
39location as it will give a more descriptive error message on detecting MISRA
40errors.
41
42.. code-block:: bash
43
44 cp -a <path to the misra rules file>/<file name> ${RMM_SOURCE_DIR}/tools/cppcheck/misra.rules
45
46To invoke the standard Cppcheck static analysis build rule on TF-RMM, run the
47`cppcheck` build target after TF-RMM configuration :
48
49.. code-block:: bash
50
51 cd $rmm_root
52 cmake -DRMM_CONFIG=fvp_defcfg -S . -B build -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
53 cmake --build build -- cppcheck
54
55The `-DCMAKE_EXPORT_COMPILE_COMMANDS=ON` generates a compile_commands.json
56file containing the exact compiler calls for all translation units of the
57project in machine-readable form.
58
59The successful execution of the build target will generate `cppcheck.xml`
60in `build/tools/cppcheck` folder.
61
62To invoke the Cppcheck static analysis with MISRA addon, run the
63`cppcheck-misra` build target:
64
65.. code-block:: bash
66
67 cd $rmm_root
68 cmake -DRMM_CONFIG=fvp_defcfg -S . -B build -DCMAKE_EXPORT_COMPILE_COMMANDS=ON
69 cmake --build build -- cppcheck-misra
70
71This will generate `cppcheck_misra.xml` in `build/tools/cppcheck` folder.
72
73Generating the Cppcheck HTML report
74===================================
75
76To generate html report in current directory after the Cppcheck build target
77has executed, run `cppcheck-htmlreport` tool with the genenerated xml file as
78input. For example, after the `cppcheck-misra` build target has completed,
79use the below cmd line to generate the html report :
80
81.. code-block:: bash
82
83 cppcheck-htmlreport --file=./build/tools/cppcheck/cppcheck_misra.xml --report-dir=test --source-dir=.
84
85The output will be generated in the specified `report-dir` and, for the above
86command, the html report can be found at `./test/index.html`.
87
88Cppcheck Error Suppression
89==========================
90
91TF-RMM as a project has decided to suppress some rules because either the rule
92is not found to be useful for the project or there are too many false positives
93generated by the rule. The global suppression rules are specified via
94`suppressions.txt` file present in `tools/cppcheck` directory.
95
96If more suppressions need to be added for Cppcheck, it can be done by adding it
97to the suppression rules file. For example, to skip `ext` folder from Cppcheck
98analysis, add the following line to the file :
99
100.. code-block:: bash
101
102 *:*/ext/*
103
104Suppression can be added inline to code as a comment. For example, to suppress
105the `uninitvar` rule on a particular line, add the following comment above the
106line :
107
108.. code-block:: C
109
110 /* cppcheck-suppress uninitvar */
111
112Multiple rules can be disabled via this method, as shown in example below :
113
114.. code-block:: C
115
116 /* cppcheck-suppress [arrayIndexOutOfBounds, uninitvar] */
117
118If a certain rule needs to be suppressed for a block of code, the block
119suppression format can be used as shown in example below:
120
121.. code-block:: C
122
123 /* cppcheck-suppress-begin uninitvar*/
124 block_of_code;
125 /* cppcheck-suppress-end uninitvar*/
126
127.. _Cppcheck Project Page: https://cppcheck.sourceforge.io/
128.. _Cppcheck GitHub: https://github.com/danmar/cppcheck