On 24/06/2022 13:01, Luca Fancellu wrote:
Hi Julien,
Hi Luca,
+First recommendation is to use exactly the same version in this page and
provide
+the same option to the build system, so that every Xen developer can reproduce
+the same findings.
I am not sure I agree. I think it is good that each developper use their own
version (so long it is supported), so they may be able to find issues that may
not appear with 2.7.
Yes I understand, but as Bertrand says, other version of this tool doesn’t work quite well.
I have replied to this on Bertrand e-mail.
I agree that everyone should use their own version, but for the sake of
reproducibility
of the findings, I think we should have a common ground.
I will reply to this below.
The community can however propose from time to time to bump the version as long
as we can say it works (maybe
crossing the reports between cppcheck, eclair, other proprietary tools).
This would mean we should de-support 2.7 which sounds wrong if it worked
before.
+
+Install cppcheck in the system
NIT: s/in/on/ I think.
Sure will fix
+==============================
+
+Cppcheck can be retrieved from the github repository or by downloading the
+tarball, the version tested so far is the 2.7:
+
+ - https://github.com/danmar/cppcheck/tree/2.7
+ - https://github.com/danmar/cppcheck/archive/2.7.tar.gz
+
+To compile and install it, here the complete command line:
+
+make MATCHCOMPILER=yes \
+ FILESDIR=/usr/share/cppcheck \
+ CFGDIR=/usr/share/cppcheck/cfg \
+ HAVE_RULES=yes \
+ CXXFLAGS="-O2 -DNDEBUG -Wall -Wno-sign-compare -Wno-unused-function" \
+ install
Let me start that I am not convinced that our documentation should explain how
to build cppcheck.
But if that's desire, then I think you ought to explain why we need to update
CXXFLAGS (I would expect cppcheck to build everywhere without specifying
additional flags).
Yes you are right, this is the recommended command line for building as in
https://github.com/danmar/cppcheck/blob/main/readme.md section GNU make, I can
add the source.
I think we should remove the command line and tell the user to read the
cppcheck README.md.
My intention when writing this page was to have a common ground between Xen
developers, so that if one day someone came up with a fix for something, we are
able to reproduce
the finding all together.
Well, if someone find a fix you want to check against all versions not
the one that warns. Otherwise, you can end up in a situation where you
silence cppcheck 2.10 (just making up a version) but then introduce a
warning in cppcheck 2.7.
To me this is no different than other software used to build Xen. We
don't tell the user that they should always build with GCC x.y.z.
Instead, we provide a minimum version. This has multiple benefits:
1) The user doesn't need to rebuild the software and can use the one
provided by the distributions
2) Different versions find different (most of the time) valid bugs. So
we are getting towards a better codebase.
Cheers,
--
Julien Grall
