index.rst (1450B)
1 Static Analysis 2 =============== 3 4 Static Analysis is running an analysis of the source code without actually executing the code. For the most part, at Mozilla static analysis refers to the stuff we do with `clang-tidy <http://clang.llvm.org/extra/clang-tidy/>`__. It uses 5 checkers in order to prevent different programming errors present in the 6 code. The checkers that we use are split into 3 categories: 7 8 #. :searchfox:`Firefox specific checkers <build/clang-plugin>`. They detect incorrect Gecko programming 9 patterns which could lead to bugs or security issues. 10 #. `Clang-tidy checkers <https://clang.llvm.org/extra/clang-tidy/checks/list.html>`_. They aim to suggest better programming practices 11 and to improve memory efficiency and performance. 12 #. `Clang-analyzer checkers <https://clang-analyzer.llvm.org/>`_. These checks are more advanced, for example 13 some of them can detect dead code or memory leaks, but as a typical 14 side effect they have false positives. Because of that, we have 15 disabled them for now, but will enable some of them in the near 16 future. 17 18 In order to simplify the process of static-analysis we have focused on 19 integrating this process with Phabricator and mach. A list of some 20 checkers that are used during automated scan can be found 21 :searchfox:`here <tools/clang-tidy/config.yaml>`. 22 23 This documentation is split into two parts: 24 25 .. toctree:: 26 :maxdepth: 1 27 :glob: 28 29 existing.rst 30 writing-new/index.rst