static analysis results

[driftregion]

Hi Simon,

I'm starting to use CodeChecker (https://github.com/Ericsson/codechecker) on iso14229. I'm sharing here some minor defects found in isotp-c:

[MEDIUM] isotp-c/isotp.c:61:68: unused parameter 'id' [clang-diagnostic-unused-parameter]
static int isotp_send_single_frame(const IsoTpLink* link, uint32_t id) {
                                                                   ^

[MEDIUM] isotp-c/isotp.c:80:28: implicit conversion loses integer precision: 'int' to 'uint8_t' (aka 'unsigned char') [clang-diagnostic-implicit-int-conversion]
    size = link->send_size + 1;
                           ^

[MEDIUM] isotp-c/isotp.c:145:24: implicit conversion loses integer precision: 'int' to 'uint8_t' (aka 'unsigned char') [clang-diagnostic-implicit-int-conversion]
    size = data_length + 1;
                       ^

[MEDIUM] isotp-c/isotp.c:189:44: implicit conversion loses integer precision: 'int' to 'uint16_t' (aka 'unsigned short') [clang-diagnostic-implicit-int-conversion]
    payload_length = (payload_length << 8) + message->as.first_frame.FF_DL_low;
                                           ^

[MEDIUM] isotp-c/isotp.c:273:9: the value returned by this function should not be disregarded; neglecting it may lead to errors [cert-err33-c]
        sprintf(&message[0], "Attempted to send %d bytes; max size is %d!\n", size, link->send_buf_size);
        ^

Found 5 defect(s) in isotp.c

[MEDIUM] isotp-c/isotp.h:2:9: macro name is a reserved identifier [clang-diagnostic-reserved-macro-identifier]
#define __ISOTP_H__
        ^

Found 1 defect(s) in isotp.h

[MEDIUM] isotp-c/isotp_config.h:2:9: macro name is a reserved identifier [clang-diagnostic-reserved-macro-identifier]
#define __ISOTP_CONFIG__
        ^

Found 1 defect(s) in isotp_config.h

[MEDIUM] isotp-c/isotp_defines.h:2:9: macro name is a reserved identifier [clang-diagnostic-reserved-macro-identifier]
#define __ISOTP_DEFINES_H__
        ^

Found 1 defect(s) in isotp_defines.h

[MEDIUM] isotp-c/isotp_user.h:2:9: macro name is a reserved identifier [clang-diagnostic-reserved-macro-identifier]
#define __ISOTP_USER_H__
        ^

Found 1 defect(s) in isotp_user.h

My CodeChecker invocation is:

CodeChecker analyze compile_commands.json -o reports
CodeChecker parse reports > reports.txt

[SimonCahill]

Hi Nick!

Thanks for reporting.

I've tried to replicate the issues, but none of my anaysis tools have the same results.
I've tried cppcheck, SonarQube for IDE didn't mention anything except the id param, fbinfer and even CodeChecker haven't reported anything.

codechecker_report.txt

Found no defects in isotp.c

----======== Summary ========----
---------------------------------------------
Number of processed analyzer result files | 1
Number of analyzer reports                | 0
---------------------------------------------
----=================----

infer-out/report.json

[]

cppcheck

Checking isotp.c ...
Checking isotp.c: ISO_TP_FRAME_PADDING...
Checking isotp.c: ISO_TP_USER_SEND_CAN_ARG...
Checking isotp.c: _WIN32...
Checking isotp.c: __GNUC__...
1/5 files checked 58% done
Checking isotp_config.h ...
2/5 files checked 61% done
Checking isotp_defines.h ...
Checking isotp_defines.h: _WIN32...
Checking isotp_defines.h: __GNUC__...
3/5 files checked 80% done
Checking isotp.h ...
Checking isotp.h: ISO_TP_USER_SEND_CAN_ARG...
Checking isotp.h: _WIN32...
Checking isotp.h: __GNUC__...
4/5 files checked 97% done
Checking isotp_user.h ...
Checking isotp_user.h: ISO_TP_USER_SEND_CAN_ARG...
5/5 files checked 100% done

Are you using the latest master?

[driftregion]

Hi Simon,

Are you using the latest master?

I was not. However I just downloaded it and confirmed that the report is mostly unchanged.

Here is my invocation in the repository root directory:

#!/bin/bash
cmake -S . -B build -DCMAKE_BUILD_TYPE=Debug -DCMAKE_EXPORT_COMPILE_COMMANDS=1
CodeChecker analyze build/compile_commands.json -o reports
CodeChecker parse reports

Here are the relevant tool versions:

CodeChecker analyzers
 clangsa /usr/lib/llvm-18/bin/clang       18.1.3
 clang-tidy /usr/lib/llvm-18/bin/clang-tidy  18.1.3
 cppcheck /usr/bin/cppcheck                2.13.0
 gcc /usr/bin/x86_64-linux-gnu-g++-13 13.3.0


CodeChecker version
[INFO 2025-02-03 09:54] - CodeChecker analyzer version:
---------------------------------------------------------------
Kind                 | Version                                 
---------------------------------------------------------------
Base package version | 6.24.4                                  
Package build date   | 2024-10-28T15:46                        
Git commit ID (hash) | 454d978191ed42c8202a2244dc092dfb6fd8c83a
Git tag information  | 6.24.4                                  
---------------------------------------------------------------

[SimonCahill]

Thanks!

Can confirm; I was missing clang and clang-tidy.

Fixes seem quick enough; I can probably implement the changes tonight.