[Kdenlive-devel] cppcheck

Mikko Rapeli mikko.rapeli at iki.fi
Mon Dec 2 19:04:06 UTC 2013 

cppcheck is a simple but effective static analysis tool. Here's how I run
it with latest kdenlive 0.9 branch:

$ cppcheck -I src -I /usr/include -I thumbnailer -I plugins/sampleplugin/ \
  -I renderer/ --enable=all -v --force . 2> cppcheck_log.txt

Results show partially similar issues than Coverity but the good news is that
the tool can easily be run again to verify the fix with cppcheck. This
does not mean doing real compilation and testing shouldn't be done. Just
might make fixing things a bit more straight forward. Unlike Coverity,
cppcheck isn't run as compiler so some code paths with warnings might
not actually be used in real life but then again fixing shouldn't hurt
anyone either.

Here are some example findings from kdenlive of issues which are quite
simple to fix:

(search for \(error tags in the log)

[src/lib/external/kiss_fft/tools/psdpng.c:173]: (error) Common realloc mistake: 'vals' nulled but not freed upon failure
[src/lib/external/kiss_fft/tools/psdpng.c:210]: (error) Common realloc mistake: 'row_pointers' nulled but not freed upon failure

(search for \(warning tags in the log)

[src/lib/external/kiss_fft/tools/kiss_fastfir.c:452]: (warning) %d in format string (no. 1) requires a signed integer given in the argument list.
[src/lib/external/kiss_fft/tools/psdpng.c:140]: (warning, inconclusive) Size of pointer 'mag2buf' used instead of size of its data. This is likely to lead to a buffer overflow. You probably intend to write 'sizeof(*mag2buf)'.
[src/scopes/abstractscopewidget.cpp:104] -> [src/scopes/abstractscopewidget.cpp:549] -> [src/scopes/abstractscopewidget.h:91]: (warning) Call of pure virtual function 'widgetName' in constructor. The call will fail during runtime.

(search for \(style.*no in the log)

[src/jogshuttle.h:32]: (style) The class 'ShuttleThread' does not have a constructor although it has private member variables. Member variables of builtin types are left uninitialized when the class is instanciated. That may cause bugs or undefined behavior.

So, I hope also someone else might try out running cppcheck and fixing some
of the findings.

Cheers,

-Mikko

More information about the Kdenlive mailing list