This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Software Quality Binutils


Hi Christoph,

I'm not at all offended.

I'm relatively new to binutils development, and my contributions are
limited to a particular architecture.   The binutils maintainer (Nick
Clifton) is responsible for high level decisions.

But personally I would welcome having some regular, systematic and automated 
static *and* dynamic tests on binutils with publically available
results.  This would help alleviate some regressions which someone complained 
about recently.

Binutils is mature software, and some parts of it are anachronistic, and
IMO should be rewritten.   For example I'm not impressed with the way 
some .c files are #included by other files and their semantics adjusted
by the preprocessor.   But of course it's a question of time and 
resources.   Static analysis could help identify which parts are in most
urgent need of attention.

As for tools, I've had good experience with cppcheck for linting
and with pmccabe for cyclomatic complexity.
[ How about gas/config/tc-hppc.c (pa_ip) with a complexity of 499 ? 
  Now that is smelly! ]

You should also bear in mind that many source files in the git repository are
automatically generated (something which irks me immensely) and you
can't expect static analysis tools to give meaningfull results on those.

But these are just my opinions and I'm sure there are people on this
list who would consider them BS.

J'

On Mon, Aug 13, 2018 at 08:17:58PM +0000, Christoph Hazott wrote:
     Hi John,
     
     first of all I'm sorry if I offended you, that was definitely not my intention! 
     I'm also not a spokesperson for Infineon. I'm writing you as a private person. The first paragraph was only to introduce myself to maybe get to know each other a little.
     
     With "smelly" I was not referring to (sorry about the term) crap but to the term from Kent Beck "Code smell" (see Wiki article https://en.wikipedia.org/wiki/Code_smell)
     
     Sonar in its default configuration I fully agree and it was just a quick check I created if I would be able to contribute like this (as written in the PS I'm not drawn to it).
     
     Again sorry if my mail offended you!
     
     Regards,
     
     Christoph
     
     -----Urspr?ngliche Nachricht-----
     Von: John Darrington [mailto:john@darrington.wattle.id.au] 
     Gesendet: Monday, 13 August 2018 21:52
     An: Christoph Hazott
     Cc: binutils@sourceware.org
     Betreff: Re: Software Quality Binutils
     
     Hi Christoph,
     
     I'm sure that if you identify any particular issues and send 
     patches, then they'll be carefully considered by the relevant person.
     
     However I'm equally sure that if you send patches simply because they
     shut sonar up then most will be rejected.   Sonar in its default
     cofiguration is highly promiscuous - it includes criteria from
     committees such as MISRA who in my opionion have failed to grasp many
     principles of coding, and their rules achive the opposite of clean
     code.
     
     
     (I formerly worked at Infineon and  I don't think they're in a position
     to complain that other people's code is "smelly"!)
     
     
     J'
     
     
     On Mon, Aug 13, 2018 at 06:25:38PM +0000, Christoph Hazott wrote:
          Hi,
          
          
          first of all I quickly want to introduce myself. My name is Christoph Hazott, I life in Austria but am originally from Germany. Currently I'm employed at Infineon as Test Development Engineer for RADAR Products and made my MSc. Degree in Embedded Systems Design at the University of Applied Sciences Upper Austria in 2012.
          
          I'm very fond of Free Software but have to say that due to (in my opinion) software entropy with such a high amount of contributors and functionality the tools have become smelly.
          
          
          I sat down now for one day and made a static code analysis of the binutils (because they are the major part of the toolchain). I uploaded the code of version 2.30.90 (last snapshot) to my public GitHub (https://github.com/h4z4rt/binutils) and connected it to sonar. In a virtual machine I executed the scanner with a Linux From Scratch configuration and the results where  uploaded to https://sonarcloud.io/organizations/h4z4rt-github/projects  and can be viewed there.
          
          
          
          The results show 535 Bugs, 804 Vulnerabilities, 8.5k Code Smells and > 11.7% duplications.
          
          
          
          Because of this I would like to contribute to the binutils project by setting up an infrastructure for static code analysis (and further...).
          
          I would be happy if you would liketo have me to contribute to the binutils like this.
          
          
          
          Looking forward to your supply.
          
          
          
          Regards,
          
          
          
          Christoph
          
          
          
          PS: I'm not fixed on any code analysis tools I just used sonar because I personally made the best experience with it.
          
          
          
          
          
          
          
          
          
          
          
     
     -- 
     Avoid eavesdropping.  Send strong encrypted email.
     PGP Public key ID: 1024D/2DE827B3 
     fingerprint = 8797 A26D 0854 2EAB 0285  A290 8A67 719C 2DE8 27B3
     See http://sks-keyservers.net or any PGP keyserver for public key.
     

-- 
Avoid eavesdropping.  Send strong encrypted email.
PGP Public key ID: 1024D/2DE827B3 
fingerprint = 8797 A26D 0854 2EAB 0285  A290 8A67 719C 2DE8 27B3
See http://sks-keyservers.net or any PGP keyserver for public key.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]