Uhlalutyo lwe-Static - ukusuka kwintshayelelo ukuya kuhlanganiso

Ukudinwa kukuphononongwa kwekhowudi engapheliyo okanye ukulungisa ingxaki, ngamanye amaxesha ucinga malunga nendlela yokwenza lula ubomi bakho. Kwaye emva kokukhangela kancinci, okanye ngokukhubeka kuyo ngempazamo, unokubona ibinzana lomlingo: "Uhlalutyo olungagungqiyo." Makhe sibone ukuba yintoni kwaye inokunxibelelana njani neprojekthi yakho.

Ngapha koko, ukuba ubhala ngalo naluphi na ulwimi lwangoku, ke, ngaphandle kokuyiqonda, uyiqhube nge-analyzer emileyo. Inyani kukuba nawuphi na umqokeleli wale mihla ubonelela, nangona kuncinci, iseti yezilumkiso malunga neengxaki ezinokubakho kwikhowudi. Umzekelo, xa uqulunqa ikhowudi yeC ++ kwiVisual Studio unokubona oku kulandelayo:

Kule mveliso sibona ukuba ukuguquguquka var ayizange isetyenziswe naphi na kumsebenzi. Ke ngokwenyani, uphantse wasoloko usebenzisa i-static code analyzer elula. Nangona kunjalo, ngokungafani nabahlalutyi beengcali ezifana ne-Coverity, i-Klocwork okanye i-PVS-Studio, izilumkiso ezinikezelwa ngumqambi zingabonisa kuphela uluhlu oluncinci lweengxaki.

Ukuba awuyazi ngokuqinisekileyo ukuba yintoni uhlalutyo olungatshintshiyo kunye nendlela yokuluphumeza, funda eli nqakuukufunda ngakumbi ngale ndlela yokusebenza.

Kutheni ufuna uhlalutyo lwe-static?

Ngamafutshane: ukukhawulezisa kunye nokwenza lula.

Uhlalutyo lwe-Static lukuvumela ukuba ufumane ezininzi iingxaki ezahlukeneyo kwikhowudi: ukusuka ekusetyenzisweni okungalunganga kolwakhiwo lolwimi ukuya kwii-typos. Umzekelo, endaweni ye

auto x = obj.x;
auto y = obj.y;
auto z = obj.z;

Ubhale le khowudi ilandelayo:

auto x = obj.x;
auto y = obj.y;
auto z = obj.x;

Njengoko ubona, kukho i-typo kumgca wokugqibela. Umzekelo, iPVS-Studio ikhupha esi silumkiso silandelayo:

V537 Cinga ngokujonga kwakhona ukuchaneka kosetyenziso lwento ethi 'y'.

Ukuba ufuna ukufaka izandla zakho kule mpazamo, zama umzekelo osele ulungile kwiCompiler Explorer: *khala*.

Kwaye njengoko uqonda, akusoloko kunokwenzeka ukuba ubeke ingqalelo kumacandelo anjalo ekhowudi kwangoko, kwaye ngenxa yoko, unokuhlala phantsi ukulungisa ingxaki ngeyure elungileyo, uzibuze ukuba kutheni yonke into isebenza ngokungaqhelekanga.

Nangona kunjalo, oku ngokucacileyo kuyimpazamo. Kuthekani ukuba umphuhlisi ubhale ikhowudi engaphantsi kuba elibale ubuqhetseba bolwimi? Okanye uyivumele kwikhowudi ukuziphatha okungachazwanga? Ngelishwa, iimeko ezinjalo zixhaphake ngokupheleleyo kwaye ixesha lengonyama lichithwa ukulungisa ingxaki ngokukodwa ikhowudi yokusebenza equlethe iitypos, iimpazamo eziqhelekileyo okanye ukuziphatha okungachazwanga.

Kungenxa yezi meko ukuba uhlalutyo olungatshintshiyo luvele. Lo ngumncedisi womphuhlisi oza kubonisa iingxaki ezahlukeneyo kwikhowudi kwaye uchaze kumaxwebhu ukuba kutheni kungenasidingo ukubhala ngale ndlela, yintoni enokukhokelela kuyo kunye nendlela yokuyilungisa. Nanku umzekelo wendlela enokukhangeleka ngayo: *khala*.

Unokufumana iimpazamo ezinomdla ngakumbi ezinokubonwa ngumhlalutyi kumanqaku:

• Iimpazamo ezili-10 eziphezulu kwiiprojekthi ze-C++ ze-2019
• Iimpazamo ezili-10 eziphezulu kwiiprojekthi ze-C # ze-2019
• IiBugs ezili-10 eziphambili kwiiProjekthi zeJava zika-2019

Ngoku sele uyifundile le mathiriyeli kwaye uqinisekile ngeenzuzo zohlalutyo olungatshintshiyo, unokufuna ukuyizama. Kodwa uqala phi? Ungasidibanisa njani isixhobo esitsha kwiprojekthi yakho yangoku? Kwaye njani ukwazisa iqela kuye? Uya kufumana iimpendulo kule mibuzo ingezantsi.

Qaphela: Uhlalutyo oluqinileyo aluthathi ndawo okanye lurhoxisa into eluncedo njengophononongo lwekhowudi. Incedisa le nkqubo, inceda ukuqaphela kunye nokulungisa iitypos, ukungachaneki, kunye noyilo oluyingozi kwangaphambili. Kunemveliso ngakumbi ukugxila kuphononongo lwekhowudi kwi-algorithms kunye nokucaciswa kwekhowudi, kunokuba ujonge i-parenthesis ebekwe kakubi okanye funda imisebenzi yothelekiso ekruqulayo.

0. Ukusazi isixhobo

Konke kuqala ngoguqulelo lwesilingo. Ewe, kunzima ukwenza isigqibo sokuphumeza into kwinkqubo yophuhliso ukuba awuzange usibone isixhobo siphila ngaphambili. Ke ngoko, into yokuqala ekufuneka uyenzile kukukhuphela uhlobo oluzanywayo.

Yintoni oya kufunda ngayo kweli nqanaba:

• Ziziphi iindlela zokusebenzisana ne-analyzer;
• Ngaba umhlalutyi uyahambelana nendawo yakho yophuhliso?
• Ziziphi iingxaki ezikhoyo ngoku kwiiprojekthi zakho?

Emva kokuba ufake yonke into oyifunayo, into yokuqala ekufuneka uyenzile kukuqhuba uhlalutyo lweprojekthi iyonke (Windows, Linux, Mac). Kwimeko ye-PVS-Studio kwi-Visual Studio uya kubona umfanekiso ofanayo (ocofayo):

Inyani kukuba abahlalutyi be-static bahlala bekhupha inani elikhulu lezilumkiso kwiiprojekthi ezinesiseko esikhulu sekhowudi. Akukho mfuneko yokulungisa zonke, kuba iprojekthi yakho sele isebenza, oku kuthetha ukuba ezi ngxaki azibalulekanga. Nangona kunjalo, wena ungajonga ezona zilumkiso zinika umdla kwaye uzilungise ukuba kuyimfuneko. Ukwenza oku, kufuneka ucofe imveliso kwaye ushiye kuphela eyona miyalezo ithembekileyo. Kwi-plugin ye-PVS-Studio ye-Visual Studio, oku kwenziwa ngokucoca ngamanqanaba eempazamo kunye neendidi. Ngezona ziphumo zichanekileyo, shiya kuphela phezulu и ngokubanzi (kwakhona ucofa):

Ewe, izilumkiso ezili-178 zilula kakhulu ukujonga kunamawaka aliqela...

Kwiithebhu phakathi и low Ngokuqhelekileyo kukho izilumkiso ezilungileyo, kodwa ezi ndidi ziquka ezo zixilongo ezinokuchaneka okuncinci (ukuthembeka). Ulwazi oluninzi malunga namanqanaba esilumkiso kunye neenketho zokusebenza phantsi kweWindows zinokufumaneka apha: *khala*.

Ukuphonononga ngempumelelo ezona mpazamo zinomdla (kwaye uzilungise ngempumelelo) kufanelekile cinezela izilumkiso eziseleyo. Oku kuyimfuneko ukuze izilumkiso ezitsha zingalahleki phakathi kwezindala. Ukongeza, i-static analyzer ngumncedisi womdwelisi weprogram, kwaye hayi uluhlu lweebugs. 🙂

1. Ukuzenzekela

Emva kokuqhelana, lixesha lokuqwalasela iiplagi kunye nokudibanisa kwiCI. Oku kufuneka kwenziwe phambi kokuba abadwelisi benkqubo baqalise ukusebenzisa i-static analyzer. Inyani kukuba umdwebi wenkqubo unokulibala ukwenza uhlalutyo okanye angafuni ukuyenza kwaphela. Ukwenza oku, kufuneka wenze uqwalaselo lokugqibela lwento yonke ukuze ikhowudi engavavanywanga ingakwazi ukungena kwisebe lophuhliso jikelele.

Yintoni oya kufunda ngayo kweli nqanaba:

• Ziziphi iinketho ezizenzekelayo isixhobo esibonelela ngazo;
• Ngaba i-analyzer iyahambelana nenkqubo yakho yokuhlanganisa?

Kuba amaxwebhu agqibeleleyo akakho, ngamanye amaxesha kufuneka ubhale inkxaso. Oku kuqhelekile kwaye siyavuya ukukunceda. 🙂

Ngoku masiqhubele phambili kwiinkonzo zokudityaniswa okuqhubekayo (CI). Nayiphi na i-analyzer inokuphunyezwa kubo ngaphandle kweengxaki ezinzulu. Ukwenza oku, kufuneka udale isigaba esahlukileyo kumbhobho, esihlala sihlala emva kokwakhiwa kunye novavanyo lweeyunithi. Oku kwenziwa kusetyenziswa izixhobo ezahlukeneyo zeconsole. Umzekelo, iPVS-Studio ibonelela ngezi nkonzo zilandelayo:

• PVS-Studio_Cmd.exe (uhlalutyo lwezisombululo, iC#, iiprojekthi zeC++ kwiWindows)
• CLMonitor.exe (ukuqokelela esweni)
• pvs-studio-analyzer (uhlalutyo lweeprojekthi zeC ++ kwiLinux / macOS)
• pvs-studio-dotnet (uhlalutyo lwesisombululo, iiprojekthi zeC # kwiLinux / macOS)
• pvs-studio.jar (uhlalutyo lweeprojekthi zeJava)
• Isiguquli sePlog (xela isiguquli sefayile)

Ukudibanisa uhlalutyo kwi-CI, kufuneka wenze izinto ezintathu:

• Faka i-analyzer;
• Qhuba uhlalutyo;
• Thumela iziphumo.

Umzekelo, ukufaka iPVS-Studio kwiLinux (Debian-base), kufuneka usebenzise le miyalelo ilandelayo:

wget -q -O - https://files.viva64.com/etc/pubkey.txt 
    | sudo apt-key add -
sudo wget -O /etc/apt/sources.list.d/viva64.list 
  https://files.viva64.com/etc/viva64.list
  
sudo apt-get update -qq
sudo apt-get install -qq pvs-studio

Kwiinkqubo eziqhuba iWindows, akukho ndlela yokufaka umhlalutyi kumphathi wephakheji, kodwa kunokwenzeka ukuhambisa umhlalutyi kumgca womyalelo:

PVS-Studio_setup.exe /verysilent /suppressmsgboxes 
/norestart /nocloseapplications

Unokufunda ngakumbi malunga nokubeka iPVS-Studio kwiinkqubo ezisebenza ngeWindows *apha*.

Emva kokufakela, kufuneka uqhube uhlalutyo ngokuthe ngqo. Nangona kunjalo, kucetyiswa ukuba wenze oku kuphela emva kokuhlanganiswa kunye neemvavanyo. Oku kungenxa yokuba uhlalutyo olungatshintshiyo luthatha ixesha eliphindwe kabini njengokuhlanganiswa.

Ekubeni indlela yokuqalisa ixhomekeke kwiqonga kunye neempawu zeprojekthi, ndiza kubonisa ukhetho lweC ++ (Linux) njengomzekelo:

pvs-studio-analyzer analyze -j8 
                            -o PVS-Studio.log
plog-converter -t errorfile PVS-Studio.log --cerr -w

Umyalelo wokuqala uya kwenza uhlalutyo, kwaye okwesibini iimvulophuiguqula ingxelo kwifomati yokubhaliweyo, ibonise kwiscreen kwaye ibuyisele ikhowudi yokubuyisela ngaphandle kwe-0 ukuba kukho izilumkiso. Indlela efana nale ingasetyenziswa ngokulula ukuvala isakhiwo xa kukho imiyalezo yemposiso. Nangona kunjalo, ungasoloko ususa iflegi -w kwaye musa ukuyivala indibano enezilumkiso.

Qaphela: Ifomati yokubhaliweyo ayilunganga. Inikwa nje umzekelo. Nika ingqalelo kwifomathi yengxelo enomdla ngakumbi-FullHtml. Ikuvumela ukuba uhambe ngekhowudi.

Unokufunda ngakumbi malunga nokuseka uhlalutyo kwi-CI kwinqaku "I-PVS-Studio kunye noManyano oluqhubekayo"(iWindows) okanye"Useta njani iPVS-Studio kwiTravis CI"(Linux).

Kulungile, uye waqwalasela umhlalutyi kwiseva yokwakha. Ngoku, ukuba umntu ulayishe ikhowudi engavavanywanga, inqanaba lokuqinisekisa liya kusilela, kwaye uya kukwazi ukubona ingxaki, nangona kunjalo, oku akulunganga ngokupheleleyo, kuba kuphumelela ngakumbi ukujonga iprojekthi kungemva kokuba amasebe edityanisiwe, kodwa phambi kwayo, kwinqanaba lesicelo sokutsalwa.

Ngokubanzi, ukuseta uhlalutyo lwesicelo sokutsala alufani kakhulu nokuqaliswa okuqhelekileyo kokuhlalutya kwiCI. Ngaphandle kwesidingo sokufumana uluhlu lweefayile ezitshintshiweyo. Ezi zihlala zifumaneka ngokubuza umahluko phakathi kwamasebe usebenzisa i-git:

git diff --name-only HEAD origin/$MERGE_BASE > .pvs-pr.list

Ngoku kufuneka udlulise olu luhlu lweefayile kwi-analyzer njengegalelo. Ngokomzekelo, kwi-PVS-Studio oku kuphunyezwa ngokusebenzisa iflegi -S:

pvs-studio-analyzer analyze -j8 
                            -o PVS-Studio.log 
                            -S .pvs-pr.list

Ungafumana ngakumbi malunga nokuhlalutya izicelo zotsalo *apha*. Nangona i-CI yakho ingekho kuluhlu lweenkonzo ezikhankanywe kwinqaku, uya kufumana icandelo eliqhelekileyo elinikezelwe kwithiyori yolu hlobo lokuhlalutya luncedo.

Ngokuseta uhlalutyo lwezicelo zokutsalwa, unokuvala iziboniso ezinezilumkiso, ngokwenza oko udale umda ikhowudi engavavanywanga ayinakuwuwela.

Konke oku kulungile, kodwa ndingathanda ukukwazi ukubona zonke izilumkiso kwindawo enye. Akunjalo kuphela kwi-analyzer ye-static, kodwa nakwiimvavanyo zeyunithi okanye kwi-analyzer eguquguqukayo. Kukho iinkonzo ezahlukeneyo kunye neeplagi zoku. I-PVS-Studio, umzekelo, ine iplagi yokudityaniswa kwi-SonarQube.

2. Ukudityaniswa koomatshini bophuhlisi

Ngoku lixesha lokufaka kunye nokuqwalasela i-analyzer yokusetyenziswa kophuhliso lwemihla ngemihla. Ngeli nqanaba sele uqhelene neendlela ezininzi zokusebenza, ke oku kunokubizwa ngokuba yeyona ndawo ilula.

Njengeyona ndlela ilula, abaphuhlisi banokufakela i-analyzer efunekayo ngokwabo. Nangona kunjalo, oku kuya kuthatha ixesha elininzi kwaye kubaphazamise ekuphuhliseni, ngoko unokwenza ngokuzenzekelayo le nkqubo usebenzisa i-installer kunye neeflegi eziyimfuneko. Kwi-PVS-Studio kukho ezahlukeneyo iiflegi zofakelo oluzenzekelayo. Nangona kunjalo, kusoloko kukho abaphathi bephakheji, umzekelo, iChocolatey (Windows), iHomebrew (macOS) okanye uninzi lweenketho zeLinux.

Emva koko kuya kufuneka ufake iiplagi eziyimfuneko, umzekelo IziXhobo zeStudiyo zokuBonakalayo zeeAplikheyishini, IDEA, Rider njalo

3. Ukusetyenziswa kwemihla ngemihla

Ngeli nqanaba, lixesha lokuthetha amagama ambalwa malunga neendlela zokukhawulezisa i-analyzer ngexesha lokusetyenziswa kwansuku zonke. Uhlalutyo olupheleleyo lweprojekthi yonke luthatha ixesha elininzi, kodwa sitshintsha kangaphi ikhowudi kuyo yonke iprojekthi ngaxeshanye? Akukho nakuphi na ukuphinda kuphindwe kukhulu kangangokuba kuyakuchaphazela ngoko nangoko isiseko sonke sekhowudi. Inani leefayile ezitshintshwayo ngexesha alifane libe ngaphezu kweshumi elinesibini, ngoko kuyavakala ukuzihlalutya. Kwimeko enjalo kukho imowudi yohlalutyo olongezelelweyo. Ungothuki, ayisosinye isixhobo esi. Le yindlela ekhethekileyo evumela ukuba uhlalutye iifayile ezitshintshileyo kuphela kunye nokuxhomekeka kwazo, kwaye oku kwenzeka ngokuzenzekelayo emva kokwakha ukuba usebenza kwi-IDE kunye neplagin efakwe.

Ukuba i-analyzer ibona iingxaki kwikhowudi esandul 'ukutshintshwa, iya kuxela oku ngokuzimeleyo. Umzekelo, i-PVS-Studio iya kukuxelela malunga noku usebenzisa isilumkiso:

Ewe, ukuxelela abaphuhlisi ukuba basebenzise isixhobo akwanele. Kufuneka ukuba ngandlela ithile sibaxelele ukuba yintoni kwaye injani. Apha, umzekelo, ngamanqaku amalunga nesiqalo esikhawulezayo se-PVS-Studio, kodwa unokufumana izifundo ezifanayo kuso nasiphi na isixhobo osithandayo:

• Uyiqhuba njani iPVS-Studio kwiWindows (C, C++, C#)
• Uyiqhuba njani iPVS-Studio kwiLinux kunye neMacOS (C, C ++)
• Uyisungula njani iPVS-Studio Java

Amanqaku anjalo anika lonke ulwazi oluyimfuneko kusetyenziso lwemihla ngemihla kwaye aluthathi ixesha elininzi. 🙂

Nakwinqanaba lokwazi isixhobo, sacinezela izilumkiso ezininzi ngexesha lokuqaliswa kokuqala. Ngelishwa, abahlalutyi be-static abafezekanga, ngoko ke ngamaxesha ngamaxesha banika iimpawu zobuxoki. Ngokuqhelekileyo kulula ukubacinezela; umzekelo, kwiplagi yePVS-Studio yeVisual Studio kufuneka ucofe iqhosha elinye:

Noko ke, unokwenza okungakumbi kunokusuka nje ubacinezele. Umzekelo, unokuxela ingxaki ukuxhasa. Ukuba i-positive yobuxoki inokulungiswa, ngoko kuhlaziyo oluzayo unokuqaphela ukuba ixesha ngalinye kukho ezimbalwa kwaye zimbalwa iimpawu zobuxoki ezithe ngqo kwi-codebase yakho.

Emva kokudibanisa

Ngoko siye sahamba kuzo zonke izigaba zokudibanisa uhlalutyo lwe-static kwinkqubo yophuhliso. Ngaphandle kokubaluleka kokuseta izixhobo ezinjalo kwi-CI, eyona ndawo ibalulekileyo yokuyiqhuba yikhompyuter yonjiniyela. Emva kwayo yonke loo nto, i-static analyzer ayiyena umgwebi othi kwindawo ethile kude nawe ukuba ikhowudi ayilungile. Ngokuchasene noko, ngumncedisi okuxelela ukuba udiniwe kwaye ukukhumbuza ukuba kukho into oyilibeleyo.

Enyanisweni, ngaphandle kokusetyenziswa rhoqo, uhlalutyo lwe-static alunakwenzeka ukwenza lula uphuhliso. Emva kwayo yonke loo nto, eyona nzuzo iphambili yomphuhlisi ayikho kangako ekukhangeleni amacandelo antsonkothileyo kunye neempikiswano zekhowudi, kodwa ekubhaqweni kwawo kwangoko. Vumelana ukuba ukufumanisa ingxaki emva kokuba ukuhlelwa kuthunyelwe kuvavanyo akuyolisi nje kuphela, kodwa kwakhona kuthatha ixesha elininzi. Uhlalutyo olungatshintshiyo, xa lusetyenziswa rhoqo, lujonga lonke utshintsho ngqo kwikhompyuter yakho kwaye luxele iindawo ezikrokrelayo ngelixa usebenza kwikhowudi.

Kwaye ukuba wena okanye oogxa bakho abakaqinisekanga ukuba kufanelekile ukuphumeza umhlalutyi, ke ndicebisa ukuba ngoku uqale ukufunda inqaku "Izizathu zokwazisa i-static code analyzer PVS-Studio kwinkqubo yophuhliso"Ijongana neenkxalabo eziqhelekileyo zabaphuhlisi ukuba uhlalutyo olungatshintshiyo luya kuthatha ixesha labo njalo njalo.

Ukuba ufuna ukwabelana ngeli nqaku kunye nabaphulaphuli abathetha isiNgesi, nceda usebenzise ikhonkco lokuguqulela: UMaxim Zvyagintsev. Uhlalutyo olungatshintshiyo: Ukusuka ekuQaleni ukuya kuManyano.

umthombo: www.habr.com