tomato/other/docker/infer/Dockerfile
Green Sky 8eb4892b49 Squashed 'external/toxcore/c-toxcore/' changes from 8f0d505f9a..6d634674a9
6d634674a9 cleanup: Remove old type-ordered event getters.
d1d48d1dfc feat: add ngc events
994ffecc6b refactor: Make event dispatch ordered by receive time.
812f931d5f fix: Make sure there's enough space for CONSUME1 in fuzzers.
50f1b30fa9 test: Add fuzz tests to the coverage run.
df76f5cf47 chore: Move from gcov to llvm source-based coverage.
072e3beb3f fix: issues with packet broadcast error reporting
6b6718e4d2 cleanup: Make group packet entry creation less error-prone
5b9c420ce1 refactor: packet broadcast functions now return errors
af4cb31028 refactor: Use `operator==` for equality tests of `Node_format`.
9592d590cf refactor(test): Slightly nicer C++ interface to tox Random.
c66e10fb7a refactor: Minor refactoring of get_close_nodes functions.
ebc9643862 fix: don't pass garbage data buffer to packet send functions
32b68cffca cleanup: Some more test cleanups, removing overly smart code.
0426624dcb refactor: Assign malloc return to a local variable first.
afc38f2458 test: Add more unit tests for `add_to_list`.
05ce5c1ab9 test: Add "infer" CI check to github, remove from circle.
REVERT: 8f0d505f9a feat: add ngc events
REVERT: 9b8216e70c refactor: Make event dispatch ordered by receive time.

git-subtree-dir: external/toxcore/c-toxcore
git-subtree-split: 6d634674a929edb0ab70689dcbcb195b3547be13
2024-01-12 21:30:48 +01:00

42 lines
1.6 KiB
Docker

FROM toxchat/infer:latest
COPY toxav/ /work/c-toxcore/toxav/
COPY toxcore/ /work/c-toxcore/toxcore/
COPY toxencryptsave/ /work/c-toxcore/toxencryptsave/
COPY third_party/ /work/c-toxcore/third_party/
RUN infer capture -- clang++ -fsyntax-only \
$(pkg-config --cflags libconfig libsodium opus vpx) \
/work/c-toxcore/toxav/*.c \
/work/c-toxcore/toxcore/*.c \
/work/c-toxcore/toxcore/*/*.c \
/work/c-toxcore/toxencryptsave/*.c
RUN ["infer", "analyze",\
"--report-console-limit", "100",\
"--jobs", "8",\
"--no-bufferoverrun",\
"--no-datalog",\
"--print-active-checkers",\
"--loop-hoisting",\
"--quandary",\
"--racerd",\
"--starvation",\
"--uninit",\
"--disable-issue-type", "BUFFER_OVERRUN_L2",\
"--disable-issue-type", "PULSE_UNNECESSARY_COPY",\
"--enable-issue-type", "EXPENSIVE_EXECUTION_TIME",\
"--enable-issue-type", "INVARIANT_CALL",\
"--enable-issue-type", "PULSE_UNINITIALIZED_CONST",\
"--enable-issue-type", "SENSITIVE_DATA_FLOW",\
"--enable-issue-type", "UNTRUSTED_BUFFER_ACCESS",\
"--enable-issue-type", "UNTRUSTED_HEAP_ALLOCATION",\
"--disable-issue-type", "USE_AFTER_FREE_LATENT",\
"--disable-issue-type", "STACK_VARIABLE_ADDRESS_ESCAPE",\
"--disable-issue-type", "INVARIANT_CALL",\
"--fail-on-issue"]
# In the above, the first 2 are disabled for extreme sensitivity and false
# positives, the ones at the end are probably decent, but have some false
# positives, so we can't fail-on-issue with them on.
# INVARIANT_CALL is pretty fun, but currently wrong, because it can't see
# through potential mutations via callbacks. Our code is bad and we should
# feel bad, but until that's fixed, the invariant checker doesn't work.