edwintorok · edwintorok · Aug 17, 2022 · Aug 17, 2022 · Aug 18, 2022 · Oct 6, 2022
diff --git a/.clang-format b/.clang-format
@@ -0,0 +1,9 @@
+BasedOnStyle: GNU
+IndentWidth: 4
+
+# override GNU to match Xen ../../CODING_STYLE more closely
+AlwaysBreakAfterDefinitionReturnType: None
+AlwaysBreakAfterReturnType: None
+SpacesInConditionalStatement: true
+SpaceBeforeParens: ControlStatements
+BreakBeforeBraces: Allman
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,20 @@
+# See ./CODING_STYLE
+root = true
+
+[*]
+end_of_line = lf
+indent_style = space
+charset = utf-8
+max_line_length = 79
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+# Makefiles must use tabs, otherwise they don't work
+[Makefile]
+indent_style = tabs
+
+[*.{c,h}]
+indent_size = 4
+
+[*.{ml,mli}]
+indent_size = 2
diff --git a/.github/workflows/staticanalysis.yml b/.github/workflows/staticanalysis.yml
@@ -0,0 +1,73 @@
+name: Run OCaml C stub static analyzer on XAPI's C stubs
+
+on:
+  push:
+  pull_request:
+    branches:
+      - master
+      - 'feature/**'
+      - '*-lcm'
+
+jobs:
+  staticanalyzer:
+    name: Ocaml files
+    runs-on: ubuntu-22.04
+    env:
+      package: "xapi-lintcstubs"
+      # for building .cmt, TODO: restructure so the C stubs don't need these
+      xapideps: "xentoollog xapi-stdext-pervasives lwt_ssl xenctrl io-page conf-pam conf-xxhash"
+      XAPI_VERSION: "v0.0.0-${{ github.sha }}"
+      # required for dune cache to work inside opam for now, otherwise it
+      # gets EXDEV and considers it a cache miss
+      DUNE_CACHE_STORAGE_MODE: copy
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # we could just use the upstream repo here, but I want to ensure
+      # that we're able to run the static analyzer locally too
+      - name: Pull configuration from xs-opam
+        run: |
+          curl --fail --silent https://raw.githubusercontent.com/edwintorok/xs-opam/master/tools/xs-opam-ci.env | cut -f2 -d " " > .env
+
+      - name: Load environment file
+        id: dotenv
+        uses: falti/[email protected]
+        with:
+          log-variables: true
+
+      - name: Use ocaml
+        uses: avsm/setup-ocaml@v2
+        with:
+          ocaml-compiler: ${{ steps.dotenv.outputs.ocaml_version_full }}
+          opam-repositories: |
+            default: ${{ steps.dotenv.outputs.repository }}
+          dune-cache: true
+          opam-local-packages: ${{ env.package }}.opam
+
+      - name: Install dependencies for static analyzer
+        run: |
+          opam update
+          opam install --deps-only ${{ env.package }}
+          opam install ${{ env.xapideps }}
+
+        # The checkout action performs a shallow, this triggers dune to set the
+        # version to <hash>-dirty. Work around this dune behaviour and tag the
+        # commit so a proper version is always picked up
+      - name: Tag current commit
+        run: |
+          git config user.name "Dune workaround"
+          git config user.email "<>"
+          git tag -am "workaround for dune" "$XAPI_VERSION"
+
+      - name: Configure
+        run: opam exec -- ./configure --xapi_version="$XAPI_VERSION"
+
+      - name: Run static analyzer
+        run: opam exec -- make analyze
+
+      - name: Upload SARIF report
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: _build/default/xapi.sarif
diff --git a/Makefile b/Makefile
@@ -23,6 +23,9 @@ check:
 clean:
 	dune clean
 
+analyze:
+	dune build --profile=$(PROFILE) xapi.sarif
+
 lint:
 	dune build @python
 	pylint --disable=line-too-long,too-few-public-methods,unused-argument,no-self-use,invalid-name,broad-except,protected-access,redefined-builtin,too-many-lines,wildcard-import,too-many-branches,too-many-arguments,unused-wildcard-import,raising-format-tuple,too-many-statements,duplicate-code _build/default/xapi-storage/python/xapi/storage/api/v5/*.py
@@ -31,6 +34,7 @@ lint:
 test:
 	dune runtest --profile=$(PROFILE) --no-buffer -j $(JOBS)
 	dune build @runtest-python --profile=$(PROFILE)
+	dune build @analyze --profile=$(PROFILE)
 
 stresstest:
 	dune build @stresstest --profile=$(PROFILE) --no-buffer -j $(JOBS)
@@ -82,6 +86,7 @@ doc-json:
 
 format:
 	dune build @fmt --auto-promote
+	git ls-files '*.c' '*.h' | xargs clang-format -i
 
 .PHONY: quality-gate
 quality-gate:
@@ -214,3 +219,10 @@ uninstall:
 		message-switch message-switch-async message-switch-cli message-switch-core message-switch-lwt \
 		message-switch-unix xapi-idl forkexec xapi-forkexecd xapi-storage xapi-storage-script xapi-log \
 		xapi-open-uri
+
+compile_flags.txt: Makefile
+	(ocamlc -config-var ocamlc_cflags;\
+	ocamlc -config-var ocamlc_cppflags;\
+	echo -I$(shell ocamlc -where);\
+	echo -Wall -Wextra -Wstrict-prototypes -D_FORTIFY_SOURCE=2\
+	) | xargs -n1 echo >$@
diff --git a/dune b/dune
@@ -13,3 +13,93 @@
 (executable
   (name configure)
   (libraries dune-configurator findlib cmdliner unix))
+
+
+(rule
+  (with-stdout-to ctypesdir (run dirname %{lib:ctypes:cstubs_internals.h}))
+)
+
+; This is a single invocation but it is very quick (<0.2s),
+; although depends on the machine sometimes can be ~1.5s too
+; no need to parallelize, also output can be cached.
+; Only depend on ML files that contain C stubs though,
+; and these .ml also don't require preprocessing for easier use
+(rule
+  (deps
+    ocaml/staticanalyzer/arity/lintcstubs_arity.exe
+    (:mlfiles
+      (glob_files ocaml/auth/*.ml)
+      (glob_files ocaml/libs/log/*.ml)
+      (glob_files ocaml/vhd-tool/src/channels.ml)
+      (glob_files ocaml/xenopsd/c_stubs/*.ml)
+      (glob_files ocaml/xxhash/lib/*.ml)
+      (glob_files unixpwd/src/*.ml)
+    ))
+  (action
+   (with-stdout-to primitives.h
+     (run ocaml/staticanalyzer/arity/lintcstubs_arity.exe %{mlfiles})
+   ))
+)
+
+(rule
+  (deps
+    ocaml/staticanalyzer/genmain/lintcstubs_genmain.exe
+    (:cmtfiles
+      (glob_files ocaml/auth/.pam.objs/byte/*.cmt)
+      (glob_files ocaml/libs/log/.log.objs/byte/*.cmt)
+      (glob_files ocaml/vhd-tool/src/.channel_stubs.objs/byte/*.cmt)
+      (glob_files ocaml/xenopsd/c_stubs/.xc_stubs.objs/byte/*.cmt)
+      (glob_files ocaml/xenopsd/c_stubs/.c_stubs.objs/byte/*.cmt)
+      (glob_files ocaml/xxhash/stubs/.xxhash_bindings.objs/byte/*.cmt)
+      (glob_files ocaml/xxhash/lib/.xxhash.objs/byte/*.cmt)
+      (glob_files unixpwd/src/.unixpwd.objs/byte/*.cmt)
+    )
+   )
+  (action
+    (with-stdout-to primitives.model.c
+      (run ocaml/staticanalyzer/genmain/lintcstubs_genmain.exe %{cmtfiles})
+     )
+   )
+)
+
+; once we upgrade to Dune 3.x we can use glob_files_rec here
+(rule
+  (targets xapi.sarif lintcstubs.stdout)
+  (deps
+    (package xapi-lintcstubs)
+    (:headers (glob_files ocaml/auth/*.h) (glob_files unixpwd/c/*.h) primitives.h)
+    (:runtime_model ocaml/staticanalyzer/model/ocaml_runtime.model.c)
+    (:primitives_model primitives.model.c)
+    (:cstubs
+     (glob_files ocaml/auth/*.c)
+     (glob_files ocaml/libs/log/*.c)
+     (glob_files ocaml/vhd-tool/src/*.c)
+     (glob_files ocaml/xenopsd/c_stubs/*.c)
+     (glob_files unixpwd/c/unix*.c)))
+
+  ; enable only errors from our analyses
+  ; so that the paths in the .sarif will be correct a chdir is needed
+            ; --disable warn.warning
+  (action
+    (progn
+      (run rm -f goblint.sarif)
+      (run ln -s %{read-lines:ctypesdir} ctypes)
+      (with-stdout-to lintcstubs.stdout
+        (run ocaml/staticanalyzer/lintcstubs.exe -o xapi.sarif --disable warn.info
+            --disable warn.unsound --disable warn.imprecise
+            --disable warn.deadcode
+            --disable warn.behavior
+            --set ana.activated "[\"ocamlcstubs\",\"escape\"]"
+            --sarif -I %{ocaml_where}
+            -I ocaml/auth -I ctypes -I unixpwd/c
+            %{primitives_model}
+            %{cstubs}
+           ))))
+ )
+            ; --enable dbg.debug --enable dbg.verbose
+; TODO: show stderr too
+(rule
+ (alias analyze)
+ (deps lintcstubs.stdout)
+ (action (diff xapi.stdout.reference %{deps}))
+)
diff --git a/dune-project b/dune-project
@@ -1,3 +1,5 @@
-(lang dune 2.0)
+(lang dune 2.8)
+(cram enable)
+(using dune_site 0.1)
 
 (formatting (enabled_for ocaml))
diff --git a/message-switch.opam b/message-switch.opam
@@ -18,7 +18,7 @@ depends: [
   "cmdliner"
   "cohttp-async" {with-test}
   "cohttp-lwt-unix"
-  "io-page-unix"
+  "io-page" {>= "2.4.0"}
   "lwt_log"
   "message-switch-async" {with-test}
   "message-switch-lwt"

diff --git a/ocaml/.editorconfig b/ocaml/.editorconfig
@@ -0,0 +1,20 @@
+# See ./CODING_STYLE
+root = true
+
+[*]
+end_of_line = lf
+indent_style = space
+charset = utf-8
+max_line_length = 79
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+# Makefiles must use tabs, otherwise they don't work
+[{Makefile,*.mk,Makefile.rules}]
+indent_style = tabs
+
+[*.{c,h}]
+indent_size = 4
+
+[*.{ml,mli}]
+indent_size = 2