Handle ambigous profile/group parameters

Introduce the -e group: option, to improve handling of ambigous parameters (such as "security" etc.)
Ericsson · Nov 7, 2024 · 1ad9851 · 1ad9851
1 parent 3320e9a
commit 1ad9851
Show file tree

Hide file tree

Showing 6 changed files with 120 additions and 25 deletions.
diff --git a/analyzer/codechecker_analyzer/analyzers/config_handler.py b/analyzer/codechecker_analyzer/analyzers/config_handler.py
@@ -12,8 +12,10 @@
 
 from abc import ABCMeta
 from enum import Enum
+from string import Template
 import collections
 import platform
+import sys
 import re
 
 from codechecker_analyzer import analyzer_context
@@ -210,23 +212,40 @@ def initialize_checkers(self,
         profiles = checker_labels.get_description('profile')
         guidelines = checker_labels.occurring_values('guideline')
 
+        templ = Template("The ${entity} name '${identifier}' conflicts with a "
+                         "checker group name. Please use -e ${entity}: to "
+                         "select checkers of a ${entity} or use -e group: "
+                         "to select checkers which have a name "
+                         "starting with '${identifier}'.")
+
         for identifier, enabled in cmdline_enable:
-            if ':' in identifier:
+            if "group:" in identifier:
+                identifier = identifier.replace("group:", "")
+                self.set_checker_enabled(identifier, enabled)
+
+            elif ':' in identifier:
                 for checker in checker_labels.checkers_by_labels([identifier]):
                     self.set_checker_enabled(checker, enabled)
+
             elif identifier in profiles:
                 if identifier in reserved_names:
-                    LOG.warning("Profile name '%s' conflicts with a "
-                                "checker(-group) name.", identifier)
-                for checker in checker_labels.checkers_by_labels(
-                        [f'profile:{identifier}']):
-                    self.set_checker_enabled(checker, enabled)
+                    LOG.error(templ.substitute(entity="profile",
+                                               identifier=identifier))
+                    sys.exit(1)
+                else:
+                    for checker in checker_labels.checkers_by_labels(
+                            [f'profile:{identifier}']):
+                        self.set_checker_enabled(checker, enabled)
+
             elif identifier in guidelines:
                 if identifier in reserved_names:
-                    LOG.warning("Guideline name '%s' conflicts with a "
-                                "checker(-group) name.", identifier)
-                for checker in checker_labels.checkers_by_labels(
-                        [f'guideline:{identifier}']):
-                    self.set_checker_enabled(checker, enabled)
+                    LOG.error(templ.substitute(entity="guideline",
+                                               identifier=identifier))
+                    sys.exit(1)
+                else:
+                    for checker in checker_labels.checkers_by_labels(
+                            [f'guideline:{identifier}']):
+                        self.set_checker_enabled(checker, enabled)
+
             else:
                 self.set_checker_enabled(identifier, enabled)
diff --git a/analyzer/codechecker_analyzer/checkers.py b/analyzer/codechecker_analyzer/checkers.py
@@ -23,7 +23,8 @@ def available(ordered_checkers, available_checkers):
         if checker_name.startswith('profile:') or \
                 checker_name.startswith('guideline:') or \
                 checker_name.startswith('severity:') or \
-                checker_name.startswith('sei-cert:'):
+                checker_name.startswith('sei-cert:') or \
+                checker_name.startswith('group:'):
             continue
 
         name_match = False

diff --git a/analyzer/codechecker_analyzer/cmd/analyze.py b/analyzer/codechecker_analyzer/cmd/analyze.py
@@ -699,6 +699,21 @@ def add_arguments_to_parser(parser):
 Note that compiler errors and warnings are captured by CodeChecker only if it
 was emitted by clang-tidy.
 
+Checker groups
+------------------------------------------------
+Checker groups allow you to enable checkers that share a common prefix in
+their names. Checkers within a group will have names that start with the same
+identifier, making it easier to manage and reference related checkers.
+
+You can enable/disable checkers belonging to a group: '-e <label>:<value>',
+e.g. '-e group:security'.
+
+Note: The 'group' label is mandatory when there is ambiguity between the
+name of a checker group and a checker profile or a guideline. This prevents
+conflicts and ensures the correct checkers are applied.
+
+See "CodeChecker checkers --help" to learn more.
+
 Checker labels
 ------------------------------------------------
 Each checker is assigned several '<label>:<value>' pairs. For instance,
@@ -708,6 +723,10 @@ def add_arguments_to_parser(parser):
 You can enable/disable checkers belonging to a label: '-e <label>:<value>',
 e.g. '-e profile:default'.
 
+Note: The 'profile' label is mandatory when there is ambiguity between the
+name of a checker profile and a checker group or a guideline. This prevents
+conflicts and ensures the correct checkers are applied.
+
 See "CodeChecker checkers --help" to learn more.
 
 Guidelines
@@ -723,6 +742,10 @@ def add_arguments_to_parser(parser):
 Guidelines are labels themselves, and can be used as a label:
 '-e guideline:<value>', e.g. '-e guideline:sei-cert'.
 
+Note: The 'guideline' label is mandatory when there is ambiguity between the
+name of a guideline and a checker group or a checker profile. This prevents
+conflicts and ensures the correct checkers are applied.
+
 Batch enabling/disabling checkers
 ------------------------------------------------
 You can fine-tune which checkers to use in the analysis by setting the enable

diff --git a/analyzer/codechecker_analyzer/cmd/check.py b/analyzer/codechecker_analyzer/cmd/check.py
@@ -643,6 +643,21 @@ def add_arguments_to_parser(parser):
 Note that compiler errors and warnings are captured by CodeChecker only if it
 was emitted by clang-tidy.
 
+Checker groups
+------------------------------------------------
+Checker groups allow you to enable checkers that share a common prefix in
+their names. Checkers within a group will have names that start with the same
+identifier, making it easier to manage and reference related checkers.
+
+You can enable/disable checkers belonging to a group: '-e <label>:<value>',
+e.g. '-e group:security'.
+
+Note: The 'group' label is mandatory when there is ambiguity between the
+name of a checker group and a checker profile or a guideline. This prevents
+conflicts and ensures the correct checkers are applied.
+
+See "CodeChecker checkers --help" to learn more.
+
 Checker labels
 ------------------------------------------------
 Each checker is assigned several '<label>:<value>' pairs. For instance,
@@ -652,6 +667,10 @@ def add_arguments_to_parser(parser):
 You can enable/disable checkers belonging to a label: '-e <label>:<value>',
 e.g. '-e profile:default'.
 
+Note: The 'profile' label is mandatory when there is ambiguity between the
+name of a checker profile and a checker group or a guideline. This prevents
+conflicts and ensures the correct checkers are applied.
+
 See "CodeChecker checkers --help" to learn more.
 
 Guidelines
@@ -667,6 +686,10 @@ def add_arguments_to_parser(parser):
 Guidelines are labels themselves, and can be used as a label:
 '-e guideline:<value>', e.g. '-e guideline:sei-cert'.
 
+Note: The 'guideline' label is mandatory when there is ambiguity between the
+checker guideline and a checker profile or guideline. This helps prevent
+conflicts and ensures the correct checkers are applied.
+
 Batch enabling/disabling checkers
 ------------------------------------------------
 You can fine-tune which checkers to use in the analysis by setting the enable

diff --git a/analyzer/tests/unit/test_checker_handling.py b/analyzer/tests/unit/test_checker_handling.py
@@ -42,6 +42,10 @@ def checkers_by_labels(self, labels):
         if labels[0] == 'profile:security':
             return ['alpha.security']
 
+        if labels[0] == 'profile:sensitive':
+            return ['alpha.core.BoolAssignment',
+                    'alpha.core.TestAfterDivZero']
+
         if labels[0] == 'guideline:sei-cert':
             return ['alpha.core.CastSize', 'alpha.core.CastToStruct']
 
@@ -154,6 +158,10 @@ def f(checks, checkers):
                 'alpha.security.ArrayBound',
                 'alpha.security.MallocOverflow']
 
+        sensitive_profile_alpha = [
+                    'alpha.core.BoolAssignment',
+                    'alpha.core.TestAfterDivZero']
+
         # "default" profile.
         default_profile = [
                 'security.FloatLoopCounter',
@@ -175,6 +183,7 @@ def f(checks, checkers):
 
         checkers = []
         checkers.extend(map(add_description, security_profile_alpha))
+        checkers.extend(map(add_description, sensitive_profile_alpha))
         checkers.extend(map(add_description, default_profile))
         checkers.extend(map(add_description, cert_guideline))
         checkers.extend(map(add_description, statisticsbased))
@@ -199,7 +208,7 @@ def f(checks, checkers):
 
         # Enable alpha checkers explicitly.
         cfg_handler = ClangSA.construct_config_handler(args)
-        cfg_handler.initialize_checkers(checkers, [('alpha', True)])
+        cfg_handler.initialize_checkers(checkers, [('group:alpha', True)])
         self.assertTrue(all_with_status(CheckerState.ENABLED)
                         (cfg_handler.checks(), security_profile_alpha))
         self.assertTrue(all_with_status(CheckerState.ENABLED)
@@ -216,10 +225,15 @@ def f(checks, checkers):
 
         # Enable "security" profile checkers without "profile:" prefix.
         cfg_handler = ClangSA.construct_config_handler(args)
-        cfg_handler.initialize_checkers(checkers,
-                                        [('security', True)])
+        with self.assertRaises(SystemExit) as e:
+            cfg_handler.initialize_checkers(checkers, [('security', True)])
+        self.assertEqual(e.exception.code, 1)
+
+        # Enable "sensitive" profile checkers without "profile:" prefix.
+        cfg_handler = ClangSA.construct_config_handler(args)
+        cfg_handler.initialize_checkers(checkers, [('sensitive', True)])
         self.assertTrue(all_with_status(CheckerState.ENABLED)
-                        (cfg_handler.checks(), security_profile_alpha))
+                        (cfg_handler.checks(), sensitive_profile_alpha))
         self.assertTrue(all_with_status(CheckerState.ENABLED)
                         (cfg_handler.checks(), default_profile))
 
@@ -232,8 +246,7 @@ def f(checks, checkers):
 
         # Enable "sei-cert" guideline checkers.
         cfg_handler = ClangSA.construct_config_handler(args)
-        cfg_handler.initialize_checkers(checkers,
-                                        [('sei-cert', True)])
+        cfg_handler.initialize_checkers(checkers, [('sei-cert', True)])
         self.assertTrue(all_with_status(CheckerState.ENABLED)
                         (cfg_handler.checks(), cert_guideline))
 
@@ -244,13 +257,6 @@ def f(checks, checkers):
         self.assertTrue(all_with_status(CheckerState.DISABLED)
                         (cfg_handler.checks(), cert_guideline))
 
-        # Disable "sei-cert" guideline checkers.
-        cfg_handler = ClangSA.construct_config_handler(args)
-        cfg_handler.initialize_checkers(checkers,
-                                        [('sei-cert', False)])
-        self.assertTrue(all_with_status(CheckerState.DISABLED)
-                        (cfg_handler.checks(), cert_guideline))
-
         cfg_handler = ClangSA.construct_config_handler(args)
         cfg_handler.initialize_checkers(checkers,
                                         [('default', False),

diff --git a/docs/analyzer/user_guide.md b/docs/analyzer/user_guide.md
@@ -389,6 +389,21 @@ checker configuration:
   Note that compiler errors and warnings are captured by CodeChecker only if it
   was emitted by clang-tidy.
 
+  Checker groups
+  ------------------------------------------------
+  Checker groups allow you to enable checkers that share a common prefix in
+  their names. Checkers within a group will have names that start with the same
+  identifier, making it easier to manage and reference related checkers.
+  
+  You can enable/disable checkers belonging to a group: '-e <label>:<value>',
+  e.g. '-e group:security'.
+  
+  Note: The 'group' label is mandatory when there is ambiguity between the
+  name of a checker group and a checker profile or a guideline. This prevents
+  conflicts and ensures the correct checkers are applied.
+  
+  See "CodeChecker checkers --help" to learn more.
+
   Checker labels
   ------------------------------------------------
   Each checker is assigned several '<label>:<value>' pairs. For instance,
@@ -397,6 +412,10 @@ checker configuration:
 
   You can enable/disable checkers belonging to a label: '-e <label>:<value>',
   e.g. '-e profile:default'.
+  
+  Note: The 'profile' label is mandatory when there is ambiguity between the
+  name of a checker profile and a checker group or a guideline. This prevents
+  conflicts and ensures the correct checkers are applied.
 
   See "CodeChecker checkers --help" to learn more.
 
@@ -412,6 +431,10 @@ checker configuration:
 
   Guidelines are labels themselves, and can be used as a label:
   '-e guideline:<value>', e.g. '-e guideline:sei-cert'.
+  
+  Note: The 'guideline' label is mandatory when there is ambiguity between the
+  name of a guideline and a checker group or a checker profile. This prevents 
+  conflicts and ensures the correct checkers are applied.
 
   Batch enabling/disabling checkers
   ------------------------------------------------