The find-prefix infrastructure was required in a pkgviews world where
packages installed from pkgsrc could have different installation
prefixes, and this was a way for a dependency prefix to be determined.
Now that pkgviews has been removed there is no longer any need for the
overhead of this infrastructure. Instead we use BUILDLINK_PREFIX.pkg
for dependencies pulled in via buildlink, or LOCALBASE/PREFIX where the
dependency is coming from pkgsrc.
Provides a reasonable performance win due to the reduction of `pkg_info
-qp` calls, some of which were redundant anyway as they were duplicating
the same information provided by BUILDLINK_PREFIX.pkg.
Issues found with existing distfiles:
distfiles/eclipse-sourceBuild-srcIncluded-3.0.1.zip
distfiles/fortran-utils-1.1.tar.gz
distfiles/ivykis-0.39.tar.gz
distfiles/enum-1.11.tar.gz
distfiles/pvs-3.2-libraries.tgz
distfiles/pvs-3.2-linux.tgz
distfiles/pvs-3.2-solaris.tgz
distfiles/pvs-3.2-system.tgz
No changes made to these distinfo files.
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
General changes:
- Added flag --platform=native, when it is used type sizes and behaviour of
host system are used
- Backward compatibility for Libary files is now working. Future cppcheck
versions will be able to use libraries written for previous versions
- Windows 32 bit builds now set /LARGEADDRESSAWARE, so that they can use up to
4 GiB
New checks:
- Detect bad bitmask checks (usage of | where & should be used)
- Suggest usage of "explicit" for constructors with a single parameter
- Suggest usage of make_shared/make_unique
- Warn about usage of malloc with auto_ptr
- Detect redundant pointer operations like &*ptr
Improvements:
- Support std::array (C++11)
- Detect same expressions in both branches of a ternary operator
- New <container>-tags in libraries to configure STL (and similar) container
types
- Several improvements to ValueFlow analysis (for example support for default
function arguments)
- Improved buffer overrun and memory leak checking
- Removed a bunch of redundant checking code
- Removed several simplifications
- Stronger matching of library functions
- Lots of additions to std.cfg and posix.cfg
- New library for Microsoft SAL (microsoft_sal.cfg)
- Improved C++11 template parsing (">>" as closing brackets, variadic
templates)
- Added statistics to htmlreport
GUI:
- Fixed language selection
Additionally, lots of false positives and bugs have been fixed and several
existing checks have been improved.
== Cppcheck-1.68 ==
General changes:
New checks:
- Multifile checking for buffer overruns and uninitialized variables
Improvements:
- Libraries are now able to contain platform specific types
- Improved handling of function overloads
- Improved handling of integer literal suffixes
- Improved stability of template parsing
- Improved accuracy of ValueFlow analysis
- Improved checking of pointer overflow
- Support noexcept(false)
- Support attribute((noreturn))
- A bunch of additions to several Libraries, especially posix.cfg and qt.cfg
Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.
== Cppcheck-1.67 ==
General changes:
- Library files have now a 'format' attribute. Format version 1 is assumed by default
- Cppcheck does no longer abort checking if unhandled characters (Non-ASCII) are found
New checks:
- Check for unused return values
- Detect shift by too many bits, signed integer overflow and dangerous sign conversion
- Recommend usage of expm1(), log1p(), erfc()
- Division by sizeof() as parameter to memset/memcpy/memmove/etc. as they expect a size in bytes
- Several new va_arg related checks:
-- Wrong parameter passed to va_start()
-- Reference passed to va_start()
-- Missing va_end()
-- Using va_list before it is opened
-- Subsequent calls to va_start/va_copy()
- Initialization by itself in initializer list
- Dead pointer usage when pointer alias local variable that has gone out of scope
Improvements:
- Support uniform initialization syntax (C++11)
- Much improvements to value flow analysis
- Improved AST creation (support placement new, C++-style casts, templates, operator new[], ...)
- Improved lambda support
- Support GCC extension attriute((used)) and MSVC extension __declspec(property)
- Better support for static member variables, inherited variables and namespaces
- Improved typedef support where multiple variables are declared at once
- Avoid checking code multiple times by calculating a checksum. Duplicate preprocessor configurations are eliminated by this.
- Support C++03/C 'auto' keyword
- HTML report: display 'verbose' message using clickable expandable divs
Cppcheck-1.66 has been released.
New checks:
- Compare pointer with '\0'
- Assigning boolean expression to floating point variables
Improvements:
- Much improved AST
- Much improved ValueFlow analysis
- ValueFlow and AST now used by much more checks, improving checking
accuracy and performance
- Checking for self assignment now supports more complex expressions
- Returning references to literals or references to calculation
results is detected
- Enhanced support for commutative operators in duplicate expression
checking
- Improved template/enum parsing
- Much improved htmlreport
- Definition of POD types in .cfg files
- Definition of minsize for buffer arguments in .cfg files for
buffer overflow checking
- Fixed handling of #error: Do not report them if -f and -D are
used together
- New .cfg file for AVR platform
- Generate xml dump of AST/ValueFlow/SymbolDatabase/TokenList if
--dump is given
- Improved performance in several cases
- Windows Builds: Now compiled with VS2013, linked against Qt 5.3.1
GUI:
- Platform settings are being saved now
- Improved handling of (invalid) .cfg files
- Use Win32W as default platform on Windows
Additionally, a large number of false positives and crashs has been
fixed.
Cppcheck-1.65 has been released.
General changes:
Cppcheck requires a C++11 compiler supporting the common subset
of features supported by GCC 4.4, Visual Studio 2010 and Clang
2.9
Problems with packaging and windows installer introduced in
last release were fixed
Improvements:
Much improved support of complex combinations of function
pointers, arrays and references
Better handling of syntax errors
Better detection of stack variables passed to free()
Much improved value flow analysis
More robust error detection in several checks due to usage of
AST
Better handling of unknown Macros in function declarations
Allocation/Deallocation functions can be extend across different
.cfg files
Better handling of some C++11 language features like enum class,
in-class member initializers
Detect calling (std::)abs() with bool argument
New checks:
Check for noexcept and __attribute__((nothrow)) correctness
Check for unhandled exceptions when exception specifiers are
used
Access to empty STL containers
Repositioning operation on a file opened in append mode
Find nested redundant if-statements (was experimental before)
Additionally, a large number of false positives and crashs has been
fixed.
cppcheck-1.64 has been released.
Value Flow
A new value flow analysis has been added. It is generic so the same
analysis can be reused by various checkers - previously many checkers
have had their own value flow and control flow analysis. The new
value flow analysis performs context sensitive cross-function
analysis. All checkers that uses this will automatically have
cross-function context sensitive value flow analysis. The new
analysis is gradually introduced in the checkers - the old analysis
in a checker is kept until it is redundant.
The new value flow analysis is so far used to detect:
division by zero
null pointer dereference
array index out of bounds
invalid function argument
Other Improvements
Improved configurations for gtk, posix, sdl, std, windows
Warn when using negative allocation size
Check 2nd parameter for memset
Cppcheck-1.63 has been released.
Maintainers:
The .cfg files are needed by cppcheck. Either put them in a subfolder
cfg
where the binary is. Otherwise compile cppcheck with CFGDIR to
specify an
arbitrary path where you put the .cfg files.
New check:
* Using pointer addition result in condition 'if (p+1)' - either
a dereference
is forgotten or it depends on UB (the result is only 0 if there is
overflow,
which is UB).
Improved checks:
* Leaks - ignoring return value of allocation function
* Uninitialized vars - check how uninitialized malloc data is used
* Rewritten 'calculation in sizeof' using syntax tree
* Rewritten 'clarify calculation' using syntax tree
* Rewritten 'logical disjunction' using syntax tree
* Rewritten 'duplicate expressions' using syntax tree
* Rewritten 'invalidFunctionUsage' that uses the *.cfg files
GUI:
* Library files can be enabled in the project dialog
* Suppressions can be specified in the project dialog
Other:
* Cppcheck is now continuosly scanning all the source code in the
debian archive.
Results: http://cppcheck.sourceforge.net/devinfo/daca2-report/daca2.html
* Fixes of templates handling, hangs, crashes and false positives
cppcheck-1.62
New checks
* Divide with variable and then compare to see if variable is 0
* Duplicated inherited member
Improved checking:
* handling of >> in templates
* format string checking
* comparing bool result with integer
* standard isgreater()/islower() functions
* standard math functions
* reassigning struct members
Htmlreport
xml-version 2 is now handled
New checks:
* arithmetical usage of inf/nan result
* suspicious usage of comma in return statement
* sizeof(void)
Improved checking:
* better simplification of strlen
* improved handling of array member variables 'x[y].z..'
* Specific improvements in checks for buffer overruns, format
strings, uninitialized variables
Command line:
* Using both --max-configs and -D. Normally when -D is used, Cppcheck
will only check the given configuration. By using --max-configs
also, you can tell Cppcheck to check more configurations.
* Added --library and --check-library.
Graphical user interface:
* Somewhat improved response when stopping checking
Cppcheck core:
* Extending checking with configuration files. Cppcheck has internal
knowledge for standard C/C++ functions. Knowledge for libraries
and environments can be specified using configuration files.
* Rules: added <tokenlist> that allow you to check 'raw' code and
'normal' code. In the 'raw' code, the comments and #include are
already taken care of, but the #define statements can be analysed.
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.
While doing that, also bump freetype2 dependency to current pkgsrc
version.
Suggested by tron in PR 47882
Commandline/Settings changes:
* New option to enable warnings but not style messages: --enable=warning
* Cppcheck used to skip includes where the header filename is enclosed in <>. You can now include these headers also by using -I. It is still not required to include these headers so feel free to try it and then include the headers that give you the best results. The biggest problem with including many headers is that analysis gets slow.
New checks:
* New POSIX checks: pipe() buffer size, redundant calls of set/get user id, too big value passed to usleep(), buffer overflow when using write()
* Storing getc() return value in char variable and comparing to EOF.
* Detect redundant bitand operations
* Find suspicious equality comparisons like: if(a == 0) a == 1;
* Warn about using malloc() for classes containing virtual methods, std::-objects or constructors
* Portability check that warns when using NULL as argument to variadic function. It has undefined behaviour on some implementations.
Improvements:
* Improved lookup for functions and types
* Switched to TinyXml2 as XML library
* Improved checking for uninitialized struct members, variable scopes that can be reduced and unused functions
GUI:
* Remember last path in open file dialog
* Added command line parameter to open a results file
* Bug in statistic calculation fixed
Additionally, lots of false positives and bugs have been fixed and several existing checks have been improved.
* Drop cmake support (upstream does not cmake anymore)
* To build GUI, qmake is needed
Changelog:
* Bug fixes
* Many improvements
* Improve translations
Release notes for 1.48
There are no major new features in 1.48. There are more and better
checks.
New check: Wrong usage of ! operator in conditions. Example: if
(!x == 0) {
New check: Use "throw" without arguments to rethrow exceptions.
New check: Comparison of substring with string literal will
always/never match because size doesn't match.
New check: Postfix increment of boolean
New check: Clarify condition with parantheses (when there are
assignment + comparison) Example: if (a = b > 0) {
Release notes for 1.47
It is now possible to exclude files and folders from the analysis.
Use -i on the command line (i=ignore).
Custom rules can now be created using regular expressions. To read
more about creating custom rules, see
http://sourceforge.net/projects/cppcheck/files/Articles/
A new XML format is launched. To use this format, the --xml-version=2
is used. The new xml format is incompatible with the xml format
used in previous versions. The old XML format will still be used
unless --xml-version=2 is given, so your existing scripts, tools
and plugins should still work.
New check: sizeof used on array variable that is a function parameter.
The expected bahaviour is most likely that the sizeof result is
the size of the array, but the actual sizeof result is the size of
the pointer.
New check: catching exception by value. It is better to catch by
reference for various reasons.
New check: memset calls filling 0 bytes. The given size might be
wrong.
Release notes for 1.46
This release has improvements and bug fixes.
We fixed 153 tickets, and that is a somewhat "usual" number for a Cppcheck release.
The report has been improved. New severities were added to make the messages more informational. The possible severities are now:
* error
* warning
* style
* performance
This has no effect on the command line flags nor the xml report. The command line flags and the xml report is fully compatible with previous versions.
These are the new checks that were added:
* detect dangerous usage of string::c_str()
* warn for unused variable when only doing malloc/free
* warn when assert has side effects
* warn for mutual exclusion over ||. The condition is always false. Example: 'if (x != 1 || x != 4)'
More details about all the fixed tickets can be found here:
http://sourceforge.net/apps/trac/cppcheck/milestone/1.46
Release notes for 1.46.1
Fix segmentation fault.
cppcheck is a tool for static C/C++ code analysis intended to
complement the checking of the compiler. It checks for memory
leaks, mismatching allocation-deallocation, buffer overrun, unused
functions, coding style, and much more.
