[thirdparty/systemd.git] / docs / CODE_QUALITY.md

---
title: Code Quality Tools
category: Contributing
layout: default
SPDX-License-Identifier: LGPL-2.1-or-later
---

# Code Quality Tools

The systemd project has a number of code quality tools set up in the source
tree and on the github infrastructure. Here's an incomprehensive list of the
available functionality:

1. Use `meson test -C build` to run the unit tests. Some tests are skipped if
   no privileges are available, hence consider also running them with `sudo
   meson test -C build`. A couple of unit tests are considered "unsafe" (as
   they change system state); to run those too, build with `meson setup
   -Dtests=unsafe`. Finally, some unit tests are considered to be very slow,
   build them too with `meson setup -Dslow-tests=true`. (Note that there are a
   couple of manual tests in addition to these unit tests.) (Also note: you can
   change these flags for an already set up build tree, too, with "meson
   configure -C build -D…".)

2. Use `./test/run-integration-tests.sh` to run the full integration test
   suite. This will build OS images with a number of integration tests and run
   them using `systemd-nspawn` and `qemu`. Requires root.

3. Use `./coccinelle/run-coccinelle.sh` to run all
   [Coccinelle](http://coccinelle.lip6.fr/) semantic patch scripts we ship. The
   output will show false positives, hence take it with a pinch of salt.

4. Use `./tools/find-double-newline.sh recdiff` to find double newlines. Use
   `./tools/find-double-newline.sh recpatch` to fix them. Take this with a grain
   of salt, in particular as we generally leave foreign header files we include in
   our tree unmodified, if possible.

5. Similar use `./tools/find-tabs.sh recdiff` to find TABs, and
   `./tools/find-tabs.sh recpatch` to fix them. (Again, grain of salt, foreign
   headers should usually be left unmodified.)

6. Use `ninja -C build check-api-docs` to compare the list of exported symbols
   of `libsystemd.so` and `libudev.so` with the list of man pages. Symbols
   lacking documentation are highlighted.

7. Use `ninja -C build update-hwdb` and `ninja -C build update-hwdb-autosuspend`
   to automatically download and import the PCI, USB, and OUI databases and the
   autosuspend quirks into the hwdb.

8. Use `ninja -C build update-man-rules` to update the meson rules for building
   man pages automatically from the docbook XML files included in `man/`.

9. There are multiple CI systems in use that run on every github pull request
   submission or update.

10. [Coverity](https://scan.coverity.com/) is analyzing systemd `main` branch
    in regular intervals. The reports are available
    [online](https://scan.coverity.com/projects/systemd).

11. [OSS-Fuzz](https://github.com/google/oss-fuzz) is continuously fuzzing the
    codebase. Reports are available
    [online](https://oss-fuzz.com/testcases?project=systemd&open=yes).
    It also builds
    [coverage reports](https://oss-fuzz.com/coverage-report/job/libfuzzer_asan_systemd/latest)
    daily.

12. Our tree includes `.editorconfig`, `.dir-locals.el` and `.vimrc` files, to
    ensure that editors follow the right indentiation styles automatically.

13. When building systemd from a git checkout the build scripts will
    automatically enable a git commit hook that ensures whitespace cleanliness.

14. [CodeQL](https://codeql.github.com/) analyzes each PR and every commit
    pushed to `main`. The list of active alerts can be found
    [here](https://github.com/systemd/systemd/security/code-scanning).

15. Each PR is automatically tested with [Address Sanitizer](https://clang.llvm.org/docs/AddressSanitizer.html)
    and [Undefined Behavior Sanitizer](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html).
    See [Testing systemd using sanitizers](/TESTING_WITH_SANITIZERS)
    for more information.

16. Fossies provides [source code misspelling reports](https://fossies.org/features.html#codespell).
    The systemd report can be found [here](https://fossies.org/linux/misc/systemd/codespell.html).

Access to Coverity and oss-fuzz reports is limited. Please reach out to the
maintainers if you need access.
Commit	Line	Data
c3e270f4 FB	1	---
c3e270f4 FB	2	title: Code Quality Tools
4cdca0af	3	category: Contributing
b41a3f66	4	layout: default
0aff7b75	5	SPDX-License-Identifier: LGPL-2.1-or-later
c3e270f4 FB	6	---
c3e270f4 FB	7
7c2c028c LP	8	# Code Quality Tools
	9
	10	The systemd project has a number of code quality tools set up in the source
	11	tree and on the github infrastructure. Here's an incomprehensive list of the
	12	available functionality:
	13
8b08be40	14	1. Use `meson test -C build` to run the unit tests. Some tests are skipped if
7c2c028c	15	no privileges are available, hence consider also running them with `sudo
8b08be40 LP	16	meson test -C build`. A couple of unit tests are considered "unsafe" (as
8b08be40 LP	17	they change system state); to run those too, build with `meson setup
7c2c028c	18	-Dtests=unsafe`. Finally, some unit tests are considered to be very slow,
8b08be40 LP	19	build them too with `meson setup -Dslow-tests=true`. (Note that there are a
	20	couple of manual tests in addition to these unit tests.) (Also note: you can
	21	change these flags for an already set up build tree, too, with "meson
	22	configure -C build -D…".)
7c2c028c LP	23
	24	2. Use `./test/run-integration-tests.sh` to run the full integration test
	25	suite. This will build OS images with a number of integration tests and run
bed1feaf	26	them using `systemd-nspawn` and `qemu`. Requires root.
7c2c028c LP	27
	28	3. Use `./coccinelle/run-coccinelle.sh` to run all
	29	[Coccinelle](http://coccinelle.lip6.fr/) semantic patch scripts we ship. The
	30	output will show false positives, hence take it with a pinch of salt.
	31
	32	4. Use `./tools/find-double-newline.sh recdiff` to find double newlines. Use
	33	`./tools/find-double-newline.sh recpatch` to fix them. Take this with a grain
	34	of salt, in particular as we generally leave foreign header files we include in
	35	our tree unmodified, if possible.
	36
	37	5. Similar use `./tools/find-tabs.sh recdiff` to find TABs, and
	38	`./tools/find-tabs.sh recpatch` to fix them. (Again, grain of salt, foreign
	39	headers should usually be left unmodified.)
	40
e8a68817 ZJS	41	6. Use `ninja -C build check-api-docs` to compare the list of exported symbols
e8a68817 ZJS	42	of `libsystemd.so` and `libudev.so` with the list of man pages. Symbols
7c2c028c LP	43	lacking documentation are highlighted.
7c2c028c LP	44
e8a68817 ZJS	45	7. Use `ninja -C build update-hwdb` and `ninja -C build update-hwdb-autosuspend`
	46	to automatically download and import the PCI, USB, and OUI databases and the
	47	autosuspend quirks into the hwdb.
7c2c028c	48
e8a68817 ZJS	49	8. Use `ninja -C build update-man-rules` to update the meson rules for building
e8a68817 ZJS	50	man pages automatically from the docbook XML files included in `man/`.
7c2c028c	51
e8a68817 ZJS	52	9. There are multiple CI systems in use that run on every github pull request
e8a68817 ZJS	53	submission or update.
7c2c028c	54
df1f621b ZJS	55	10. [Coverity](https://scan.coverity.com/) is analyzing systemd `main` branch
df1f621b ZJS	56	in regular intervals. The reports are available
7c2c028c LP	57	[online](https://scan.coverity.com/projects/systemd).
7c2c028c LP	58
7d7c92ef	59	11. [OSS-Fuzz](https://github.com/google/oss-fuzz) is continuously fuzzing the
7c2c028c	60	codebase. Reports are available
7d7c92ef EV	61	[online](https://oss-fuzz.com/testcases?project=systemd&open=yes).
	62	It also builds
	63	[coverage reports](https://oss-fuzz.com/coverage-report/job/libfuzzer_asan_systemd/latest)
	64	daily.
7c2c028c	65
8b9e4b21	66	12. Our tree includes `.editorconfig`, `.dir-locals.el` and `.vimrc` files, to
5cadf58e	67	ensure that editors follow the right indentiation styles automatically.
8b9e4b21 LP	68
8b9e4b21 LP	69	13. When building systemd from a git checkout the build scripts will
5cadf58e	70	automatically enable a git commit hook that ensures whitespace cleanliness.
8b9e4b21	71
0b0cdb16 YW	72	14. [CodeQL](https://codeql.github.com/) analyzes each PR and every commit
	73	pushed to `main`. The list of active alerts can be found
	74	[here](https://github.com/systemd/systemd/security/code-scanning).
8cc9d188	75
c9a95378 FS	76	15. Each PR is automatically tested with [Address Sanitizer](https://clang.llvm.org/docs/AddressSanitizer.html)
c9a95378 FS	77	and [Undefined Behavior Sanitizer](https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html).
0d592a5e	78	See [Testing systemd using sanitizers](/TESTING_WITH_SANITIZERS)
c9a95378 FS	79	for more information.
c9a95378 FS	80
2f0a427b	81	16. Fossies provides [source code misspelling reports](https://fossies.org/features.html#codespell).
df1f621b	82	The systemd report can be found [here](https://fossies.org/linux/misc/systemd/codespell.html).
2f0a427b	83
8cc9d188 EV	84	Access to Coverity and oss-fuzz reports is limited. Please reach out to the
8cc9d188 EV	85	maintainers if you need access.