Set up the continuous analysis
2. If not already signed in, sign in to GitHub.
You'll be redirected to the GitHub authorization page for TrustInSoft CI to be granted access to your GitHub projects:
Note: TrustInSoft CI requests both Read & Write access to your public repositories but TrustInSoft CI will never write to them. Requiring Write access on top of Read is a known limitation of the GitHub API.
3. Optionally grant access to any of your GitHub organizations, that own C and C++ projects, by clicking Grant.
4. Click Authorize TrustInSoft.
You'll be redirected to TrustInSoft CI.
1. After sign-in in TrustInSoft CI, you are redirected to your Dashboard that gathers all your recent activity.
2. To add a project, you can directly click on
Create your first projectin the
Last activitysection here, or you can go to the Projects page and click on the
Add projectbutton (on the top-right corner of the screen):
3. Then, select the project demo-caesar and click on
Add and select branch:
4. Now, select the master branch.
statusnotifies the branch does not have (yet) a configuration required to run a build in TrustInSoft CI. So click on the
Add and create configurationbutton to create this missing configuration.
After clicking on
Add and create configuration, you will be redirected to the Build configuration page of your project.
The configuration is split instead two steps:
- The optional Build preparation stage (to execute an arbitrary Bash script before the run a build): this stage is not required for this tutorial.
- The required Analyses configuration, which describes how to perform analyses.
1. Skip the
Build preparationsection, and scroll down to the
Here we are using the Global configuration, allowing us to specify a configuration directly on TrustInSoft CI without modifying the repository. Later, you may want to use a Committed configuration by writing this configuration in files committed in your repository.
You can learn more about the advantages of each kind of configuration in the Configuration files section.
Now, you will have to write an Analyses configuration, which is defined as a sort of "light" specification in JSON of your analyses.
For each analysis, TrustInSoft CI will emulate a user-defined hardware architecture and propagate the program's input values, statement by statement, from the beginning until the entry point function returns or an undefined behavior has been detected.
2. Copy the following Analyses configuration:
"name": "Test shift values 7 and -3",
"files": [ "main.c", "caesar.c" ],
"cpp-extra-args": "-I ."
In the demo-caesar repository, the source files
caesar.cinclude a test, which encrypts and decrypts the string "People of Earth, your attention please", using 2 different shift values -3 and 7.
This Analyses configuration provides both the source files in the
"files"field, and the compilation options (used by TrustInSoft CI to preprocess these source files) in the
"name"field is only cosmetic to easily identify the analysis in the results table later.
3. Click on
Add referenceto save the changes and add the
If you did not change the project settings, a build will automatically be run for the
masterbranch and you will be redirected to the page of this build.
After adding a reference, each new group of commits pushed on GitHub on this reference will also trigger a new build. This behavior can be changed in the Project Settings to manually run builds by clicking on the
Run new buildbutton in the Reference page.
1. Wait for the analysis to complete, then look at the results in Build status (see the capture below).
Build Status displays the analyses counts according to four categories with a specific color for each, such as red for Undefined behavior and green for No undefined behavior. In our case, only one analysis has been configured and it is red so an undefined behavior has been found.
2. Click on the only analysis. The detected undefined behavior corresponds to an invalid memory access:
Now that we know that the project demo-caesar contains an undefined behavior, let's understand its root cause!
Last modified 1yr ago