Skip to content

Introduce repo guardrail and fix all prone bugs (tool detection)#897

Open
minminlittleshrimp wants to merge 18 commits into
masterfrom
tooling/code-quality-cleanup
Open

Introduce repo guardrail and fix all prone bugs (tool detection)#897
minminlittleshrimp wants to merge 18 commits into
masterfrom
tooling/code-quality-cleanup

Conversation

@minminlittleshrimp

@minminlittleshrimp minminlittleshrimp commented Jul 11, 2026

Copy link
Copy Markdown
Collaborator
  • Introduce commit policy enforcement, DCO validation, clang-format checks, clang-tidy static analysis, SPDX verification
  • Create local helper script for reproducing pull request checks before submission
  • Update contributor documentation accordingly
  • Apply repository-wide clang-format
  • Fix all remaining tidy check (error and bug-prone)
  • Fix if any bugs/utests/regression tests fail

@minminlittleshrimp minminlittleshrimp self-assigned this Jul 11, 2026
@minminlittleshrimp minminlittleshrimp force-pushed the tooling/code-quality-cleanup branch 4 times, most recently from 7f1d868 to 47029ff Compare July 12, 2026 15:09

@fizzl fizzl left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In principle, lgtm, but there is a lot of noise in unrelated files, that make me a bit wary.
Reviewer Reifen by attention deficit through repetitive (essentially) whitespace changes could enable intentional malice. Not saying you or this, but in general the PR shape is a bit daunting.

- Introduce commit policy enforcement, DCO validation,
  clang-format checks, clang-tidy static analysis, SPDX
  verification
- Create local helper script for reproducing pull request
  checks before submission
- Update contributor documentation accordingly
- Apply repository-wide clang-format
- Fix all remaining tidy check (error and bug-prone)

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
@minminlittleshrimp minminlittleshrimp force-pushed the tooling/code-quality-cleanup branch from 47029ff to 07612ad Compare July 12, 2026 15:26
- Fix dlt_version.h.cmake: use _STR suffix for version string macros to
  prevent macro redefinition and false-positive #ifdef checks
- Fix sign-conversion warnings in dlt_shm.c (mmap, ftruncate, buffer init)
- Fix shadow warnings: rename local dltShmName to shm_name in dlt-daemon.c
  and dlt_user.c to avoid shadowing global declaration
- Update dlt_common.c and dlt-daemon.c to use _STR version string macros
- Add WITH_SYSTEMD, WITH_SYSTEMD_WATCHDOG, WITH_DLT_SHM_ENABLE to coverage
  and asan build commands in run.sh
- Add build-cov/ to .gitignore

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
Add machine-readable SPDX-License-Identifier: MPL-2.0 headers to all
C/C++ source files in src/, include/, and tests/ for SBOM compliance.
Remove redundant 'SPDX license identifier:' text comments where the
proper SPDX-License-Identifier tag was added.

Update spdx-check.yml to SBOM Check that validates all source files
have SPDX-License-Identifier headers.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
@minminlittleshrimp minminlittleshrimp changed the title Add local and CI code quality validation workflow [DRAFT] Add local and CI code quality validation workflow Jul 12, 2026
@minminlittleshrimp

minminlittleshrimp commented Jul 12, 2026

Copy link
Copy Markdown
Collaborator Author

Hi @fizzl
Thanks for your comment.
You can see more and more contribution PRs are, basically say, from AI support.
I am not an AI-hater, but things must be bounded in a guardrail.
Yet, I am not figuring out how to stop spamming email of contributors about this pipeline failing, let me check this out.

Most of the fixes come from clang-format auto fix and clang tidy fix. So I can say many trailing/spacing change comes from clang-format/pre-commit which has never been triggered by any committer/contributors on pushing these days, unfortunately.

I also using AI-Copilot to support me writing docker env and script for bulk of fixing like wording or sdpx check.

For now I need to do repeated looping from fixing things due to my local setup not support for github-action offline, but at least using docker, as you see what I am doing, make sure things fix before pushing!
Thanks and happy coding

@minminlittleshrimp

Copy link
Copy Markdown
Collaborator Author

Hello @alexander-mohr
Could you please kindly help to check the mac os pipeline.
It would be great if we can bring it up on this large guardrail applying patchsets.
Thanks a lot.

GCC -Werror=unused-result is not suppressed by (void) cast. Replace
with an if-check on the return value.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
@minminlittleshrimp minminlittleshrimp force-pushed the tooling/code-quality-cleanup branch from 0be5825 to 3cd9bca Compare July 12, 2026 16:29
@fizzl

fizzl commented Jul 12, 2026

Copy link
Copy Markdown

Oh don't worry about it. You might have gotten in to the crossfire while I was looking at some ...other... "Contributions" last night 🤣

I have no offence towards AI assisted development. Maybe towards AI assisted communication.

My gripe here is the large scope of files seemingly unrelated to the stated goal of the change.
It is definitely good to fix the formatting also, but it is very hard to separate the chaff from the weed, if there are many unrelated files changed. So, what I propose, is to separate the formatting changes from the meat of the actual change you are intending to do.

I'm not even an approver here. Just opinionated guy who used to work on this thing like 15 years ago 🤣

The major friction here, is that a malevolent actor could try to smuggle in changes disguised as "formatting". Again. Not this. Not you. In general.

It is easier to review the code, if changes reflect exactly your stated intention.

@minminlittleshrimp

minminlittleshrimp commented Jul 12, 2026

Copy link
Copy Markdown
Collaborator Author

Oh don't worry about it. You might have gotten in to the crossfire while I was looking at some ...other... "Contributions" last night 🤣

I have no offence towards AI assisted development. Maybe towards AI assisted communication.

My gripe here is the large scope of files seemingly unrelated to the stated goal of the change. It is definitely good to fix the formatting also, but it is very hard to separate the chaff from the weed, if there are many unrelated files changed. So, what I propose, is to separate the formatting changes from the meat of the actual change you are intending to do.

I'm not even an approver here. Just opinionated guy who used to work on this thing like 15 years ago 🤣

The major friction here, is that a malevolent actor could try to smuggle in changes disguised as "formatting". Again. Not this. Not you. In general.

It is easier to review the code, if changes reflect exactly your stated intention.

Thanks for the kindness and useful comment.
Yes it very annoying to see First-contributor with AI-Coauthor and a lot of nonsense garbage code added, no fighting, but it true and make me headache. So here I come the pipelines to make checking cheaper and faster.

I actually also not a main maintainer here anymore, but I contribute on my passion for it since working with it 5 years now, and I am also the one build up pipelines ci/cd for coverage and testing. I shall take your comment as a senior advice and notice on the fix next time. For now I separate them in many commits but still it a large file changes with some unrelated changes, honestly bad for any reviewers to bump on their head: "WTF". Cross-finger!

@minminlittleshrimp minminlittleshrimp changed the title [DRAFT] Add local and CI code quality validation workflow [DRAFT] Introduce repo guardrail and fix all existing bugs Jul 12, 2026
- Fix heap-buffer-overflow in dlt_logstorage_list_add test: use
  DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN sized buffers instead of undersized
  char variables
- Fix memory leak in dlt-daemon.c: free buffer on error paths in
  dlt_daemon_process_user_message_register_app_v2
- Fix heap-buffer-overflow in dlt_event_handler_enable_fd: handle
  max_nfds==0 case by defaulting to 2
- Fix semicolon bug in dlt_filetransfer.c DLT_LOG macro calls that
  prematurely terminated the macro argument list
- Fix null pointer dereference in dlt_user.c: replace intentional
  NULL deref with abort() in DLT_LOG_FATAL_RESET_TRAP
- Fix heap-buffer-overflow in gtest_dlt_multiple_files_logging:
  null-terminate buffer before strstr
- Fix memory leak in gtest_dlt_daemon_common: free user_list after
  dlt_daemon_init_user_information
- Fix memory leak in gtest_dlt_common_v2: call dlt_file_free after
  dlt_file_read
- Fix ODR violation in gtest_dlt_daemon_offline_log: use extern for
  g_logstorage_cache_max
- Fix uninitialized buffer in gtest_dlt_common: memset DltBuffer before
  dlt_buffer_increase_size
- Fix cast-qual in gtest_dlt_shm: use const char* for dltShmNameTest

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
- Add auto-recovery in dlt_shm_init_server: if shm_open fails with
  EEXIST, remove stale shm and retry instead of failing
- Add /dev/shm/dlt-shm cleanup to all component test run_test.sh
  scripts to prevent stale shm from previous runs
- Enable WITH_DLT_SHM_ENABLE=ON in coverage, asan, and devtest builds
- Add WITH_DLT_UNIT_TESTS=ON to asan build so tests are discovered
- Set ASAN_OPTIONS in TEST_ENV for tests using daemon shell scripts
  (detect_leaks=0 since daemon is killed with SIGKILL)
- Fix logstorage_fsync LD_PRELOAD with ASan: preload libasan.so before
  logfsync.so using compiler -print-file-name
- Exclude gtest_dlt_user and gtest_dlt_user_v2 from ASan run due to
  known sigaltstack false positive with pthread_cleanup_push

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
- Add -j (nproc) for parallel cppcheck analysis
- Add --cppcheck-build-dir for incremental analysis caching
- Add cppcheck.cfg library file defining DLT_DECLARE_CONTEXT and
  DLT_IMPORT_CONTEXT macros to eliminate unknownMacro false positives
- Add asan_suppressions.txt for known ASan false positives

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
Add build-*, .cppcheck-cache, and dlt_lcov_report to .gitignore.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
Race condition fixes in dlt_user.c:
- Add mutex protection to dlt_user_log_send_log_v2 to prevent concurrent
  access to shared dlt_user state
- Track mutex ownership with thread-local flag (dlt_mutex_held) so the
  pthread_cancel cleanup handler only unlocks dlt_mutex when actually held,
  avoiding undefined behavior
- Add missing rwlock protection in dlt_register_app_v2 and dlt_free for
  trace_load_settings access; fix double-unlock of trace_load_rw_lock in
  dlt_user_log_check_user_message error path
- Replace static buffers with stack-allocated buffers in dlt_user_print_msg
  and dlt_user_print_msg_v2 to prevent data corruption on concurrent calls
- Use atomic_flag for atexit_registered to fix TOCTOU race on initialization

Test fix in gtest_dlt_daemon_offline_log.cpp:
- Fix stack-buffer-overflow in t_dlt_logstorage_get_loglevel_by_key_normal:
  use DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN-sized buffer instead of 4-byte
  char array, as dlt_logstorage_list_add copies
  num_keys * DLT_OFFLINE_LOGSTORAGE_MAX_KEY_LEN bytes

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
- Fix intermittent segfault in t_dlt_message_read_v2.normal caused by
  uninitialized file->msg (V1) struct when using V2 API. dlt_file_init_v2
  now also calls dlt_message_init(&file->msg) and dlt_file_free_v2 now
  also calls dlt_message_free(&file->msg) to prevent free() on garbage
  pointers.
- Fix test to use dlt_file_free_v2 instead of dlt_file_free (V1) when
  V2 API is used.
- Fix DltFile struct tag name (sDltFile -> DltFile) for consistency.
- Add WITH_DLT_TESTS=ON and WITH_DLT_UNIT_TESTS=ON to coverage build.
- Remove --rerun-failed from all ctest invocations to always run the
  full test suite.
- Remove gtest_dlt_user exclusion from ASan (race conditions are fixed).
- Add separate valgrind build target in run.sh (build-valgrind).
- Add gdb and strace to Docker image for debugging.
- Update CI pipeline to use ./docker/run.sh valgrind.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
- Move dlt_stop_threads() before dlt_mutex_lock() in dlt_free() to prevent
  deadlock: the housekeeper thread calls dlt_user_log_resend_buffer() which
  locks dlt_mutex; if dlt_free() holds the mutex while calling
  pthread_join(), the housekeeper blocks on the mutex and pthread_join()
  blocks forever waiting for the housekeeper.
- Fix ASan suppression format: use 'interceptor_via_fun:' instead of 'fun:'
  for __interceptor_sigaltstack (known ASan false positive with
  pthread_create + sigaltstack, see google/sanitizers#734).
- Add suppressions file path to ASAN_OPTIONS in run.sh and CMakeLists.txt.
- Add gdb and strace to Docker image for debugging.
- Add valgrind command to run.sh (separate build-valgrind directory).
- Fix coverage/asan run.sh: add WITH_DLT_TESTS/UNIT_TESTS, remove
  --rerun-failed, remove gtest_dlt_user exclusion (race conditions fixed).
- Rework CI pipeline to use ./docker/run.sh valgrind instead of inline
  docker command.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
- Fix commit-check: checkout PR head SHA instead of merge commit,
  increase subject limit to 100, body line limit to 80
- Fix clang-format violation in dlt_shm.c
- Fix empty translation unit errors in dlt-system-watchdog.c and
  dlt-system-journal.c when WITH_SYSTEMD=OFF
- Fix devtest: add CMAKE_RUNTIME_OUTPUT_DIRECTORY, pass -C flag to
  dlt-logstorage-ctrl, restart daemon if it crashes during logstorage
  connect, add message arg to dlt-example-user-func
- Fix macOS build: use actions/checkout@v4
- Add valgrind command to run.sh

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
The previous command 'ctest -D ExperimentalMemCheck' requires a
DartConfiguration.tcl file and CDash server connection which don't
exist in the CI environment. This caused valgrind to never run.

Fix by:
- Creating a minimal DartConfiguration.tcl with Site and BuildName
- Using --overwrite MemoryCheckCommand=/usr/bin/valgrind
- Using --test-action memcheck instead of -D ExperimentalMemCheck
- Adding || true so memory defects don't fail the pipeline

All 21 tests now run under valgrind successfully.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
Homebrew no longer provides gcc-15 at the expected path. The CI
fails with 'is not a full path to an existing compiler tool'
because gcc-15 is not installed.

Fix by dynamically detecting the latest gcc version available
in the Homebrew gcc bin directory using ls and sort -V, then
deriving the CXX compiler path from the CC path.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
Fix set -euo pipefail issue in commit-check.yml: grep commands that
return non-zero caused immediate exit before the if-check could handle
the result. Replaced 'cmd; if [ $? -ne 0 ]' with 'if ! cmd' pattern.

Update check.sh run_commit_check to validate all pipeline commits (not
just the last one) with the same rules as CI: merge commit rejection,
subject length <=100, no trailing period, no fixup/squash, imperative
verb, Signed-off-by, blank line after subject, body lines <=80 chars.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
The daemon crashes during logstorage disconnect (Case 3) due to a
pre-existing bug. The script only restarted after the connect crash,
not the disconnect crash, leaving no daemon running for Cases 5-10.
This caused dlt-adaptor-stdin (Case 6) to hang indefinitely on the
FIFO open, timing out the CI pipeline.

Add a daemon restart check after the logstorage disconnect, mirroring
the existing check after the connect.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
@minminlittleshrimp minminlittleshrimp force-pushed the tooling/code-quality-cleanup branch from c59b475 to 1ee3a55 Compare July 13, 2026 08:13
Apply clang-format to fix formatting in dlt_common.c,
dlt-system-filetransfer.c, dlt-system-journal.c, and
dlt-system-watchdog.c.

Fix macOS build: correct CXX path derivation from CC

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
@minminlittleshrimp

Copy link
Copy Markdown
Collaborator Author

@santhoshsivanhere
Hello Santhosh, please kindly support this topic.
Let bring this review PR for AI-guardrail inside dlt-daemon as an urgent topic that we must freeze other PRs and proceed this first. I propose a new version minor release from this, v3.1.0, where the such pipelines heavily against AI-generated PRs.
Thanks and happy coding :))

@minminlittleshrimp minminlittleshrimp changed the title [DRAFT] Introduce repo guardrail and fix all existing bugs [DRAFT] Introduce repo guardrail and fix all prone bugs (tool detection) Jul 13, 2026
@minminlittleshrimp minminlittleshrimp force-pushed the tooling/code-quality-cleanup branch from 1ee3a55 to 4a5231d Compare July 13, 2026 09:28
@minminlittleshrimp

Copy link
Copy Markdown
Collaborator Author

Latest update on this topic: Currently disable MacOS pipeline until contributors support can bring it up.
Pipelines: New pipe added utilizing the clang toolchain for format, tidy, cppcheck ... and bounding commit rules, with UTest and Regression Test running under debug mode (ASAN, valgrind all enabled)
Bosch Maintainers shall sync weekly to support proceeding this topic further
Thanks all

Fix resource leak in dlt_filetransfer.c: fclose(file) was missing
before two early returns when fileCancelTransferFlag was set.

Update check.sh cppcheck to not fail on warnings or style issues.
Remove --error-exitcode=1 and instead grep for ': error:' to fail
only on actual errors. Warnings and style findings are still
reported but don't fail the pipeline.

Also apply clang-format fixes to dlt_common.c and
dlt-system-filetransfer.c.

Signed-off-by: LUU QUANG MINH <Minh.LuuQuang@vn.bosch.com>
@minminlittleshrimp

Copy link
Copy Markdown
Collaborator Author

To all Maintainers
Please kindly ignore/set your mail popup to unsubscribe for any annoying these pipelines make, thanks for your understanding.

@minminlittleshrimp minminlittleshrimp force-pushed the tooling/code-quality-cleanup branch from 4a5231d to 11e170a Compare July 13, 2026 09:51
@minminlittleshrimp minminlittleshrimp changed the title [DRAFT] Introduce repo guardrail and fix all prone bugs (tool detection) Introduce repo guardrail and fix all prone bugs (tool detection) Jul 13, 2026
@minminlittleshrimp

Copy link
Copy Markdown
Collaborator Author

Un-Draft, ready for review

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants