gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/nogo.yaml (about) 1 groups: 2 # We define three basic groups: generated (all generated files), 3 # external (all files outside the repository), and internal (all 4 # files within the local repository). We can't enforce many style 5 # checks on generated and external code, so enable those cases 6 # selectively for analyzers below. 7 - name: generated 8 regex: "^(bazel-genfiles|bazel-out|bazel-bin)/" 9 default: true 10 - name: external 11 regex: "^external/" 12 default: false 13 - name: internal 14 regex: ".*" 15 default: true 16 global: 17 generated: 18 suppress: 19 # Suppress the basic style checks for 20 # generated code, but keep the analysis 21 # that are required for quality & security. 22 - "should not use ALL_CAPS in Go names" 23 - "should not use underscores" 24 - "comment on exported" 25 - "methods on the same type should have the same receiver name" 26 - "at least one file in a package" 27 - "package comment should be of the form" 28 # Generated code may have dead code paths. 29 - "identical build constraints" 30 - "no value of type" 31 - "is never used" 32 # go_embed_data rules generate unicode literals. 33 - "string literal contains the Unicode format character" 34 - "string literal contains the Unicode control character" 35 - "string literal contains Unicode control characters" 36 - "string literal contains Unicode format and control characters" 37 # Some external code will generate protov1 38 # implementations. These should be ignored. 39 - "proto.* is deprecated" 40 - "xxx_messageInfo_.*" 41 - "receiver name should be a reflection of its identity" 42 # Generated gRPC code is not compliant either. 43 - "error strings should not be capitalized" 44 - "grpc.Errorf is deprecated" 45 # Generated proto code does not always follow capitalization conventions. 46 - "(field|method|struct|type) .* should be .*" 47 # Generated proto code sometimes duplicates imports with aliases. 48 - "duplicate import" 49 # These will never be annotated. 50 - "unexpected call to atomic function" 51 - "may require checklocks annotation for" 52 # Generated proto code creates declarations like 'var start int = iNdEx' 53 - "should omit type .* from declaration; it will be inferred from the right-hand side" 54 external: 55 suppress: 56 # buildssa can't handle certain packages (cmd/...). 57 - "panic recovered: interface conversion: types.Type is nil" 58 - "panic recovered: runtime error: invalid memory address or nil" 59 - "panic recovered: no type for \\*ast.CallExpr" 60 - "panic recovered: interface conversion: types.Type is \\*types.Basic" 61 - "panic recovered: no type for \\*ast.BinaryExpr" 62 - "panic recovered: no type for \\*ast.SelectorExpr" 63 - "panic recovered: no types.Object for ast.Ident SetTypeErrors" 64 - "panic recovered: unexpected CompositeLit type: invalid type" 65 - "panic recovered: interface conversion: ssa.Member is \\*ssa.NamedConst" 66 exclude: 67 - ".*/vet/testdata/.*" 68 - ".*/runtime/testdata/.*" 69 internal: 70 suppress: 71 # We use ALL_CAPS for system definitions, 72 # which are common enough in the code base 73 # that we shouldn't annotate exceptions. 74 # 75 # Same story for underscores. 76 - "should not use ALL_CAPS in Go names" 77 - "should not use underscores in Go names" 78 # These need to be annotated. 79 - "unexpected call to atomic function.*" 80 - "return with unexpected locks held.*" 81 - "incompatible return states.*" 82 - "may require checklocks annotation for.*" 83 # For some reason, the types package falls down. 84 - "panic recovered: .*types/sizes.go:82: assertion failed" 85 exclude: 86 # Generated: exempt all. 87 - pkg/shim/runtimeoptions/runtimeoptions_cri.go 88 - pkg/shim/runtimeoptions/v14/runtimeoptions_cri.go 89 analyzers: 90 asmdecl: 91 generated: # Enabled. 92 external: 93 exclude: [".*"] # Disabled. 94 internal: 95 suppress: 96 # Valid reasons to break the rules. 97 - "xsetbv: invalid MOVL of value" 98 - "xsetbv: invalid offset value" 99 - "xgetbv: invalid MOVL of ret" 100 - "xgetbv: invalid offset ret" 101 - "wrmsr: invalid MOVL of value" 102 - "wrmsr: invalid offset value" 103 - "rdmsr: invalid MOVL of ret" 104 - "rdmsr: invalid offset ret" 105 # Non-conventional functions. 106 - "\\[amd64\\].*sysret: RET without writing to 8-byte" 107 - "\\[amd64\\].*iret: RET without writing to 8-byte" 108 - "\\[amd64\\].*exception: use of .* points beyond argument frame" 109 - "\\[arm64\\].*HaltEl1ExceptionAndResume: unknown variable" 110 - "\\[arm64\\].*HaltEl1ExceptionAndResume: use of .* points beyond argument frame" 111 assign: 112 external: 113 exclude: 114 - gazelle/walk/walk.go 115 atomic: 116 external: # Enabled. 117 bools: 118 external: # Enabled. 119 buildtag: 120 external: # Enabled. 121 cgocall: 122 external: # Enabled. 123 checklocks: 124 internal: 125 exclude: 126 - "^-$" # b/181776900: analyzer fails on buildkite. 127 shadow: # Disable for now. 128 generated: 129 exclude: [".*"] 130 internal: 131 exclude: [".*"] 132 composites: # Disable for now. 133 generated: 134 exclude: [".*"] 135 internal: 136 exclude: [".*"] 137 errorsas: 138 external: # Enabled. 139 exclude: 140 # Specific broken case. 141 - ".*/cmd/go/internal/modload/list.go" 142 httpresponse: 143 external: # Enabled. 144 loopclosure: 145 external: # Enabled. 146 nilfunc: 147 external: # Enabled. 148 nilness: 149 internal: 150 exclude: 151 - pkg/sentry/platform/kvm/kvm_test.go # Intentional. 152 - tools/bigquery/bigquery.go # False positive. 153 - "-" # No filename. 154 printf: 155 external: # Enabled. 156 suppress: 157 - "fmt.Fprintln arg list ends with redundant newline" 158 shift: 159 generated: # Disabled for generated code; these shifts are well-defined. 160 exclude: [".*"] 161 external: 162 exclude: 163 - ".*unix/syscall_linux.go" # False positive on line 2002. 164 stringintconv: 165 external: 166 exclude: 167 - ".*protobuf/.*.go" # Bad conversions. 168 - ".*flate/huffman_bit_writer.go" # Bad conversion. 169 # Runtime internal violations. 170 - ".*reflect/value.go" 171 - ".*encoding/xml/xml.go" 172 - ".*runtime/pprof/internal/profile/proto.go" 173 - ".*fmt/scan.go" 174 - ".*go/types/conversions.go" 175 - ".*golang.org/x/net/dns/dnsmessage/message.go" 176 tests: 177 external: # Enabled. 178 unmarshal: 179 external: # Enabled. 180 unreachable: 181 external: # Enabled. 182 exclude: 183 - ".*jsonschema/reader.go" 184 - ".*protobuf/.*.go" 185 unsafeptr: 186 internal: 187 exclude: 188 - ".*_test.go" # Exclude tests. 189 - "pkg/flipcall/.*_unsafe.go" # Special case. 190 - pkg/gohacks/noescape_unsafe.go # Special case. 191 - pkg/ring0/pagetables/allocator_unsafe.go # Special case. 192 - pkg/sentry/fsutil/host_file_mapper_unsafe.go # Special case. 193 - pkg/sentry/platform/kvm/bluepill_unsafe.go # Special case. 194 - pkg/sentry/platform/kvm/machine_unsafe.go # Special case. 195 - pkg/sentry/platform/systrap/stub_unsafe.go # Special case. 196 - pkg/sentry/platform/systrap/syscall_thread_unsafe.go # Special case. 197 - pkg/sentry/platform/systrap/sysmsg_thread_unsafe.go # Special case. 198 - pkg/sentry/platform/systrap/subprocess_unsafe.go # Special case. 199 - pkg/sentry/platform/safecopy/safecopy_unsafe.go # Special case. 200 - pkg/sentry/usage/memory_unsafe.go # Special case. 201 - pkg/sentry/vfs/mount_unsafe.go # Special case. 202 - pkg/state/decode_unsafe.go # Special case. 203 unusedresult: 204 external: # Enabled. 205 checkescape: 206 external: # Enabled. 207 suppress: 208 # External libraries may not have binaries (e.g. stdlib testdata, etc.), 209 # so these cases can be safely ignored. 210 - "no such file or directory" 211 checklinkname: 212 external: # Enabled. 213 suppress: 214 # Suppress bad linkname directives in the internals. These will be fixed 215 # in the bug: https://github.com/golang/go/issues/58440 216 - "symbol \"runtime_pollWaitCanceled\".*" 217 - "symbol \"runtime_procPin\".*" 218 - "symbol \"registerMetric\".*" 219 exclude: 220 - ".*/containerd/sys/subprocess_unsafe_linux.go" 221 internal: 222 suppress: 223 # See above. 224 - "symbol \"runtime_pollWaitCanceled\".*" 225 - "symbol \"runtime_procPin\".*" 226 generated: 227 suppress: 228 # See above. 229 - "symbol \"runtime_pollWaitCanceled\".*" 230 - "symbol \"runtime_procPin\".*" 231 SA1019: # Use of deprecated identifier. 232 # disable for now due to misattribution from golang.org/issue/44195. 233 generated: 234 exclude: [".*"] 235 internal: 236 exclude: [".*"] 237 SA2001: # Empty critical section. 238 internal: 239 exclude: 240 - pkg/sentry/fs/fs.go # Intentional. 241 - pkg/sentry/fs/gofer/inode.go # Intentional. 242 - pkg/refs/refcounter_test.go # Intentional. 243 SA4016: # Useless bitwise operations. 244 internal: 245 exclude: 246 - pkg/gohacks/noescape_unsafe.go # x ^ 0 always equals x. 247 ST1019: # Multiple imports of the same package. 248 generated: 249 exclude: 250 # package ".../kubeapi/core/v1/v1" is being imported more than once 251 - generated.gen.pb.go 252 ST1021: # Doc should start with type name. 253 internal: 254 exclude: 255 - "pkg/abi/nvgpu/.*.go" 256 suppress: 257 - "comment on exported type Translation" # Intentional. 258 - "comment on exported type PinnedRange" # Intentional. 259 ST1016: # CheckReceiverNamesIdentical 260 internal: 261 exclude: 262 - pkg/tcpip/stack/packet_buffer.go # TODO(b/233086175): Remove.