Ascend C Code Inspection Skill
Core Principles
- Compliance First - All inspection actions are mapped to specific clauses of coding specifications, with 100% coverage and no omissions
- Auditable and Reusable - Full log records of inspection actions throughout the process
- Concise and Efficient - Structured inspection reports that are clear and easy to understand
Calling Interface
Required Parameters
When calling this skill, you must clearly provide the following parameters:
Parameter 1: Code Snippet
- Code content to be inspected
- Can be functions, code blocks, file content, etc.
Parameter 2: Inspection Rule Description
- Clearly specify the type of issue to be inspected
- For example: , ,
Check null pointer dereference
- Or specify the path to a specific specification file
Parameter 3: Specification File Path (Optional)
- Specify the path to a specific coding specification file
- If not specified, the corresponding specification file will be found based on the inspection rule description
Parameter Validation
If any required parameter is missing, you should:
- Clearly inform the user which parameters are missing
- Abort the inspection execution
- Prompt the user to provide complete parameters
Specification File Reference
When the user specifies an inspection rule description, match the specification file according to the following rules:
- , , → references/01_numeric_operations.md
- , , → references/02_memory_pointer_safety.md
- , → references/03_resource_management.md
- , → references/04_input_validation.md
- , → references/05_concurrency_safety.md
- , , , → references/06_operator_interface.md
- , → references/07_interface_compatibility.md
- User directly specifies path → Use the specified path
Inspection Process (Hypothesis Testing Driven)
Phase 1: Preparation
- Verify whether required parameters are complete
- Read the coding specification file based on the inspection rule description or specified path
- Confirm the code snippet to be inspected
Phase 2: Hypothesis Testing (Core)
Step 1: Code Segment Identification
Divide the target code into independent code segments (functions, statement blocks, logical units)
Step 2: Hypothesis Establishment
Establish hypotheses for each code segment:
- Null Hypothesis H0: This code segment is safe
- Alternative Hypothesis H1: This code segment has risks
- Confidence Value Initialization: 0%
Step 3: Evidence Collection and Evaluation
Systematically search for evidence by dimension:
| Evidence Type | Analysis Action | Score Rule |
|---|
| Red Line Specification Violation | Identify serious violations against red line specification clauses | Valid evidence +40% |
| General Specification Violation | Identify violations against general specification clauses | Valid evidence +20% |
| Missing Contextual Defense | Check if there is defensive code within the scope | No defense +30% |
| Function Call Chain Risk | Analyze internal logic of called functions using LSP/Grep | Risk detected +25% |
| Data Flow Tracking Risk | Analyze variable sources and operation processes | Risk detected +25% |
- When providing evidence of numeric operation types, clear risk operation cases (such as overflow, out-of-bounds, wrap-around, etc.) must be provided
Analysis Requirements:
- Use LSP to obtain symbol definitions in the code, use Grep to find dependency relationships
- For risky code, must check whether defensive measures are implemented in other locations within the current file scope
- When encountering function calls, must view the internal logic of the function and make a comprehensive judgment
- When encountering risky structures or member variables, must view their definitions and operation processes
Step 4: Evidence Validity Verification
Eliminate false positives:
- Effective defense has been implemented in other locations within the scope → Eliminate
- Context proves that the risk cannot be triggered → Eliminate
Step 5: Decision Judgment
Calculate the confidence value and make a decision:
- Confidence value = Σ Valid evidence scores
- Decision Rule: When the confidence value exceeds 60%, determine that the code segment has risks and proceed to report generation; otherwise, continue checking the next code segment
Phase 3: Report Generation
- Generate a report according to the code inspection report template format
- Display the hypothesis testing process (evidence chain and confidence value calculation process) before each issue detail
Notes
- Please read the corresponding coding specification file completely first, and conduct code review based on these specifications; do not count anything else
- During the inspection process, if there is a function call in a suspicious code block, you must use LSP tools or search tools to achieve in-depth analysis
- For uncertain coding specification issues, list them as suspicious in the output report for users to judge independently
- The problematic code listed in the inspection report should not be too long; only describe the problematic code clearly
- When returning inspection results, carefully check whether the line numbers of risky code in the results are correct
- When returning inspection results, all risky code blocks should be referenced; do not only display one line number
Output Specifications
Inspection Report Must Include
- Inspection category
- List of risk points (including line numbers and code snippets)
- Evidence chain (displaying the hypothesis testing process)
- Suggested repair solutions
Output Format
See details: agents/ascendc-ops-reviewer/style/code_review_summary_style.txt