(Looks like it is in /usr/share/clang/scan-build/c -analyzer on Debian-based platforms.) Secondly, the location of the analyzers might differ from platform to platform, the example above is where they are located on Arch. FIrst of all, this is sort of mentioned in the documentation, but they don't give any examples so I didn't get it to work properly until after a colleague explained it to me. Note that in order for it to check anything you need to override the compiler variables to use c**-analyzer like I've done when calling cmake above. DCMAKE_CXX_COMPILER=/usr/lib/clang-analyzer/scan-build/c -analyzer \ DCMAKE_C_COMPILER=/usr/lib/clang-analyzer/scan-build/ccc-analyzer \ How to run scan-build on the code (along with explanation/caveats): Protip: if it runs through the compilation, but at the end tells you it didn't find any issues and deletes the directory containing the report, it's likely misconfigured somehow. (Looks like it is in /usr/share/ clang/scan- build/c -analyzer on Debian-based platforms.)Īfter you've successfully run `scan-build make` it will tell you how many issues it found, which directory it stored the report it and how to view the report in your favorite browser (`scan-view directory`). DCMAKE_ CXX_COMPILER= /usr/lib/ clang-analyzer/ scan-build/ c -analyzer \īasically just run `scan-build make` instead of `make`. DCMAKE_ C_COMPILER= /usr/lib/ clang-analyzer/ scan-build/ ccc-analyzer \ How to run scan-build on the code (along with explanation/ caveats) : Again, I'm sorry and I hope I didn't ruin the new year for you already. The next time I see a sharp increase in some type of error, I'll post one or two instead to see whether it is considered a real issue or not. I apologize if these reports got rather noisy, as the goal was to identify issues in the code which can be discovered by using the right tools. The thought about false positives did occur to me when I saw dereferenced null pointers had increased from one or two to more than 70 though, which is one of the reasons why I didn't do anything with them. I have to admit though, that c is not the language I'm most proficient in, so a lot of these were more or less forwarded for others to take a look at. And indeed it found a lot more issues than the previous run I had did.īased on the dead assignments/divide by zero issues and what I remembered from last time, that part of the results seemed free of false positives. To make a long story short, I saw llvm 3.2 was released recently and decided to take the latest trunk for a run in their static code analysis tool to see if it found anything new.
0 Comments
Leave a Reply. |