[cfe-dev] Static analysis tool development

Jean-Daniel Dupas devlists at shadowlab.org
Sat Jan 17 10:53:09 PST 2009 

Le 17 janv. 09 à 17:58, Nikita Zhuk a écrit :

>
> On 17.1.2009, at 17.12, Ben Laurie wrote:
>
>> On Sat, Jan 17, 2009 at 3:05 PM, Nikita Zhuk <nikita at zhuk.fi> wrote:
>>>
>>> If/when clang static analyzer will allow easy extensibility as Ted
>>> described in option [3], it would be very interesting to see if  
>>> clang
>>> user community could come up with some collaborative way of sharing
>>> various custom checks as pluggable & configurable components. A  
>>> wiki,
>>> perhaps? I think that sharing programming experience and knowledge  
>>> as
>>> clang analyzer checks for common programming errors and best
>>> practices
>>> would be useful for open source community.
>>
>> What would be wrong with just integrating them into the source and
>> having them invdividually enableable?
>
> There's nothing wrong with integrating additional checks into clang,
> of course. However, as a Mac developer and clang user I would like to
> be able to download and install additional checks simply by dropping
> the downloaded binary into some directory, without recompiling clang
> each time I'd like to try a new check which some other developer has
> written. I also suspect that some checks could exist which aren't
> completely in line with clang's goals, e.g. which generate too many
> false positives for average project, but which would be beneficial in
> projects of a specific type. For example, I have written some specific
> coding convention checks which have way too high level of false
> positives for being included into the official clang, but which are
> useful for developers who follow the same conventions.


I agree.

As clang is backed by Apple, it contains built-in check for specifics  
Apple library like Cocoa/CoreFoundation.
But some other Open Source library may want to be able to also write  
library specific tests.

This feature will be very useful to distribute package that contains a  
library and a clang plugin to check this library good practices.
For example, it's probably possible to write test for glib or QT  
memory management. To be able to distribute them as plugin with the  
library would be a great.

More information about the cfe-dev mailing list