[cfe-dev] Using clang for Static Analysis

Tom Care tcare at apple.com
Fri Sep 17 11:10:29 PDT 2010 

Hi Joel,

I'll address your second question first, since it's easier to answer :)

The easiest way to start analyzing with clang is to use the scan-build script to automatically shim clang in to your existing build system. All of your normal make system will work as usual (and use the same compiler), but when scan-build sees a file that clang can analyze, it will call clang to analyze that file. scan-build then produces a series of html files with descriptions of the bugs. You can find out more about scan-build at this page: http://clang-analyzer.llvm.org/scan-build

As for the checks that clang currently performs, this is a little harder to answer. We haven't updated a list of them in quite a while, and development is moving relatively rapidly. The hacky way to answer this is by giving a list of the files in the lib/checker directory to give you an idea of what is currently written. I've attached a text file with some of the irrelevant stuff removed.

An important thing to note is that there are several checks labelled as experimental. These may have high false positive rates or may miss bugs. scan-build will let you turn these on or off depending on how adventurous you are feeling!

I hope that's enough to get you started. If there are any checks you would like to see, let us know. Please report any problems with the analyzer, and if you manage to find any serious/interesting bugs with the analyzer, we'd love to hear about them!

Tom

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: checks.txt
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20100917/8a97f77a/attachment.txt>
-------------- next part --------------



On Sep 17, 2010, at 7:01 AM, Joel Sherrill wrote:

>  Hi,
> 
> I am the maintainer of RTEMS (http://www.rtems.org)
> and am interested in running clang to do static
> analysis on RTEMS.  RTEMS is always cross-compiled.
> I have some questions and would like for some help
> in getting over the initial hurdles.
> 
> + What types of things does clang look for when
> used for static analysis?
> 
> + How do we build RTEMS with it?  Our build
> is gcc+newlib similar the CPU-elf configurations.
> 
> Begging for help and advice here.  Thanks.
> 
> -- 
> Joel Sherrill, Ph.D.             Director of Research&  Development
> joel.sherrill at OARcorp.com        On-Line Applications Research
> Ask me about RTEMS: a free RTOS  Huntsville AL 35805
>    Support Available             (256) 722-9985
> 
> 
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev

More information about the cfe-dev mailing list