[cfe-dev] analyzer: invoking a single analyzer from the static analysis tools.

Aitor San Juan aitor.sj at opendeusto.es
Thu Feb 27 04:03:02 PST 2014 

>
> Michael,
>
> You will see the complete command executed behind the scenes if you run
> scan-build with the verbose option enabled (-v -v):
>
> scan-build -v -v -enable-checker my_checker_name clang -c my_file.c
>
> You may save the output to a file, get rid of the debug messages, save the
> first lines, add #!/bin/bash at the beginning, and give it exec permissions
> (chmod 755 your_script_name) to run it as a shell script. That's what I did.
>
> However, the previous command seems to not effectively enable the checker
> supplied at the command line. As I mentioned in my previous message, the
> option "-enable-checker my_checker_name" to scan-build is internally passed
> as '-analyzer-checker' 'my_checker_name'. If you inspect the full command
> printed out by scan-build (when using -v -v), the default checkers are
> enabled with the syntax '-analyzer-checker=core', and so on.
>
> I tried passing '-analyzer-checker=my_checker_name' in the shell script,
> but apparently nothing happens.
>
> So I don't know how to enable my custom checker, which, according to the
> manual, is disabled by default.
>
> Could anybody shed some light on this?
> Many thanks.
> Aitor.
>
>
>> Date: Wed, 26 Feb 2014 13:04:24 -0800
>> From: Michael Katelman <katelman at gmail.com>
>> To: "cfe-dev at cs.uiuc.edu" <cfe-dev at cs.uiuc.edu>
>> Subject: Re: [cfe-dev] analyzer: invoking a single analyzer from the
>>         static analysis tools.
>> Message-ID:
>>         <
>> CAAn2fBDsqM_x2wxbb7O+4OKA_9q4+uOKAOX5CTaL8na7B9yhEw at mail.gmail.com>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>> I've gone down a similar road within the last couple of days. I'm not sure
>> I'll be able to solve your problem -- I'm just familiarizing myself with
>> the tools and code myself -- but I did get what you're talking about to
>> work for the simple checker that I made. Would you mind posting the
>> entirety of the shell script you made?
>>
>>
>> On Wed, Feb 26, 2014 at 11:05 AM, Aitor San Juan <aitor.sj at opendeusto.es
>> >wrote:
>>
>> > Hello,
>> >
>> > I have developed a simple checker, just to become familiar with Clang's
>> > Checker API. I have sucessfully compiled it and installed in package
>> > alpha.security. For the sake of understanding and tracing the execution
>> > flow of the checker, I have added some "debug" lines like the following
>> > (I'm aware this is discouraged):
>> >
>> > llvm::outs() << "BEGIN: checkPreStmt" << "\n";
>> >
>> > I run scan-build or clang --analyze, as suggested in previous answers,
>> but
>> > I don't see the messages printed out. The commands I'm running are:
>> >
>> > (1) clang --analyze my_file.c
>> >
>> > (2) scan-build clang -c my_file.c
>> >
>> > Reading the manual, I understand that the reason is that "my" checker is
>> > not enabled by default, only a few.
>> >
>> > So I tried the following command to enable it:
>> >
>> > (3) scan-build -enable-checker alpha.security.DCL41C clang -c my_file.c
>> >
>> > but again my "debugging" messages don't appear in the standard output.
>> So
>> > enabling verbose info with "-v -v" in command (3), I can see the
>> complete
>> > command line run behind the scenes, and scan-build is passing:
>> >
>> > '-analyzer-checker' 'alpha.security.DCL41C'
>> >
>> > but I've remarked that the checkers enabled by default are being enabled
>> > like this:
>> >
>> >  '-analyzer-checker=core' '-analyzer-checker=unix'
>> > '-analyzer-checker=deadcode'
>> > '-analyzer-checker=security.insecureAPI.UncheckedReturn'
>> >
>> > So I saved the complete command lie to a shell script, and changed the
>> > options '-analyzer-checker' 'alpha.security.DCL41C' to
>> > '-analyzer-checker=alpha.security.DCL41C'
>> >
>> > The same problem: I don't see the messages of llvm:outs, so I don't
>> > whether my checker is being called, or the output of llvm::outs is
>> going to
>> > some other place I don't know.
>> >
>> > My Clang version is a build that dates back to late Dec. 2013. I hope
>> it's
>> > not a bug :-(
>> >
>> > clang version 3.5 (trunk 197976) (llvm/trunk 197973)
>> > Target: x86_64-unknown-linux-gnu
>> > Thread model: posix
>> >
>> > Any help would he highly appreciated
>> >
>> > Date: Tue, 25 Feb 2014 11:37:17 -0800
>> >
>> >> From: Michael Katelman <katelman at gmail.com>
>> >> To: Ted Kremenek <kremenek at apple.com>
>> >> Cc: cfe-dev at cs.uiuc.edu
>> >> Subject: Re: [cfe-dev] analyzer: invoking a single analyzer from the
>> >>         static analysis tools.
>> >> Message-ID:
>> >>         <
>> >> CAAn2fBCGH69fAWP_kXGpwpqjAykj29ps9RfcPbNi9e4foqqKuQ at mail.gmail.com>
>> >> Content-Type: text/plain; charset="iso-8859-1"
>> >>
>> >>
>> >> Hi Ted,
>> >>
>> >> Thanks for the help! I actually have a follow-up question, though. This
>> >> question came up because I was toying around with developing my own
>> simple
>> >> checker and wanted to test it out. My first inclination was to do this
>> in
>> >> isolation from the other checkers which is why I attempted the
>> invocation
>> >> from my original post, but perhaps you're saying that even for a dev
>> >> situation like this just run the whole platter of checkers? Or, did you
>> >> just mean for a general usage scenario where someone isn't adding new
>> >> checkers etc.?
>> >>
>> >> I just ended up using --analyze because the scan-build command I could
>> >> figure out was somewhat more verbose, needing --use-analyzer=... etc.;
>> >> but,
>> >> I was mostly fumbling around trying to get it to work, so I'm sure I'm
>> >> missing a bunch of different things.
>> >>
>> >> Thanks again.
>> >>
>> >> -Mike
>> >>
>> >>
>> >> On Tue, Feb 25, 2014 at 11:00 AM, Ted Kremenek <kremenek at apple.com>
>> >> wrote:
>> >>
>> >> > Hi Michael,
>> >> >
>> >> > It's not recommended to run the low-level driver like this.  You can
>> >> just
>> >> > use scan-build, for example:
>> >> >
>> >> >   $ scan-build clang -c /tmp/main.c
>> >> >
>> >> > or more generally
>> >> >
>> >> >   $ scan-build <compiler line>
>> >> >
>> >> > You can also use:
>> >> >
>> >> >   $ clang --analyze /tmp/main.c
>> >>
>> >> >
>> >> > directly.  That's somewhat discouraged because the long-term idea is
>> >> that
>> >> > the static analyzer supports global analysis.  The intention is that
>> you
>> >> > can declare a set of files to analyze and they get analyzed together,
>> >> > whereas the latter line is clearly just analyzing a particular file
>> >> using
>> >> > clang.
>> >> >
>> >> > Cheers,
>> >> > Ted
>> >> >
>> >> > On Feb 21, 2014, at 2:22 PM, Michael Katelman <katelman at gmail.com>
>> >> wrote:
>> >> >
>> >> > > I was wondering if someone might be able to help me with cleanly
>> >> > invoking a single analyzer from the static analysis tools.
>> >> > >
>> >> > > I am not sure what I need to do (or, should be doing instead) in a
>> >> > situation like the one below where I've got a header like stdio.h
>> >> included
>> >> > (--analyze figures it out, but then it appears that I lose the
>> ability
>> >> to
>> >> > apply a single checker) :
>> >> > >
>> >> > > %  ./Debug+Asserts/bin/clang -cc1 -analyze
>> >> > -analyzer-checker=core.DivideZero ./tmp/main.c
>> >> > >
>> >> > > ./tmp/main.c:1:10: fatal error: 'stdio.h' file not found
>> >> > > #include <stdio.h>
>> >> > >          ^
>> >> > > 1 error generated.
>> >> > >
>> >> > >  % cat ./tmp /main.c
>> >> > >
>> >> > > #include <stdio.h>
>> >> > >
>> >> > > int main( int argc, char** argv){
>> >> > >   int x = 1;
>> >> > >   int y = 0;
>> >> > >
>> >> > >   printf("%d\n", x / y);
>> >> > >
>> >> > >   return  0;
>> >> > > }
>> >> > >
>> >> > > Thanks!
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140227/892b88d3/attachment.html>

More information about the cfe-dev mailing list