[cfe-dev] analyzer: invoking a single analyzer from the static analysis tools.
Aitor San Juan
aitor.sj at opendeusto.es
Thu Feb 27 10:37:13 PST 2014
Ok, no worries. I've pasted the content of the "custom" shell script.
The option marked (*) is what I added to enable my checker, but it seems to
have no effect. I'm racking my brains to work it out. No successful result
for the time being, though.
Here you are. I hope it helps.
#!/bin/bash
/usr/local/src/build/Release+Asserts/bin/clang '-cc1' \
'-triple' 'x86_64-unknown-linux-gnu' \
'-analyze' \
'-disable-free' \
'-main-file-name' 'dcl41c_03_bad.c' \
'-analyzer-store=region' \
'-analyzer-opt-analyze-nested-blocks' \
'-analyzer-eagerly-assume' \
'-analyzer-checker=core' \
'-analyzer-checker=unix' \
'-analyzer-checker=deadcode' \
'-analyzer-checker=security.insecureAPI.UncheckedReturn' \
'-analyzer-checker=security.insecureAPI.getpw' \
'-analyzer-checker=security.insecureAPI.gets' \
'-analyzer-checker=security.insecureAPI.mktemp' \
'-analyzer-checker=security.insecureAPI.mkstemp' \
'-analyzer-checker=security.insecureAPI.vfork' \
'-analyzer-output' 'plist' '-w' \
'-mrelocation-model' 'static' \
'-mdisable-fp-elim' '-fmath-errno' \
'-masm-verbose' \
'-mconstructor-aliases' '-munwind-tables' \
'-target-cpu' 'x86-64' \
'-target-linker-version' '2.22' \
'-resource-dir'
'/usr/local/src/build/Release+Asserts/bin/../lib/clang/3.5' \
'-internal-isystem' '/usr/local/include' \
'-internal-isystem'
'/usr/local/src/build/Release+Asserts/bin/../lib/clang/3.5/include' \
'-internal-externc-isystem' '/usr/include/x86_64-linux-gnu' \
'-internal-externc-isystem' '/include' \
'-internal-externc-isystem' '/usr/include' \
'-fdebug-compilation-dir' '/home/user1/src' \
'-ferror-limit' '19' '-fmessage-length' '0' \
'-mstackrealign' \
'-fobjc-runtime=gcc' '-fdiagnostics-show-option' \
'-vectorize-slp' \
'-analyzer-display-progress' \
(*) '-analyzer-checker=alpha.security.DCL41C' \
'-analyzer-output=html' \
'-o' '/tmp/scan-build-2014-02-26-4' \
'-x' 'c' 'dcl41c_03_bad.c'
2014-02-27 19:12 GMT+01:00 Michael Katelman <katelman at gmail.com>:
> Aitor,
>
> I think something got lost in my message. I understand the process that
> you're talking about, but when I did it I needed to manually modify the
> resulting bash script that was emitted; that's why I was asking about you
> posting the full clang command (so I could see if you had made similar
> changes to what I had). I did this through clang originally with -###, so
> perhaps some of the edits aren't necessary since you used scan-build, but
> one thing I'm wondering about is if the command that you're ultimately
> running invokes the system installed clang or your locally built one, as I
> needed to use -use-analyzer=... when invoking scan-build.
>
>
> On Thu, Feb 27, 2014 at 4:03 AM, Aitor San Juan <aitor.sj at opendeusto.es>wrote:
>
>> Michael,
>>>
>>> You will see the complete command executed behind the scenes if you run
>>> scan-build with the verbose option enabled (-v -v):
>>>
>>> scan-build -v -v -enable-checker my_checker_name clang -c my_file.c
>>>
>>> You may save the output to a file, get rid of the debug messages, save
>>> the first lines, add #!/bin/bash at the beginning, and give it exec
>>> permissions (chmod 755 your_script_name) to run it as a shell script.
>>> That's what I did.
>>>
>>> However, the previous command seems to not effectively enable the
>>> checker supplied at the command line. As I mentioned in my previous
>>> message, the option "-enable-checker my_checker_name" to scan-build is
>>> internally passed as '-analyzer-checker' 'my_checker_name'. If you inspect
>>> the full command printed out by scan-build (when using -v -v), the default
>>> checkers are enabled with the syntax '-analyzer-checker=core', and so on.
>>>
>>> I tried passing '-analyzer-checker=my_checker_name' in the shell script,
>>> but apparently nothing happens.
>>>
>>> So I don't know how to enable my custom checker, which, according to the
>>> manual, is disabled by default.
>>>
>>> Could anybody shed some light on this?
>>> Many thanks.
>>> Aitor.
>>>
>>>
>>>> Date: Wed, 26 Feb 2014 13:04:24 -0800
>>>> From: Michael Katelman <katelman at gmail.com>
>>>> To: "cfe-dev at cs.uiuc.edu" <cfe-dev at cs.uiuc.edu>
>>>>
>>>> Subject: Re: [cfe-dev] analyzer: invoking a single analyzer from the
>>>> static analysis tools.
>>>> Message-ID:
>>>> <
>>>> CAAn2fBDsqM_x2wxbb7O+4OKA_9q4+uOKAOX5CTaL8na7B9yhEw at mail.gmail.com>
>>>> Content-Type: text/plain; charset="iso-8859-1"
>>>>
>>>>
>>>> I've gone down a similar road within the last couple of days. I'm not
>>>> sure
>>>> I'll be able to solve your problem -- I'm just familiarizing myself with
>>>> the tools and code myself -- but I did get what you're talking about to
>>>> work for the simple checker that I made. Would you mind posting the
>>>> entirety of the shell script you made?
>>>>
>>>>
>>>> On Wed, Feb 26, 2014 at 11:05 AM, Aitor San Juan <
>>>> aitor.sj at opendeusto.es>wrote:
>>>>
>>>> > Hello,
>>>> >
>>>> > I have developed a simple checker, just to become familiar with
>>>> Clang's
>>>> > Checker API. I have sucessfully compiled it and installed in package
>>>> > alpha.security. For the sake of understanding and tracing the
>>>> execution
>>>> > flow of the checker, I have added some "debug" lines like the
>>>> following
>>>> > (I'm aware this is discouraged):
>>>> >
>>>> > llvm::outs() << "BEGIN: checkPreStmt" << "\n";
>>>> >
>>>> > I run scan-build or clang --analyze, as suggested in previous
>>>> answers, but
>>>> > I don't see the messages printed out. The commands I'm running are:
>>>> >
>>>> > (1) clang --analyze my_file.c
>>>> >
>>>> > (2) scan-build clang -c my_file.c
>>>> >
>>>> > Reading the manual, I understand that the reason is that "my" checker
>>>> is
>>>> > not enabled by default, only a few.
>>>> >
>>>> > So I tried the following command to enable it:
>>>> >
>>>> > (3) scan-build -enable-checker alpha.security.DCL41C clang -c
>>>> my_file.c
>>>> >
>>>> > but again my "debugging" messages don't appear in the standard
>>>> output. So
>>>> > enabling verbose info with "-v -v" in command (3), I can see the
>>>> complete
>>>> > command line run behind the scenes, and scan-build is passing:
>>>> >
>>>> > '-analyzer-checker' 'alpha.security.DCL41C'
>>>> >
>>>> > but I've remarked that the checkers enabled by default are being
>>>> enabled
>>>> > like this:
>>>> >
>>>> > '-analyzer-checker=core' '-analyzer-checker=unix'
>>>> > '-analyzer-checker=deadcode'
>>>> > '-analyzer-checker=security.insecureAPI.UncheckedReturn'
>>>> >
>>>> > So I saved the complete command lie to a shell script, and changed the
>>>> > options '-analyzer-checker' 'alpha.security.DCL41C' to
>>>> > '-analyzer-checker=alpha.security.DCL41C'
>>>> >
>>>> > The same problem: I don't see the messages of llvm:outs, so I don't
>>>> > whether my checker is being called, or the output of llvm::outs is
>>>> going to
>>>> > some other place I don't know.
>>>> >
>>>> > My Clang version is a build that dates back to late Dec. 2013. I hope
>>>> it's
>>>> > not a bug :-(
>>>> >
>>>> > clang version 3.5 (trunk 197976) (llvm/trunk 197973)
>>>> > Target: x86_64-unknown-linux-gnu
>>>> > Thread model: posix
>>>> >
>>>> > Any help would he highly appreciated
>>>> >
>>>> > Date: Tue, 25 Feb 2014 11:37:17 -0800
>>>> >
>>>> >> From: Michael Katelman <katelman at gmail.com>
>>>> >> To: Ted Kremenek <kremenek at apple.com>
>>>> >> Cc: cfe-dev at cs.uiuc.edu
>>>> >> Subject: Re: [cfe-dev] analyzer: invoking a single analyzer from the
>>>> >> static analysis tools.
>>>> >> Message-ID:
>>>> >> <
>>>> >> CAAn2fBCGH69fAWP_kXGpwpqjAykj29ps9RfcPbNi9e4foqqKuQ at mail.gmail.com>
>>>> >> Content-Type: text/plain; charset="iso-8859-1"
>>>> >>
>>>> >>
>>>> >> Hi Ted,
>>>> >>
>>>> >> Thanks for the help! I actually have a follow-up question, though.
>>>> This
>>>> >> question came up because I was toying around with developing my own
>>>> simple
>>>> >> checker and wanted to test it out. My first inclination was to do
>>>> this in
>>>> >> isolation from the other checkers which is why I attempted the
>>>> invocation
>>>> >> from my original post, but perhaps you're saying that even for a dev
>>>> >> situation like this just run the whole platter of checkers? Or, did
>>>> you
>>>> >> just mean for a general usage scenario where someone isn't adding new
>>>> >> checkers etc.?
>>>> >>
>>>> >> I just ended up using --analyze because the scan-build command I
>>>> could
>>>> >> figure out was somewhat more verbose, needing --use-analyzer=...
>>>> etc.;
>>>> >> but,
>>>> >> I was mostly fumbling around trying to get it to work, so I'm sure
>>>> I'm
>>>> >> missing a bunch of different things.
>>>> >>
>>>> >> Thanks again.
>>>> >>
>>>> >> -Mike
>>>> >>
>>>> >>
>>>> >> On Tue, Feb 25, 2014 at 11:00 AM, Ted Kremenek <kremenek at apple.com>
>>>> >> wrote:
>>>> >>
>>>> >> > Hi Michael,
>>>> >> >
>>>> >> > It's not recommended to run the low-level driver like this. You
>>>> can
>>>> >> just
>>>> >> > use scan-build, for example:
>>>> >> >
>>>> >> > $ scan-build clang -c /tmp/main.c
>>>> >> >
>>>> >> > or more generally
>>>> >> >
>>>> >> > $ scan-build <compiler line>
>>>> >> >
>>>> >> > You can also use:
>>>> >> >
>>>> >> > $ clang --analyze /tmp/main.c
>>>> >>
>>>> >> >
>>>> >> > directly. That's somewhat discouraged because the long-term idea
>>>> is
>>>> >> that
>>>> >> > the static analyzer supports global analysis. The intention is
>>>> that you
>>>> >> > can declare a set of files to analyze and they get analyzed
>>>> together,
>>>> >> > whereas the latter line is clearly just analyzing a particular file
>>>> >> using
>>>> >> > clang.
>>>> >> >
>>>> >> > Cheers,
>>>> >> > Ted
>>>> >> >
>>>> >> > On Feb 21, 2014, at 2:22 PM, Michael Katelman <katelman at gmail.com>
>>>> >> wrote:
>>>> >> >
>>>> >> > > I was wondering if someone might be able to help me with cleanly
>>>> >> > invoking a single analyzer from the static analysis tools.
>>>> >> > >
>>>> >> > > I am not sure what I need to do (or, should be doing instead) in
>>>> a
>>>> >> > situation like the one below where I've got a header like stdio.h
>>>> >> included
>>>> >> > (--analyze figures it out, but then it appears that I lose the
>>>> ability
>>>> >> to
>>>> >> > apply a single checker) :
>>>> >> > >
>>>> >> > > % ./Debug+Asserts/bin/clang -cc1 -analyze
>>>> >> > -analyzer-checker=core.DivideZero ./tmp/main.c
>>>> >> > >
>>>> >> > > ./tmp/main.c:1:10: fatal error: 'stdio.h' file not found
>>>> >> > > #include <stdio.h>
>>>> >> > > ^
>>>> >> > > 1 error generated.
>>>> >> > >
>>>> >> > > % cat ./tmp /main.c
>>>> >> > >
>>>> >> > > #include <stdio.h>
>>>> >> > >
>>>> >> > > int main( int argc, char** argv){
>>>> >> > > int x = 1;
>>>> >> > > int y = 0;
>>>> >> > >
>>>> >> > > printf("%d\n", x / y);
>>>> >> > >
>>>> >> > > return 0;
>>>> >> > > }
>>>> >> > >
>>>> >> > > Thanks!
>>>>
>>>
>>
>> _______________________________________________
>> cfe-dev mailing list
>> cfe-dev at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140227/ed4d8dc5/attachment.html>
More information about the cfe-dev
mailing list