[cfe-dev] How does scan-build

Sun Jul 21 04:13:23 PDT 2019

Hello Ben,

https://clang-analyzer.llvm.org/scan-build.html#scanbuild_basicusage says “
It is also possible to use scan-build to analyze specific files:

 $ scan-build gcc -c t1.c t2.c
This example causes the files t1.c and t2.c to be analyzed.
”

There is no CC/CXX involved here and it does work.  So the question is, how does scan-build know how to parse its input,
whether it is a make/ninja/gcc/clang or some other compiler.

Regards
  Дилян

On Thu, 2019-07-18 at 17:07 +0000, Ben Craig wrote:
> I believe the interception works by taking over the CC and CXX environment variables, rather than with a preload.  This works fine for build systems that use those environment variables, and fails for others.
> 
> > -----Original Message-----
> > From: cfe-dev <cfe-dev-bounces at lists.llvm.org> On Behalf Of ?????
> > ???????? via cfe-dev
> > Sent: Thursday, July 18, 2019 11:25 AM
> > To: Arthur O'Dwyer <arthur.j.odwyer at gmail.com>
> > Cc: cfe-dev <cfe-dev at lists.llvm.org>
> > Subject: [EXTERNAL] Re: [cfe-dev] How does scan-build
> > 
> > Hello Arthur,
> > 
> > intercepting calls by scan-build, during it calls make or ninja, does make
> > sense, to detect when clang is actually invoked.
> > 
> > But a possible way to call scan-build is with the form “scan-build >any-
> > compiler< compile-options”.  The compiler could be clang, gcc or anything
> > else.  How can a preloaded library intercept the execution of any compiler,
> > but not for a non- compiler?
> > 
> > Regards
> >   Дилян
> > 
> > On Thu, 2019-07-18 at 09:59 -0400, Arthur O'Dwyer wrote:
> > > On Thu, Jul 18, 2019 at 5:54 AM Дилян Палаузов via cfe-dev <cfe-
> > dev at lists.llvm.org> wrote:
> > > > Hello,
> > > > 
> > > > how does scan-build exactly parse its parameters?
> > > > 
> > > > How does “scan-build make” know, that it should just invoke make and
> > not do anything until a compiler is invoked.
> > > My understanding is that scan-build itself merely sets `LD_PRELOAD=some-
> > library.so` for all processes spawned directly or indirectly from scan-build.
> > Then it goes ahead and spawns a child process to run whatever command
> > you gave it — e.g., `make`.
> > > `make` will eventually spawn a child or grandchild process for `clang`. When
> > that happens, `some-library.so` will notice and cause different behavior.
> > Either it will tell `clang` to invoke the static analyzer, or it will write out "hey,
> > clang is being called!" to an external trace log. This external trace log is what
> > Christian and Paulo are calling a "compilation database." The trace can be
> > used later to re-invoke the static analyzer for each file that was compiled
> > during the build, without having to `make clean` the entire project.
> > > I confirmed some of my recollections via this documentation:
> > > https://urldefense.com/v3/__https://github.com/rizsotto/scan-build__;!
> > > fqWJcnlTkjM!98b-arsF7Aoim8t_p86Nq9t-
> > fgh8eXtlxs2gZzrJMh4asXlphunNdbzsXe
> > > p7$
> > > 
> > > > Does “scan-build cc …” parse in fact the source code, or the
> > > > generated object files and in the former case, is the compiler invoked or
> > does scan-build just considers the parameters passed to the compiler?
> > > `scan-build` causes the static analyzer to be invoked. The static analyzer
> > must parse the C++ source code. There is no way to "static-analyze" an
> > object file.
> > > –Arthur
> > 
> > _______________________________________________
> > cfe-dev mailing list
> > cfe-dev at lists.llvm.org
> > https://urldefense.com/v3/__https://lists.llvm.org/cgi-
> > bin/mailman/listinfo/cfe-dev__;!fqWJcnlTkjM!98b-arsF7Aoim8t_p86Nq9t-
> > fgh8eXtlxs2gZzrJMh4asXlphunNdSW6jw2v$