[cfe-dev] [CrossTU] [CTU] Status of Cross Translation Unit Static Analysis, and a new build server
Gábor Márton via cfe-dev
cfe-dev at lists.llvm.org
Tue Nov 19 02:39:49 PST 2019
Hi Alexander,
Thank you for your feedback
> Can you configure please HTTPS for the buildbot? :) I know that's not
urgent for now but... you know, browsers "don't like" unsecure conections :)
Yes, we are working on it.
> Do you plan to extend set of C/C++ projects for continuous analysis? I
think it can help catch earlier more errors. But I'm not sure how many
build power you have.
Actually, we are not against that, but we are already at the brink of our
budget in Azure. Perhaps we could get rid of protobuf analysis (that is the
longest) so we could add other valuable C++ projects instead.
Currently we rent an 8 cores machine with 64Gb of memory (Standard_E8s_v3).
> If it's not a secret - can you somewhere publish more details about your
Jenkins configuration for continuous CSA testing? Why I am asking - I have
some free hardware And I thought that it can be used for such stuff. Even
for development it would be helpful
Yes. Here it is: https://github.com/Ericsson/clang-jenkins
We have two dependencies for the build: 1) CodeChecker
<https://github.com/Ericsson/CodeChecker> 2) csa_testbanch
<https://github.com/Xazax-hun/csa-testbench>. They are pre-installed into
the directory ctu_pipeline_aux, i.e. the job does not
clone/configure/install them.
The pipeline script
<https://github.com/Ericsson/clang-jenkins/blob/master/jenkins_home/ctu_pipeline_ctu-clang-master-monorepo.jenkins.groovy>
is just copied into the jenkins config of the pipeline job.
Gabor
On Tue, Nov 19, 2019 at 5:03 AM Alexander Zaitsev <zamazan4ik at tut.by> wrote:
> Great news! Thank you a lot for your work. I have some
> questions/suggestions:
>
> - Can you configure please HTTPS for the buildbot? :) I know that's
> not urgent for now but... you know, browsers "don't like" unsecure
> conections :)
> - Do you plan to extend set of C/C++ projects for continuous analysis?
> I think it can help catch earlier more errors. But I'm not sure how many
> build power you have.
> - If it's not a secret - can you somewhere publish more details about
> your Jenkins configuration for continuous CSA testing? Why I am asking - I
> have some free hardware And I thought that it can be used for such stuff.
> Even for development it would be helpful
>
> Thank you.
>
> 18.11.2019 20:17, Gábor Márton via cfe-dev пишет:
>
> Dear Clang Community,
>
>
> TLDR; I'd like to encourage you to experiment with CTU static analysis
> because it has evolved a lot this year! Usage documentation
> <https://clang.llvm.org/docs/analyzer/user-docs/CrossTranslationUnit.html>
> is available online.
>
>
>
> This year, we have landed several ASTImporter patches that made it
> possible to analyze even C++11/14 projects with reasonable stability. I
> can confidently assure you that the upstream master of llvm/llvm-project
> is as stable as our downstream fork. We've made enormous efforts to
> properly implement the error handling of ASTImporter and this way we could
> dramatically improve the stability of CTU. We do have a few more patches
> <https://github.com/Ericsson/clang/projects/2> that we still want to land
> in the future, but they are not error handling related. From Clang
> version 10, we no longer plan to maintain our CTU downstream fork.
>
>
> We have set up a publicly available Jenkins build server
> <http://codechecker-buildbot.eastus.cloudapp.azure.com:8080/job/ctu_pipeline_clang-master-monorepo/>
> that continuously analyzes the following C and C++ projects:
>
> - Tmux (C)
>
> - Curl (C)
>
> - Redis (C)
>
> - Xerces (C++14)
>
> - Bitcoin (C++11)
>
> - Protobuf (C++11/C++14)
>
> CTU analysis results are compared to non-CTU results
> <http://codechecker-buildbot.eastus.cloudapp.azure.com:8080/job/ctu_pipeline_clang-master-monorepo/CTU_20results_20on_20open_20projects_20_28C_29/>,
> both for C projects and C++ projects. CTU always results in more
> findings, and the false-positive/true-positive ratio remains roughly the
> same [1]. We are monitoring the analysis job, and if an assertion/crash
> happens then we are going to get in touch with the author of the commit
> that plausibly caused the error. We also have a buildbot patch
> <https://reviews.llvm.org/D61848> in Phabricator which is ought to
> analyse only one simple C project (Tmux). We decided to install Jenkins
> because of ownership and flexibility. The buildbot code is pretty
> convoluted and review and communication are very slow. The buildbot also
> uses CodeChecker as a dependency, changes to its workflow requires changes
> in the buildbot configuration as well.
>
>
> Notes:
>
> Please note that our primary target for CTU is Linux, and we encourage everybody
> to use CodeChecker <https://github.com/Ericsson/codechecker> for CTU
> (scan-build is no longer supported *by CTU developers*). Projects that
> use templates heavily may expect an increase in analysis time. Also note
> that CTU can be very memory consuming, e.g. in case of the analysis run
> on LLVM code we've seen 10GB of resident memory usage for one process.
> Thus, it may be useful to set a maximum limit for the loaded ASTUnits
> (e.g. -analyzer-config ctu-import-threshold=8, with CodeChecker you need to
> edit an saargs file
> <https://github.com/Ericsson/codechecker/blob/master/docs/analyzer/checker_and_analyzer_configuration.md>
> ).
>
>
> [1] 2017 EuroLLVM Developers’ Meeting: G. Horvath “Cross Translational
> Unit Analysis in Clang ...”
>
>
> Cheers,
>
> Gabor Marton
>
> _______________________________________________
> cfe-dev mailing listcfe-dev at lists.llvm.orghttps://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20191119/0735ac3c/attachment.html>
More information about the cfe-dev
mailing list