<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
That'd be an equivalent of stuffing an -analyzer-checker flag
directly into the compilation database. In order to attach the flag
to the Static Analyzer rather than to the compiler, there are
special scan-build flags, eg.:<br>
<br>
scan-build -enable-checker alpha.security.taint.TaintPropagation
clang -c test.cpp<br>
<br>
<div class="moz-cite-prefix">On 3/5/19 7:59 AM, Kristóf Umann wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAGcXOD7E=Y8KLZLTiV2OVvr7b6JWJs=e+Ea7=Z9k+FJ9CKWavg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div dir="ltr">Hi!
<div><br>
</div>
<div>I never used scan-build before, I have to admit -- but it
seems like that it takes a compiler invocation as an
argument, so you might as well invoke it like this:<br>
<br>
scan-build clang test.cpp -c
-Xclang -analyzer-checker=alpha.security.taint.TaintPropagation</div>
<div><br>
</div>
<div>The -c flag tells clang to only run the compilation, but
not the code generation steps. As I understand it.</div>
<div><br>
</div>
<div>Cheers,<br>
Kristóf Umann</div>
</div>
</div>
<br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">Arnab Kumar Biswas via cfe-dev
<<a href="mailto:cfe-dev@lists.llvm.org"
moz-do-not-send="true">cfe-dev@lists.llvm.org</a>> ezt
írta (időpont: 2019. márc. 5., K, 2:21):<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">Hi,</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">I
want to thank you for replying my question.</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)"><br>
</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">Actually
I want to use the taint checker or modify it. <br>
</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)"><br>
</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">clang
-cc1 -analyze
-analyzer-checker=alpha.security.taint.TaintPropagation
test.c</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)"><br>
</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">But
it produced the same error as I mentioned in my last
question.</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)"><br>
</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">Please
tell me the procedure to use a particular checker. I was
following the description as given in <a
href="http://clang-developers.42468.n3.nabble.com/Purpose-of-GenericTaintChecker-td4051900.html"
id="gmail-m_8642283834205088445LPNoLP565601"
target="_blank" moz-do-not-send="true">http://clang-developers.42468.n3.nabble.com/Purpose-of-GenericTaintChecker-td4051900.html</a>
and <a
href="http://clang-analyzer.llvm.org/checker_dev_manual.html"
id="gmail-m_8642283834205088445LPNoLP621567"
target="_blank" moz-do-not-send="true">
http://clang-analyzer.llvm.org/checker_dev_manual.html</a>.</div>
<br>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)">I
have tested the command "scan-build clang test.c" and it
is working correctly. But I am not really interested to
create the a.out and more interested to do the static
analysis and get some kind of report.</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)"><br>
</div>
<div
style="font-family:Calibri,Arial,Helvetica,sans-serif;font-size:12pt;color:rgb(0,0,0)"><br>
</div>
<br>
<hr style="display:inline-block;width:98%">
<div id="gmail-m_8642283834205088445divRplyFwdMsg" dir="ltr"><font
style="font-size:11pt" face="Calibri, sans-serif"
color="#000000"><b>From:</b> Artem Dergachev <<a
href="mailto:noqnoqneo@gmail.com" target="_blank"
moz-do-not-send="true">noqnoqneo@gmail.com</a>><br>
<b>Sent:</b> Tuesday, 5 March 2019 1:42 AM<br>
<b>To:</b> Arnab Kumar Biswas; <a
href="mailto:cfe-dev@lists.llvm.org" target="_blank"
moz-do-not-send="true">cfe-dev@lists.llvm.org</a><br>
<b>Subject:</b> Re: [cfe-dev] Help required to use clang
analyzer</font>
<div> </div>
</div>
<div class="gmail-m_8642283834205088445BodyFragment"><font
size="2"><span style="font-size:11pt">
<div class="gmail-m_8642283834205088445PlainText">Hi,<br>
<br>
Using -cc1 disables the clang Driver. The Driver is
responsible for gcc <br>
compatibility, which, apart from being able to
translate gcc flags to <br>
clang flags, adds support for finding system headers
in places where gcc <br>
usually looks for them. There are other drivers,
such as clang-cl which <br>
turns clang into a drop-in replacement for the
Visual Studio's cl.exe.<br>
<br>
Running without the driver is not recommended for
everyday use, only for <br>
development of clang itself.<br>
<br>
If you want to run the Static Analyzer on a single
file, you can do<br>
<br>
clang --analyze test.c<br>
<br>
But even better, you should use the scan-build tool
to analyze the <br>
entire project, for example:<br>
<br>
scan-build clang test.c<br>
<br>
or<br>
<br>
scan-build gcc test.c<br>
<br>
or<br>
<br>
scan-build make -j4<br>
<br>
etc. See <a
href="https://clang-analyzer.llvm.org/scan-build.html"
target="_blank" moz-do-not-send="true">https://clang-analyzer.llvm.org/scan-build.html</a>
for more details.<br>
<br>
<br>
On 3/3/19 10:41 PM, Arnab Kumar Biswas via cfe-dev
wrote:<br>
> Hi,<br>
> I am trying to use clang analyzer using the
below command.<br>
><br>
> clang -cc1 -analyze
-analyzer-checker=alpha.core test.c<br>
><br>
> I am getting the following error.<br>
><br>
> test.c:1:10: fatal error: 'sys/stat.h' file not
found<br>
> #include <sys/stat.h><br>
> ^~~~~~~~~~~~<br>
> 1 error generated.<br>
><br>
> If I use the command,<br>
> clang test.c<br>
> there is no error.<br>
><br>
> Please help me to solve the error.<br>
><br>
> Arnab<br>
><br>
><br>
>
------------------------------------------------------------------------<br>
><br>
> Important: This email is confidential and may
be privileged. If you <br>
> are not the intended recipient, please delete
it and notify us <br>
> immediately; you should not copy or use it for
any purpose, nor <br>
> disclose its contents to any other person.
Thank you.<br>
><br>
> _______________________________________________<br>
> cfe-dev mailing list<br>
> <a href="mailto:cfe-dev@lists.llvm.org"
target="_blank" moz-do-not-send="true">cfe-dev@lists.llvm.org</a><br>
> <a
href="https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev"
target="_blank" moz-do-not-send="true">https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev</a><br>
<br>
</div>
</span></font></div>
<br>
<hr>
<font size="1" face="Arial" color="Black"><br>
Important: This email is confidential and may be
privileged. If you are not the intended recipient, please
delete it and notify us immediately; you should not copy
or use it for any purpose, nor disclose its contents to
any other person. Thank you.<br>
</font>
</div>
_______________________________________________<br>
cfe-dev mailing list<br>
<a href="mailto:cfe-dev@lists.llvm.org" target="_blank"
moz-do-not-send="true">cfe-dev@lists.llvm.org</a><br>
<a
href="https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev</a><br>
</blockquote>
</div>
</blockquote>
<br>
</body>
</html>