[clang] [clang][analyzer][doc] Migrate user-related docs from HTML to RST (PR #97034)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Mon Jul 1 08:31:33 PDT 2024
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>
Message-ID:
In-Reply-To: <llvm.org/llvm/llvm-project/pull/97034 at github.com>
================
@@ -0,0 +1,238 @@
+Command-Line Usage: CodeChecker and scan-build
+===============================================
+
+This document provides guidelines for running Clang Static Analyzer from the command line on whole projects.
+CodeChecker and scan-build are two CLI tools for using CSA on multiple files (tranlation units).
+Both provide a way of driving the analyzer, detecting compilation flags, and generating reports.
+CodeChecker is more actively maintained, provides heuristics for working with multiple versions of popular compilers and it also comes with a web-based GUI for viewing, filtering, categorizing and suppressing the results.
+Therefore CodeChecker is recommended in case you need any of the above features or just more customizability in general.
+
+Comparison of CodeChecker and scan-build
+----------------------------------------
+
+Static Analyzer is by design a GUI tool originally intended to be consumed by the XCode IDE.
+Its purpose is to find buggy execution paths in the program, and such paths are very hard to comprehend by looking at a non-interactive standard output.
+It is possible, however, to invoke the Static Analyzer from the command line in order to obtain analysis results, and then later view them interactively in a graphical interface.
+The following tools are used commonly to run the analyzer from the commandline.
+Both tools are wrapper scripts to drive the analysis and the underlying invocations of the Clang compiler:
+
+1. CodeChecker_ is a driver and web server that runs the Static Analyzer on your projects on demand and maintains a database of issues.
+ - Perfect for managing large amounts of Static Analyzer warnings in a collaborative environment.
+ - Generally much more feature-rich than scan-build.
+ - Supports incremental analysis: Results can be stored in a database, subsequent analysis runs can be compared to list the newly added defects.
+ - :doc:`CrossTranslationUnit` is supported fully on Linux via CodeChecker.
+ - Can run clang-tidy checkers too.
+ - Open source, but out-of-tree, i.e. not part of the LLVM project.
----------------
steakhal wrote:
I'm slightly conflicted to see `CodeChecker` before `scan-build` TBH. Personally, I like `CodeChecker` for sure, but as `scan-build` is shipped part of an llvm distribution, I think it would make sense to advertise that and only then other tools that are out of scope of the `llvm-project` umbrella.
https://github.com/llvm/llvm-project/pull/97034
More information about the cfe-commits
mailing list