[clang] [clang][analyzer][doc] Migrate user-related docs from HTML to RST (PR #97034)

Balazs Benics via cfe-commits cfe-commits at lists.llvm.org
Mon Jul 1 08:31:33 PDT 2024


Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,
Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>
Message-ID:
In-Reply-To: <llvm.org/llvm/llvm-project/pull/97034 at github.com>


================
@@ -0,0 +1,238 @@
+Command-Line Usage: CodeChecker and scan-build
+===============================================
+
+This document provides guidelines for running Clang Static Analyzer from the command line on whole projects.
+CodeChecker and scan-build are two CLI tools for using CSA on multiple files (tranlation units).
+Both provide a way of driving the analyzer, detecting compilation flags, and generating reports.
+CodeChecker is more actively maintained, provides heuristics for working with multiple versions of popular compilers and it also comes with a web-based GUI for viewing, filtering, categorizing and suppressing the results.
+Therefore CodeChecker is recommended in case you need any of the above features or just more customizability in general.
+
+Comparison of CodeChecker and scan-build
+----------------------------------------
+
+Static Analyzer is by design a GUI tool originally intended to be consumed by the XCode IDE.
+Its purpose is to find buggy execution paths in the program, and such paths are very hard to comprehend by looking at a non-interactive standard output.
+It is possible, however, to invoke the Static Analyzer from the command line in order to obtain analysis results, and then later view them interactively in a graphical interface.
+The following tools are used commonly to run the analyzer from the commandline.
+Both tools are wrapper scripts to drive the analysis and the underlying invocations of the Clang compiler:
+
+1. CodeChecker_ is a driver and web server that runs the Static Analyzer on your projects on demand and maintains a database of issues.
+    - Perfect for managing large amounts of Static Analyzer warnings in a collaborative environment.
+    - Generally much more feature-rich than scan-build.
+    - Supports incremental analysis: Results can be stored in a database, subsequent analysis runs can be compared to list the newly added defects.
+    - :doc:`CrossTranslationUnit` is supported fully on Linux via CodeChecker.
+    - Can run clang-tidy checkers too.
+    - Open source, but out-of-tree, i.e. not part of the LLVM project.
----------------
steakhal wrote:

I'm slightly conflicted to see `CodeChecker` before `scan-build` TBH. Personally, I like `CodeChecker` for sure, but as `scan-build` is shipped part of an llvm distribution, I think it would make sense to advertise that and only then other tools that are out of scope of the `llvm-project` umbrella.

https://github.com/llvm/llvm-project/pull/97034


More information about the cfe-commits mailing list