[clang] [clang][analyzer][doc] Migrate user-related docs from HTML to RST (PR #97034)
DonĂ¡t Nagy via cfe-commits
cfe-commits at lists.llvm.org
Tue Jul 2 05:58:35 PDT 2024
================
@@ -0,0 +1,239 @@
+Command Line Usage: scan-build and CodeChecker
+==============================================
+
+This document provides guidelines for running Clang Static Analyzer from the command line on whole projects.
+CodeChecker and scan-build are two CLI tools for using CSA on multiple files (tranlation units).
+Both provide a way of driving the analyzer, detecting compilation flags, and generating reports.
+CodeChecker is more actively maintained, provides heuristics for working with multiple versions of popular compilers and it also comes with a web-based GUI for viewing, filtering, categorizing and suppressing the results.
+Therefore CodeChecker is recommended in case you need any of the above features or just more customizability in general.
+
+Comparison of CodeChecker and scan-build
+----------------------------------------
+
+Static Analyzer is by design a GUI tool originally intended to be consumed by the XCode IDE.
+Its purpose is to find buggy execution paths in the program, and such paths are very hard to comprehend by looking at a non-interactive standard output.
+It is possible, however, to invoke the Static Analyzer from the command line in order to obtain analysis results, and then later view them interactively in a graphical interface.
+The following tools are used commonly to run the analyzer from the command line.
+Both tools are wrapper scripts to drive the analysis and the underlying invocations of the Clang compiler:
+
+1. scan-build_ is an old and simple command line tool that emits static analyzer warnings as HTML files while compiling your project. You can view the analysis results in your web browser.
+ - Useful for individual developers who simply want to view static analysis results at their desk, or in a very simple collaborative environment.
+ - Works on all major platforms (Windows, Linux, macOS) and is available as a package in many Linux distributions.
+ - Does not include support for cross-translation-unit analysis.
+
+2. CodeChecker_ is a driver and web server that runs the Static Analyzer on your projects on demand and maintains a database of issues.
+ - Perfect for managing large amounts of Static Analyzer warnings in a collaborative environment.
+ - Generally much more feature-rich than scan-build.
+ - Supports incremental analysis: Results can be stored in a database, subsequent analysis runs can be compared to list the newly added defects.
+ - :doc:`CrossTranslationUnit` is supported fully on Linux via CodeChecker.
+ - Can run clang-tidy checkers too.
+ - Open source, but out-of-tree, i.e. not part of the LLVM project.
+
+scan-build
+----------
+
+**scan-build** is a command line utility that enables a user to run the static analyzer over their codebase as part of performing a regular build (from the command line).
----------------
NagyDonat wrote:
The use of "the Static Analyzer" vs "the static analyzer" is inconsistent -- it would be good to pick one of them and use it consistently.
https://github.com/llvm/llvm-project/pull/97034
More information about the cfe-commits
mailing list