[cfe-dev] Idea for better invoking static analysis via command line

Fri Feb 5 13:30:58 PST 2016

On 2/5/2016 1:49 PM, Anna Zaks via cfe-dev wrote:
> The new scan-build rewrite can interpose on the build system without 
> interposing on CC. It produces a compilation database as output.
> http://llvm.org/viewvc/llvm-project?view=revision&revision=257533
> http://reviews.llvm.org/D9600

Do you foresee the python version of scan-build being suitable for use 
in XCode?  Would you expect the python version of scan-build to be 
suitable for a Visual Studio build that uses the clang front end?

>
> As I’ve explained in the the other thread 
> (http://clang-developers.42468.n3.nabble.com/Proposal-Integrate-static-analysis-test-suites-td4048967.html), 
> there are reasons to discourage usage of the static analyzer directly 
> from command line:
>
> "Most importantly, end users should never invoke the analyzer by 
> calling “clang —analyze” since “clang —analyze” is an implementation 
> detail of the static analyzer. The only advertised /user facing/ clang 
> static analysis tool is scan-build (see http://clang-analyzer.llvm.org 
> <http://clang-analyzer.llvm.org/>). Here are some reasons for that. 
> For one, it is almost impossible to understand why the static analyzer 
> warns without examining the error paths. Second, the analyzer could be 
> extended to perform whole project analysis in the future and "clang 
> —analyze" works with a single TU at a time.

Yes, --analyze is currently an implementation detail.  I would prefer 
that not be the case.  It is my opinion that --analyze (or something 
like it) should be the supported user interface, and that scan-build 
should be a client of that interface.  The same HTML and/or plist (or 
neither!) could be generated from the command line.  With the current 
state of support, we have high profile customers (XCode) of static 
analysis using unsupported flags.

As for post-processing and whole program analysis, I think the best user 
experience here would be to embed some meta-data in .o files, and let 
the clang-driver orchestrate the post-processing / WPA during the 
linking step.  This closely parallels how link-time-optimization works, 
and still makes for a work-flow with a low barrier to entry.  Just put 
--enable-analyze-pass in the compile line and the link line, and you can 
still get the nice index.html and whole program analysis without any 
extra tools.

-- 
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum, a Linux Foundation Collaborative Project

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20160205/c83de222/attachment.html>