17330f729Sjoergscan-build 27330f729Sjoerg========== 37330f729Sjoerg 47330f729SjoergA package designed to wrap a build so that all calls to gcc/clang are 57330f729Sjoergintercepted and logged into a [compilation database][1] and/or piped to 67330f729Sjoergthe clang static analyzer. Includes intercept-build tool, which logs 77330f729Sjoergthe build, as well as scan-build tool, which logs the build and runs 87330f729Sjoergthe clang static analyzer on it. 97330f729Sjoerg 107330f729SjoergPortability 117330f729Sjoerg----------- 127330f729Sjoerg 137330f729SjoergShould be working on UNIX operating systems. 147330f729Sjoerg 157330f729Sjoerg- It has been tested on FreeBSD, GNU/Linux and OS X. 167330f729Sjoerg- Prepared to work on windows, but need help to make it. 177330f729Sjoerg 187330f729Sjoerg 197330f729SjoergPrerequisites 207330f729Sjoerg------------- 217330f729Sjoerg 22*e038c9c4Sjoerg1. **python** interpreter (version 3.6 or later). 237330f729Sjoerg 247330f729Sjoerg 257330f729SjoergHow to use 267330f729Sjoerg---------- 277330f729Sjoerg 287330f729SjoergTo run the Clang static analyzer against a project goes like this: 297330f729Sjoerg 307330f729Sjoerg $ scan-build <your build command> 317330f729Sjoerg 327330f729SjoergTo generate a compilation database file goes like this: 337330f729Sjoerg 347330f729Sjoerg $ intercept-build <your build command> 357330f729Sjoerg 367330f729SjoergTo run the Clang static analyzer against a project with compilation database 377330f729Sjoerggoes like this: 387330f729Sjoerg 397330f729Sjoerg $ analyze-build 407330f729Sjoerg 417330f729SjoergUse `--help` to know more about the commands. 427330f729Sjoerg 437330f729Sjoerg 447330f729SjoergHow to use the experimental Cross Translation Unit analysis 457330f729Sjoerg----------------------------------------------------------- 467330f729Sjoerg 477330f729SjoergTo run the CTU analysis, a compilation database file has to be created: 487330f729Sjoerg 497330f729Sjoerg $ intercept-build <your build command> 507330f729Sjoerg 517330f729SjoergTo run the Clang Static Analyzer against a compilation database 527330f729Sjoergwith CTU analysis enabled, execute: 537330f729Sjoerg 547330f729Sjoerg $ analyze-build --ctu 557330f729Sjoerg 567330f729SjoergFor CTU analysis an additional (external definition) collection-phase is required. 577330f729SjoergFor debugging purposes, it is possible to separately execute the collection 587330f729Sjoergand the analysis phase. By doing this, the intermediate files used for 597330f729Sjoergthe analysis are kept on the disk in `./ctu-dir`. 607330f729Sjoerg 617330f729Sjoerg # Collect and store the data required by the CTU analysis 627330f729Sjoerg $ analyze-build --ctu-collect-only 637330f729Sjoerg 647330f729Sjoerg # Analyze using the previously collected data 657330f729Sjoerg $ analyze-build --ctu-analyze-only 667330f729Sjoerg 677330f729SjoergUse `--help` to get more information about the commands. 687330f729Sjoerg 697330f729Sjoerg 707330f729SjoergLimitations 717330f729Sjoerg----------- 727330f729Sjoerg 737330f729SjoergGenerally speaking, the `intercept-build` and `analyze-build` tools together 747330f729Sjoergdoes the same job as `scan-build` does. So, you can expect the same output 757330f729Sjoergfrom this line as simple `scan-build` would do: 767330f729Sjoerg 777330f729Sjoerg $ intercept-build <your build command> && analyze-build 787330f729Sjoerg 797330f729SjoergThe major difference is how and when the analyzer is run. The `scan-build` 807330f729Sjoergtool has three distinct model to run the analyzer: 817330f729Sjoerg 827330f729Sjoerg1. Use compiler wrappers to make actions. 837330f729Sjoerg The compiler wrappers does run the real compiler and the analyzer. 847330f729Sjoerg This is the default behaviour, can be enforced with `--override-compiler` 857330f729Sjoerg flag. 867330f729Sjoerg 877330f729Sjoerg2. Use special library to intercept compiler calls during the build process. 887330f729Sjoerg The analyzer run against each modules after the build finished. 897330f729Sjoerg Use `--intercept-first` flag to get this model. 907330f729Sjoerg 917330f729Sjoerg3. Use compiler wrappers to intercept compiler calls during the build process. 927330f729Sjoerg The analyzer run against each modules after the build finished. 937330f729Sjoerg Use `--intercept-first` and `--override-compiler` flags together to get 947330f729Sjoerg this model. 957330f729Sjoerg 967330f729SjoergThe 1. and 3. are using compiler wrappers, which works only if the build 977330f729Sjoergprocess respects the `CC` and `CXX` environment variables. (Some build 987330f729Sjoergprocess can override these variable as command line parameter only. This case 997330f729Sjoergyou need to pass the compiler wrappers manually. eg.: `intercept-build 1007330f729Sjoerg--override-compiler make CC=intercept-cc CXX=intercept-c++ all` where the 1017330f729Sjoergoriginal build command would have been `make all` only.) 1027330f729Sjoerg 1037330f729SjoergThe 1. runs the analyzer right after the real compilation. So, if the build 1047330f729Sjoergprocess removes removes intermediate modules (generated sources) the analyzer 1057330f729Sjoergoutput still kept. 1067330f729Sjoerg 1077330f729SjoergThe 2. and 3. generate the compilation database first, and filters out those 1087330f729Sjoergmodules which are not exists. So, it's suitable for incremental analysis during 1097330f729Sjoergthe development. 1107330f729Sjoerg 1117330f729SjoergThe 2. mode is available only on FreeBSD and Linux. Where library preload 1127330f729Sjoergis available from the dynamic loader. Not supported on OS X (unless System 1137330f729SjoergIntegrity Protection feature is turned off). 1147330f729Sjoerg 1157330f729Sjoerg`intercept-build` command uses only the 2. and 3. mode to generate the 1167330f729Sjoergcompilation database. `analyze-build` does only run the analyzer against the 1177330f729Sjoergcaptured compiler calls. 1187330f729Sjoerg 1197330f729Sjoerg 1207330f729SjoergKnown problems 1217330f729Sjoerg-------------- 1227330f729Sjoerg 1237330f729SjoergBecause it uses `LD_PRELOAD` or `DYLD_INSERT_LIBRARIES` environment variables, 1247330f729Sjoergit does not append to it, but overrides it. So builds which are using these 1257330f729Sjoergvariables might not work. (I don't know any build tool which does that, but 1267330f729Sjoergplease let me know if you do.) 1277330f729Sjoerg 1287330f729Sjoerg 1297330f729SjoergProblem reports 1307330f729Sjoerg--------------- 1317330f729Sjoerg 1327330f729SjoergIf you find a bug in this documentation or elsewhere in the program or would 1337330f729Sjoerglike to propose an improvement, please use the project's [issue tracker][3]. 1347330f729SjoergPlease describing the bug and where you found it. If you have a suggestion 1357330f729Sjoerghow to fix it, include that as well. Patches are also welcome. 1367330f729Sjoerg 1377330f729Sjoerg 1387330f729SjoergLicense 1397330f729Sjoerg------- 1407330f729Sjoerg 1417330f729SjoergThe project is licensed under Apache-2.0 with LLVM exceptions. 1427330f729SjoergSee LICENSE.TXT for details. 1437330f729Sjoerg 1447330f729Sjoerg [1]: http://clang.llvm.org/docs/JSONCompilationDatabase.html 1457330f729Sjoerg [2]: https://pypi.python.org/pypi/scan-build 1467330f729Sjoerg [3]: https://llvm.org/bugs/enter_bug.cgi?product=clang 147