From: Ted Kremenek Date: Fri, 19 Feb 2010 05:36:44 +0000 (+0000) Subject: Add new intro about running scan-build. X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=831a46a3ad5ac2379fbecae0948f779fb551d465;p=clang Add new intro about running scan-build. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@96658 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/www/analyzer/images/scan_build_cmd.png b/www/analyzer/images/scan_build_cmd.png new file mode 100644 index 0000000000..464fd4e129 Binary files /dev/null and b/www/analyzer/images/scan_build_cmd.png differ diff --git a/www/analyzer/scan-build.html b/www/analyzer/scan-build.html index 16bdbfdbe2..122c61587f 100644 --- a/www/analyzer/scan-build.html +++ b/www/analyzer/scan-build.html @@ -2,7 +2,7 @@ "http://www.w3.org/TR/html4/strict.dtd"> - Running the Analyzer + scan-build: running the analyzer from the command line @@ -30,17 +30,48 @@ table.options td { padding:5px; padding-left:8px; padding-right:8px } table.options td { text-align:left; font-size:9pt } -

Running the Analyzer

+

scan-build: running the analyzer from the command line

-

While the static analyzer engine can be used as a library, many users will -likely use the command-line interface to the analyzer to analyze projects. This -page documents scan-build, a program that users can use from the -command line to analyze all the source files used to build a project.

+ + +
-

Contents

+

What is it?

+

scan-build is a command line utility that enables a user to run the +static analyzer over their codebase as part of performing a regular build (from +the command line).

+ +

How does it work?

+

During a project build, as source files are compiled they are also analyzed +in tandem by the static analyzer.

+ +

Upon completion of the build, results are then presented to the user within a +web browser.

+ +

Will it work with any build system?

+

scan-build has little or no knowledge about how you build your code. +It works by overriding the CC and CXX environment variables to +(hopefully) change your build to use a "fake" compiler instead of the +one that would normally build your project. By default, this fake compiler +executes gcc to compile your code (assuming that gcc is your +compiler) and then executes the static analyzer to analyze your code.

+ +

This "poor man's interposition" works amazingly well in many cases +and falls down in others. Please consult the information on this page on making +the best use of scan-build, which includes getting it to work when the +aforementioned hack fails to work.

+ +		 +
+
+ +
Viewing static analyzer results in a web browser
+
+ +

Contents

-

scan-build

+

Getting Started

The scan-build command can be used to analyze an entire project by essentially interposing on a project's build process. This means that to run the @@ -165,14 +196,14 @@ completes, pass -V to scan-build.

This section describes a few recommendations with running the analyzer.

- +

Most projects can be built in a "debug" mode that enables assertions. Assertions are picked up by the static analyzer to prune infeasible paths, which in some cases can greatly reduce the number of false positives (bogus error reports) emitted by the tool.

-

Use Verbose Output when Debugging scan-build

+

Use verbose output when debugging scan-build

scan-build takes a -v option to emit verbose output about what it's doing; two -v options emit more information. Redirecting the