How does scan-build

classic Classic list List threaded Threaded
15 messages Options
Reply | Threaded
Open this post in threaded view
|

How does scan-build

Reid Kleckner via cfe-dev
Hello,

how does scan-build exactly parse its parameters?

How does “scan-build make” know, that it should just invoke make and not do anything until a compiler is invoked.

Does “scan-build cc …” parse in fact the source code, or the generated object files and in the former case, is the
compiler invoked or does scan-build just considers the parameters passed to the compiler?

Regards
  Дилян

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
On Thu, 18 Jul 2019 at 21:53, Дилян Палаузов via cfe-dev
<[hidden email]> wrote:
>
> Hello,
>
> how does scan-build exactly parse its parameters?
>
> How does “scan-build make” know, that it should just invoke make and not do anything until a compiler is invoked.
>
> Does “scan-build cc …” parse in fact the source code, or the generated object files and in the former case, is the
> compiler invoked or does scan-build just considers the parameters passed to the compiler?

You shouldn't need scan-build nowadays, what build system are you
using? Cmake, qbs and i'm sure others support generating a clang
compilation database.

Chris


>
> Regards
>   Дилян
>
> _______________________________________________
> cfe-dev mailing list
> [hidden email]
> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
Hello Christin,

I want to understand how the clang static analyzer is used, and https://clang-analyzer.llvm.org/scan-build.html says to
use directly “scan-build”.

On Thu, 2019-07-18 at 22:09 +1200, Christian Gagneraud wrote:

> On Thu, 18 Jul 2019 at 21:53, Дилян Палаузов via cfe-dev
> <[hidden email]> wrote:
> > Hello,
> >
> > how does scan-build exactly parse its parameters?
> >
> > How does “scan-build make” know, that it should just invoke make and not do anything until a compiler is invoked.
> >
> > Does “scan-build cc …” parse in fact the source code, or the generated object files and in the former case, is the
> > compiler invoked or does scan-build just considers the parameters passed to the compiler?
>
> You shouldn't need scan-build nowadays, what build system are you
> using? Cmake, qbs and i'm sure others support generating a clang
> compilation database.
>
> Chris
>
>
> > Regards
> >   Дилян
> >
> > _______________________________________________
> > cfe-dev mailing list
> > [hidden email]
> > https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
On Thu, 18 Jul 2019 at 22:15, Дилян Палаузов <[hidden email]> wrote:
>
> Hello Christin,
>
> I want to understand how the clang static analyzer is used, and https://clang-analyzer.llvm.org/scan-build.html says to
> use directly “scan-build”.

This documentation *might* be out-dated. What build system are you
using, that is the key question.
It's way easier to use the clang compilation database  -- if your
build system supports it --

https://clang.llvm.org/docs/JSONCompilationDatabase.html

Chris
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev

On 18/07/2019 12:21, Christian Gagneraud via cfe-dev wrote:

> On Thu, 18 Jul 2019 at 22:15, Дилян Палаузов <[hidden email]> wrote:
>> Hello Christin,
>>
>> I want to understand how the clang static analyzer is used, and https://clang-analyzer.llvm.org/scan-build.html says to
>> use directly “scan-build”.
> This documentation *might* be out-dated. What build system are you
> using, that is the key question.
> It's way easier to use the clang compilation database  -- if your
> build system supports it --
>
> https://clang.llvm.org/docs/JSONCompilationDatabase.html

Hi,

I am interested in this as well and I am confused by what you are
saying. Even if a compilation database is used with cmake for example,
you still need to perform the analysis on the file in the compilation
database. What am I missing here? Is there a tool besides scan-build
that reads the compilation database and performs the analysis? I know of
https://github.com/rizsotto/scan-build but this is not even part of the
LLVM project so I assume there's something else you know about.

Paulo

> Chris
> _______________________________________________
> cfe-dev mailing list
> [hidden email]
> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
On Thu, 18 Jul 2019 at 22:27, Paulo Matos <[hidden email]> wrote:

>
>
> On 18/07/2019 12:21, Christian Gagneraud via cfe-dev wrote:
> > On Thu, 18 Jul 2019 at 22:15, Дилян Палаузов <[hidden email]> wrote:
> >> Hello Christin,
> >>
> >> I want to understand how the clang static analyzer is used, and https://clang-analyzer.llvm.org/scan-build.html says to
> >> use directly “scan-build”.
> > This documentation *might* be out-dated. What build system are you
> > using, that is the key question.
> > It's way easier to use the clang compilation database  -- if your
> > build system supports it --
> >
> > https://clang.llvm.org/docs/JSONCompilationDatabase.html
>
> Hi,
>
> I am interested in this as well and I am confused by what you are
> saying. Even if a compilation database is used with cmake for example,
> you still need to perform the analysis on the file in the compilation
> database. What am I missing here? Is there a tool besides scan-build
> that reads the compilation database and performs the analysis? I know of
> https://github.com/rizsotto/scan-build but this is not even part of the
> LLVM project so I assume there's something else you know about.

The modern way of working is first to start with a clang compilation database.
So you need to generate one with cmake, qbs, meson, whatever your
build system is.

Then any modern llvm-based tooling should/will understand this DB.
Clang static anylisers (clang-tidy, clazy, ...) come with some handy
python scripts that you might want to look into.
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
In reply to this post by Reid Kleckner via cfe-dev
Hello Christian,

I use autoconf/automake.

In fact I want to see what will happen if I combine many source files into one and pass that file to the static
analyzer.  In this use case there is no build system involved.

Regards
  Дилян

On Thu, 2019-07-18 at 22:21 +1200, Christian Gagneraud wrote:

> On Thu, 18 Jul 2019 at 22:15, Дилян Палаузов <[hidden email]> wrote:
> > Hello Christin,
> >
> > I want to understand how the clang static analyzer is used, and https://clang-analyzer.llvm.org/scan-build.html says to
> > use directly “scan-build”.
>
> This documentation *might* be out-dated. What build system are you
> using, that is the key question.
> It's way easier to use the clang compilation database  -- if your
> build system supports it --
>
> https://clang.llvm.org/docs/JSONCompilationDatabase.html
>
> Chris

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
On Thu, 18 Jul 2019 at 22:48, Дилян Палаузов <[hidden email]> wrote:
>
> Hello Christian,
>
> I use autoconf/automake.
>
> In fact I want to see what will happen if I combine many source files into one and pass that file to the static
> analyzer.  In this use case there is no build system involved.

I haven't use GNU autotools in ages. Yes in that case scan-build might
be your only way to collect the compilation database.
What i don't understand is "combine many source files into one", are
you after LTO [1]?
How does the static analiser fits into that?
Can you provide details on what you're trying to achieve exactly?

[1] https://llvm.org/docs/LinkTimeOptimization.html
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
Hello Chirstian,

for the rationale to join several input files into one, and pass that one to the static analyzer, see the thread Subj:
“Many .c files as input to scan-build” Thread-Id: <[hidden email]> . The idea
is to get more useful results out of the static analyzer by providing it with more complete picture of everything: a
single source file containg all information.

As far as LTO is concerned, it is not ready for the prime time.  In order of ar, nm and ranlib to work with LTO, the
installation process of clang must install LLVMgold.so under ${libdir}/bfd-plugins otherwise the build system has to do
a lot of magic and most build systems don’t do that magic (part of the magic is to call on some systems gcc-ar-5 and on
others gcc-ar-5.0 or alike.  In fact cmake is the only build system to implement this magic completely, as of January
2019).  Build systems want to use just ar or nm.  I posted this to llvm-dev,
http://lists.llvm.org/pipermail/llvm-dev/2018-March/122018.html and there is no interest to fix this.  Neither is there
interest on gcc’s side.

On Thu, 2019-07-18 at 22:54 +1200, Christian Gagneraud wrote:

> On Thu, 18 Jul 2019 at 22:48, Дилян Палаузов <[hidden email]> wrote:
> > Hello Christian,
> >
> > I use autoconf/automake.
> >
> > In fact I want to see what will happen if I combine many source files into one and pass that file to the static
> > analyzer.  In this use case there is no build system involved.
>
> I haven't use GNU autotools in ages. Yes in that case scan-build might
> be your only way to collect the compilation database.
> What i don't understand is "combine many source files into one", are
> you after LTO [1]?
> How does the static analiser fits into that?
> Can you provide details on what you're trying to achieve exactly?
>
> [1] https://llvm.org/docs/LinkTimeOptimization.html

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
On Thu, 18 Jul 2019 at 23:14, Дилян Палаузов <[hidden email]> wrote:

>
> Hello Chirstian,
>
> for the rationale to join several input files into one, and pass that one to the static analyzer, see the thread Subj:
> “Many .c files as input to scan-build” Thread-Id: <[hidden email]> . The idea
> is to get more useful results out of the static analyzer by providing it with more complete picture of everything: a
> single source file containg all information.
>
> As far as LTO is concerned, it is not ready for the prime time.  In order of ar, nm and ranlib to work with LTO, the
> installation process of clang must install LLVMgold.so under ${libdir}/bfd-plugins otherwise the build system has to do
> a lot of magic and most build systems don’t do that magic (part of the magic is to call on some systems gcc-ar-5 and on
> others gcc-ar-5.0 or alike.  In fact cmake is the only build system to implement this magic completely, as of January
> 2019).  Build systems want to use just ar or nm.  I posted this to llvm-dev,
> http://lists.llvm.org/pipermail/llvm-dev/2018-March/122018.html and there is no interest to fix this.  Neither is there
> interest on gcc’s side.

Sorry, i haven't read any of the links above. Have you tried to simply
get rid of GNU binutils/gcc?
eg, use llvm all the way? -fuse-ld=lld and the likes? My experience
with gcc LTO (+dwarf) is so far pretty bad:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79342
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78871
Just to name a few,I'm sure there are more.
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
Hello Christian,

this thread is about clarifying how does scan-build exactly work and how shall one use the clang static analyzer out of
a build system to inspect a single file.

Concernig LTO, for linking static libraries and other operations, the build systems expects to have working an, nm and
ranlib.  The latter work with LTO, only if the lto plugin is installed in $(libdir)/bfd-plugins.  The alternative is to
choose the right tool out of llvm-ar, llvm-ar-8, llvm-ar-8.0, gcc-ar, gcc-ar-7 and gcc-ar-7.0 depending on the system
(so not to use llvm-ar-6, if the used clang is verison 7, llvm-ar-6, llvm-ar-7 and llvm-ar-8 are all available on the
system).

-fuse= is for the compiler, but cannot be passed to an/nm/ranlib.  I can go into details, like some things can be linked
with ld.bfd but not with ld.gold, others can be linked with ld.gold but not with ld.bfd and gcc9 accepts -fuse-ld=bfd,
but gcc8 does not; some versions of ld.bfd generate debug information, that some versions of valgring cannot read and so
on.

This thread is not about LTO, but about passing a big source file to the static analyzer.  My question, whether the
static analyzer analyzes the object file or the source file, e.g. was not answered, so I do not know, whether passing
-O3 to “scan-build cc -O3…” speeds the process or makes things worse.

Regards
  Дилян

On Thu, 2019-07-18 at 23:30 +1200, Christian Gagneraud wrote:

> On Thu, 18 Jul 2019 at 23:14, Дилян Палаузов <[hidden email]> wrote:
> > Hello Chirstian,
> >
> > for the rationale to join several input files into one, and pass that one to the static analyzer, see the thread Subj:
> > “Many .c files as input to scan-build” Thread-Id: <[hidden email]> . The idea
> > is to get more useful results out of the static analyzer by providing it with more complete picture of everything: a
> > single source file containg all information.
> >
> > As far as LTO is concerned, it is not ready for the prime time.  In order of ar, nm and ranlib to work with LTO, the
> > installation process of clang must install LLVMgold.so under ${libdir}/bfd-plugins otherwise the build system has to do
> > a lot of magic and most build systems don’t do that magic (part of the magic is to call on some systems gcc-ar-5 and on
> > others gcc-ar-5.0 or alike.  In fact cmake is the only build system to implement this magic completely, as of January
> > 2019).  Build systems want to use just ar or nm.  I posted this to llvm-dev,
> > http://lists.llvm.org/pipermail/llvm-dev/2018-March/122018.html and there is no interest to fix this.  Neither is there
> > interest on gcc’s side.
>
> Sorry, i haven't read any of the links above. Have you tried to simply
> get rid of GNU binutils/gcc?
> eg, use llvm all the way? -fuse-ld=lld and the likes? My experience
> with gcc LTO (+dwarf) is so far pretty bad:
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=79342
> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78871
> Just to name a few,I'm sure there are more.

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
In reply to this post by Reid Kleckner via cfe-dev
On Thu, Jul 18, 2019 at 5:54 AM Дилян Палаузов via cfe-dev <[hidden email]> wrote:
Hello,

how does scan-build exactly parse its parameters?

How does “scan-build make” know, that it should just invoke make and not do anything until a compiler is invoked.

My understanding is that scan-build itself merely sets `LD_PRELOAD=some-library.so` for all processes spawned directly or indirectly from scan-build. Then it goes ahead and spawns a child process to run whatever command you gave it — e.g., `make`.
`make` will eventually spawn a child or grandchild process for `clang`. When that happens, `some-library.so` will notice and cause different behavior. Either it will tell `clang` to invoke the static analyzer, or it will write out "hey, clang is being called!" to an external trace log. This external trace log is what Christian and Paulo are calling a "compilation database." The trace can be used later to re-invoke the static analyzer for each file that was compiled during the build, without having to `make clean` the entire project.

I confirmed some of my recollections via this documentation:
 
Does “scan-build cc …” parse in fact the source code, or the generated object files and in the former case, is the
compiler invoked or does scan-build just considers the parameters passed to the compiler?

`scan-build` causes the static analyzer to be invoked. The static analyzer must parse the C++ source code. There is no way to "static-analyze" an object file.

–Arthur

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
Hello Arthur,

intercepting calls by scan-build, during it calls make or ninja, does make sense, to detect when clang is actually
invoked.

But a possible way to call scan-build is with the form “scan-build >any-compiler< compile-options”.  The compiler could
be clang, gcc or anything else.  How can a preloaded library intercept the execution of any compiler, but not for a non-
compiler?

Regards
  Дилян

On Thu, 2019-07-18 at 09:59 -0400, Arthur O'Dwyer wrote:

> On Thu, Jul 18, 2019 at 5:54 AM Дилян Палаузов via cfe-dev <[hidden email]> wrote:
> > Hello,
> >
> > how does scan-build exactly parse its parameters?
> >
> > How does “scan-build make” know, that it should just invoke make and not do anything until a compiler is invoked.
>
> My understanding is that scan-build itself merely sets `LD_PRELOAD=some-library.so` for all processes spawned directly or indirectly from scan-build. Then it goes ahead and spawns a child process to run whatever command you gave it — e.g., `make`.
> `make` will eventually spawn a child or grandchild process for `clang`. When that happens, `some-library.so` will notice and cause different behavior. Either it will tell `clang` to invoke the static analyzer, or it will write out "hey, clang is being called!" to an external trace log. This external trace log is what Christian and Paulo are calling a "compilation database." The trace can be used later to re-invoke the static analyzer for each file that was compiled during the build, without having to `make clean` the entire project.
>
> I confirmed some of my recollections via this documentation:
> https://github.com/rizsotto/scan-build
>  
> > Does “scan-build cc …” parse in fact the source code, or the generated object files and in the former case, is the
> > compiler invoked or does scan-build just considers the parameters passed to the compiler?
>
> `scan-build` causes the static analyzer to be invoked. The static analyzer must parse the C++ source code. There is no way to "static-analyze" an object file.
>
> –Arthur

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
I believe the interception works by taking over the CC and CXX environment variables, rather than with a preload.  This works fine for build systems that use those environment variables, and fails for others.

> -----Original Message-----
> From: cfe-dev <[hidden email]> On Behalf Of ?????
> ???????? via cfe-dev
> Sent: Thursday, July 18, 2019 11:25 AM
> To: Arthur O'Dwyer <[hidden email]>
> Cc: cfe-dev <[hidden email]>
> Subject: [EXTERNAL] Re: [cfe-dev] How does scan-build
>
> Hello Arthur,
>
> intercepting calls by scan-build, during it calls make or ninja, does make
> sense, to detect when clang is actually invoked.
>
> But a possible way to call scan-build is with the form “scan-build >any-
> compiler< compile-options”.  The compiler could be clang, gcc or anything
> else.  How can a preloaded library intercept the execution of any compiler,
> but not for a non- compiler?
>
> Regards
>   Дилян
>
> On Thu, 2019-07-18 at 09:59 -0400, Arthur O'Dwyer wrote:
> > On Thu, Jul 18, 2019 at 5:54 AM Дилян Палаузов via cfe-dev <cfe-
> [hidden email]> wrote:
> > > Hello,
> > >
> > > how does scan-build exactly parse its parameters?
> > >
> > > How does “scan-build make” know, that it should just invoke make and
> not do anything until a compiler is invoked.
> >
> > My understanding is that scan-build itself merely sets `LD_PRELOAD=some-
> library.so` for all processes spawned directly or indirectly from scan-build.
> Then it goes ahead and spawns a child process to run whatever command
> you gave it — e.g., `make`.
> > `make` will eventually spawn a child or grandchild process for `clang`. When
> that happens, `some-library.so` will notice and cause different behavior.
> Either it will tell `clang` to invoke the static analyzer, or it will write out "hey,
> clang is being called!" to an external trace log. This external trace log is what
> Christian and Paulo are calling a "compilation database." The trace can be
> used later to re-invoke the static analyzer for each file that was compiled
> during the build, without having to `make clean` the entire project.
> >
> > I confirmed some of my recollections via this documentation:
> > https://urldefense.com/v3/__https://github.com/rizsotto/scan-build__;!
> > fqWJcnlTkjM!98b-arsF7Aoim8t_p86Nq9t-
> fgh8eXtlxs2gZzrJMh4asXlphunNdbzsXe
> > p7$
> >
> > > Does “scan-build cc …” parse in fact the source code, or the
> > > generated object files and in the former case, is the compiler invoked or
> does scan-build just considers the parameters passed to the compiler?
> >
> > `scan-build` causes the static analyzer to be invoked. The static analyzer
> must parse the C++ source code. There is no way to "static-analyze" an
> object file.
> >
> > –Arthur
>
> _______________________________________________
> cfe-dev mailing list
> [hidden email]
> https://urldefense.com/v3/__https://lists.llvm.org/cgi-
> bin/mailman/listinfo/cfe-dev__;!fqWJcnlTkjM!98b-arsF7Aoim8t_p86Nq9t-
> fgh8eXtlxs2gZzrJMh4asXlphunNdSW6jw2v$
_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: How does scan-build

Reid Kleckner via cfe-dev
Hello Ben,

https://clang-analyzer.llvm.org/scan-build.html#scanbuild_basicusage says “
It is also possible to use scan-build to analyze specific files:

 $ scan-build gcc -c t1.c t2.c
This example causes the files t1.c and t2.c to be analyzed.


There is no CC/CXX involved here and it does work.  So the question is, how does scan-build know how to parse its input,
whether it is a make/ninja/gcc/clang or some other compiler.

Regards
  Дилян

On Thu, 2019-07-18 at 17:07 +0000, Ben Craig wrote:

> I believe the interception works by taking over the CC and CXX environment variables, rather than with a preload.  This works fine for build systems that use those environment variables, and fails for others.
>
> > -----Original Message-----
> > From: cfe-dev <[hidden email]> On Behalf Of ?????
> > ???????? via cfe-dev
> > Sent: Thursday, July 18, 2019 11:25 AM
> > To: Arthur O'Dwyer <[hidden email]>
> > Cc: cfe-dev <[hidden email]>
> > Subject: [EXTERNAL] Re: [cfe-dev] How does scan-build
> >
> > Hello Arthur,
> >
> > intercepting calls by scan-build, during it calls make or ninja, does make
> > sense, to detect when clang is actually invoked.
> >
> > But a possible way to call scan-build is with the form “scan-build >any-
> > compiler< compile-options”.  The compiler could be clang, gcc or anything
> > else.  How can a preloaded library intercept the execution of any compiler,
> > but not for a non- compiler?
> >
> > Regards
> >   Дилян
> >
> > On Thu, 2019-07-18 at 09:59 -0400, Arthur O'Dwyer wrote:
> > > On Thu, Jul 18, 2019 at 5:54 AM Дилян Палаузов via cfe-dev <cfe-
> > [hidden email]> wrote:
> > > > Hello,
> > > >
> > > > how does scan-build exactly parse its parameters?
> > > >
> > > > How does “scan-build make” know, that it should just invoke make and
> > not do anything until a compiler is invoked.
> > > My understanding is that scan-build itself merely sets `LD_PRELOAD=some-
> > library.so` for all processes spawned directly or indirectly from scan-build.
> > Then it goes ahead and spawns a child process to run whatever command
> > you gave it — e.g., `make`.
> > > `make` will eventually spawn a child or grandchild process for `clang`. When
> > that happens, `some-library.so` will notice and cause different behavior.
> > Either it will tell `clang` to invoke the static analyzer, or it will write out "hey,
> > clang is being called!" to an external trace log. This external trace log is what
> > Christian and Paulo are calling a "compilation database." The trace can be
> > used later to re-invoke the static analyzer for each file that was compiled
> > during the build, without having to `make clean` the entire project.
> > > I confirmed some of my recollections via this documentation:
> > > https://urldefense.com/v3/__https://github.com/rizsotto/scan-build__;!
> > > fqWJcnlTkjM!98b-arsF7Aoim8t_p86Nq9t-
> > fgh8eXtlxs2gZzrJMh4asXlphunNdbzsXe
> > > p7$
> > >
> > > > Does “scan-build cc …” parse in fact the source code, or the
> > > > generated object files and in the former case, is the compiler invoked or
> > does scan-build just considers the parameters passed to the compiler?
> > > `scan-build` causes the static analyzer to be invoked. The static analyzer
> > must parse the C++ source code. There is no way to "static-analyze" an
> > object file.
> > > –Arthur
> >
> > _______________________________________________
> > cfe-dev mailing list
> > [hidden email]
> > https://urldefense.com/v3/__https://lists.llvm.org/cgi-
> > bin/mailman/listinfo/cfe-dev__;!fqWJcnlTkjM!98b-arsF7Aoim8t_p86Nq9t-
> > fgh8eXtlxs2gZzrJMh4asXlphunNdSW6jw2v$

_______________________________________________
cfe-dev mailing list
[hidden email]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev