Clang &ios Static Code analysis tool Scan-build

Source: Internet
Author: User

  • Author:echo Chen (Chenbin)

  • Email:[email protected]

  • blog:blog.csdn.net/chen19870707

    date:jan.4th, 2015

    iOS projects and clang projects can use Scan-build to implement static analysis of code to find code flaws.

    1. What is Scan-build?

    Scan-build is a command-line tool that helps users run static analyzers to check their code to find out the flaws in the code.

    How does 2.scan-build work?

    When a project is built, the source file is also checked by the static parser in the compile time. When the build is complete, the structure is presented to the consumer as a Web page.

    What compilation environment does 3.scan-build need to work?

  • How you write code is not related to Scan-build. By rewriting the CC and CXX environment variables to change your build environment, Scan-build can use a pseudo-compiler instead of the original compiler that would normally build your project. By default, this pseudo-compiler uses GCC to compile your code and then performs a static parser for code analysis.

  • Man-made actions can have some good or bad effects in many cases. Please consult the Scan-build Help documentation, which will tell you how to make it work correctly in the above situation.

  • The Scan-build command essentially intervenes into the construction process of the project, analyzing the entire work. This means that during the work-building process, scan-build through GCC to analyze the compiled source files. In other words, files that are not compiled are not parsed.

    4. Basic use

    The basic way to use scan-build is simple, just enter scan-build at the beginning of your command line.


    First, Scan-build uses the make command to analyze the work code that has been built, and then scan-build use the Xcodebuild command to analyze the built project.

    The following is the general format of the Scan-build command:


    Scan-build will run these commands one by one, and their parameters are executed sequentially. For example, a-J4 parameter is passed in the Make command, and the result is a 4-core parallel compilation operation.


    In most cases, when the build command finishes, Scan-build will no longer process the parameters. In summary, Scan-build should support parallel builds, not distributed builds.

    Of course we can use Scan-build to analyze the specific files:


    This command implements the analysis of t1.c and t2.c files.
    Other parameters as mentioned above, Scan-build can handle some additional parameters. Some parameters are prefixed with a command.

    For example:


    The following are some common parameters:
    -o The storage directory for the HTML report file. You can create sub-directories as needed to differentiate between each running
    The debugger. If this parameter is not specified, the report file is saved in the/tmp directory by default.
    -h Displays all parameters of the Scan-build
    -K Add a parameter to continue running to the specific command
    -V Redundant output results. You can choose between 2 or 3 "-V" to increase redundancy.
    -V when the command is complete, view the results of the run in the browser.

    Output of 5.scan-build

    The output of the Scan-build is a collection of HTML files, each of which represents an independent bug report. The index.html file is used to query all defects. You can view all bug reports by opening the index.html file in your browser.
    The storage of the HTML report file is specified by the oil-o parameter and is saved in the/tmp directory by default. Scan-build will print out the path where the report is located. If you want to see the report immediately after the command has been executed, you should pass in a-v parameter.

    6. Advanced Usage

    Most projects can be built in debug mode and support assertion functionality. The static parser performs assertions to snip out the non-executable paths, which in many cases can reduce the number of pseudo-error reports generated by the tool.
    The scan-build uses the-v parameter to produce redundant output, and two-v parameters generate more information. Redirecting the output of Scan-build to a document is useful for filling in a bug report because we can clearly know the parameters that are passed in to the parser. For more and more comprehensive logs, do not build in parallel.

    6.1 Run in Scan-build./configure

    If a work that has already been analyzed uses scripts to generate configuration information automatically, you will most likely need to run the configuration script through Scan-build to analyze the project.
    For example:


    This configuration script needs to be run in Scan-build because Scan-build can scan your source files by intervening in the compiler. Scan-build Set the environment variable CC to Ccc-analyzer. Ccc-analyzer as a pseudo-compiler, forwards command-line arguments to GCC and clang to perform static analysis.

    6.2 Analyzing the iphone project

    The odds are similar to iphone apps and desktop apps. Scan-build can also analyze these projects, but users will encounter some problems building the command-line iphone project because of the lack of additional preparatory steps (such as creating code signatures).

    6.3 Recommendation: Use "Build and Analyze"

    The simplest way to analyze the iphone project is to use the build and Analyze feature in Xcode3.2 (Clang-based static analyzer). This allows the user to simply click on a button to implement these functions without the actions described below.

    The official website will have a description of this feature.

    6.4 Direct use of scan-build

        • Analyze your project in debug mode, either set this property in Xcode or set the attribute to xcodebuild with the-configuration debug parameter.

        • Use the simulator to analyze your project. You can analyze your code when the device is linked, but it's easier to use "Build and Analyze feature".

        • Check that your code signature is also set to the emulator, and make sure that this option is don ' t code sign.

        • If your iphone system is 2.2, you can run Scan-build to use the command line method.

    Similarly, if your iphone system is 3.0


    6.5 Using the appropriate compiler

    Recall that the Scan-build analysis project is using GCC to compile the project, with clang analysis of the project. When analyzing the iphone project, Scan-build may choose the wrong compiler instead of the compiler that Xcode uses to build the project. This is because you may have more than one GCC version installed on your system, especially if you are doing iphone development.
    When you use Mac OS 10. 5 (Leopard) to develop iphone OS 3. 0 program, this problem arises. The default Snow Leopard compiler is gcc-4. 0, but iphone OS 3. 0 of them are gcc-4. 2. When compiling your application in the emulator, it is very important that scan-build use the correct GCC version, otherwise you will see some strange compilation errors.
    Scan-build provides –USE-CC and-use-c++ options. Note that while your main interest is to analyze your project, please note that the parser is closely related to the build process and that code that cannot be compiled cannot be parsed. If you're not sure what version of the compiler Xcode is using, try running xcodebuild. You will see the complete Xcode using the compiler path by using the--use-cc parameter.

    -

  • Echo chen:blog.csdn.net/chen19870707

    -

  • Clang &ios Static Code analysis tool Scan-build

    Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.