blob: ed9feab99e5b6460b79ff78c7954a945abe23f38 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
# The Clang Static Analyzer
See the [official clang static analyzer page](http://clang-analyzer.llvm.org/)
for background.
We don't run this regularly (because the analyzer's
[support for C++ isn't great yet](http://clang-analyzer.llvm.org/dev_cxx.html)),
so everything on this page is likely broken. The last time I checked, the
analyzer reported mostly uninteresting things. This assumes you're
[building chromium with clang](clang.md).
You need an llvm checkout to get `scan-build` and `scan-view`; the easiest way
to get that is to run
```shell
tools/clang/scripts/update.py --force-local-build --without-android
```
## With make
To build base, if you use the make build:
```
builddir_name=out_analyze \
PATH=$PWD/third_party/llvm-build/Release+Asserts/bin:$PATH \
third_party/llvm/tools/clang/tools/scan-build/scan-build \
--keep-going --use-cc clang --use-c++ clang++ \
make -j8 base
```
(`builddir_name` is set to force a clobber build.)
Once that's done, run `third_party/llvm/tools/clang/tools/scan-view/scan-view`
to see the results; pass in the pass that `scan-build` outputs.
## With ninja
scan-build does its stuff by mucking with $CC/$CXX, which ninja ignores. gyp
does look at $CC/$CXX however, so you need to first run gyp\_chromium under
scan-build:
```shell
time GYP_GENERATORS=ninja \
GYP_DEFINES='component=shared_library clang_use_chrome_plugins=0 \
mac_strip_release=0 dcheck_always_on=1' \
third_party/llvm/tools/clang/tools/scan-build/scan-build \
--use-analyzer $PWD/third_party/llvm-build/Release+Asserts/bin/clang \
build/gyp_chromium -Goutput_dir=out_analyze
```
You then need to run the build under scan-build too, to get a HTML report:
```shell
time third_party/llvm/tools/clang/tools/scan-build/scan-build \
--use-analyzer $PWD/third_party/llvm-build/Release+Asserts/bin/clang \
ninja -C out_analyze/Release/ base
```
Then run `scan-view` as described above.
## Known False Positives
* http://llvm.org/bugs/show_bug.cgi?id=11425
## Stuff found by the static analyzer
* https://code.google.com/p/skia/issues/detail?id=399
* https://code.google.com/p/skia/issues/detail?id=400
* https://codereview.chromium.org/8308008/
* https://codereview.chromium.org/8313008/
* https://codereview.chromium.org/8308009/
* https://codereview.chromium.org/10031018/
* https://codereview.chromium.org/12390058/
|
