clang and scan-build help?

Hello,

I found the hint t email to this email list and hopefully you can help me, because I don’t know what is going wrong.
All seems good but no defekts are found and logged.
Just trying to use clang as valgrind alternative and scan-build for static code analysis together.

This I have done:

I checked out llvm, clang and compiler-rt and updated it with make update.

Then I did
mkdir build
(cd build && …/configure --enable-optimized && make -j 10 && make install)

After this I copied all files from
/root/svn/llvm/tools/clang/tools/scan-build
to
/usr/local/bin
where the installed files from clang are.

My linux kernel version is 3.3.2.1 und the llvm revision is 154805

I did a maven profile using clang and scan-build

But on screen every time this message is logged:

[exec] – The C compiler identification is GNU
[exec] – The CXX compiler identification is GNU
[exec] – Check for working C compiler: /usr/local/bin/clang
[exec] – Check for working C compiler: /usr/local/bin/clang – works
[exec] – Detecting C compiler ABI info
[exec] – Detecting C compiler ABI info - done
[exec] – Check for working CXX compiler: /usr/local/bin/clang++
[exec] – Check for working CXX compiler: /usr/local/bin/clang++ – works
[exec] – Detecting CXX compiler ABI info
[exec] – Detecting CXX compiler ABI info - done
[exec] – Configuring done
[exec] – Generating done
[exec] – Build files have been written to: /root/svn/ims_main/media_server/src/ims/native/tests/NetSniffer/target/RelWithDebInfo-x86_64
[exec] scan-build: Emitting reports for this run to ‘/tmp/scan-build-2012-04-16-1’.
[exec] Scanning dependencies of target sniffer
[exec] [ 25%] [ 50%] [ 75%] [100%] Building CXX object CMakeFiles/sniffer.dir/src/Filter.cpp.o
[exec] Building CXX object CMakeFiles/sniffer.dir/src/Sniffer.cpp.o
[exec] Building CXX object CMakeFiles/sniffer.dir/src/common.cpp.o
[exec] Building CXX object CMakeFiles/sniffer.dir/src/main.cpp.o
[exec] Linking CXX executable sniffer
[exec] [100%] Built target sniffer
[exec] scan-build: Removing directory ‘/tmp/scan-build-2012-04-16-1’ because it contains no reports.

Even if there are placed errors no report is done?
Can you tell me my mistake and what I have done wrong?

Mit freundlichen Grüßen / Best regards,
Stefan Plank
Entwicklungsingenieur

Siemens Enterprise Communications GmbH & Co. KG
Hofmannstr. 51
80200 München
Tel.: +49 89 7007-32410
Fax: +49 89 7007-31675
mailto:stefan.plank@siemens-enterprise.com

Communication for the open minded
www.siemens-enterprise.de

Siemens Enterprise Communications GmbH & Co. KG; Sitz der Gesellschaft: München; Registergericht: München, HRA 88546; WEEE-Reg.Nr. DE 27980375; Persönlich haftende Gesellschafterin: Siemens Enterprise Communications Management GmbH; Geschäftsführer: Alexander Frick, Thomas Heim, Martin Kinne , Vera Meyer; Vorsitzender des Aufsichtsrates: Mark Stone;
Sitz der Gesellschaft: München; Registergericht: München, HRB 163415

Siemens Enterprise Communications GmbH & Co. KG is a Trademark Licensee of Siemens AG
Wichtiger Hinweis: Diese E-Mail und etwaige Anlagen enthalten firmenvertrauliche Informationen. Sollten Sie diese E-Mail irrtümlich erhalten haben, benachrichtigen Sie uns bitte durch Antwort-Mail und löschen Sie diese E-Mail nebst Anlagen von Ihrem System. Vielen Dank.

clang_detailed_log (15 KB)

Seems like you misunderstand purpose of Clang Analyzer (or Valgrind ). The former performs
static analysis, the latter dynamic.

If you're looking for a valgrind alternative, these may be more interesting:
<http://clang.llvm.org/docs/AddressSanitizer.html>
<http://embed.cs.utah.edu/ioc/>

Cheers,

As others mentioned, you are trying to mix two tools.

There is the clang static analyzer. That’s the tool, which uses scan-build. It statically analyzes the code and reports probable bugs (http://clang-analyzer.llvm.org/).

The Address Sanitizer tool is an alternative to Valgrind. ASan is using compiler-rt and “-faddress-sanitizer” option, which I see in your logs.

Both tools are bug finding tools but are based on different technology. ASan is dynamic - you find issues while executing the program. ASan almost always produces real issues, but only catches memory issues (is in process of being extended to catch threading issues as well). However, it only produces the issues that are exercisable by your tests. The static analyzer is like a super heavy weight compiler. The static analyzer has a wider variety of checks and does not depend on tests; however, it will produce more false alarms and its analyzes are currently limited to a single translation unit (file).

Cheers,
Anna.

To analyze your project with scan-build, you also need to run configure through scan-build as well. See:

http://clang-analyzer.llvm.org/scan-build.html