Static analysis without compilation

Hi,

Is it possible to do static analysis only without pre-compiling the source code.

Can I just run some static analysis checks on the source code without specifying any dependencies (include files)?

Doing this static analysis can be performed even if there are few compilation errors in the source code.

This is important as clang does not support some syntax like MFC is not fully supported.

Currently if I run static analyzer using -–analyze option and if there are any syntax errors or missing header errors then clang would just print the compilation diagnostics and won’t do any static analysis.

If this is achieved clang can also be used as a pure static analysis tool.

Regards,

Sujit Kamthe

Hi,

Is it possible to do static analysis only without pre-compiling the source code.

Yes. Static analysis is unrelated to compilation. However, it's usually much slower than regular compilation.

Can I just run some static analysis checks on the source code without specifying any dependencies (include files)?

Some tools like cppcheck can do it, however it's not possible with clang.

Doing this static analysis can be performed even if there are few compilation errors in the source code.

It's not possible to analyse invalid code properly.

This is important as clang does not support some syntax like MFC is not fully supported.

You may want to switch to other analysis tool, or wait until MFC is supported.

It was my belief that in -fsyntax-only Clang was really close to support MFC (if not supported it completely) and that only the CodeGen part was really lacking on Windows.

Are you sure that you used the microsoft compatibility mode (-fms-compatibility) ?

– Matthieu

Konstantin pretty much answered this in his reply, but the Clang Static Analyzer does not analyze invalid code. The analyzer does a deep semantic analysis of your code, which means invalid code doesn’t have precise semantics. We could possibly relax its intolerance of invalid code, but missing headers, unsupported syntax, etc., usually imply big wholes in the compiler’s understanding if what your code means. This directly translates into poorer results for the static analyzer.