Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.com>, Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.com>, Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.com>, Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.com>, Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.com>, Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.com>, Endre =?utf-8?q?Fülöp?= <endre.fu...@sigmatechnology.com> Message-ID: In-Reply-To: <llvm.org/llvm/llvm-project/pull/97...@github.com>
================ @@ -0,0 +1,238 @@ +Command-Line Usage: CodeChecker and scan-build +=============================================== + +This document provides guidelines for running Clang Static Analyzer from the command line on whole projects. +CodeChecker and scan-build are two CLI tools for using CSA on multiple files (tranlation units). +Both provide a way of driving the analyzer, detecting compilation flags, and generating reports. +CodeChecker is more actively maintained, provides heuristics for working with multiple versions of popular compilers and it also comes with a web-based GUI for viewing, filtering, categorizing and suppressing the results. +Therefore CodeChecker is recommended in case you need any of the above features or just more customizability in general. + +Comparison of CodeChecker and scan-build +---------------------------------------- + +Static Analyzer is by design a GUI tool originally intended to be consumed by the XCode IDE. +Its purpose is to find buggy execution paths in the program, and such paths are very hard to comprehend by looking at a non-interactive standard output. +It is possible, however, to invoke the Static Analyzer from the command line in order to obtain analysis results, and then later view them interactively in a graphical interface. +The following tools are used commonly to run the analyzer from the commandline. +Both tools are wrapper scripts to drive the analysis and the underlying invocations of the Clang compiler: + +1. CodeChecker_ is a driver and web server that runs the Static Analyzer on your projects on demand and maintains a database of issues. + - Perfect for managing large amounts of Static Analyzer warnings in a collaborative environment. + - Generally much more feature-rich than scan-build. + - Supports incremental analysis: Results can be stored in a database, subsequent analysis runs can be compared to list the newly added defects. + - :doc:`CrossTranslationUnit` is supported fully on Linux via CodeChecker. ---------------- steakhal wrote: One can review these files to see how they would look once merged by clicking on the `...` menu of the file and selecting `View file` in a new tab. After doing this, I realized that this [xref](https://github.com/llvm/llvm-project/blob/d5437c67708db4823b5d86809465cfbe71993ff0/clang/docs/analyzer/user-docs/CommandLineUsage.rst#comparison-of-codechecker-and-scan-build) is broken. https://github.com/llvm/llvm-project/pull/97034 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
