Stack Overflow
Stack Overflow

Questions tagged [clang-static-analyzer]

Use this tag for the Clang Static Analyzer, an open source source code analysis tool which find bugs in C and Objective-C programs. Use this tag also for Xcode Static Analyzer.

The Clang Static Analyzer is an open source (supported by Apple) source code analysis tool which find bugs in C and Objective-C programs.

It can be run either as a standalone tool or within Xcode. The standalone tool is invoked from the command line, and is intended to be run in tandem with a build of a codebase.

The analyzer is 100% open source and is part of the Clang project. Like the rest of Clang, the analyzer is implemented as a C++ library that can be used by other tools and applications.

296 questions
51
votes
2 answers

Clang Error on "Potential null dereference."

I keep getting Clang errors on the following type of code and I can't figure out why they're erroneous or how to resolve them to Clang's satisfaction: + (NSString *)checkForLength: (NSString *)theString error: (NSError **)error { BOOL hasLength…
bbrown
  • 6,370
  • 5
  • 37
  • 43
44
votes
3 answers

Ignore system headers in clang-tidy

tldr;> How do I hide warnings from system headers in clang-tidy? I have the following minimal example source file, which triggers a clang-tidy warning in the system headers: #include int main() { std::promise p; …
Heinzi
  • 5,793
  • 4
  • 40
  • 69
41
votes
4 answers

Is it possible to suppress Xcode 4 static analyzer warnings?

The Xcode 4 static analyzer reports in my code some false positives. Is there any way to suppress them?
DreamOfMirrors
  • 2,147
  • 1
  • 21
  • 34
35
votes
1 answer

How to avoid pointer arithmetic when using char** argv

When trying to print the first command line argument: std::cout << argv[0] << std::endl; clang-tidy gives the warning: warning: 'do not use pointer arithmetic' from [cppcoreguidelines-pro-bounds-pointer-arithmetic] Is there an alternative…
user7119460
  • 1,451
  • 10
  • 20
30
votes
2 answers

How to keep track of a variable with Clang's static analyzer?

Suppose I'm working with the following C snippet: void inc(int *num) {*num++;} void dec(int *num) {*num--;} void f(int var) { inc(&var); dec(&var); } By using a static analyzer, I want to be able to tell if the value of var didn't change…
ivarec
  • 2,542
  • 2
  • 34
  • 57
26
votes
3 answers

CMake add target for invoking clang analyzer

I'd basically like to achieve the same as http://blog.alexrp.com/2013/09/26/clangs-static-analyzer-and-automake, but with CMake. analyze_srcs = foo.c analyze_plists = $(analyze_srcs:%.c=%.plist) CLEANFILES = $(analyze_plists) $(analyze_plists):…
Trass3r
  • 5,858
  • 2
  • 30
  • 45
23
votes
3 answers

How to make the Clang Static Analyzer output its working from command line?

I'm running Clang 3.4 on Ubuntu 12.10 (from http://llvm.org/apt/). I ran the analyzer (clang --analyze) over some code, and it found a couple of issues: Blah.C:429:9: warning: Declared variable-length array (VLA) has zero size unsigned char…
Jetski S-type
  • 1,138
  • 2
  • 16
  • 32
21
votes
1 answer

How can I make Clang's "scan-build" work with SCons?

I've got a project built with SCons and I'm trying to use the Clang Static Analyzer to analyze the code. However, when running scan-build scons SCons seems to ignore the settings introduced by scan-build. How can I make this work?
Greg Hewgill
  • 951,095
  • 183
  • 1,149
  • 1,285
21
votes
4 answers

clang-tidy: How to suppress warnings?

I recently started experimenting with the clang-tidy tool of llvm. Now I am trying to suppress false warnings from third party library code. For this I want to use the command line options -header-filter= or -line-filter= but so far…
Knitschi
  • 2,822
  • 3
  • 32
  • 51
19
votes
1 answer

Example code to trigger Clang's static analyser

I would like to see a small but complete snippet of code that will cause Clang's static analyser to complain. My motivation is mostly that I'm trying to get it to work on my PIC32 code, and I need a way to distinguish between "all the code is fine"…
detly
  • 29,332
  • 18
  • 93
  • 152
16
votes
2 answers

Xcode Analyzer - Ignore CocoaPods targets

I have an Xcode workspace set up with CocoaPods. When I run Xcode's Analyzer on my project it analyzes my own source code as well as all the source code in the Pods targets. This throws up lots of warnings that I am not interested in as I only want…
Brian Boyle
  • 2,849
  • 5
  • 27
  • 35
14
votes
0 answers

How-to use Clang Static Analyzer on Windows?

I'm currently trying to integrate the Clang Static Analyzer v9.0.1 into my CMake v3.16.5 build system using the Microsoft Visual C++ Compiler (MSVC) v19.25.28610.4 on a Windows v10.0.18363.720 operating system. Everything is build for the…
Florian Wolters
  • 3,820
  • 5
  • 35
  • 55
13
votes
3 answers

Ignore certain files when using clang-tidy

I'm trying to integrate clang-tidy with cmake, but there are some files that belong to a particular target which I would like to ignore. Is there any way to make clang-tidy to ignore files under certain directory or whose name matches a certain…
Dan
  • 2,452
  • 20
  • 45
11
votes
1 answer

Does clang-tidy make clang-check redundant?

Both of these tools seem to share some common goals and while the documentation of clang-tidy is quite explicit about its capabilities, clang-check's is a bit sparse. It would be nice if I could run only one of these tools while having the same…
lbonn
  • 2,499
  • 22
  • 32
11
votes
1 answer

Can clang static analyzer (scan-build) be used with cmake --build?

I'd like to use the clang static analyzer command line tool scan-build with the convenience of cmake --build. Most of the resources I found online seem to indicate you need a two-step process: scan-build cmake . scan-build make For example for this…
phoenix
  • 7,988
  • 6
  • 39
  • 45
1
2 3
19 20