我有一个项目目前同时使用 scan-build 和 clang-tidy(通过 CMake 启用)。
如果我在我的 clang-tidy 检查集中启用clang-analyzer-*,那么使用 scan-build 是否多余?
作为参考,有一个类似的问题问here 关于 clang-tidy 和 clang-check 的使用。
【问题讨论】:
标签: clang clang-static-analyzer clang-tidy scan-build
这些是scan-build --help 报告的可用检查(“+”表示默认启用检查):
+ core.CallAndMessage Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers)
+ core.DivideZero Check for division by zero
+ core.NonNullParamChecker Check for null pointers passed as arguments to a function whose arguments are references or marked with the 'nonnull' attribute
+ core.NullDereference Check for dereferences of null pointers
+ core.StackAddressEscape Check that addresses to stack memory do not escape the function
+ core.UndefinedBinaryOperatorResult
Check for undefined results of binary operators
+ core.VLASize Check for declarations of VLA of undefined or zero size
+ core.uninitialized.ArraySubscript
Check for uninitialized values used as array subscripts
+ core.uninitialized.Assign Check for assigning uninitialized values
+ core.uninitialized.Branch Check for uninitialized values used as branch conditions
+ core.uninitialized.CapturedBlockVariable
Check for blocks that capture uninitialized values
+ core.uninitialized.UndefReturn Check for uninitialized values being returned to the caller
+ cplusplus.InnerPointer Check for inner pointers of C++ containers used after re/deallocation
+ cplusplus.Move Find use-after-move bugs in C++
+ cplusplus.NewDelete Check for double-free and use-after-free problems. Traces memory managed by new/delete.
+ cplusplus.NewDeleteLeaks Check for memory leaks. Traces memory managed by new/delete.
+ cplusplus.PlacementNew Check if default placement new is provided with pointers to sufficient storage capacity
+ cplusplus.PureVirtualCall Check pure virtual function calls during construction/destruction
+ deadcode.DeadStores Check for values stored to variables that are never read afterwards
fuchsia.HandleChecker A Checker that detect leaks related to Fuchsia handles
+ nullability.NullPassedToNonnull
Warns when a null pointer is passed to a pointer which has a _Nonnull type.
+ nullability.NullReturnedFromNonnull
Warns when a null pointer is returned from a function that has _Nonnull return type.
nullability.NullableDereferenced
Warns when a nullable pointer is dereferenced.
nullability.NullablePassedToNonnull
Warns when a nullable pointer is passed to a pointer which has a _Nonnull type.
nullability.NullableReturnedFromNonnull
Warns when a nullable pointer is returned from a function that has _Nonnull return type.
optin.cplusplus.UninitializedObject
Reports uninitialized fields after object construction
optin.cplusplus.VirtualCall Check virtual function calls during construction/destruction
optin.mpi.MPI-Checker Checks MPI code
optin.osx.OSObjectCStyleCast Checker for C-style casts of OSObjects
optin.osx.cocoa.localizability.EmptyLocalizationContextChecker
Check that NSLocalizedString macros include a comment for context
optin.osx.cocoa.localizability.NonLocalizedStringChecker
Warns about uses of non-localized NSStrings passed to UI methods expecting localized NSStrings
optin.performance.GCDAntipattern
Check for performance anti-patterns when using Grand Central Dispatch
optin.performance.Padding Check for excessively padded structs.
optin.portability.UnixAPI Finds implementation-defined behavior in UNIX/Posix functions
osx.API Check for proper uses of various Apple APIs
osx.MIG Find violations of the Mach Interface Generator calling convention
osx.NumberObjectConversion Check for erroneous conversions of objects representing numbers into numbers
osx.OSObjectRetainCount Check for leaks and improper reference count management for OSObject
osx.ObjCProperty Check for proper uses of Objective-C properties
osx.SecKeychainAPI Check for proper uses of Secure Keychain APIs
osx.cocoa.AtSync Check for nil pointers used as mutexes for @synchronized
osx.cocoa.AutoreleaseWrite Warn about potentially crashing writes to autoreleasing objects from different autoreleasing pools in Objective-C
osx.cocoa.ClassRelease Check for sending 'retain', 'release', or 'autorelease' directly to a Class
osx.cocoa.Dealloc Warn about Objective-C classes that lack a correct implementation of -dealloc
osx.cocoa.IncompatibleMethodTypes
Warn about Objective-C method signatures with type incompatibilities
osx.cocoa.Loops Improved modeling of loops using Cocoa collection types
osx.cocoa.MissingSuperCall Warn about Objective-C methods that lack a necessary call to super
osx.cocoa.NSAutoreleasePool Warn for suboptimal uses of NSAutoreleasePool in Objective-C GC mode
osx.cocoa.NSError Check usage of NSError** parameters
osx.cocoa.NilArg Check for prohibited nil arguments to ObjC method calls
osx.cocoa.NonNilReturnValue Model the APIs that are guaranteed to return a non-nil value
osx.cocoa.ObjCGenerics Check for type errors when using Objective-C generics
osx.cocoa.RetainCount Check for leaks and improper reference count management
osx.cocoa.RunLoopAutoreleaseLeak
Check for leaked memory in autorelease pools that will never be drained
osx.cocoa.SelfInit Check that 'self' is properly initialized inside an initializer method
osx.cocoa.SuperDealloc Warn about improper use of '[super dealloc]' in Objective-C
osx.cocoa.UnusedIvars Warn about private ivars that are never used
osx.cocoa.VariadicMethodTypes Check for passing non-Objective-C types to variadic collection initialization methods that expect only Objective-C types
osx.coreFoundation.CFError Check usage of CFErrorRef* parameters
osx.coreFoundation.CFNumber Check for proper uses of CFNumber APIs
osx.coreFoundation.CFRetainRelease
Check for null arguments to CFRetain/CFRelease/CFMakeCollectable
osx.coreFoundation.containers.OutOfBounds
Checks for index out-of-bounds when using 'CFArray' API
osx.coreFoundation.containers.PointerSizedValues
Warns if 'CFArray', 'CFDictionary', 'CFSet' are created with non-pointer-size values
security.FloatLoopCounter Warn on using a floating point value as a loop counter (CERT: FLP30-C, FLP30-CPP)
security.insecureAPI.DeprecatedOrUnsafeBufferHandling
Warn on uses of unsecure or deprecated buffer manipulating functions
+ security.insecureAPI.UncheckedReturn
Warn on uses of functions whose return values must be always checked
security.insecureAPI.bcmp Warn on uses of the 'bcmp' function
security.insecureAPI.bcopy Warn on uses of the 'bcopy' function
security.insecureAPI.bzero Warn on uses of the 'bzero' function
security.insecureAPI.decodeValueOfObjCType
Warn on uses of the '-decodeValueOfObjCType:at:' method
+ security.insecureAPI.getpw Warn on uses of the 'getpw' function
+ security.insecureAPI.gets Warn on uses of the 'gets' function
+ security.insecureAPI.mkstemp Warn when 'mkstemp' is passed fewer than 6 X's in the format string
+ security.insecureAPI.mktemp Warn on uses of the 'mktemp' function
security.insecureAPI.rand Warn on uses of the 'rand', 'random', and related functions
security.insecureAPI.strcpy Warn on uses of the 'strcpy' and 'strcat' functions
+ security.insecureAPI.vfork Warn on uses of the 'vfork' function
+ unix.API Check calls to various UNIX/Posix functions
+ unix.Malloc Check for memory leaks, double free, and use-after-free problems. Traces memory managed by malloc()/free().
+ unix.MallocSizeof Check for dubious malloc arguments involving sizeof
+ unix.MismatchedDeallocator Check for mismatched deallocators.
+ unix.Vfork Check for proper usage of vfork
+ unix.cstring.BadSizeArg Check the size argument passed into C string functions for common erroneous patterns
+ unix.cstring.NullArg Check for null pointers being passed as arguments to C string functions
valist.CopyToSelf Check for va_lists which are copied onto itself.
valist.Uninitialized Check for usages of uninitialized (or already released) va_lists.
valist.Unterminated Check for va_lists which are not released by a va_end call.
webkit.NoUncountedMemberChecker
Check for no uncounted member variables.
webkit.RefCntblBaseVirtualDtor Check for any ref-countable base class having virtual destructor.
webkit.UncountedLambdaCapturesChecker
Check uncounted lambda captures.
这是clang-tidy --list-checks | grep clang-analyzer-的输出:
clang-analyzer-apiModeling.StdCLibraryFunctions
clang-analyzer-apiModeling.TrustNonnull
clang-analyzer-apiModeling.google.GTest
clang-analyzer-apiModeling.llvm.CastValue
clang-analyzer-apiModeling.llvm.ReturnValue
clang-analyzer-core.CallAndMessage
clang-analyzer-core.CallAndMessageModeling
clang-analyzer-core.DivideZero
clang-analyzer-core.DynamicTypePropagation
clang-analyzer-core.NonNullParamChecker
clang-analyzer-core.NonnilStringConstants
clang-analyzer-core.NullDereference
clang-analyzer-core.StackAddrEscapeBase
clang-analyzer-core.StackAddressEscape
clang-analyzer-core.UndefinedBinaryOperatorResult
clang-analyzer-core.VLASize
clang-analyzer-core.builtin.BuiltinFunctions
clang-analyzer-core.builtin.NoReturnFunctions
clang-analyzer-core.uninitialized.ArraySubscript
clang-analyzer-core.uninitialized.Assign
clang-analyzer-core.uninitialized.Branch
clang-analyzer-core.uninitialized.CapturedBlockVariable
clang-analyzer-core.uninitialized.UndefReturn
clang-analyzer-cplusplus.InnerPointer
clang-analyzer-cplusplus.Move
clang-analyzer-cplusplus.NewDelete
clang-analyzer-cplusplus.NewDeleteLeaks
clang-analyzer-cplusplus.PlacementNew
clang-analyzer-cplusplus.PureVirtualCall
clang-analyzer-cplusplus.SelfAssignment
clang-analyzer-cplusplus.SmartPtrModeling
clang-analyzer-cplusplus.VirtualCallModeling
clang-analyzer-deadcode.DeadStores
clang-analyzer-fuchsia.HandleChecker
clang-analyzer-nullability.NullPassedToNonnull
clang-analyzer-nullability.NullReturnedFromNonnull
clang-analyzer-nullability.NullabilityBase
clang-analyzer-nullability.NullableDereferenced
clang-analyzer-nullability.NullablePassedToNonnull
clang-analyzer-nullability.NullableReturnedFromNonnull
clang-analyzer-optin.cplusplus.UninitializedObject
clang-analyzer-optin.cplusplus.VirtualCall
clang-analyzer-optin.mpi.MPI-Checker
clang-analyzer-optin.osx.OSObjectCStyleCast
clang-analyzer-optin.osx.cocoa.localizability.EmptyLocalizationContextChecker
clang-analyzer-optin.osx.cocoa.localizability.NonLocalizedStringChecker
clang-analyzer-optin.performance.GCDAntipattern
clang-analyzer-optin.performance.Padding
clang-analyzer-optin.portability.UnixAPI
clang-analyzer-osx.API
clang-analyzer-osx.MIG
clang-analyzer-osx.NSOrCFErrorDerefChecker
clang-analyzer-osx.NumberObjectConversion
clang-analyzer-osx.OSObjectRetainCount
clang-analyzer-osx.ObjCProperty
clang-analyzer-osx.SecKeychainAPI
clang-analyzer-osx.cocoa.AtSync
clang-analyzer-osx.cocoa.AutoreleaseWrite
clang-analyzer-osx.cocoa.ClassRelease
clang-analyzer-osx.cocoa.Dealloc
clang-analyzer-osx.cocoa.IncompatibleMethodTypes
clang-analyzer-osx.cocoa.Loops
clang-analyzer-osx.cocoa.MissingSuperCall
clang-analyzer-osx.cocoa.NSAutoreleasePool
clang-analyzer-osx.cocoa.NSError
clang-analyzer-osx.cocoa.NilArg
clang-analyzer-osx.cocoa.NonNilReturnValue
clang-analyzer-osx.cocoa.ObjCGenerics
clang-analyzer-osx.cocoa.RetainCount
clang-analyzer-osx.cocoa.RetainCountBase
clang-analyzer-osx.cocoa.RunLoopAutoreleaseLeak
clang-analyzer-osx.cocoa.SelfInit
clang-analyzer-osx.cocoa.SuperDealloc
clang-analyzer-osx.cocoa.UnusedIvars
clang-analyzer-osx.cocoa.VariadicMethodTypes
clang-analyzer-osx.coreFoundation.CFError
clang-analyzer-osx.coreFoundation.CFNumber
clang-analyzer-osx.coreFoundation.CFRetainRelease
clang-analyzer-osx.coreFoundation.containers.OutOfBounds
clang-analyzer-osx.coreFoundation.containers.PointerSizedValues
clang-analyzer-security.FloatLoopCounter
clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling
clang-analyzer-security.insecureAPI.SecuritySyntaxChecker
clang-analyzer-security.insecureAPI.UncheckedReturn
clang-analyzer-security.insecureAPI.bcmp
clang-analyzer-security.insecureAPI.bcopy
clang-analyzer-security.insecureAPI.bzero
clang-analyzer-security.insecureAPI.decodeValueOfObjCType
clang-analyzer-security.insecureAPI.getpw
clang-analyzer-security.insecureAPI.gets
clang-analyzer-security.insecureAPI.mkstemp
clang-analyzer-security.insecureAPI.mktemp
clang-analyzer-security.insecureAPI.rand
clang-analyzer-security.insecureAPI.strcpy
clang-analyzer-security.insecureAPI.vfork
clang-analyzer-unix.API
clang-analyzer-unix.DynamicMemoryModeling
clang-analyzer-unix.Malloc
clang-analyzer-unix.MallocSizeof
clang-analyzer-unix.MismatchedDeallocator
clang-analyzer-unix.Vfork
clang-analyzer-unix.cstring.BadSizeArg
clang-analyzer-unix.cstring.CStringModeling
clang-analyzer-unix.cstring.NullArg
clang-analyzer-valist.CopyToSelf
clang-analyzer-valist.Uninitialized
clang-analyzer-valist.Unterminated
clang-analyzer-valist.ValistBase
clang-analyzer-webkit.NoUncountedMemberChecker
clang-analyzer-webkit.RefCntblBaseVirtualDtor
clang-analyzer-webkit.UncountedLambdaCapturesChecker
clang-tidy 版本是 12.0.0。
因此,scan-build 似乎是 clang-tidy 的一个子集(就可用检查而言),您的问题的答案是“是”。
【讨论】: