I wanted to try out the clang static analyzer. I'm on Windows and built clang with Visual Studio. It seems to work, but at the same time it seems to be extremely useless.
I made an example file
example.c
int main(void)
{
int h = 0;
return 1/h;
}
Calling scan-build gcc -c example.c finds no error.
example.c
int main(void)
{
int h;
return 1/h;
}
Calling scan-build gcc -c example.c finds no error.
example.c
int main(void)
{
return 1/0;
}
Calling scan-build gcc -c example.c finds no error.
If these most basic errors can't be found (and they can be found by clang itself), how can the static analyzer be of any use?
My gcc is MinGW if that matters. I also tried substituting clang but there's just nothing happening.
Am I doing something wrong here?
The scan-build driver substitutes an "interception" command in place of the compiler when doing analysis, so you need to make sure to use a "variable" as the name of the compiler.
For example, in POSIX shell: scan-build sh -c '${CC} "$@"' cc main.c -o main.
PowerShell may have similar syntax, but I'm not sure, DOS command line will need something radically different.