Integrate Clang Static Analyzer

[guwirth]

The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs (http://clang-analyzer.llvm.org).

Support this tool like Cppcheck.

[mjdetullio]

I started an implementation of this on my fork of the sonar-objective-c plugin if you want to kang it. It's designed to read from the multi-plist output format that xcodebuild produces when it executes Clang. The individual rules aren't defined yet, so at the moment it clumps all results under one rule and sets the issue message in the format of " - ".

mjdetullio/sonar-objective-c@d7426ff

[guwirth]

I started an implementation of this on my fork of the sonar-objective-c plugin if you want to kang it. It's designed to read from the multi-plist output format that xcodebuild produces when it executes Clang.

@mjdetullio yes for sure that is interesting for us.

The individual rules aren't defined yet,

Do you know if there is a possibility to create a warning list with clang? Some other tool has such command line options (e.g. CppCheck).

[mjdetullio]

According to the docs (http://clang-analyzer.llvm.org/checker_dev_manual.html) you can run clang -cc1 -analyzer-checker-help. It will list all keys and descriptions for the checkers.

However, the plist output does not contain the Clang keys or descriptions that match anything in the help command. I'm not sure if other report formats (or other versions of Clang, since Apple may have their own fork) will include the checker keys. As far as I know xcodebuild only produces multi-plist format, so that's all I've tested. Update: set output type with CLANG_ANALYZER_OUTPUT flag.

For example, that command will list this as a checker:

osx.cocoa.AtSync                Check for nil pointers used as mutexes for @synchronized

But in a report that contains that issue type, neither the key or description is found, as you can see from the below sample plist output (bottom is the relevant part). Instead, it gives a separate message. I believe any given rule can have multiple messages, depending on how the issue is detected.

So, to tie the plist output to SonarQube rules, you'd have to maintain a map for each checker to their possible output messages. These output messages would need to be built manually from sample output and/or from the Clang source where the message strings are defined in the individual checkers.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
    <dict>
        <key>clang_version</key>
        <string>Apple LLVM version 7.0.0 (clang-700.0.72)</string>
        <key>files</key>
        <array>
            <string>/absolute/path/to/DateCalculation.m</string>
        </array>
        <key>diagnostics</key>
        <array>
            <dict>
                <key>path</key>
                <array>
                    <dict>
                        <key>kind</key><string>control</string>
                        <key>edges</key>
                        <array>
                            <dict>
                                <key>start</key>
                                <array>
                                    <dict>
                                        <key>line</key><integer>349</integer>
                                        <key>col</key><integer>5</integer>
                                        <key>file</key><integer>0</integer>
                                    </dict>
                                    <dict>
                                        <key>line</key><integer>349</integer>
                                        <key>col</key><integer>10</integer>
                                        <key>file</key><integer>0</integer>
                                    </dict>
                                </array>
                                <key>end</key>
                                <array>
                                    <dict>
                                        <key>line</key><integer>351</integer>
                                        <key>col</key><integer>5</integer>
                                        <key>file</key><integer>0</integer>
                                    </dict>
                                    <dict>
                                        <key>line</key><integer>351</integer>
                                        <key>col</key><integer>8</integer>
                                        <key>file</key><integer>0</integer>
                                    </dict>
                                </array>
                            </dict>
                        </array>
                    </dict>
                    <!-- additional path entries omitted -->
                    <dict>
                        <key>kind</key><string>event</string>
                        <key>location</key>
                        <dict>
                            <key>line</key><integer>290</integer>
                            <key>col</key><integer>5</integer>
                            <key>file</key><integer>0</integer>
                        </dict>
                        <key>ranges</key>
                        <array>
                            <array>
                                <dict>
                                    <key>line</key><integer>290</integer>
                                    <key>col</key><integer>5</integer>
                                    <key>file</key><integer>0</integer>
                                </dict>
                                <dict>
                                    <key>line</key><integer>295</integer>
                                    <key>col</key><integer>2</integer>
                                    <key>file</key><integer>0</integer>
                                </dict>
                            </array>
                        </array>
                        <key>depth</key><integer>1</integer>
                        <key>extended_message</key>
                        <string>Nil value used as mutex for @synchronized() (no synchronization will occur)</string>
                        <key>message</key>
                        <string>Nil value used as mutex for @synchronized() (no synchronization will occur)</string>
                    </dict>
                </array>
                <key>description</key><string>Nil value used as mutex for @synchronized() (no synchronization will occur)</string>
                <key>category</key><string>Logic error</string>
                <key>type</key><string>Nil value used as mutex for @synchronized() (no synchronization will occur)</string>
                <key>issue_context_kind</key><string>Objective-C method</string>
                <key>issue_context</key><string>dateComponentsForDate:inCalendar:</string>
                <key>issue_hash</key><string>5</string>
                <key>location</key>
                <dict>
                    <key>line</key><integer>290</integer>
                    <key>col</key><integer>5</integer>
                    <key>file</key><integer>0</integer>
                </dict>
            </dict>
        </array>
    </dict>
</plist>

[mjdetullio]

Had to look this up in the source (https://github.com/llvm-mirror/clang/blob/master/include/clang/StaticAnalyzer/Core/Analyses.def), but the values for the -analyzer-output= option are:

html
plist
plist-multi-file
plist-html
text

None of these reports (with Apple's LLVM/Clang) include the key or description from the help output :(

[guwirth]

no contributors, close this

[gyorb]

Hi,

I'm working on this feature. There is a prototype on my fork which can parse the plist files generated by the latest clang versions. It is still under heavy development but I'm working on it.

[guwirth]

@gyorb thanks for letting us know this. Looking forward to include a running solution.

[gyorb]

In the pull request there is an initial version which can import the main relevant parts of the reports.

There are some plans to improve this initial solution:

• use issue_hash_content_of_line_in_contex from the reports for uniqueing (generated based on the semantic context during the analysis)
• store report flow related messaged as in the sonar-java plugin see discussion about the feature here, visualizing flow messages is available since SonarQube v6.4

Any feedback is appreciated.

[gyorb]

I've extended the wiki with some simple examples how to analyze a project and with the configuration option to import the plist reports.