index.html revision f4aed5f8a30e39e169dcdef1c315f0f7a5699738 
1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
2          "http://www.w3.org/TR/html4/strict.dtd">
3<html>
4<head>
5  <title>Clang Static Analyzer</title>
6  <link type="text/css" rel="stylesheet" href="content.css" />
7  <link type="text/css" rel="stylesheet" href="menu.css" />
8  <script type="text/javascript" src="scripts/menu.js"></script>  
9</head>
10<body>
11
12<div id="page">
13<!--#include virtual="menu.html.incl"-->
14<div id="content">
15
16
17<table style="margin-top:0px" width="100%" border="0" cellpadding="0px" cellspacing="0">
18<tr><td>
19
20<h1>Clang Static Analyzer</h1>  
21
22<p>The Clang Static Analyzer consists of both a source code analysis framework
23and a standalone tool that finds bugs in C and Objective-C programs.</p>
24
25<p>The
26standalone tool is invoked from the command-line, and is intended to run in
27tandem with a build of a project or code base.</p>
28
29<p>Both are 100% open source and are part of the <a
30href="http://clang.llvm.org">Clang</a> project.</p>
31
32<!-- Generated from: http://www.spiffycorners.com/index.php -->
33
34<style type="text/css">
35.spiffy{display:block}
36.spiffy *{
37  display:block;
38  height:1px;
39  overflow:hidden;
40  font-size:.01em;
41  background:#EBF0FA}
42.spiffy1{
43  margin-left:3px;
44  margin-right:3px;
45  padding-left:1px;
46  padding-right:1px;
47  border-left:1px solid #f6f8fc;
48  border-right:1px solid #f6f8fc;
49  background:#f0f3fb}
50.spiffy2{
51  margin-left:1px;
52  margin-right:1px;
53  padding-right:1px;
54  padding-left:1px;
55  border-left:1px solid #fdfdfe;
56  border-right:1px solid #fdfdfe;
57  background:#eef2fa}
58.spiffy3{
59  margin-left:1px;
60  margin-right:1px;
61  border-left:1px solid #eef2fa;
62  border-right:1px solid #eef2fa;}
63.spiffy4{
64  border-left:1px solid #f6f8fc;
65  border-right:1px solid #f6f8fc}
66.spiffy5{
67  border-left:1px solid #f0f3fb;
68  border-right:1px solid #f0f3fb}
69.spiffyfg{
70  background:#EBF0FA}
71  
72.spiffyfg h2 {
73  margin:0px;  padding:10px;
74}
75</style>
76
77<style type="text/css">
78  #left { float:left; }
79  #left h2 { margin:1px; padding-top:0px; }
80  #right { float:left; margin-left:20px; margin-right:20px; padding:0px ;}
81  #right h2 { padding:0px; margin:0px; }
82  #wrappedcontent { padding:15px;}
83</style>
84
85<div style="padding:0px; font-size: 90%">
86 <b class="spiffy">
87 <b class="spiffy1"><b></b></b>
88 <b class="spiffy2"><b></b></b>
89 <b class="spiffy3"></b>
90 <b class="spiffy4"></b>
91 <b class="spiffy5"></b></b>
92 <div class="spiffyfg">
93  <div style="padding:15px">
94   <h2 style="padding:0px; margin:0px">Download</h2>
95   <h3 style="margin-top:5px">Mac OS X</h3>
96   <ul>
97    <li>Latest build (Universal binary, 10.5+):
98     <!--#include virtual="latest_checker.html.incl"-->
99    </li>
100    <li><a href="/installation.html">Installation</a> and <a
101    href="/scan-build.html">usage</a></li>
102   </ul>
103   <h3>Other Platforms</h3>    
104   <p>For other platforms, please follow the instructions for <a
105   href="/installation#OtherPlatforms">building the analyzer</a> from
106   source code.<p>
107  </div>
108 </div>
109 <b class="spiffy">
110 <b class="spiffy5"></b>
111 <b class="spiffy4"></b>
112 <b class="spiffy3"></b>
113 <b class="spiffy2"><b></b></b>
114 <b class="spiffy1"><b></b></b></b>
115</div>
116
117</td><td style="padding-left:10px">
118<a href="images/analyzer_xcode.png"><img src="images/analyzer_xcode.png" width="450x" border=0></a>
119<center><b>Viewing static analyzer results in Xcode 3.2</b></center>
120<a href="images/analyzer_html.png"><img src="images/analyzer_html.png" width="450px" border=0></a>
121<center><b>Viewing static analyzer results in a web browser</b></center>
122</td></tr></table>
123
124<h2 id="StaticAnalysis">What is Static Analysis?</h2>
125
126<p>The term &quot;static analysis&quot; is conflated, but here we use it to mean
127a collection of algorithms and techniques used to analyze source code in order
128to automatically find bugs. The idea is similar in spirit to compiler warnings
129(which can be useful for finding coding errors) but to take that idea a step
130further and find bugs that are traditionally found using run-time debugging
131techniques such as testing.</p>
132
133<p>Static analysis bug-finding tools have evolved over the last several decades
134from basic syntactic checkers to those that find deep bugs by reasoning about
135the semantics of code. The goal of the Clang Static Analyzer is to provide a
136industrial-quality static analysis framework for analyzing C and Objective-C
137programs that is freely available, extensible, and has a high quality of
138implementation.</p>
139
140<h3 id="Clang">Part of Clang and LLVM</h3>
141
142<p>As its name implies, the Clang Static Analyzer is built on top of <a
143href="http://clang.llvm.org">Clang</a> and <a href="http://llvm.org">LLVM</a>.
144Strictly speaking, the analyzer is part of Clang, as Clang consists of a set of
145reusable C++ libraries for building powerful source-level tools. The static
146analysis engine used by the Clang Static Analyzer is a Clang library, and has
147the capability to be reused in different contexts and by different clients.</p>
148
149<h2>Important Points to Consider</h2>
150
151<p>While we believe that the static analyzer is already very useful for finding
152bugs, we ask you to bear in mind a few points when using it.</p>
153
154<h3>Work-in-Progress</h3>
155
156<p>The analyzer is a continuous work-in-progress.
157There are many planned enhancements to improve both the precision and scope of
158its analysis algorithms as well as the kinds bugs it will find. While there are
159fundamental limitations to what static analysis can do, we have a long way to go
160before hitting that wall.</p>
161
162<h3>Slower than Compilation</h3>
163
164<p>Operationally, using static analysis to
165automatically find deep program bugs is about trading CPU time for the hardening
166of code. Because of the deep analysis performed by state-of-the-art static
167analysis tools, static analysis can be much slower than compilation.</p>
168
169<p>While the Clang Static Analyzer is being designed to be as fast and
170light-weight as possible, please do not expect it to be as fast as compiling a
171program (even with optimizations enabled). Some of the algorithms needed to find
172bugs require in the worst case exponential time.</p>
173
174<p>The Clang Static Analyzer runs in a reasonable amount of time by both
175bounding the amount of checking work it will do as well as using clever
176algorithms to reduce the amount of work it must do to find bugs.</p></li>
177
178<h3>False Positives</h3>
179
180<p>Static analysis is not perfect. It can falsely flag bugs in a program where
181the code behaves correctly. Because some code checks require more analysis
182precision than others, the frequency of false positives can vary widely between
183different checks. Our long-term goal is to have the analyzer have a low false
184positive rate for most code on all checks.</p>
185
186<p>Please help us in this endeavor by <a href="filing_bugs.html">reporting false
187positives</a>. False positives cannot be addressed unless we know about
188them.</p>
189
190<h3>More Checks</h3>
191
192<p>Static analysis is not magic; a static analyzer can only find bugs that it
193has been specifically engineered to find. If there are specific kinds of bugs
194you would like the Clang Static Analyzer to find, please feel free to
195file <a href="filing_bugs.html">feature requests</a> or contribute your own
196patches.</p>
197
198</div>
199</div>
200</body>
201</html>
202
203