Static analysis is a way of analyzing source code without executing it. One of its applications is to find code smells and bugs.
Fuchsia uses Clang as its compiler. Clang has several tools to analyze the code statically. Fuchsia enables a large set of useful warning messages and compiles with warnings as errors.
Prerequisites
Before you do static analysis, make sure you have the following:
- Toolchain: You can either use the prebuilt toolchain or compile compile a toolchain. For information on compiling a toolchain, see the toolchain guide. Note: This guide assumes that you are using the prebuilt toolchain.
- Compilation database: You need the compilation database to use
clang-tidyand Clang static analyzer. It is created at the root of your build directory automatically byfx set. ## Clang tidy
There is a more detailed guide available here.
Clang static analyzer
Prerequisites
Install scan-build-py:
pip install scan-build --user
You might get a warning that ~/.local/bin is not part of the PATH. Either
add it to your PATH environment variable or install scan-build globally (without the --user flag).
Run
From your Fuchsia directory, run the Clang static analyzer:
analyze-build --cdb compile_commands.json --use-analyzer path/to/checkout/prebuilt/third_party/clang/linux-x64/bin/clang --output path/to/output
View the results
View the results of Clang static analyzer with Chrome:
chrome path/to/output/scan-build-date-hash/index.html