to reflect the new license.
We understand that people may be surprised that we're moving the header
entirely to discuss the new license. We checked this carefully with the
Foundation's lawyer and we believe this is the correct approach.
Essentially, all code in the project is now made available by the LLVM
project under our new license, so you will see that the license headers
include that license only. Some of our contributors have contributed
code under our old license, and accordingly, we have retained a copy of
our old license notice in the top-level files in each project and
repository.
llvm-svn: 351636
This updates the scan-build perl script to allow outputting to sarif in a more natural fashion by specifying -sarif as a command line argument, similar to how -plist is already supported.
llvm-svn: 349082
Summary:
This has been bothering me for a while, but only now i have actually looked into this.
I'm using one CI job for static analysis - clang static analyzers as compilers + clang-tidy via cmake.
And i'd like for the build to fail if at least one of those finds issues.
If clang-tidy finds issues, it will fail the build since the warnings-as-errors is set.
If static analyzer finds anything, since --status-bugs is set, it will fail the build.
But if clang-tidy find anything, but static analyzer does not, the build succeeds :/
Reviewers: sylvestre.ledru, alexfh, jroelofs, ygribov, george.karpenkov, krememek
Reviewed By: jroelofs
Subscribers: xazax.hun, szepet, a.sidorin, mikhail.ramalho, Szelethus, cfe-commits
Differential Revision: https://reviews.llvm.org/D52530
llvm-svn: 343105
Summary:
To exclude thirdparty code.
To test:
With /tmp/foo.c
```
void test() {
int x;
x = 1; // warn
}
```
```
$ scan-build --exclude non-existing/ --exclude /tmp/ -v gcc -c foo.c
scan-build: Using '/usr/lib/llvm-7/bin/clang' for static analysis
scan-build: Emitting reports for this run to '/tmp/scan-build-2018-09-16-214531-8410-1'.
foo.c:3:3: warning: Value stored to 'x' is never read
x = 1; // warn
^ ~
1 warning generated.
scan-build: File '/tmp/foo.c' deleted: part of an ignored directory.
scan-build: 0 bugs found.
```
Reviewers: jroelofs
Reviewed By: jroelofs
Subscribers: whisperity, cfe-commits
Differential Revision: https://reviews.llvm.org/D52153
llvm-svn: 342359
Found via codespell -q 3 -I ../clang-whitelist.txt
Where whitelist consists of:
archtype
cas
classs
checkk
compres
definit
frome
iff
inteval
ith
lod
methode
nd
optin
ot
pres
statics
te
thru
Patch by luzpaz! (This is a subset of D44188 that applies cleanly with a few
files that have dubious fixes reverted.)
Differential revision: https://reviews.llvm.org/D44188
llvm-svn: 329399
Autoconf and some other systems tend to add essential compilation
options to CC (e.g. -std=gnu99). When running such an auto-generated
makefile, scan-build does not need to change CC and CXX as they are
already set to use ccc-analyzer by a configure script.
Implement a new option --keep-cc as was proposed in this discussion:
http://lists.llvm.org/pipermail/cfe-dev/2013-September/031832.html
Patch by Paul Fertser!
llvm-svn: 323665
Summary:
This patch adds an option //--show-description// to add the defect description to the list of defect. This helps to get a better understanding of the defect without opening the page.
For example, this is used for Firefox:
https://people.mozilla.org/~sledru/reports/fx-scan-build/
Reviewers: rizsotto.mailinglist, zaks.anna
Subscribers: cfe-commits
Differential Revision: https://reviews.llvm.org/D22810
llvm-svn: 277328
to force debug build and hopefully enable more precise warnings.
Static Analyzer is much more efficient when built in debug mode
(-UNDEBUG) so we advice users to enable it manually. This may be
inconvenient in case of large complex projects (think about Linux
distros e.g. Android or Tizen). This patch adds a flag to scan-build
which inserts -UNDEBUG automatically.
Differential Revision: http://reviews.llvm.org/D16200
llvm-svn: 261204
Chandler Carruth