LLVM Discussion Forums

Scan-build/Clang command on linux is showing 0 bugs found thou file has bug

I am new to usage of clang and scan-build command. From the link - https://releases.llvm.org/download.html I have downloaded pre-build binary " [SuSE Linux Enterprise Server 11SP3 x86_64]" of LLVM-9.0.0

I am using RedHat Linux-6.4 version, looks this is the only compatible version so I downloaded the tar bundle. Untarred the content and created a simple “test.cpp” file with bug and by exporting PATH and LD_LIBRARY_PATH variables I am able to compile and do analysis for test.cpp

Thou the program has few erros it is not emitting and creating resultant html reports. It is showing as bugs not found.

Here is what I tried:

cat /etc/redhat-release

Red Hat Enterprise Linux Server release 6.4 (Santiago)

export PATH=/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/bin/:$PATH

export LD_LIBRARY_PATH=/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/lib/:/usr/local/lib/:/usr/lib/:/usr/lib64/:$LD_LIBRARY_PATH

#scan-build -v -o /tmp/myclangdir/ clang -c test.cpp
scan-build: Using ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/bin/clang-9’ for static analysis
scan-build: Emitting reports for this run to ‘/tmp/myclangdir/2020-07-21-155009-28205-1’.
scan-build: Removing directory ‘/tmp/myclangdir/2020-07-21-155009-28205-1’ because it contains no reports.
scan-build: No bugs found.

When I run with verbose, -W and -Wall options, It is clearly compiling(test.o is genearted) and showing the warn message but not writing it into html reports.

scan-build -v -v -v --keep-going -o /tmp/myclangdir/ clang -W -Wall -c test.cpp

scan-build: Using ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/bin/clang-9’ for static analysis
scan-build: Emitting reports for this run to ‘/tmp/myclangdir/2020-07-21-155219-28431-1’.
test.cpp:9:9: warning: unused variable ‘hll’ [-Wunused-variable]
int hll = 1;
^
1 warning generated.
clang -W -Wall -c test.cpp

#SHELL (cd ‘/home/clang_install’ && ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/bin/clang-9’ ‘-cc1’ ‘-triple’ ‘x86_64-unknown-linux-gnu’ ‘-analyze’ ‘-disable-free’ ‘-disable-llvm-verifier’ ‘-discard-value-names’ ‘-main-file-name’ ‘test.cpp’ ‘-analyzer-store=region’ ‘-analyzer-opt-analyze-nested-blocks’ ‘-analyzer-checker=core’ ‘-analyzer-checker=apiModeling’ ‘-analyzer-checker=unix’ ‘-analyzer-checker=deadcode’ ‘-analyzer-checker=cplusplus’ ‘-analyzer-checker=security.insecureAPI.UncheckedReturn’ ‘-analyzer-checker=security.insecureAPI.getpw’ ‘-analyzer-checker=security.insecureAPI.gets’ ‘-analyzer-checker=security.insecureAPI.mktemp’ ‘-analyzer-checker=security.insecureAPI.mkstemp’ ‘-analyzer-checker=security.insecureAPI.vfork’ ‘-analyzer-checker=nullability.NullPassedToNonnull’ ‘-analyzer-checker=nullability.NullReturnedFromNonnull’ ‘-analyzer-output’ ‘plist’ ‘-w’ ‘-mrelocation-model’ ‘static’ ‘-mthread-model’ ‘posix’ ‘-mdisable-fp-elim’ ‘-fmath-errno’ ‘-masm-verbose’ ‘-mconstructor-aliases’ ‘-munwind-tables’ ‘-target-cpu’ ‘x86-64’ ‘-dwarf-column-info’ ‘-debugger-tuning=gdb’ ‘-resource-dir’ ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/lib/clang/9.0.0’ ‘-cxx-isystem’ ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/include/c++/v1/’ ‘-cxx-isystem’ ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/include/c++/v1/ext/’ ‘-cxx-isystem’ ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/lib/clang/9.0.0/include/’ ‘-cxx-isystem’ ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/include/’ ‘-cxx-isystem’ ‘/usr/include/’ ‘-cxx-isystem’ ‘/usr/local/include/’ ‘-internal-isystem’ ‘/usr/lib/gcc/x86_64-redhat-linux/4.4.7/…/…/…/…/include/c++/4.4.7’ ‘-internal-isystem’ ‘/usr/lib/gcc/x86_64-redhat-linux/4.4.7/…/…/…/…/include/c++/4.4.7/x86_64-redhat-linux’ ‘-internal-isystem’ ‘/usr/lib/gcc/x86_64-redhat-linux/4.4.7/…/…/…/…/include/c++/4.4.7/backward’ ‘-internal-isystem’ ‘/usr/local/include’ ‘-internal-isystem’ ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/lib/clang/9.0.0/include’ ‘-internal-externc-isystem’ ‘/include’ ‘-internal-externc-isystem’ ‘/usr/include’ ‘-fdeprecated-macro’ ‘-fdebug-compilation-dir’ ‘/home/clang_install’ ‘-ferror-limit’ ‘19’ ‘-fmessage-length’ ‘0’ ‘-fobjc-runtime=gcc’ ‘-fcxx-exceptions’ ‘-fexceptions’ ‘-fdiagnostics-show-option’ ‘-analyzer-display-progress’ ‘-analyzer-output=html’ ‘-faddrsig’ ‘-o’ ‘/tmp/myclangdir/2020-07-21-155219-28431-1’ ‘-x’ ‘c++’ ‘test.cpp’)
ANALYZE (Syntax): test.cpp main()
ANALYZE (Path, Inline_Regular): test.cpp main()
scan-build: Removing directory ‘/tmp/myclangdir/2020-07-21-155219-28431-1’ because it contains no reports.
scan-build: No bugs found.

Here is my test.cpp file:

cat test.cpp

#include <iostream.h>
#include <fstream.h>
using namespace std;

int main()
{
int firstNumber, secondNumber, sumOfTwoNumbers;

int hll = 1;
int hello = 1;
if (hello == 0)
    cout << hello << "hello";
cout << "Enter two integers: ";
cin >> firstNumber >> secondNumber;

sumOfTwoNumbers = firstNumber + secondNumber;

cout << firstNumber << " + " <<  secondNumber << " = " << sumOfTwoNumbers;

ofstream file;
file.open ("egone.txt");
file << "Writing to a file in C++....";

return 0;

}

By fluke when I tried for another buggy flle Bug.cpp, it is generating reports.

scan-build --keep-going -o /tmp/myclangdir/ clang -W -Wall -c Bug.cpp

scan-build: Using ‘/home/clang_install/clang+llvm-9.0.0-x86_64-linux-sles11.3/bin/clang-9’ for static analysis
Bug.cpp:9:14: warning: The right operand of ‘<’ is a garbage value
if (A[i] < currmin)
^ ~~~~~~~
Bug.cpp:11:3: warning: Undefined or garbage value returned to caller
return currmin;
^~~~~~~~~~~~~~
2 warnings generated.
scan-build: 2 bugs found.
scan-build: Run ‘scan-view /tmp/myclangdir/2020-07-21-155511-28560-1’ to examine bug reports.

So can please suggest me how to proceed further.

I have below questions in mind:

  1. Do we need compile clang after downloading from site? If yes, how and any configuration need to specify during compilation.
  2. Why I am not able to get reports for all type of bugs ?
  3. Am I using using clang or scan-build command in right way ?
  4. Any environment specific error?

Thanks in advance.