26th Sep, 2008

Tutorial: How To Static Analyze Your Objective-C Code Using the Clang Static Analyzer Tool

Install LLVM/Clang (Optional)

This tutorial is to show how to use the clang static analyzer tool to automatically find bugs in your objective-c code. I am going to show you the long but probably better off way by first installing llvm and clang then installing the tool. Lets get started.
First thing first, go to http://clang.llvm.org/get_started.html and read up if you wish.  Otherwise here we go. Open a terminal and svn a current version of llvm down:

svn co http://llvm.org/svn/llvm-project/llvm/trunk llvm

Next lets configure and make llvm:

cd llvm
./configure; make

This will take a minute to build. After it’s completed lets get clang:

cd tools
svn co http://llvm.org/svn/llvm-project/cfe/trunk clang

After this has been downloaded we need to build this as well:

cd clang
make

From here I like to install llvm and clang into the command line:

cd ..
cd ..
sudo make install

Now llvm libraries are installed. We need to install clang now:

cd tools
cd clang
sudo make install

Clang should be installed now, so lets test it. Quit the terminal and open a new one and try this:

clang --help

If everything worked you get something like this:


Install the Clang Analyzer Tool

Yes, we didn’t actually need these things installed to use the static tool but it’s nice to have. So now for the static analyzer tool. You can find a download link here: http://clang.llvm.org/StaticAnalysis.html. After you’ve downloaded the zip unzip it. Find a place to put these files. I personally like it in the /usr/bin but it’s up to you. Since, I’m doing the demo I will use that. So first lets create a directory there:

cd /usr/bin
sudo mkdir objc-analyzer

Then just drag the files from the zipped folder in there. So it should something like this:

Almost done, we need to set the bash path to look here. Simply open the bash profile and export the new path like such:

sudo nano /etc/profile

And add this to the bottom:

PATH=$PATH:/usr/bin/objc-analyzer/
export PATH

Save it and quit the terminal and open a new one. The analyzer should be working now. Test it by typing:

scan-build

If everything worked as planned you get some output:


Run the Clang Analyzer Tool

Now we are ready to move on to the fun easy stuff. Find an old project with a lot of bugs and go there in the terminal, clean the project first (yes you need to do this every time), and run scan build. It was recommended to always use it on the “Debug” configuration.

cd /workspace/EyeConsoleCD
scan-build xcodebuild -configuration Debug clean
scan-build -V xcodebuild -configuration Debug

This should run and open the report if any bugs were found (-V automatically opens scan-view which opens the report). Here is what it found in my project:

Whoa lets take a look at that leak:

No way a real bug :)

Anyway, hope that helped and thanks for reading. Here’s the picture tutorial if you don’t like reading.

Posted by: Eric

Categories:

Responses

Thanks Eric for putting together such a great tutorial!

For those using the tutorial, the semi-regular builds we do of the analyzer for Mac OS X (other platforms can compile from the sources in SVN) actually contains a built copy of the ‘clang’ executable. scan-build/ccc-analyzer will first look for ‘clang’ in the same directory that they are installed in; if you decide to build your copy of ‘clang’ from SVN sources make sure you remove the prebuilt one.

Alternatively, one can just use scan-build and its related tools directly from SVN; they are just not as conveniently packaged, and we don’t have a “make install” or similar option yet in SVN for the static analyzer. The reason for this is that the bundling of commands and resources is rapidly changing, and the clang repository itself includes not only the static analyzer, but they clang frontend, some code rewriter libraries, etc.

One advantage of using the semi-regular builds published at clang.llvm.org is that we tag the repository for “release” builds after we have made a certain number of changes to the repository that we think are “stable” enough for general release. This is still beta-quality software, but we do try and keep the builds generally useable.

By: Ted Kremenek on September 28th, 2008
at 12:31 am

Thanks, Eric
Really you put awesome presentation. Its definitely help lots of developer.

By: Manish Srivastava on November 28th, 2008
at 10:34 am

Eric,

Thanks for doing this.

Although I “washed out” at nano and had some other questions about what I was doing (I couldn’t see the directory when I created it in /usr/bin so I created it in /Developer/usr/bin), I’m hopeful that I can obtain some guidance at the next NSCoder Night because I really need to use the code analyzer!

By: Joel Norvell on January 3rd, 2009
at 2:35 am

Eric,
I finally figured out how to edit /etc/profile and was able to run the analyzer on my project. I’m most grateful to you for this tutorial!
Joel

By: Joel Norvell on January 3rd, 2009
at 11:17 pm

Hi Eric, what’s the benefit of adding the first two steps about (install LLVM/Clang (Optional))? Thanks.

By: Dong on March 30th, 2009
at 3:49 am

Well if you are familiar with the LLVM compiler within XCode, it adds this support to the command line, specifically for clang which is simply a replacement for GCC. Clang has tons of uses though(http://clang.llvm.org/features.html), but benefits… none really unless you’re a geek like me like to try all the cool new tools.

By: Eric on March 30th, 2009
at 6:46 am

Very very good tutorial, short and complete .

Well done mate, Well done.

By: houman on December 27th, 2009
at 10:59 pm

Very very good tutorial, short and complete .

Well done mate, Well done.

By: Bruce on May 19th, 2010
at 12:22 pm

Leave a response






Your response:

Categories