Development/Clang Code Analysis

Clang Code Analysis
This short tutorial aims to describe how to run the Clang static code analyzer to generate reports.

Example results
Example generated results can be found here:

https://dev-builds.libreoffice.org/clang_reports/

Generated by this script: https://git.libreoffice.org/dev-tools/+/master/scan-build-report/scan-build-report.sh

Set up build environment
Follow the guidelines at: Building on Linux to set up your LibreOffice build environment.

Install LLVM/Clang packages
To install the binary packages that come with your Linux distribution run following commands.

On Ubuntu/Debian, you can install with command: sudo apt install llvm clang clang-tools

On Fedora, you can install the packages by running this command: sudo yum install llvm clang clang-analyzer

Install LLVM/Clang from source
Installing LLVM and Clang from the latest sources is recommended, as at the time of writing this tutorial c++ analysis is still very much a work in progress, and it makes sense to use the latest code with the best support for c++ analysis. You can install from scratch by following this guide:

https://clang.llvm.org/get_started.html

When running  llvm/clang, please specify. The default build generates a (bigger, slower) debug build. This switch generates a release build of llvm/clang.

../llvm/configure --enable-optimized

Install C++ Analyzer
In current versions of the build system, the analyzer does get installed when running.

Run ./autogen.sh
First you need to configure your build environment for analysis. This is done by running the  command. A short tutorial about it can be found here: https://clang-analyzer.llvm.org/scan-build.html

scan-build --use-cc=clang --use-c++=clang++ ./autogen.sh

Note:
 * If you have clang installed in a non standard path, you need  even if Clang is already in.

Run ./configure.sh
Now we can build and analyze the LibreOffice code. By default the analyzer works by inserting the clang analyzer and performing the analysis before the code gets build. It does this by using Clang for analysis, and the default compiler (GCC in this case) alone. This is the least intrusive way of functioning for Clang. However, although Clang is meant as a drop-in replacement for GCC, it is not 100% compatible in some corner-cases. Unfortunately, some of these are hit in LibreOffice. Therefore we need to override the default behavior and also compile with Clang using. I ran into weird issues when using ccache, where the analyzer tried to analyze all the files located in the cache. So I disabled it using.

I enabled a  of LibreOffice, as there are some instances where debug code can assist the analyzer.

As much of the system libraries instead of the internal libreoffice supplied ones are used by specifying '--with-system-libs'.

scan-build --use-cc=clang --use-c++=clang++ ./configure --disable-ccache --enable-debug \ --with-system-libcmis=no --with-system-hsqldb=no --with-system-saxon=no --with-system-libs

Run make
You can now analyze+build LibreOffice.

mkdir /tmp/libreoffice scan-build --use-cc=clang --use-c++=clang++ -o /tmp/libreoffice make

Done
You should now have the generated HTML report files.