So I'm doing a lot of security audits of code (hey apple!), it annoys me that I cannot just dump all files into scan-build and let it do cross file checking. I end up hacking code so it fits in one big file, and then analyse that.
But with a standard ./configure/make way, or any other build process for that matter - it should be possible for scan-build to do the hard lifting for me. Each clang c.cc -o foo.o could also dump some pre-parsed form, and then when linker is called - grab them - by using the .o files as reference to where to find those, and do the long painful analysis that we all want.
I'm guessing you guys are working on something like that, as it feels like a natural step forward after cross function checking.
llvmbot
commented
11 years ago
Extended Description
So I'm doing a lot of security audits of code (hey apple!), it annoys me that I cannot just dump all files into scan-build and let it do cross file checking. I end up hacking code so it fits in one big file, and then analyse that.
But with a standard ./configure/make way, or any other build process for that matter - it should be possible for scan-build to do the hard lifting for me. Each clang c.cc -o foo.o could also dump some pre-parsed form, and then when linker is called - grab them - by using the .o files as reference to where to find those, and do the long painful analysis that we all want.
I'm guessing you guys are working on something like that, as it feels like a natural step forward after cross function checking.