Re: [Gluster-devel] Proposal: Using LLVM clang-analyzer in gluster development
Niels de Vos, I wish to get access to you setup :) We know that Clang is compiler more than analyzer, it support many Architectures. you can have a glance at http://llvm.org/docs/doxygen/html/Triple_8h_source.html Further Compiling clang from source should not be that difficult in many of the distros. Since our purpose is to use Clang-Analyzer only in development of glusterfs, that means only the distributions that developers use i.e. Fedora, CentOs, RHEL, Ubuntu and very few others. From above, I hope integrating Scan-build in script like checkpatch.pl or any other will be a good Idea as Athin proposed. Thanks Regards, Prasanna Kumar K - Original Message - From: Atin Mukherjee amukh...@redhat.com To: Niels de Vos nde...@redhat.com, Atin Mukherjee atin.mukherje...@gmail.com Cc: Gluster Devel gluster-devel@gluster.org Sent: Wednesday, May 27, 2015 9:58:00 AM Subject: Re: [Gluster-devel] Proposal: Using LLVM clang-analyzer in gluster development On 05/27/2015 12:24 AM, Niels de Vos wrote: On Tue, May 26, 2015 at 11:00:25PM +0530, Atin Mukherjee wrote: On 26 May 2015 17:30, Prasanna Kalever pkale...@redhat.com wrote: Hi gluster team, Proposal: Using Clang static analyzer tool for gluster project About Clang: From a very high level view, Clang has two features 1. Clang as a compiler 2. Clang as a code analyzer The Idea hear is to use second point i.e Clang as code analyzer and still gcc will be our default compiler. The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs. Given the exact same code base, clang-analyzer reported ~70 potential issues. clang is an awesome and free tool. The reports from clang-analyzer are in HTML and there's a single file for each issue and it generates a nice looking source code with embedded comments about which flow that was followed all the way down to the problem. Why Clang-Analyzer: (Advantages) 1. Since its is an open source tool: * Available to all the developers * Easy Access, we can run the tool while we compile the code (say $ scan-build make) * No restrictions on Number of Runs per week/day/hour/min .. * Defects are Identified before submitting a patch, thus very less chance of defect injection into project 2. The Html view of clang is very impressive with all the source code including comments of clang-analyzer, which lead to defect line number directly . I have attached a sample clang results for geo-replication module run on latest 3.7+ glusterfs code, please find them above. Thanks for your time. On a relative note, I feel we should try to integrate any of these static analyzer as part of our checkpatch.pl and compare the pre and post report and proceed if the change doesn't introduce any new defects. Thoughts? That sounds more like a test we can run in Jenkins. Having this check in checkpatch.pl might be difficult because that should be able to run on any OS/distribution we support. When we move the test to Jenkins, we can run it on the regression test slaves and have them post -1 verified in case of issues. Sounds good to me, be it at local or jenkins, my only intention is to refrain introducing defects for a new patch. Are there tools to do the pre/post result comparing? I have recently setup a test environment for Jenkins jobs and am happy to give you (or any one else) access to it for testing (sorry, my setup is on the Red Hat internal network only). We need to explore on that part, I am hoping that we should have such kind of tools available. However if not at worst case can't we compare them through our own scripts? Niels ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel -- ~Atin ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel
[Gluster-devel] Proposal: Using LLVM clang-analyzer in gluster development
Hi gluster team, Proposal: Using Clang static analyzer tool for gluster project About Clang: From a very high level view, Clang has two features 1. Clang as a compiler 2. Clang as a code analyzer The Idea hear is to use second point i.e Clang as code analyzer and still gcc will be our default compiler. The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs. Given the exact same code base, clang-analyzer reported ~70 potential issues. clang is an awesome and free tool. The reports from clang-analyzer are in HTML and there's a single file for each issue and it generates a nice looking source code with embedded comments about which flow that was followed all the way down to the problem. Why Clang-Analyzer: (Advantages) 1. Since its is an open source tool: * Available to all the developers * Easy Access, we can run the tool while we compile the code (say $ scan-build make) * No restrictions on Number of Runs per week/day/hour/min .. * Defects are Identified before submitting a patch, thus very less chance of defect injection into project 2. The Html view of clang is very impressive with all the source code including comments of clang-analyzer, which lead to defect line number directly . I have attached a sample clang results for geo-replication module run on latest 3.7+ glusterfs code, please find them above. Thanks for your time. Best Regards, Prasanna Kumar K. scan-build-geo-repln.tar.bz2 Description: application/bzip-compressed-tar ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel
Re: [Gluster-devel] Proposal: Using LLVM clang-analyzer in gluster development
Hi, We already are running nightly builds using both clang compile and clang analyze. see http://download.gluster.org/pub/gluster/glusterfs/static-analysis/ On 05/26/2015 08:00 AM, Prasanna Kalever wrote: Hi gluster team, Proposal: Using Clang static analyzer tool for gluster project About Clang: From a very high level view, Clang has two features 1. Clang as a compiler 2. Clang as a code analyzer The Idea hear is to use second point i.e Clang as code analyzer and still gcc will be our default compiler. The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs. Given the exact same code base, clang-analyzer reported ~70 potential issues. clang is an awesome and free tool. The reports from clang-analyzer are in HTML and there's a single file for each issue and it generates a nice looking source code with embedded comments about which flow that was followed all the way down to the problem. Why Clang-Analyzer: (Advantages) 1. Since its is an open source tool: * Available to all the developers * Easy Access, we can run the tool while we compile the code (say $ scan-build make) * No restrictions on Number of Runs per week/day/hour/min .. * Defects are Identified before submitting a patch, thus very less chance of defect injection into project 2. The Html view of clang is very impressive with all the source code including comments of clang-analyzer, which lead to defect line number directly . I have attached a sample clang results for geo-replication module run on latest 3.7+ glusterfs code, please find them above. Thanks for your time. Best Regards, Prasanna Kumar K. ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel -- Kaleb ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel
[Gluster-devel] Proposal: Using LLVM clang-analyzer in gluster development
Hi gluster team, Proposal: Using Clang static analyzer tool for gluster project About Clang: From a very high level view, Clang has two features 1. Clang as a compiler 2. Clang as a code analyzer The Idea hear is to use second point i.e Clang as code analyzer and still gcc will be our default compiler. The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs. Given the exact same code base, clang-analyzer reported ~70 potential issues. clang is an awesome and free tool. The reports from clang-analyzer are in HTML and there’s a single file for each issue and it generates a nice looking source code with embedded comments about which flow that was followed all the way down to the problem. Why Clang-Analyzer: (Advantages) Since its is an open source tool: Available to all the developers Easy Access, we can run the tool while we compile the code (say $ scan-build make ) No restrictions on Number of Runs per week/day/hour/min .. Defects are Identified before submitting a patch, thus very less chance of defect injection into project The Html view of clang is very impressive with all the source code including comments of clang-analyzer, which lead to defect line number directly . I have attached a sample clang results for geo-replication module run on latest 3.7+ glusterfs code, please find them above. Thanks for your time. Best Regards, Prasanna Kumar K. scan-build-geo-repln.tar.bz2 Description: application/bzip-compressed-tar ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel
Re: [Gluster-devel] Proposal: Using LLVM clang-analyzer in gluster development
Prasanna, have you compared the results to the ones we see via coverity? -Ira - Original Message - Hi gluster team, Proposal: Using Clang static analyzer tool for gluster project About Clang: From a very high level view, Clang has two features 1. Clang as a compiler 2. Clang as a code analyzer The Idea hear is to use second point i.e Clang as code analyzer and still gcc will be our default compiler. The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs. Given the exact same code base, clang-analyzer reported ~70 potential issues. clang is an awesome and free tool. The reports from clang-analyzer are in HTML and there’s a single file for each issue and it generates a nice looking source code with embedded comments about which flow that was followed all the way down to the problem. Why Clang-Analyzer: (Advantages) Since its is an open source tool: Available to all the developers Easy Access, we can run the tool while we compile the code (say $ scan-build make ) No restrictions on Number of Runs per week/day/hour/min .. Defects are Identified before submitting a patch, thus very less chance of defect injection into project The Html view of clang is very impressive with all the source code including comments of clang-analyzer, which lead to defect line number directly . I have attached a sample clang results for geo-replication module run on latest 3.7+ glusterfs code, please find them above. Thanks for your time. Best Regards, Prasanna Kumar K. ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel
Re: [Gluster-devel] Proposal: Using LLVM clang-analyzer in gluster development
On 26 May 2015 17:30, Prasanna Kalever pkale...@redhat.com wrote: Hi gluster team, Proposal: Using Clang static analyzer tool for gluster project About Clang: From a very high level view, Clang has two features 1. Clang as a compiler 2. Clang as a code analyzer The Idea hear is to use second point i.e Clang as code analyzer and still gcc will be our default compiler. The Clang Static Analyzer is a source code analysis tool that finds bugs in C, C++, and Objective-C programs. Given the exact same code base, clang-analyzer reported ~70 potential issues. clang is an awesome and free tool. The reports from clang-analyzer are in HTML and there's a single file for each issue and it generates a nice looking source code with embedded comments about which flow that was followed all the way down to the problem. Why Clang-Analyzer: (Advantages) 1. Since its is an open source tool: * Available to all the developers * Easy Access, we can run the tool while we compile the code (say $ scan-build make) * No restrictions on Number of Runs per week/day/hour/min .. * Defects are Identified before submitting a patch, thus very less chance of defect injection into project 2. The Html view of clang is very impressive with all the source code including comments of clang-analyzer, which lead to defect line number directly . I have attached a sample clang results for geo-replication module run on latest 3.7+ glusterfs code, please find them above. Thanks for your time. On a relative note, I feel we should try to integrate any of these static analyzer as part of our checkpatch.pl and compare the pre and post report and proceed if the change doesn't introduce any new defects. Thoughts? Best Regards, Prasanna Kumar K. ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel ___ Gluster-devel mailing list Gluster-devel@gluster.org http://www.gluster.org/mailman/listinfo/gluster-devel