Qt-oriented static code analyzer based on the Clang framework

WARNING: master is the development branch. Please use the v1.10 branch.

clazy v1.11

clazy is a compiler plugin which allows clang to understand Qt semantics. You get more than 50 Qt related compiler warnings, ranging from unneeded memory allocations to misusage of API, including fix-its for automatic refactoring.

Table of contents

Source Code

You can get clazy from:

Supported platforms

Clazy has been tested on Linux, macOS and Windows/MSVC. Other platforms are not supported but we'll gladly accept patches.

Pre-built binaries

Pre-built clazy binaries for MSVC and Linux AppImage are produced by KDAB, you can get them from https://downloads.kdab.com/clazy/.

Build Instructions

Linux

Install dependencies

  • OpenSUSE tumbleweed: zypper install cmake git-core llvm llvm-devel llvm-clang llvm-clang-devel
  • Ubuntu: apt install g++ cmake clang llvm-dev git-core libclang-dev
  • Archlinux: pacman -S make llvm clang python2 cmake git gcc
  • Fedora: be sure to remove the llvm-static package and only install the one with dynamic libraries
  • Other distros: Check llvm/clang build docs.

Build and install clang

clang and LLVM >= 8.0 are required.

If your distro provides clang then you can skip this step.

  $ git clone https://github.com/llvm-mirror/llvm.git <some_directory>
  $ cd <some_directory>/tools/ && git clone https://github.com/llvm-mirror/clang.git
  $ cd <some_directory>/projects && git clone https://github.com/llvm-mirror/compiler-rt.git
  $ mkdir <some_directory>/build && cd <some_directory>/build
  $ cmake -DCMAKE_INSTALL_PREFIX=<prefix> -DLLVM_TARGETS_TO_BUILD=X86 -DCMAKE_BUILD_TYPE=Release -G Ninja ..
  $ cmake --build .
  $ cmake --build . --target install

Build clazy

  $ cd clazy/
  $ cmake -DCMAKE_INSTALL_PREFIX=<prefix> -DCMAKE_BUILD_TYPE=Release -G Ninja
  $ cmake --build .
  $ cmake --build . --target install

See troubleshooting section if you have problems.

Windows

Build and install clang

These instructions assume your terminal is suitable for development. Ninja (or equivalent), git, cmake, and cl (msvc2019) should be in your PATH.

clang and LLVM >= 9.0 are required.

Be sure to pass -DLLVM_EXPORT_SYMBOLS_FOR_PLUGINS=ON to CMake when building LLVM, otherwise clazy won't work.

  > git clone https://github.com/llvm/llvm-project.git -b llvmorg-11.0.0 <some_directory>
  > mkdir build # Important that this is outside of the source directory
  > cd build
  > cmake -DCMAKE_INSTALL_PREFIX=c:\my_install_folder\llvm\ -DLLVM_EXPORT_SYMBOLS_FOR_PLUGINS=ON -DLLVM_INCLUDE_EXAMPLES=OFF -DLLVM_TARGETS_TO_BUILD="X86" -DLLVM_ENABLE_PROJECTS="clang;clang-tools-extra" -DCMAKE_BUILD_TYPE=Release -G "Ninja" ../<some_directory>/llvm
  > cmake --build .
  > cmake --build . --target install
  > Add c:\my_install_folder\llvm\bin\ to PATH

Also be sure to copy the generated C:\path\to\llvm-build\lib\clang.lib to your installation folder somewhere. It contains the exported symbols of clang.exe, which the plugins need. Unfortunately LLVM doesn't install it. You can put it anywhere, just save it so you can delete the build directory.

Build clazy

Be sure to point CLANG_LIBRARY_IMPORT to clang.lib. It's probably inside your LLVM build dir since it doesn't get installed.

  > cd clazy\
  > cmake -DCMAKE_INSTALL_PREFIX=c:\my_install_folder\llvm\ -DCLANG_LIBRARY_IMPORT=C:\path\to\llvm-build\lib\clang.lib -DCMAKE_BUILD_TYPE=Release -G "Ninja"
  > cmake --build .
  > cmake --build . --target install

macOS with MacPorts

Install clang

$ sudo port install llvm-11 clang-11 cmake ninja coreutils
$ sudo ln -sf /opt/local/bin/llvm-config-mp-11 /opt/local/bin/llvm-config
$ sudo port select --set clang mp-clang-11

Build clazy

  $ export CXX=clang++
  $ cmake -G Ninja
  $ cmake --build .
  $ cmake --build . --target install

macOS with Homebrew

The recommended way is to build clazy yourself, but alternatively you can try user recipes, such as:

$ brew install kde-mac/kde/clazy

for stable branch, or for master:

$ brew install kde-mac/kde/clazy --HEAD

As these are not verified or tested by the clazy developers please don't report bugs to us.

For building yourself, read on. You'll have to install clang and build clazy from source.

Install clang

$ brew install --with-clang llvm

Build clazy

  $ export CXX=clang++
  $ export LLVM_ROOT=/usr/local/opt/llvm
  $ cmake -G Ninja
  $ cmake --build .
  $ cmake --build . --target install

Setting up your project to build with clazy

Note: Wherever clazy is mentioned, replace with clazy-cl.bat if you're on Windows, or replace with Clazy-x86_64.AppImage if you're using AppImage. Note: If you prefer running clazy over a JSON compilation database instead of using it as a plugin, jump to clazy-standalone.

You should now have the clazy command available to you, in <prefix>/bin/. Compile your programs with it instead of clang++/g++.

Note that this command is just a convenience wrapper which calls: clang++ -Xclang -load -Xclang ClazyPlugin.so -Xclang -add-plugin -Xclang clazy

If you have multiple versions of clang installed (say clang++-10 and clang++-11) you can choose which one to use by setting the CLANGXX environment variable, like so: export CLANGXX=clang++-11; clazy

To build a CMake project use: cmake . -DCMAKE_CXX_COMPILER=clazy and rebuild.

To make it the compiler for qmake projects, just run qmake like: qmake -spec linux-clang QMAKE_CXX="clazy"

On Windows with MSVC it's simply: qmake QMAKE_CXX="clazy-cl.bat"

Alternatively, if you want to use clang directly, without the wrapper: qmake -spec linux-clang QMAKE_CXXFLAGS="-Xclang -load -Xclang ClazyPlugin.so -Xclang -add-plugin -Xclang clazy"

On Windows it's similar, just inspect the contents of clazy-cl.bat.

It's recommended that you disable pre-compiled headers and don't use ccache.

You're all set, clazy will now run some checks on your project, but not all of them. Read on if you want to enable/disable which checks are run.

List of checks

There are many checks and they are divided in levels:

  • level0: Very stable checks, 99.99% safe, mostly no false-positives, very desirable
  • level1: The default level. Very similar to level 0, slightly more false-positives but very few.
  • level2: Also very few false-positives, but contains noisy checks which not everyone agree should be default.
  • manual: Checks here need to be enabled explicitly, as they don't belong to any level. They can be very stable or very unstable.

clazy runs all checks from level1 by default.

Selecting which checks to enable

You may want to choose which checks to enable before starting to compile. If you don't specify anything then all checks from level0 and level1 will run. To specify a list of checks to run, or to choose a level, you can use the CLAZY_CHECKS env variable or pass arguments to the compiler. You can disable checks by prefixing with no-, in case you don't want all checks from a given level.

Example via env variable

export CLAZY_CHECKS="unneeded-cast,qmap-with-pointer-key,virtual-call-ctor" # Enables only these 3 checks
export CLAZY_CHECKS="level0,no-qenums" # Enables all checks from level0, except for qenums
export CLAZY_CHECKS="level0,detaching-temporary" # Enables all from level0 and also detaching-temporary

Example via compiler argument

clazy -Xclang -plugin-arg-clazy -Xclang level0,detaching-temporary Don't forget to re-run cmake/qmake/etc if you altered the c++ flags to specify flags.

clazy-standalone and JSON database support

The clazy-standalone binary allows you to run clazy over a compilation database JSON file, in the same way you would use clang-tidy or other clang tooling. This way you don't need to build your application, only the static analysis is performed.

Note: If you're using the AppImage, use Clazy-x86_64.AppImage --standalone instead of clazy-standalone.

clazy-standalone supports the same env variables as the clazy plugin. You can also specify a list of checks via the -checks argument.

Running on one cpp file: clazy-standalone -checks=install-event-filter,qmap-with-pointer-key,level0 -p compile_commands.json my.file.cpp

Running on all cpp files: find . -name "*cpp" | xargs clazy-standalone -checks=level2 -p default/compile_commands.json

See https://clang.llvm.org/docs/JSONCompilationDatabase.html for how to generate the compile_commands.json file. Basically it's generated by passing -DCMAKE_EXPORT_COMPILE_COMMANDS to CMake, or using Bear to intercept compiler commands, or, if you're using qbs:

qbs generate --generator clangdb

Note: Be sure the clazy-standalone binary is located in the same folder as the clang binary, otherwise it will have trouble finding builtin headers, like stddef.h. Alternatively, you can symlink to the folder containing the builtin headers:

(Assuming clazy was built with -DCMAKE_INSTALL_PREFIX=/myprefix/)

$ touch foo.c && clang++ '-###' -c foo.c 2>&1 | tr ' ' '\n' | grep -A1 resource # Make sure this clang here is not Apple clang. Use for example clang++-mp-8.0 if on macOS and haven't run `port select` yet.
  "-resource-dir"
  "/opt/local/libexec/llvm-8.0/lib/clang/8.0.1" # The interesting part is /opt/local/libexec/llvm-8.0
$ ln -sf /opt/local/libexec/llvm-8.0/lib/clang/ /myprefix/lib/clang
$ mkdir /myprefix/include/
$ ln -sf /opt/local/libexec/llvm-8.0/include/c++/ /myprefix/include/c++ # Required on macOS

If that doesn't work, run clang -v and check what's the InstalledDir. Move clazy-standalone to that folder.

clang-tidy support will be added after https://bugs.llvm.org//show_bug.cgi?id=32739 is fixed.

Enabling Fixits

Some checks support fixits, in which clazy will help re-write your source files whenever it can fix something. Simply pass -Xclang -plugin-arg-clazy -Xclang export-fixes to clang, or -export-fixes=somefile.yaml for clazy-standalone. Alternatively, set the CLAZY_EXPORT_FIXES env variable (works only with the plugin, not with standalone). Then run clang-apply-replacements <folder_with_yaml_files>, which will modify your code.

When using fixits, prefer to run only a single check each time, so they don't conflict with each other modifying the same source lines.

WARNING: Backup your code and make sure all changes done by clazy are correct.

Troubleshooting

  • clang: symbol lookup error: /usr/lib/x86_64-linux-gnu/ClazyPlugin.so: undefined symbol: _ZNK5clang15DeclarationName11getAsStringEv. This is due to mixing ABIs. Your clang/llvm was compiled with the new gcc c++ ABI but you compiled the clazy plugin with clang (which uses the old ABI).

    The solution is to build the clazy plugin with gcc or use a distro which hasn't migrated to gcc5 ABI yet, such as archlinux.

  • [Fedora] cmake can't find LLVM ? Try building llvm/clang yourself (There are reports that /usr/share/llvm/cmake/LLVM-Config.cmake is buggy).

  • [Fedora] CommandLine Error: Option 'opt-bisect-limit' registered more than once! Remove the llvm-static package and use the dynamically linked libraries instead. Alternatively, if you want to use llvm-static, see next item.

  • CommandLine Error: Option 'foo' registered more than once! Means you're building against a static version of LLVM (*.a files instead of *.so). Try passing to cmake -DLINK_CLAZY_TO_LLVM=OFF when building clazy, this was tested successfully against a static LLVM 7.0, and might work with other versions.

  • Some checks are mysteriously not producing warnings or not applying fixits ? Check if you have ccache interfering and turn it off.

  • fatal error: 'stddef.h' file not found, while using clazy-standalone Be sure the clazy-standalone binary is located in the same folder as the clang binary.

  • Be sure to disable pch.

  • macOS: Be sure you're not using Apple Clang

  • macOS: System Integrity Protection blocks the use of DYLD_LIBRARY_PATH. With SIP enabled you need to pass the full path to ClazyPlugin.dylib, otherwise you'll get image not found error.

  • Windows: fatal error LNK1112: module machine type ‘X86’ conflicts with target machine type ‘x64’ If you're building in 32-bit, open clazy-cl.bat and insert a -m32 argument. Should read: %~dp0\clang\clang.exe –driver-mode=cl -m32 (...)

Qt4 compatibility mode

When running on codebases that must still compile with Qt4, you can pass --qt4compat (a convenience option equivalent to passing -Xclang -plugin-arg-clazy -Xclang qt4-compat) to disable checks that only make sense with Qt5.

For example, to build a CMake project with Qt4 compatibility use: CXX="clazy --qt4compat"; cmake . and rebuild.

Reducing warning noise

If you think you found a false-positive, file a bug report. But do make sure to test first without icecc/distcc enabled.

If you want to suppress warnings from headers of Qt or 3rd party code, include them with -isystem instead of -I (gcc/clang only). For MSVC use /external, which is available since VS 15.6.

Alternatively you can set the CLAZY_HEADER_FILTER env variable to a regexp matching the path where you want warnings, for example CLAZY_HEADER_FILTER=.*myapplication.*.

You can also exclude paths using a regexp by setting CLAZY_IGNORE_DIRS, for example CLAZY_IGNORE_DIRS=.*my_qt_folder.*.

You can also suppress individual warnings by file or by line by inserting comments:

  • To disable clazy in a specific source file, insert this comment, anywhere in the file: // clazy:skip

  • To disable specific checks in a source file, insert a comment such as // clazy:excludeall=check1,check2

  • To disable specific checks in specific source lines, insert a comment in the same line as the warning: (...) // clazy:exclude=check1,check2

Don't include the clazy- prefix. If, for example, you want to disable qstring-allocations you would write: // clazy:exclude=qstring-allocations not clazy-qstring-allocations.

Reporting bugs and wishes

When reporting a bug please include a minimal compilable testcase. No matter how simple it is, it saves me time from deciphering a bug report. Time spent doing triaging is time not spent writing fixes.

A minimal testcase is also something I can copy to the test suite.

Make sure you can reproduce with clazy (outside of QtCreator), otherwise it can be a QtCreator bug instead, which you can report at https://bugreports.qt.io/.

Authors

  • Sérgio Martins

with contributions from:

  • Allen Winter
  • Kevin Funk
  • Mathias Hasselmann
  • Laurent Montel
  • Albert Astals Cid
  • Aurélien Gâteau
  • Hannah von Reth
  • Volker Krause
  • Christian Ehrlicher
  • Christian Gagneraud
  • Nikolai Kosjar
  • Jesper K. Pedersen
  • Lucie Gerard
  • Christian Schärf
  • Waqar Ahmed

qt6-* porting checks written by Lucie Gerard [email protected]

and thanks to:

  • Klarälvdalens Datakonsult AB (http://www.kdab.com), for letting me work on clazy as a research project

Contributing patches

New features go to master and bug fixes go to the 1.10 branch. The prefered way to contributing is by using KDE's GitLab instance, see https://community.kde.org/Infrastructure/GitLab.

If you rather just create a pull request in https://github.com/KDE/clazy for a drive-by change, it's also fine, but beware that the maintainer might forget to check on github and the KDE bot will close the PR. In that case just send a reminder to the maintainer (smartins at kde.org).

Owner
KDE GitHub Mirror
Official read-only mirror of the KDE project. Please don't send pull requests; to contribute code see https://community.kde.org/Infrastructure/Github_Mirror
KDE GitHub Mirror
Comments
  • Add and start using CLANG_CHECK_FUNC_NAME

    Add and start using CLANG_CHECK_FUNC_NAME

    Clazy checks so far have used the expensive getQualifiedNameAsString() function which internally needs to build up a std::string from various StringRefs, to check for fully-qualified function names.

    The Clang-Tidy developers, however, recommend to first check the function name via getName() (which returns a StringRef) and only upon a successful match check the FQN, too.

    Add a macro that implements this strategy. Can't use a real function, since we needs to concatenate C string literals at compile time.

    Not all instances of the pattern have been fixed. In a number of places, the FQN is used to search in a list of names. These first need to be decomposed.

  • Fix compilation with LLVM 11

    Fix compilation with LLVM 11

    1. In LLVM 11, llvm::StringRef::operator std::string() const is marked as explicit. So, make all implicit conversions from llvm::StringRef to std::string explicit.
    2. Include clang/Basic/FileManager.h in src/MiniDumper.cpp because class clang::FileEntry is incomplete otherwise.
  • Properly install man pages into the standard directory

    Properly install man pages into the standard directory

    Previously it installs into /usr/man/man1 which is incorrect. It should be /usr/share/man/man1 as specified in FHS[1].

    [1]: https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s11.html#usrsharemanManualPages

  • WIP: Fix build issues using llvm 10.0.0

    WIP: Fix build issues using llvm 10.0.0

    To build clazy with gcc 9.2.0 using llvm 10.0.0 I had to make the following changes. I also had to bump the c++ version because the included llvm headers use c++14:

    
    ... /Clang/10.0.0/include/llvm/Support/TrailingObjects.h: In static member function 'static void llvm::TrailingObjects::verifyTrailingObjectsAssertions()':
    ... /Clang/10.0.0/include/llvm/Support/TrailingObjects.h:253:24: error: 'is_final' is not a member of 'std'
      253 |     static_assert(std::is_final(), "BaseTy must be final.");
    
  • Add a YAML diagnostic exporter (like clang-tidy)

    Add a YAML diagnostic exporter (like clang-tidy)

    This idea of this PR is to add the equivalent of clang-tidy -export-fixes=<filename>. This is currently rough, but it does generate fixit db files. I still need to do more testing, eg. clang-apply-replacement shows that not all fixes are correct. But most of them are, so it's not that bad.

    Let me know if you're interested by this feature, any feedback welcome.

  • Fix build

    Fix build

    Without this fix I was getting:

    08:30 $ make && make install
    Scanning dependencies of target ClangLazy
    [  1%] Building CXX object CMakeFiles/ClangLazy.dir/src/checks/level0/qcolor-from-literal.cpp.o
    In file included from /home/big/Documents/Github/clazy/src/StringUtils.h:29:0,
                     from /home/big/Documents/Github/clazy/src/checks/level0/qcolor-from-literal.cpp:22:
    /home/big/Documents/Github/clazy/src/Utils.h: In function ‘bool Utils::isMainFile(const clang::SourceManager&, clang::SourceLocation)’:
    /home/big/Documents/Github/clazy/src/Utils.h:280:21: error: invalid use of incomplete type ‘const class clang::SourceManager’
                 loc = sm.getExpansionLoc(loc);
    
    
  • Static library build

    Static library build

    This changes allow you to build clazy plugin static library (I've tested it with msvc and mingw) to link it later to libclang (like clangTidy is linked currently)

    In libclang it requires to add some code to force some symbols link, like those: extern volatile int ClazyPluginAnchorSource; static int ClazyPluginAnchorDestination = ClazyPluginAnchorSource;

    and some more to register checks

Static analyzer for C/C++ based on the theory of Abstract Interpretation.

IKOS IKOS (Inference Kernel for Open Static Analyzers) is a static analyzer for C/C++ based on the theory of Abstract Interpretation. Introduction IKO

Jun 13, 2022
A static analyzer for Java, C, C++, and Objective-C
A static analyzer for Java, C, C++, and Objective-C

Infer Infer is a static analysis tool for Java, C++, Objective-C, and C. Infer is written in OCaml. Installation Read our Getting Started page for det

Jun 17, 2022
Pharos Static Binary Analysis Framework

Automated static analysis tools for binary programs

Jun 22, 2022
ELF static analysis and injection framework that parse, manipulate and camouflage ELF files.

elfspirit elfspirit is a useful program that parse, manipulate and camouflage ELF files. It provides a variety of functions, including adding or delet

Jun 15, 2022
A tool for use with clang to analyze #includes in C and C++ source files

Include What You Use For more in-depth documentation, see docs. Instructions for Users "Include what you use" means this: for every symbol (type, func

Jun 21, 2022
Clang build analysis tool using -ftime-trace

Clang Build Analyzer Clang C/C++ build analysis tool when using Clang 9+ -ftime-trace. The -ftime-trace compiler flag (see blog post or Clang 9 releas

Jun 16, 2022
Static code checker for C++

cpplint - static code checker for C++ Cpplint is a command-line tool to check C/C++ files for style issues following Google's C++ style guide. Cpplint

Jun 21, 2022
CITL's static analysis engine for native code artifacts

citl-static-analyzer Fast binary hardening analysis tooling. Building on Linux The build process varies by Linux distribution, owing to differences be

Feb 14, 2022
Static analysis of C/C++ code

Cppcheck GitHub Actions Linux Build Status Windows Build Status OSS-Fuzz Coverity Scan Build Status License About the name The original name of this p

Jun 22, 2022
A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers (CVE makers!)
A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in drivers (CVE makers!)

Driver Analyzer A static analysis tool that helps security researchers scan a list of Windows kernel drivers for common vulnerability patterns in driv

Jun 13, 2022
将 C/C++ 代码转换成流程图 / Turn your C/C++ code into flowchart
将 C/C++ 代码转换成流程图 / Turn your C/C++ code into flowchart

将 C/C++ 代码转换成流程图 / Turn your C/C++ code into flowchart

Jun 17, 2022
Legacy stepper motor analyzer - A DYI minimalist hardware stepper motor analyzer with graphical touch screen.
Legacy stepper motor analyzer - A DYI minimalist hardware stepper motor analyzer with graphical touch screen.

Simple Stepper Motor Analyzer NOTE: This is the legacy STM32 based design which was replaced by the single board, Raspberry Pi Pico design at https://

Mar 21, 2022
✔️The smallest header-only GUI library(4 KLOC) for all platforms
✔️The smallest header-only GUI library(4 KLOC) for all platforms

Welcome to GUI-lite The smallest header-only GUI library (4 KLOC) for all platforms. 中文 Lightweight ✂️ Small: 4,000+ lines of C++ code, zero dependenc

Jun 17, 2022
Static analyzer for C/C++ based on the theory of Abstract Interpretation.

IKOS IKOS (Inference Kernel for Open Static Analyzers) is a static analyzer for C/C++ based on the theory of Abstract Interpretation. Introduction IKO

Jun 17, 2022
A LLVM-based static analyzer to produce PyTorch operator dependency graph.

What is this? This is a clone of the deprecated LLVM-based static analyzer from the PyTorch repo, which can be used to produce the PyTorch operator de

Dec 15, 2021
Static analyzer for C/C++ based on the theory of Abstract Interpretation.

IKOS IKOS (Inference Kernel for Open Static Analyzers) is a static analyzer for C/C++ based on the theory of Abstract Interpretation. Introduction IKO

Jun 13, 2022
A static analyzer for Java, C, C++, and Objective-C
A static analyzer for Java, C, C++, and Objective-C

Infer Infer is a static analysis tool for Java, C++, Objective-C, and C. Infer is written in OCaml. Installation Read our Getting Started page for det

Jun 17, 2022
A multimedia framework developed from scratch in C/C++, bundled with test programs and a neat media analyzer.

MiniVideo framework MiniVideo is a multimedia framework developed from scratch in C/C++, bundled with small testing programs and a neat media analyser

Mar 21, 2022
🚀 Kick-start your C++! A template for modern C++ projects using CMake, CI, code coverage, clang-format, reproducible dependency management and much more.
🚀 Kick-start your C++! A template for modern C++ projects using CMake, CI, code coverage, clang-format, reproducible dependency management and much more.

ModernCppStarter Setting up a new C++ project usually requires a significant amount of preparation and boilerplate code, even more so for modern C++ p

Jun 22, 2022
Standardise code formating for cmake projects with git and clang-format

git-cmake-format This project aims to provide a quick and easy way to integrate clang-format into your CMake project hosted in a git repository, it co

Apr 14, 2022