Using CLANG/scan-build for Static Analysis of the PHP Interpreter

Sebastian Bergmann » 16 December 2011 » in PHP » 0 Comments

I have been tinkering with CLANG's static analyzer lately. This post summarizes how I installed LLVM and CLANG and performed the analysis of a build of the PHP interpreter.

First, we need to obtain the CLANG and LLVM source trees and build CLANG:

cd /usr/local/src
mkdir clang
cd clang
svn co http://llvm.org/svn/llvm-project/llvm/trunk llvm
cd llvm/tools
svn co http://llvm.org/svn/llvm-project/cfe/trunk clang
cd ../../
mkdir build
cd build
../llvm/configure --enable-optimized --disable-assertions
make

Then we need to add the directories that contain clang, ccc-analyzer, and scan-build to our $PATH:

export PATH=/usr/local/src/clang/build/Release/bin:/usr/local/src/clang/llvm/tools/clang/tools/scan-build:$PATH

Now we can analyze the C code of PHP while compiling it using CLANG:

cd /usr/local/src/php/5.4

export CC="ccc-analyzer"
export CXX="ccc-analyzer"

scan-build ./configure
scan-build make

Once the build completes there will be a report directory with HTML files (about 1.5 GB of them) in /tmp.

Defined tags for this entry: clang

, llvm

, php

, scan-build

, static_analysis

Trackback specific URI for this entry

0 Comments to "Using CLANG/scan-build for Static Analysis of the PHP Interpreter"

Display comments as (Linear | Threaded)

No comments

0 Trackbacks to "Using CLANG/scan-build for Static Analysis of the PHP Interpreter"

No Trackbacks

Sebastian Bergmann