While you may be familiar withÂ using tools like Instruments to find and fix memory leaks in your application, the Clang Static Analyzer takes a different approach to memory leak detection by compiling your Xcode project and scanning each method, class, loop, and logic block for potential leaks. You may have heard of the Clang Static Analyzer referred to by the name of the command line tool used to run the analyzer: scan-build. That is how I will be referring to it for the remainder of this post.
scan-build is currently only available in binary form for OS X 10.5.
If you haven’t yet downloaded scan-build head on over toÂ the LLVM/Clang Static Analyzer homepageÂ and look for the Download section at the bottom of the page. Click the link for checker-NN.tar.gz (where NN is some build number). At the time of this writing the link reads checker-72.tar.gz. The developers of scan-build are very active so I have no doubt that the build number is already different.
Since scan-build is a command line tool it makes sense to install it into one of OS X’s pre-defined command line tool locations. We’ll put it in /usr/local/bin.
Â sudo mkdir -p /usr/local/bin
sudo mv ~/Downloads/checker-NN/* /usr/local/bin/
scan-build tests your code by compiling your Xcode project and studying it for defects during the build process. To check your code, you just invoke scan-build from the command line at the top level of any one of your project directories.
There’s quite a bit of output when scan-build runs, but once it finishes running you will either see
** BUILD SUCCEEDED ** scan-build: No bugs found.
or something similar to
** BUILD SUCCEEDED ** scan-build: 7 bugs found. scan-build: Open '/tmp/scan-build-fw1RAD/2008-07-31-1/index.html' to examine bug reports.
Using scan-build with the iPhone requires a little extra tweaking in your Xcode project settings to make sure that you are compiling your project using an SDK that is compatible with scan-build’s compiler. Â The rest of these instructions assume a project who’s configuration has not been modified beyond what is provided when you create a new project. Â I will be working with a project titledÂ WhatsMyIP.
After running scan-build a few times the first thing that you might want to do is tell scan-build to put its reports in a different directory. To do that, simply specify the output folder on the command line like so:
scan-build -o /path/to/the/directory/where/you/want/your/report xcodebuild
There are a few other flags that can be passed to scan-build, but for now the reports that are generated should be the same regardless of the flags you set. Check out theÂ Other OptionsÂ section on theÂ Static Analyzer usage pageÂ for the full (but still pretty short) list of available options.
One thing to note is that scan-build is still in pre-1.0 and has some rough edges. You may notice some false-positives or other undesirable behavior. As with any pre-release software use it at your own risk and always have a backup of your work. That being said, I have not had nor heard of any disastrous problems with it, so your risk is probably pretty low.
A lot of folks in the OS X development community have gotten a lot of use out of scan-build in the past few months. One of the larger scale uses of it can be found on the Adium project, you can view the results of their static analysisÂ here.