svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
codean(1)
codean(1) User Commands codean(1)
NAME
codean - Command Line Interface of Code Analyzer
SYNOPSIS
codean
[-s] [-d] [-c] [-f source-file1 [source-file2 ... ]]
[-n number-of-lines] [--showerrors error-code]
[--showwarnings warning-code] [--hideerrors error-code]
[--hide-warnings warning-code] [--save [-t]]
[--whatisnew | --whatisfixed] [--tag tag-name]
[-D destination-directory] [--ref reference-path] [--union]
[--showhash] [--showlabel label-name] [--hidelabel label-name]
[--findhash hash [:hash]] [--fullpath] [-V] [executable|directory]
DESCRIPTION
The codean (/'code-an/) command launches the Code Analyzer Command-Line
tool (Codean). Codean enables you to combine three types of analysis to
help you produce secure, robust, and quality C and C++ applications.
Codean reads the Analytics file, using data gathered from Previse,
Uncover, and Discover as input. Codean then generates output in text
and html formats. Codean also provides a mechanism for storing data in
a history archive. You can later compare newer data with the data in
the archive you created.
tag-name is the tag name. reference is a reference executable file or
directory to compare recent data against. error-code is a three-letter
error code. warning-code is a three-letter warning code. Note that the
three-letter error code or three-leter warning code must be either all
capitalized or all lower-case. For a full list of error codes and warn‐
ing codes, see the Oracle Developer Studio 12.5: Code Analyzer User's
Guide. label-name can be one of the following: verified, false_posi‐
tive, or wont_be_fixed.
OPTIONS
codean accepts the following options:
-s
Process static data. You can specify multiple options or leave
blank. If left blank, Codean processes all possible options,
depending on whether .analyze/static(dynamic, coverage)/latest
exists.
-d
Process dynamic data. You can specify multiple options or leave
blank. If left blank, Codean processes all possible options,
depending on whether .analyze/static(dynamic, coverage)/latest
exists.
-c
Process coverage data. You can specify multiple options or leave
blank. If left blank, Codean processes all possible options,
depending on whether .analyze/static(dynamic, coverage)/latest
exists.
-f source-file [source-file2 ...]
Only display issues in given source file. You can specify more than
one source file.
-n number-of-lines
Display the specified number of lines of source code.
--showerrors error-code
Display errors of type error-code. The error-code can have the
value of a three-letter error code, MLK for memory leak errors, or
all for all errors.
--showwarnings warning-code
Display warnings of type warning-code. The warning-code can have
the value of a three-letter warning code, MLK for memory leak warn‐
ings, or all for all warnings.
--hideerrors error-code
Hide errors of type error-code. The error-code can have the value
of a three-letter error code, MLK for memory leak errors, or all
for all errors.
--hidewarnings warning-code
Display warnings of type warning-code. The warning-code can have
the value of a three-letter warning code, MLK for memory leak warn‐
ings, or all for all warnings.
--save [-t]
Save the latest reports. If -t is specified, overwrites the saved
report with the same tag name.
--whatisnew
Present only the new issues since the last run. If a saved copy
cannot be found with the checksums to compare against, most likely
due to an absence or emptiness of the .analyze/history/ directory,
Codean first internally does a save command and then does the com‐
parison.
--whatisfixed
Present only the fixed issues. If a saved copy cannot be found with
the checksums to compare against, most likely due to an absence or
emptiness of the .analyze/history/ directory, Codean first inter‐
nally does a save command and then does the comparison.
--tag tag-name
Specify tag name of saved report. This option names the saved copy
if paired with --save and finds which historic copy to compare
against if paired with --whatisnew or --whatisfixed. A tag name can
be specified with this option. When --save is present, if no tag
name is specified, Codean checks the last modified time of the lat‐
est report of the executable and uses the time stamp as the tag
name. The format is hh::mm:ssmonddyear, such as 12:52:16Jul 12012.
When --whatisnew or --whatisfixed is present, if no tag name is
specified, the latest report is compared with the last saved copy.
-D destination-directory
Specify a location to put all the end reports. This flag must be
followed by a destination directory.
--ref reference-path
Paired with --whatisnew or --whatisfixed only, --reference-path
specifies a different file to compare against. The reference-path
is a reference executable or directory name that must be specified.
For example, if you have 2 cg binaries, cg.pass and cg.fail, then
you can compare the binaries against each other.
codean -s --whatisnew --ref cg.pass cg.fail
Using the previous command shows the new issues in the cg.fail Pre‐
vise report compared to the cg.pass Previse report.
--union
Present multiple dynamic reports. When specified with --save,
--whatisnew, and --whatisfixed, it will save, show new issues, and
show fixed issues of multiple dynamic reports respectively. The
details of an issue that appear in multiple reports will be only
displayed once.
--showhash hash
Display hash string hash associated with each issue.
--showlabel [verified | false_positive | wont_be_fixed]
Display only issues with the specified label.
--hidelabel [verified | false_positive | wont_be_fixed]
Hide issues with the specified label.
--findhash hash [:hash2 ...]
Display only issues associated with the specified hash hash. You
can list more than one hash string.
--fullpath
Display the full file path.
-V
Print version and exit without any further processing.
EXAMPLE OF MONITORING A BUG FIX
The following section describes how you can monitor the affect of a bug
fix, particularly how to keep track of the dynamic memory access
because the bug has invalid memory access.
1. Compile the target source before the fix.
2. Instrument the binary using Discover. Make sure Analytics
output is generated by using the command discover -a.
3. Run the instrumented binary.
4. Use Codean to store the Analytics output by using the fol‐
lowing command:
codean --save --tag before_bugfix -d a.out
A history archive is created at a.out.analyze/his‐
tory/before_bugfix/, and a history file called dynamic is
also created under the directory.
5. Fix the bug.
6. Recompile the target source.
7. Reinstrument the binary using Discover, with the command
discover -a.
8. Rerun the instrumented binary.
9. Show the comparison results: You can run Codean to ensure
the invalid memory access caused by the bug has gone. Use
the following command:
codean --whatisfixed --tag before_bugfix -d a.out
The previous command also produces a new Analytics output
file, a.out.analyze/dynamic/fixed_before_bugfix, which only
contains fixed dynamic issues. You can then use Codean or
the Code-Analyzer GUI to view these fixed issues.
10. [Optional] You can also run Codean to ensure you did not
introduce a new bug. Use the following command:
codean --whatisnew --tag before_bugfix -d a.out
Similar to using the --whatisfixed command, this also pro‐
duces a new Analytics output file at a.out.ana‐
lyze/dynamic/new_before_bugfix that only contains new
dynamic issues.
Studio 12.6 December 2016 codean(1)