Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Can codeql binary use compile_database.json for cpp projects? #9

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Warchant opened this issue Jan 12, 2020 · 1 comment
Open

Can codeql binary use compile_database.json for cpp projects? #9

Warchant opened this issue Jan 12, 2020 · 1 comment
Assignees
@p0
Labels
CLI enhancement New feature or request

Comments

@Warchant
Copy link

Warchant commented Jan 12, 2020
edited
Loading

Do I understand correctly, that to create new database with codeql for cpp project, it is enough to provide a list of files and build flags?

If so, can you please add an option to create a database from compile_commands.json file (https://clang.llvm.org/docs/JSONCompilationDatabase.html)?

If project uses cmake, to generate it, it is enough to define a single var:

set(CMAKE_EXPORT_COMPILE_COMMANDS ON)

If project uses autotools, like bitcoin or linux, it is enough to execute compiledb

./autotools.sh
./configure
compiledb -n make

I am sure, there are ways to generate one for other build systems.

This feature can save a lot of time during database creation for cpp projects, because generation of this file is fast, as opposed to providing -c flag to codeql binary to actually build the project.
@p0
Copy link

p0 commented Jan 13, 2020

Do I understand correctly, that to create new database with codeql for cpp project, it is enough to provide a list of files and build flags?

For C++, it's actually a bit more than that: In the default configuration, CodeQL will look at linker invocations as well, which allows it to distinguish versions of the same function (or an identically-name-mangled function) compiled into different binaries.

Having said that, one can actually get a pretty long way with just the data from a compile_commands.json file. There are still caveats, mainly around generated code or code that's moved around by the build system: If you never run the build, then such code will obviously not exist, and therefore compilations will fail arbitrarily. Perhaps worse, there may be stale generated code that's picked up, and so you may analyze a tree that does not correspond to a real configuration.

If you're willing to take that risk, then indeed it would be possible to drive database creation from just a compile_commands.json file. We have some internal scripts that do it, but they touch non-public APIs. I've raised an issue for us to look at exposing them in a more friendly way, and will update this when there is news.

This feature can save a lot of time during database creation for cpp projects, because generation of this file is fast, as opposed to providing -c flag to codeql binary to actually build the project.

You're right, we'd save the time that a clean build would take. Note that database creation still won't be instantaneous, as we have to do everything the compiler would do during the build (to parse the code and create ASTs) and then some more (to output the database data).

@p0 p0 self-assigned this Jan 13, 2020
@p0 p0 added the enhancement New feature or request label Jan 13, 2020
@Manouchehri Manouchehri mentioned this issue Mar 18, 2020
Open
@Manouchehri Manouchehri mentioned this issue Jul 28, 2021
Open
@keith keith mentioned this issue May 1, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@p0 p0

Labels
CLI enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Warchant @adityasharad @p0