scan-build: unrecognized option '--version'

USAGE: scan-build [options] <build command> [build options] OPTIONS: -analyze-headers Also analyze functions in #included files. By default, such functions are skipped unless they are called by functions within the main source file. -o <output location> Specifies the output directory for analyzer reports. Subdirectories will be created as needed to represent separate "runs" of the analyzer. If this option is not specified, a directory is created in /tmp (TMPDIR on Mac OS X) to store the reports. -h --help Display this message. -k --keep-going Add a "keep on going" option to the specified build command. This option currently supports make and xcodebuild. This is a convenience option; one can specify this behavior directly using build options. --html-title [title] --html-title=[title] Specify the title used on generated HTML pages. If not specified, a default title will be used. -plist By default the output of scan-build is a set of HTML files. This option outputs the results as a set of .plist files. -plist-html By default the output of scan-build is a set of HTML files. This option outputs the results as a set of HTML and .plist files. --status-bugs By default, the exit status of scan-build is the same as the executed build command. Specifying this option causes the exit status of scan-build to be 1 if it found potential bugs and 0 otherwise. --use-cc [compiler path] --use-cc=[compiler path] scan-build analyzes a project by interposing a "fake compiler", which executes a real compiler for compilation and the static analyzer for analysis. Because of the current implementation of interposition, scan-build does not know what compiler your project normally uses. Instead, it simply overrides the CC environment variable, and guesses your default compiler. In the future, this interposition mechanism to be improved, but if you need scan-build to use a specific compiler for *compilation* then you can use this option to specify a path to that compiler. If the given compiler is a cross compiler, you may also need to provide --analyzer-target option to properly analyze the source code because static analyzer runs as if the code is compiled for the host machine by default. --use-c++ [compiler path] --use-c++=[compiler path] This is the same as "--use-cc" but for C++ code. --analyzer-target [target triple name for analysis] --analyzer-target=[target triple name for analysis] This provides target triple information to clang static analyzer. It only changes the target for analysis but doesn't change the target of a real compiler given by --use-cc and --use-c++ options. -v Enable verbose output from scan-build. A second and third '-v' increases verbosity. -V --view View analysis results in a web browser when the build completes. ADVANCED OPTIONS: -no-failure-reports Do not create a 'failures' subdirectory that includes analyzer crash reports and preprocessed source files. -stats Generates visitation statistics for the project being analyzed. -maxloop <loop count> Specifiy the number of times a block can be visited before giving up. Default is 4. Increase for more comprehensive coverage at a cost of speed. -internal-stats Generate internal analyzer statistics. --use-analyzer [Xcode|path to clang] --use-analyzer=[Xcode|path to clang] scan-build uses the 'clang' executable relative to itself for static analysis. One can override this behavior with this option by using the 'clang' packaged with Xcode (on OS X) or from the PATH. --keep-empty Don't remove the build results directory even if no issues were reported. --override-compiler Always resort to the ccc-analyzer even when better interposition methods are available. -analyzer-config <options> Provide options to pass through to the analyzer's -analyzer-config flag. Several options are separated with comma: 'key1=val1,key2=val2' Available options: * stable-report-filename=true or false (default) Switch the page naming to: report-<filename>-<function/method name>-<id>.html instead of report-XXXXXX.html CONTROLLING CHECKERS: A default group of checkers are always run unless explicitly disabled. Checkers may be enabled/disabled using the following options: -enable-checker [checker name] -disable-checker [checker name] LOADING CHECKERS: Loading external checkers using the clang plugin interface: -load-plugin [plugin library] AVAILABLE CHECKERS: alpha.core.BoolAssignment Warn about assigning non-{0,1} values to Boolean variables alpha.core.CallAndMessageUnInitRefArg Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers, and pointer to undefined variables) alpha.core.CastSize Check when casting a malloc'ed type T, whether the size is a multiple of the size of T alpha.core.CastToStruct Check for cast from non-struct pointer to struct pointer alpha.core.DynamicTypeChecker Check for cases where the dynamic and the static type of an object are unrelated. alpha.core.FixedAddr Check for assignment of a fixed address to a pointer alpha.core.IdenticalExpr Warn about unintended use of identical expressions in operators alpha.core.PointerArithm Check for pointer arithmetic on locations other than array elements alpha.core.PointerSub Check for pointer subtractions on two pointers pointing to different memory chunks alpha.core.SizeofPtr Warn about unintended use of sizeof() on pointer expressions alpha.core.TestAfterDivZero Check for division by variable that is later compared against 0. Either the comparison is useless or there is division by zero. alpha.cplusplus.VirtualCall Check virtual function calls during construction or destruction alpha.deadcode.UnreachableCode Check unreachable code alpha.osx.cocoa.Dealloc Warn about Objective-C classes that lack a correct implementation of -dealloc alpha.osx.cocoa.DirectIvarAssignment Check for direct assignments to instance variables alpha.osx.cocoa.DirectIvarAssignmentForAnnotatedFunctions Check for direct assignments to instance variables in the methods annotated with objc_no_direct_instance_variable_assignment alpha.osx.cocoa.InstanceVariableInvalidation Check that the invalidatable instance variables are invalidated in the methods annotated with objc_instance_variable_invalidator alpha.osx.cocoa.MissingInvalidationMethod Check that the invalidation methods are present in classes that contain invalidatable instance variables alpha.osx.cocoa.localizability.PluralMisuseChecker Warns against using one vs. many plural pattern in code when generating localized strings. alpha.security.ArrayBound Warn about buffer overflows (older checker) alpha.security.ArrayBoundV2 Warn about buffer overflows (newer checker) alpha.security.MallocOverflow Check for overflows in the arguments to malloc() alpha.security.ReturnPtrRange Check for an out-of-bound pointer being returned to callers alpha.security.taint.TaintPropagation Generate taint information used by other checkers alpha.unix.Chroot Check improper use of chroot alpha.unix.PthreadLock Simple lock -> unlock checker alpha.unix.SimpleStream Check for misuses of stream APIs alpha.unix.Stream Check stream handling functions alpha.unix.cstring.BufferOverlap Checks for overlap in two buffer arguments alpha.unix.cstring.NotNullTerminated Check for arguments which are not null-terminating strings alpha.unix.cstring.OutOfBounds Check for out-of-bounds access in string functions + core.CallAndMessage Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers) + core.DivideZero Check for division by zero + core.DynamicTypePropagation Generate dynamic type information + core.NonNullParamChecker Check for null pointers passed as arguments to a function whose arguments are references or marked with the 'nonnull' attribute + core.NullDereference Check for dereferences of null pointers + core.StackAddressEscape Check that addresses to stack memory do not escape the function + core.UndefinedBinaryOperatorResult Check for undefined results of binary operators + core.VLASize Check for declarations of VLA of undefined or zero size + core.builtin.BuiltinFunctions Evaluate compiler builtin functions (e.g., alloca()) + core.builtin.NoReturnFunctions Evaluate "panic" functions that are known to not return to the caller + core.uninitialized.ArraySubscript Check for uninitialized values used as array subscripts + core.uninitialized.Assign Check for assigning uninitialized values + core.uninitialized.Branch Check for uninitialized values used as branch conditions + core.uninitialized.CapturedBlockVariable Check for blocks that capture uninitialized values + core.uninitialized.UndefReturn Check for uninitialized values being returned to the caller + cplusplus.NewDelete Check for double-free and use-after-free problems. Traces memory managed by new/delete. + cplusplus.NewDeleteLeaks Check for memory leaks. Traces memory managed by new/delete. + deadcode.DeadStores Check for values stored to variables that are never read afterwards debug.ConfigDumper Dump config table debug.DumpBugHash Dump the bug hash for all statements. debug.DumpCFG Display Control-Flow Graphs debug.DumpCallGraph Display Call Graph debug.DumpCalls Print calls as they are traversed by the engine debug.DumpDominators Print the dominance tree for a given CFG debug.DumpLiveVars Print results of live variable analysis debug.DumpTraversal Print branch conditions as they are traversed by the engine debug.ExprInspection Check the analyzer's understanding of expressions debug.Stats Emit warnings with analyzer statistics debug.TaintTest Mark tainted symbols as such. debug.ViewCFG View Control-Flow Graphs using GraphViz debug.ViewCallGraph View Call Graph using GraphViz debug.ViewExplodedGraph View Exploded Graphs using GraphViz llvm.Conventions Check code for LLVM codebase conventions + nullability.NullPassedToNonnull Warns when a null pointer is passed to a pointer which has a _Nonnull type. + nullability.NullReturnedFromNonnull Warns when a null pointer is returned from a function that has _Nonnull return type. nullability.NullableDereferenced Warns when a nullable pointer is dereferenced. nullability.NullablePassedToNonnull Warns when a nullable pointer is passed to a pointer which has a _Nonnull type. nullability.NullablePassedToNonnull Warns when a nullable pointer is returned from a function that has _Nonnull return type. optin.osx.cocoa.localizability.EmptyLocalizationContextChecker Check that NSLocalizedString macros include a comment for context optin.osx.cocoa.localizability.NonLocalizedStringChecker Warns about uses of non-localized NSStrings passed to UI methods expecting localized NSStrings optin.performance.Padding Check for excessively padded structs. osx.API Check for proper uses of various Apple APIs osx.SecKeychainAPI Check for proper uses of Secure Keychain APIs osx.cocoa.AtSync Check for nil pointers used as mutexes for @synchronized osx.cocoa.ClassRelease Check for sending 'retain', 'release', or 'autorelease' directly to a Class osx.cocoa.IncompatibleMethodTypes Warn about Objective-C method signatures with type incompatibilities osx.cocoa.Loops Improved modeling of loops using Cocoa collection types osx.cocoa.MissingSuperCall Warn about Objective-C methods that lack a necessary call to super osx.cocoa.NSAutoreleasePool Warn for suboptimal uses of NSAutoreleasePool in Objective-C GC mode osx.cocoa.NSError Check usage of NSError** parameters osx.cocoa.NilArg Check for prohibited nil arguments to ObjC method calls osx.cocoa.NonNilReturnValue Model the APIs that are guaranteed to return a non-nil value osx.cocoa.ObjCGenerics Check for type errors when using Objective-C generics osx.cocoa.RetainCount Check for leaks and improper reference count management osx.cocoa.SelfInit Check that 'self' is properly initialized inside an initializer method osx.cocoa.UnusedIvars Warn about private ivars that are never used osx.cocoa.VariadicMethodTypes Check for passing non-Objective-C types to variadic collection initialization methods that expect only Objective-C types osx.coreFoundation.CFError Check usage of CFErrorRef* parameters osx.coreFoundation.CFNumber Check for proper uses of CFNumberCreate osx.coreFoundation.CFRetainRelease Check for null arguments to CFRetain/CFRelease/CFMakeCollectable osx.coreFoundation.containers.OutOfBounds Checks for index out-of-bounds when using 'CFArray' API osx.coreFoundation.containers.PointerSizedValues Warns if 'CFArray', 'CFDictionary', 'CFSet' are created with non-pointer-size values security.FloatLoopCounter Warn on using a floating point value as a loop counter (CERT: FLP30-C, FLP30-CPP) + security.insecureAPI.UncheckedReturn Warn on uses of functions whose return values must be always checked + security.insecureAPI.getpw Warn on uses of the 'getpw' function + security.insecureAPI.gets Warn on uses of the 'gets' function + security.insecureAPI.mkstemp Warn when 'mkstemp' is passed fewer than 6 X's in the format string + security.insecureAPI.mktemp Warn on uses of the 'mktemp' function security.insecureAPI.rand Warn on uses of the 'rand', 'random', and related functions security.insecureAPI.strcpy Warn on uses of the 'strcpy' and 'strcat' functions + security.insecureAPI.vfork Warn on uses of the 'vfork' function + unix.API Check calls to various UNIX/Posix functions + unix.Malloc Check for memory leaks, double free, and use-after-free problems. Traces memory managed by malloc()/free(). + unix.MallocSizeof Check for dubious malloc arguments involving sizeof + unix.MismatchedDeallocator Check for mismatched deallocators. + unix.Vfork Check for proper usage of vfork + unix.cstring.BadSizeArg Check the size argument passed into C string functions for common erroneous patterns + unix.cstring.NullArg Check for null pointers being passed as arguments to C string functions NOTE: "+" indicates that an analysis is enabled by default. BUILD OPTIONS You can specify any build option acceptable to the build command. EXAMPLE scan-build -o /tmp/myhtmldir make -j4 The above example causes analysis reports to be deposited into a subdirectory of "/tmp/myhtmldir" and to run "make" with the "-j4" option. A different subdirectory is created each time scan-build analyzes a project. The analyzer should support most parallel builds, but not distributed builds.