I’ve run into a bit of a strange situation with analyzing a C++ project. This project is built using Unreal Engine and by default the engine uses something known as a “Unity Build” to build its modules. That is to say, the engine generates a new source file that in includes all other source files in it and compiles it as one giant translation unit. I’ve been able to turn it off, but I was wondering is there any support for these types of builds within the cfamily scanner?
1 Like
Hello @fcorso2016,
Unity builds can be made to work, but the results are limited.
Setting them up would be annoying: For instance, you would need to make sure the unity source files are indexed, but you are probably not interested in having them show in SonarCloud. You need to take into account that there is some logic inside the scanner that ignores files marked to be ignored by your SCM (i.e., .gitignore, which usually lists the build directory, where the unity files could be).
However, the major limitation is that some rules, generally the most interesting such as buffer overflows, will not be applied. This is because these rules are costly, and they run only over the set of functions defined on the source file being compiled (functions coming from included files can be analyzed if they are used and their definition is available). A unity file only includes files, which will be treated as headers, so these rules will not run.
So, in summary, the support is limited and you will get only partial results.
I hope this helps.
Hello. I have a similar issue regarding a c++ project with unity build enabled. Do you have more concrete suggestions on indexing the “unity.cxx” files, but showing the actual individual source files for coverage reports and similar.
The main reason I would like to maintain unity would be to try and keep the build as fast as possible, so having the unity build enabled during PRs is useful, however as you say the auto generated source files are ignored by the scanner.
Hey @patrickyoui
I don’t have all the context – but if you’d like to try a scan that does does not automatically ignore files based on SCM exclusions, you can disable the setting @aalvarez mentioned.