This specification relates to static analysis of computer software source code.
Static analysis refers to techniques for analyzing computer software source code without executing the source code as a computer software program.
Source code in a code base is typically compiled in a build environment maintained by a build system. The build environment includes an operating system; a file system; executable files, e.g., compilers; environment variables, e.g., variables that indicate a path to file system directories that contain source code files or executable files; and other configuration files for building source code in the code base.
Many compilers have a preprocessor that runs before the compiler is called.
Preprocessors can make arbitrary textual substitutions in existing source code files before the compiler is called to compile the modified source code. Preprocessors can also generate temporary source code files that are compiled but then deleted by the build system when compilation is complete.
In addition, build utilities, e.g., the “make” utility on Linux and Unix operating systems, can be programmed to copy source code files from one place to another during the build process. For example, a build utility can copy a file from one location to another for compilation because another source code file may include or depend on the copied file. The copied file may then be deleted by the build system after compilation is complete.
In these situations, merely having read access to the source code files in a file system is insufficient for a static analysis system to extract all the source code that is built by a build system.