Static Analysis: proposed interchange format ("firehose")
David Malcolm
dmalcolm at redhat.com
Wed Jan 16 20:53:56 UTC 2013
This is a followup to my proposal in
http://lists.fedoraproject.org/pipermail/devel/2012-December/175232.html
I want a common output format for static analysis tools so that we can
easily slurp the results from different tools into a database and have a
common system for managing the results (marking false positives, having
automated de-duplication, etc).
(I like the name "firehose" for the overall system since it describes
the issue we'll have of managing the flood of data).
I came up with an XML format, which I've uploaded code to here:
https://github.com/fedora-static-analysis/firehose
Does this look sane? I think that it should be possible to write
converters that turn the output from other tools into this, and I think
it's possible to hack up my static analyzers to emit this format.
The firehose.py script is able to turn such an XML report into a text
format mimicking what GCC emits, which is useful in Emacs (and probably
other editors) which can parse that text format for clicking through to
the underlying source code being tested.
Thoughts?
BTW, I hope to run a hackfest on Static Analysis in Fedora at FUDCon
Lawrence this weekend. Anyone around? [there are plenty of different
tasks requiring different skill sets: Python scripting, web development,
etc - you don't need to know about compiler internals! though that
would help also :) ]
Dave
More information about the devel
mailing list