From Fedora Project Wiki
mNo edit summary |
|||
| Line 34: | Line 34: | ||
* [http://www.dwheeler.com/flawfinder/ flawfinder] (that page has a great list of links to other static analysis tools) | * [http://www.dwheeler.com/flawfinder/ flawfinder] (that page has a great list of links to other static analysis tools) | ||
* [http://cppcheck.sourceforge.net/ cppcheck] Cppcheck is a static analysis tool for C/C++ code. | * [http://cppcheck.sourceforge.net/ cppcheck] Cppcheck is a static analysis tool for C/C++ code. | ||
* [https://sparse.wiki.kernel.org/ sparse] - a Semantic Parser for C, primarily used by kernel developers. | |||
=== Package Want List === | === Package Want List === | ||
Revision as of 22:16, 17 December 2012
Fedora Static Analysis Special Interest Group (SIG)
(Note that this SIG is merely tentative for now)
Goal and Scope
TBD
dmalcolm is interested in making it easy to run static code analysis tools on all of Fedora, and having a sane system for getting useful information from the firehose of data that doing so is likely to generate. See http://lists.fedoraproject.org/pipermail/devel/2012-December/175232.html
See also the Formal Methods SIG with which there's clearly an overlap.
Mission and Plan
TBD
Members
Communication
TBD; Fedora's main devel list for now
Tasks
TODO
Static Code Analysis tools already in Fedora
TODO
- gcc - arguably we should pay more attention to the compiler warnings that gcc already generates: sometimes it's correctly pointing out a bug.
- clang static analyzer (in Fedora as "clang-analyzer" subpackage of "llvm")
- cpychecker (part of gcc-python-plugin)
- flawfinder (that page has a great list of links to other static analysis tools)
- cppcheck Cppcheck is a static analysis tool for C/C++ code.
- sparse - a Semantic Parser for C, primarily used by kernel developers.
Package Want List
TODO