From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 30DB93858402 for ; Mon, 17 Jan 2022 00:11:30 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 30DB93858402 Received: from mail-qk1-f200.google.com (mail-qk1-f200.google.com [209.85.222.200]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-392-6cgmc278OyCw-WMBD1tTgQ-1; Sun, 16 Jan 2022 19:11:26 -0500 X-MC-Unique: 6cgmc278OyCw-WMBD1tTgQ-1 Received: by mail-qk1-f200.google.com with SMTP id y185-20020a3764c2000000b0047a8c8b3febso3272021qkb.1 for ; Sun, 16 Jan 2022 16:11:26 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:subject:from:to:cc:date:in-reply-to :references:user-agent:mime-version:content-transfer-encoding; bh=KKq+Yhmc3N0VnaFpcqGn8PvK8fmSfYBCMcwfttPHX4o=; b=Pnick8WnMMYY/hS41q8x9qIPF/3o+dEeJhnoQ7zXffQgzWZaUy9erShh7m19SpfFko 1E2T82djrcgRprtCfvxZ37TCT65wMaa6H2F0YmpWdkZYq/0YrapNEM9u5Q2iHsFHxZIl XKG+iik16f/Pz4VjgqxQzuAjF4EChcCAIsEY939d5CWg/Wcjb1UZnCg94TOWvVqxZmnq oNTqoejqtDZSG/W2FsDnxqlDTyPYSploxO/QeyFLyH/Zskhe0ps51Z1rCm8+etL8eHjN eYDGlsrpMUQf6+wOp6eMtpwUPBTC0h8u77ZmmDTw3APUI31oRF+cch6kj8QvPJbvqTK9 ZtJg== X-Gm-Message-State: AOAM531RxUWZcVZeOtc4VpJe1hQXzvvv+QafmGfrTacEKPr5s5WSnzzO amZ1xjPWwfntQTTlkJUNtiQXSNLhbpjCjxWF5NFaxqmC40ghyEkvxuTNCPGKLSxvyrmqg1Bgcjg 0P1BRxp0= X-Received: by 2002:a05:622a:5:: with SMTP id x5mr15739387qtw.110.1642378285665; Sun, 16 Jan 2022 16:11:25 -0800 (PST) X-Google-Smtp-Source: ABdhPJzAzSQYRYXvoeTuiBq5YXJJf2JdRTjKEpjtyTzpgLxmrHQs/fy2XQj9HnI3Ft61bAHXXd5nWQ== X-Received: by 2002:a05:622a:5:: with SMTP id x5mr15739381qtw.110.1642378285444; Sun, 16 Jan 2022 16:11:25 -0800 (PST) Received: from t14s.localdomain (c-73-69-212-193.hsd1.ma.comcast.net. [73.69.212.193]) by smtp.gmail.com with ESMTPSA id s19sm8292841qtk.40.2022.01.16.16.11.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 16 Jan 2022 16:11:24 -0800 (PST) Message-ID: Subject: Re: GSoC: Working on the static analyzer From: David Malcolm To: Mir Immad Cc: gcc@gcc.gnu.org Date: Sun, 16 Jan 2022 19:11:23 -0500 In-Reply-To: References: <4eec5fa69b9daedcec5361c2cc18df7f1ef397af.camel@redhat.com> User-Agent: Evolution 3.38.4 (3.38.4-1.fc33) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-6.2 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, KAM_SHORT, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Jan 2022 00:11:31 -0000 On Fri, 2022-01-14 at 22:15 +0530, Mir Immad wrote: > HI David, > I've been tinkering with the static analyzer for the last few days. I > find > the project of adding SARIF output to the analyzer intresting. I'm > writing > this to let you know that I'm trying to learn the codebase. > Thank you. Excellent. BTW, I think adding SARIF output would involve working more with GCC's diagnostics subsystem than with the static analyzer, since (in theory) all of the static analyzer's output is passing through the diagnostics subsystem - though the static analyzer is probably the only GCC component generating diagnostic paths. I'm happy to mentor such a project as I maintain both subsystems and SARIF output would benefit both - but it would be rather tangential to the analyzer - so if you had specifically wanted to be working on the guts of the analyzer itself, you may want to pick a different subproject. The SARIF standard is rather long and complicated, and we would want to be compatible with clang's implementation. It would be very cool if gcc could also accept SARIF files as an *input* format, and emit them as diagnostics; that might help with debugging SARIF output. (I have a old patch for adding JSON parsing support to GCC that could be used as a starting point for this). Hope the above makes sense Dave > > On Tue, Jan 11, 2022, 7:09 PM David Malcolm > wrote: > > > On Tue, 2022-01-11 at 11:03 +0530, Mir Immad via Gcc wrote: > > > Hi everyone, > > > > Hi, and welcome. > > > > > I intend to work on the static analyzer. Are these documents > > > enough to > > > get > > > started: https://gcc.gnu.org/onlinedocs/gccint and > > > > > https://gcc.gnu.org/onlinedocs/gccint/Analyzer-Internals.html#Analyzer-Internals > > > > Yes. > > > > There are also some high-level notes here: > >   https://gcc.gnu.org/wiki/DavidMalcolm/StaticAnalyzer > > > > Also, given that the analyzer is part of GCC, the more general > > introductions to hacking on GCC will be useful. > > > > I recommend creating a trivial C source file with a bug in it (e.g. > > a > > 3-line function with a use-after-free), and stepping through the > > analyzer to get a sense of how it works. > > > > Hope this is helpful; don't hesitate to ask questions. > > Dave > > > >