[LAA] Introducing sfpv - Real-time Verification Tool

Hello all, I would like to introduce a new development tool, Static Function Property Verification, or sfpv. sfpv is a static analysis tool for C/C++ which is designed to find one common class of real-time related bugs, calling unsafe functions from a real-time context. sfpv uses annotations to mark functions and the Clang/llvm API to find relationships between functions (eg. the call graph). It uses this information to perform basic deductions on known information (ie explicitly marked functions) to find inconsistencies. Ideally this tool could be run on a project with only the real-time entry points marked (eg the jack process callback) and errors would be emitted for any unsafe functions called. For simple C codebases, this is mostly accomplished currently, though not all common safe functions in libraries have been white-listed yet. Basic C++ code also works, though template and class hierarchies are not guaranteed to function as expected. The source code and basic documentation can be found at http://github.com/fundamental/sfpv This effort is largely based off a unsuccessful Google Summer of Code proposal, which can be found at http://www.google-melange.com/gsoc/proposal/review/google/gsoc2012/fundamen… Anyone interested in discussing this tool should be able to reach me in #lad as fundamental. --Mark McCurry