Implement tool for Clang Static Analyzer filtering

[vit9696]

Some of our projects have false positives as explained at acidanthera/gfxutil#3 (comment). We want these false positives not to make us unable to detect errors by analysing the output and ignoring these warnings. A generic tool should be written as a part of ocbuild, so that we can enable the analyzer in all projects using EDK II.

It looks like the approach should be straightforward: parse plist files Clang Static Analyzer creates, find the html warning and match it with a list of exceptions written in some form. Filename:line or through the hash (there exists an unstable hash at the moment). Remove html file relevant to this report if the exception matches.

It is also worth reporting the false positives upstream.

[joevt]

The issue mentioned at acidanthera/gfxutil#3 (comment) refers to an error reported by UBSan (UndefinedBehaviorSanitizer). The documentation at https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html mentions a suppression option where you can specify a file containing a list of checks you want to suppress and where they should be suppressed.

The failed check in question is in edk2/MdePkg/Library/BaseLib/Unaligned.c. This implementation is for architectures (intel) that can do unaligned accesses. There is another implementation at edk2/MdePkg/Library/BaseLib/Arm/Unaligned.c for Arm architectures that cannot do unaligned accesses. Both files share the same header edk2//MdePkg/Include/Library/BaseLib.h.

I don't know if the Clang Static Analyzer has any suppression option. Parsing and modifying the plist seems to be the way to go there.

[vit9696]

@joevt, right, with sanitizers blacklist is the way to go. I thought of rewriting the file initially, but now remembered about blacklist thanks to your reminder. Added in master.

As for Clang Static Analyzer, it has nothing out of tree. You can exclude code via __clang_analyzer__ macro, but that requires source code modifications, so we really need a tool to filter the reports.