Static code analysis and code review - SoberIT-Software Business
Static Code Analysis and Cppcheck
-
Upload
zachary-d-blair -
Category
Technology
-
view
8.023 -
download
5
description
Transcript of Static Code Analysis and Cppcheck
![Page 1: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/1.jpg)
![Page 2: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/2.jpg)
Static Code Analysis
Survey of Tools
Cppcheck
![Page 3: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/3.jpg)
Goal: Provide confidence that code is correct just by looking at it (without building or executing it).
Helps us find easy bugs buried in thousands of lines of code (not something people are great at).
![Page 4: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/4.jpg)
Formal Methods
Code Metrics
Reviews and Inspection
![Page 5: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/5.jpg)
Formal Methods: ◦ Mathematical!
◦ Require a mathematical model and assertions!
◦ Often require modeling the system as a finite state machine and verifying each state and transition.
Code Metrics
Reviews and Inspection
![Page 6: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/6.jpg)
Formal Methods:
Too difficult! Static analysis is supposed to save time.
Code Metrics
Reviews and Inspection
![Page 7: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/7.jpg)
Formal Methods: Too difficult! Static analysis is supposed to save time.
Code Metrics: • Identify areas where bugs are likely.
• Based on measures of code complexity rooted in graph theory (e.g. Cyclomatic complexity).
Reviews and Inspection
![Page 8: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/8.jpg)
Formal Methods: Too difficult! Static analysis is supposed to save time.
Code Metrics: Good, but doesn’t directly identify defects.
Reviews and Inspection
![Page 9: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/9.jpg)
Formal Methods: Too difficult! Static analysis is supposed to save time.
Code Metrics: Good, but doesn’t directly identify defects.
Reviews and Inspection • Just look at the code and try to find suspicious
patterns.
• Basically what we do when performing code reviews.
![Page 10: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/10.jpg)
Formal Methods: Too difficult! Static analysis is supposed to save time.
Code Metrics: Good, but doesn’t directly identify defects.
Reviews and Inspection
Works pretty well!
![Page 11: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/11.jpg)
Static Code Analysis
Survey of Tools
Cppcheck
![Page 12: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/12.jpg)
Three Popular Commercial Tools:
◦ PC-Lint
◦ Klocwork Insight
◦ Coverity Prevent
One Free Software Tool:
◦ Cppcheck
![Page 13: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/13.jpg)
PC-Lint ◦ Commercial
◦ Works for C code
◦ Often reports many false positives.
◦ Probably the cheapest after Cppcheck (which is free)
Klocwork Insight
Coverity Prevent
Cppcheck
![Page 14: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/14.jpg)
PC-Lint
Klocwork Insight ◦ Commercial
◦ A spin-out of Nortel Networks
◦ Also includes project management and project visualization capabilities.
Coverity Prevent
Cppcheck
![Page 15: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/15.jpg)
PC-Lint
Klocworks Insight
Coverity Prevent ◦ Commercial
◦ Identified over 6000 bugs across 53 open-source projects.
◦ Developed from research at Stanford University.
Cppcheck
![Page 16: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/16.jpg)
PC-Lint
Klocworks Insight
Coverity Prevent
Cppcheck ◦ Open source
◦ Under active development.
◦ Has found > 400 bugs in open-source projects.
◦ Free!
![Page 17: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/17.jpg)
Static Code Analysis
Survey of Tools
Cppcheck
![Page 18: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/18.jpg)
Detects bugs in C and C++ source that compilers normally do not warn about!
Cross-platform (Windows, Linux, etc)
Fancy Qt-based GUI client! ◦ Also available in a command-line version
Usable via plugins from various IDEs (but not VS): ◦ Eclipse
◦ Code::Blocks
◦ Hudson, Jenkins
![Page 19: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/19.jpg)
Packages maintained for FreeBSD, Debian and Ubuntu systems (sudo apt-get install cppcheck)
Used to find bugs in many open-source projects: ◦ Linux Kernel: > 40 bugs found+fixed
◦ VLC Player: > 20 bugs found+fixed
◦ Others: 7-zip, curl, git, etc
![Page 20: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/20.jpg)
Bounds checking for array overruns
Memory and resource leaks
Unused private class functions
Use of deprecated functions
Wrong # of arguments given to printf or scanf
Switch cases that fall through suspiciously
Dozens of others…
![Page 21: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/21.jpg)
![Page 22: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/22.jpg)
Possible buffer overrun
Should be “delete[] buf”
Memory leak: buf
Resource leak: file
![Page 23: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/23.jpg)
Cppcheck finds many of the issues
with that code (but not all)
![Page 24: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/24.jpg)
![Page 25: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/25.jpg)
Buffer overrun
Suspicious format specifier for a
pointer to a C string (but not
necessary a bug)
![Page 26: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/26.jpg)
Bounds checking for array overruns
Unused private class functions
Use of deprecated functions
Memory and resource leaks
Dozens of others…
![Page 27: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/27.jpg)
Preprocessor
Tokenizer
Simplifier
Checks
Source File
Results
Happy Developer
![Page 28: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/28.jpg)
Tokenizer
void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); }
void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
Simplifier
![Page 29: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/29.jpg)
Tokenizer
void foo(char* str) { if (str == 0) printf(str); else printf("Whoa"); }
void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
Simplifier
Indentation, spacing,
NULL-checks and
braces are normalized
to simplify checks!
![Page 30: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/30.jpg)
void foo ( char * str ) { if ( ! str ) { printf ( str ) ; } else { printf ( "Whoa" ) ; } }
Checks Results
Each check iterates over the tokens, and reports if it finds a
suspicious pattern!
Checks implemented as C functions or XML documents that
describe the pattern to look for.
Results categorized as error, warning, style, performance,
portability, or informative.
![Page 31: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/31.jpg)
Cppcheck is a free tool for finding bugs in C++ source code.
It works by parsing the source code, splitting it into tokens and finding suspicious patterns in the tokens.
![Page 32: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/32.jpg)
Official project page:
◦http://cppcheck.sourceforge.net/
Official source repository:
◦https://github.com/danmar/cppcheck
![Page 33: Static Code Analysis and Cppcheck](https://reader036.fdocuments.in/reader036/viewer/2022081716/54943ad3ac795959288b4c4e/html5/thumbnails/33.jpg)