Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

C:\> WIN Bad command or filename C:\> LOSE Loading Microsoft Windows ...


devel / comp.arch.embedded / Re: Static analysis tool?

SubjectAuthor
* Static analysis tool?Dave Nadler
+- Re: Static analysis tool?Helmut Giese
+* Re: Static analysis tool?Don Y
|+* Re: Static analysis tool?Dave Nadler
||`* Re: Static analysis tool?Don Y
|| `- Re: Static analysis tool?Don Y
|`* Re: Static analysis tool?Gerhard Hoffmann
| `- Re: Static analysis tool?Don Y
+- Re: Static analysis tool?Paul Rubin
+- Re: Static analysis tool?Stefan Reuther
+- Re: Static analysis tool?Michael Kellett
+- Re: Static analysis tool?David Brown
`* Re: Static analysis tool?Dave Nadler
 `* Re: Static analysis tool?Dave Nadler
  `- Re: Static analysis tool?Don Y

1
Static analysis tool?

<s5co8v$ck0$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=265&group=comp.arch.embedded#265

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!aioe.org!Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org.POSTED!not-for-mail
From: drn...@nadler.com (Dave Nadler)
Newsgroups: comp.arch.embedded
Subject: Static analysis tool?
Date: Fri, 16 Apr 2021 15:24:17 -0400
Organization: Aioe.org NNTP Server
Lines: 24
Message-ID: <s5co8v$ck0$1@gioia.aioe.org>
NNTP-Posting-Host: Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.9.1
X-Mozilla-News-Host: news://news.aioe.org:119
Content-Language: en-US
X-Notice: Filtered by postfilter v. 0.9.2
 by: Dave Nadler - Fri, 16 Apr 2021 19:24 UTC

Perhaps someone here can help...

I'm doing a presentation on techniques for embedded, especially removing
and keeping out bugs ;-) Using an example project from last year. A
reviewer of my first draft suggested many of the bugs surfaced in the
project would have been caught by static analysis - but I haven't had
such great luck in the past.

Tried CPPcheck, and while it found some less-than-optimal stuff it only
found one of the real bugs discussed.

Tried to get an evaluation copy of Coverity, but got a wildly annoying
and clueless sales person who promises a member of the right team will
contact me shortly (Real Soon Now).

Bugs I had to fix and amenable to static analysis included:
- uninitialized variable (only one found by CPPcheck)
- use of magic 0xff index value as subscript off end of array
- C macro with unguarded arguments getting wrong answer
- use of int8 to index 1kb buffer (so only 256 bytes got used)

Anybody able to recommend a tool they've used successfully?
Thanks in advance,
Best Regards, Dave

Re: Static analysis tool?

<hjpj7gd3jisctuebt00jnc6a3f6enu7ffr@4ax.com>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=267&group=comp.arch.embedded#267

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: hgi...@ratiosoft.com (Helmut Giese)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Fri, 16 Apr 2021 21:44:14 +0200
Organization: ratiosoft
Lines: 40
Message-ID: <hjpj7gd3jisctuebt00jnc6a3f6enu7ffr@4ax.com>
References: <s5co8v$ck0$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Injection-Info: reader02.eternal-september.org; posting-host="99d4c4cc9b7b9d5a7ab0b85a38564827";
logging-data="28494"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+DUQQiY+9O1oiKMEge3YO3"
Cancel-Lock: sha1:N9i006O+bMhawN7+R/tnRETgjWE=
X-Newsreader: Forte Free Agent 1.93/32.576 English (American)
 by: Helmut Giese - Fri, 16 Apr 2021 19:44 UTC

Dave Nadler <drn@nadler.com> schrieb:

>Perhaps someone here can help...
>
>I'm doing a presentation on techniques for embedded, especially removing
>and keeping out bugs ;-) Using an example project from last year. A
>reviewer of my first draft suggested many of the bugs surfaced in the
>project would have been caught by static analysis - but I haven't had
>such great luck in the past.
>
>Tried CPPcheck, and while it found some less-than-optimal stuff it only
>found one of the real bugs discussed.
>
>Tried to get an evaluation copy of Coverity, but got a wildly annoying
>and clueless sales person who promises a member of the right team will
>contact me shortly (Real Soon Now).
>
>Bugs I had to fix and amenable to static analysis included:
>- uninitialized variable (only one found by CPPcheck)
>- use of magic 0xff index value as subscript off end of array
>- C macro with unguarded arguments getting wrong answer
>- use of int8 to index 1kb buffer (so only 256 bytes got used)
>
>Anybody able to recommend a tool they've used successfully?
>Thanks in advance,
>Best Regards, Dave
Hi Dave,
in the (long gone) past I used a commercial tool called 'Lint' by a
company caled 'Gimpel'. Its main problem is its extremely sharp eyes:
It will tell you anything which might possibly be wrong - and you will
be surprised how much of your code falls into this category.
However, by way of a so called 'Lint file' you can configure Lint to
suppress all kinds of warnings: If you say 'This is my coding style,
and I know what I am doing' you can suppress many of the (for you)
useless messages.
I think I have heard of open source Lint programs but know nothing of
the quality of their results.
HTH
Helmut

Re: Static analysis tool?

<s5cq5d$13j$1@dont-email.me>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=268&group=comp.arch.embedded#268

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Fri, 16 Apr 2021 12:56:13 -0700
Organization: A noiseless patient Spider
Lines: 40
Message-ID: <s5cq5d$13j$1@dont-email.me>
References: <s5co8v$ck0$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 16 Apr 2021 19:56:29 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="d36fbdd7db51bed3f90febfe10dc7894";
logging-data="1139"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/nK4LbZc2hXTB3Pq/7xd0K"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:H0Ur4Rygf/wQEWfKEnGGtjxkTEk=
In-Reply-To: <s5co8v$ck0$1@gioia.aioe.org>
Content-Language: en-US
 by: Don Y - Fri, 16 Apr 2021 19:56 UTC

On 4/16/2021 12:24 PM, Dave Nadler wrote:
> Perhaps someone here can help...
>
> I'm doing a presentation on techniques for embedded, especially removing and
> keeping out bugs ;-) Using an example project from last year. A reviewer of my
> first draft suggested many of the bugs surfaced in the project would have been
> caught by static analysis - but I haven't had such great luck in the past.

Presumably, C.

> Tried CPPcheck, and while it found some less-than-optimal stuff it only found
> one of the real bugs discussed.
>
> Tried to get an evaluation copy of Coverity, but got a wildly annoying and
> clueless sales person who promises a member of the right team will contact me
> shortly (Real Soon Now).
>
> Bugs I had to fix and amenable to static analysis included:
> - uninitialized variable (only one found by CPPcheck)
> - use of magic 0xff index value as subscript off end of array
> - C macro with unguarded arguments getting wrong answer
> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>
> Anybody able to recommend a tool they've used successfully?

Coverity will require deep pockets/"high visibility" (they're out
to make money).

Eclipse includes some tools. Lint/PCLint are old standbys.
There are a few IDEs that include support for MISRA compliance
checking. PVS-Studio under Windows.

Note that what some folks would consider a bug might really
just be a coding style preference (e.g., multiple returns
from a function)

My approach has mimicked that implicit in code reviews: let lots
of eyes (in this case, tools) look at the code and then interpret
their reports. The more you veer from plain vanilla C, the more
you;ll have to hand-hold the tool.

Re: Static analysis tool?

<s5crtl$3cv$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=270&group=comp.arch.embedded#270

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!aioe.org!Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org.POSTED!not-for-mail
From: drn...@nadler.com (Dave Nadler)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Fri, 16 Apr 2021 16:26:31 -0400
Organization: Aioe.org NNTP Server
Lines: 62
Message-ID: <s5crtl$3cv$1@gioia.aioe.org>
References: <s5co8v$ck0$1@gioia.aioe.org> <s5cq5d$13j$1@dont-email.me>
NNTP-Posting-Host: Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Complaints-To: abuse@aioe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.9.1
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-US
 by: Dave Nadler - Fri, 16 Apr 2021 20:26 UTC

On 4/16/2021 3:56 PM, Don Y wrote:
> On 4/16/2021 12:24 PM, Dave Nadler wrote:
>> Perhaps someone here can help...
>>
>> I'm doing a presentation on techniques for embedded, especially
>> removing and keeping out bugs ;-) Using an example project from last
>> year. A reviewer of my first draft suggested many of the bugs surfaced
>> in the project would have been caught by static analysis - but I
>> haven't had such great luck in the past.
>
> Presumably, C.

Sorry, yes, C (and later C++).

>> Tried CPPcheck, and while it found some less-than-optimal stuff it
>> only found one of the real bugs discussed.
>>
>> Tried to get an evaluation copy of Coverity, but got a wildly annoying
>> and clueless sales person who promises a member of the right team will
>> contact me shortly (Real Soon Now).
>>
>> Bugs I had to fix and amenable to static analysis included:
>> - uninitialized variable (only one found by CPPcheck)
>> - use of magic 0xff index value as subscript off end of array
>> - C macro with unguarded arguments getting wrong answer
>> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>>
>> Anybody able to recommend a tool they've used successfully?
>
> Coverity will require deep pockets/"high visibility" (they're out
> to make money).

Presumably they'd like a recommendation in a presentation that will be
seen by ~1k people. But at the current pace more likely they will get a
dis-recommendation. Sales person just emailed me an incorrect summary of
my requirements though I repeated them at least 3 times, Yikes.

> Eclipse includes some tools.  Lint/PCLint are old standbys.

Haven't found anything that works with current Eclipse.
For this one I'm actually looking for stand-alone tool.

> There are a few IDEs that include support for MISRA compliance
> checking.  PVS-Studio under Windows.

These bugs would probably pass any MISRA checker.
As do hundreds of bugs I've seen in the past few years.
But hey, MISRA is a religion.

> Note that what some folks would consider a bug might really
> just be a coding style preference (e.g., multiple returns
> from a function)
>
> My approach has mimicked that implicit in code reviews:  let lots
> of eyes (in this case, tools) look at the code and then interpret
> their reports.  The more you veer from plain vanilla C, the more
> you;ll have to hand-hold the tool.

The presentation emphasizes actual human code reviews, but one of the
early reviewers suggested static analysis, so I thought I'd give it a try...

Thanks Don!

Re: Static analysis tool?

<s5ct5l$k8h$1@dont-email.me>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=272&group=comp.arch.embedded#272

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Fri, 16 Apr 2021 13:47:40 -0700
Organization: A noiseless patient Spider
Lines: 70
Message-ID: <s5ct5l$k8h$1@dont-email.me>
References: <s5co8v$ck0$1@gioia.aioe.org> <s5cq5d$13j$1@dont-email.me>
<s5crtl$3cv$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 16 Apr 2021 20:47:50 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="d36fbdd7db51bed3f90febfe10dc7894";
logging-data="20753"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18W6Yw4AIcUD8I+dLtV9kav"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:Vz3Q8mhD/oOFH30gBtqZmKrFCSU=
In-Reply-To: <s5crtl$3cv$1@gioia.aioe.org>
Content-Language: en-US
 by: Don Y - Fri, 16 Apr 2021 20:47 UTC

On 4/16/2021 1:26 PM, Dave Nadler wrote:
> On 4/16/2021 3:56 PM, Don Y wrote:
>> On 4/16/2021 12:24 PM, Dave Nadler wrote:
>>> Anybody able to recommend a tool they've used successfully?
>>
>> Coverity will require deep pockets/"high visibility" (they're out
>> to make money).
>
> Presumably they'd like a recommendation in a presentation that will be seen by
> ~1k people. But at the current pace more likely they will get a
> dis-recommendation. Sales person just emailed me an incorrect summary of my
> requirements though I repeated them at least 3 times, Yikes.

Ahhh, gwasshoppa... your mistake is assuming competence!

IIRC, NetBSD (or maybe FreeBSD?) is using Coverity to analyze their codebase
(perhaps just the core system -- kernel + userland)

>> Eclipse includes some tools. Lint/PCLint are old standbys.
>
> Haven't found anything that works with current Eclipse.
> For this one I'm actually looking for stand-alone tool.
>
>> There are a few IDEs that include support for MISRA compliance
>> checking. PVS-Studio under Windows.
>
> These bugs would probably pass any MISRA checker.
> As do hundreds of bugs I've seen in the past few years.
> But hey, MISRA is a religion.

.... and, as with all religions... <frown>

>> Note that what some folks would consider a bug might really
>> just be a coding style preference (e.g., multiple returns
>> from a function)
>>
>> My approach has mimicked that implicit in code reviews: let lots
>> of eyes (in this case, tools) look at the code and then interpret
>> their reports. The more you veer from plain vanilla C, the more
>> you;ll have to hand-hold the tool.
>
> The presentation emphasizes actual human code reviews, but one of the early
> reviewers suggested static analysis, so I thought I'd give it a try...

You might suggest/pitch the use of whatever tools are available
RUN ON THE CODEBASE BEFORE THE CODE REVIEW. The point not being
to find all of the problems, but, rather, to "bias" (bad choice of
word) the reviewers as they undertake their active review of the code.

I.e., the amount of low-hanging fruit can prime folks to
step up (or down!) their game. A guy walking into a review with
a boatload of *compiler* warnings is just wasting peoples' time!

If developers have access to those same tools, then due diligence would
suggest they run them on their code BEFORE "embarassing themselves".

I think the takeaway has to be that there is no "perfect" tool.
And, when you factor in coding styles, local culture, etc. you
really should come away thinking this is NOT a "checkoff item".

I suspect it may be "beyond your charter" but an interesting
exercise might be to show an "initial implementation", note
the number of faults found (manually or with tools) in contrast
with a refactored implementation (though refactored BEFORE the
analysis was done). The point being to show how coding styles
(designs?) can impact the quality of the code.

"Here's a huge piece of spaghetti code. Note the number of
errors... Now, the same (functionally) code written in a
better style..."

Re: Static analysis tool?

<s5cti6$nj3$1@dont-email.me>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=273&group=comp.arch.embedded#273

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Fri, 16 Apr 2021 13:54:11 -0700
Organization: A noiseless patient Spider
Lines: 23
Message-ID: <s5cti6$nj3$1@dont-email.me>
References: <s5co8v$ck0$1@gioia.aioe.org> <s5cq5d$13j$1@dont-email.me>
<s5crtl$3cv$1@gioia.aioe.org> <s5ct5l$k8h$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 16 Apr 2021 20:54:30 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="d36fbdd7db51bed3f90febfe10dc7894";
logging-data="24163"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/FOYOyvpBQjvuHwi4t6cp8"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:mPOT5c0npgvHeWKaNDtqMsKQPcc=
In-Reply-To: <s5ct5l$k8h$1@dont-email.me>
Content-Language: en-US
 by: Don Y - Fri, 16 Apr 2021 20:54 UTC

On 4/16/2021 1:47 PM, Don Y wrote:

> I suspect it may be "beyond your charter" but an interesting
> exercise might be to show an "initial implementation", note
> the number of faults found (manually or with tools) in contrast
> with a refactored implementation (though refactored BEFORE the
> analysis was done). The point being to show how coding styles
> (designs?) can impact the quality of the code.
>
> "Here's a huge piece of spaghetti code. Note the number of
> errors... Now, the same (functionally) code written in a
> better style..."

You can also suggest mechanizing testing -- and the consequences it
has on how you structure the code so that it can be tested in that
way. This is particularly helpful in embedded design where it's
too easy to write code that *requires* hardware to run properly
(yet, chances are, many of the algorithms could be tested without
that hardware if the hardware dependencies were isolated).

I write most of my OSs and drivers so that I can run them in an
interpreter or simulator. Catch the obvious bugs where it's easy
to do so (running at DC).

Re: Static analysis tool?

<s5ctik$1c8$1@solani.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=274&group=comp.arch.embedded#274

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!feeder5.news.weretis.net!news.solani.org!.POSTED!not-for-mail
From: dk4...@arcor.de (Gerhard Hoffmann)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Fri, 16 Apr 2021 22:54:44 +0200
Message-ID: <s5ctik$1c8$1@solani.org>
References: <s5co8v$ck0$1@gioia.aioe.org> <s5cq5d$13j$1@dont-email.me>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 16 Apr 2021 20:54:44 -0000 (UTC)
Injection-Info: solani.org;
logging-data="1416"; mail-complaints-to="abuse@news.solani.org"
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
Thunderbird/68.10.0
In-Reply-To: <s5cq5d$13j$1@dont-email.me>
Content-Language: en-US
X-User-ID: eJwFwQkBwDAIA0BL40mGHaCNfwm9Q9C4fxJMCNLeT6xUwqzu3awJqjf6pJPeGosix/zA8QAqwREu
Cancel-Lock: sha1:AHezNxbcLSKv0jaQaFXz5//z4sg=
 by: Gerhard Hoffmann - Fri, 16 Apr 2021 20:54 UTC

Am 16.04.21 um 21:56 schrieb Don Y:

>> Anybody able to recommend a tool they've used successfully?
>
> Coverity will require deep pockets/"high visibility" (they're out
> to make money).

Friends of mine were quite happy with it verifying our 10 M lines
of code wafertester control software.
IIRC it is free to use on open source software.

cheers, Gerhard

Re: Static analysis tool?

<s5cv2q$23m$1@dont-email.me>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=275&group=comp.arch.embedded#275

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Fri, 16 Apr 2021 14:20:10 -0700
Organization: A noiseless patient Spider
Lines: 23
Message-ID: <s5cv2q$23m$1@dont-email.me>
References: <s5co8v$ck0$1@gioia.aioe.org> <s5cq5d$13j$1@dont-email.me>
<s5ctik$1c8$1@solani.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Fri, 16 Apr 2021 21:20:26 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="d36fbdd7db51bed3f90febfe10dc7894";
logging-data="2166"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18w79oNGrS9Waaethz5PwWt"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:qCLkZm/ObQn0hzHAq2mrJcAvGM8=
In-Reply-To: <s5ctik$1c8$1@solani.org>
Content-Language: en-US
 by: Don Y - Fri, 16 Apr 2021 21:20 UTC

On 4/16/2021 1:54 PM, Gerhard Hoffmann wrote:
> Am 16.04.21 um 21:56 schrieb Don Y:
>
>>> Anybody able to recommend a tool they've used successfully?
>>
>> Coverity will require deep pockets/"high visibility" (they're out
>> to make money).
>
> Friends of mine were quite happy with it verifying our 10 M lines
> of code wafertester control software.

Oh, it's a wonderful tool! But, for most small organizations,
it's likely seen as an "unnecessary expense".

> IIRC it is free to use on open source software.

They have a cloud-based service that will analyze your codebase.
I'm not sure how willing most firms will be to upload the "family
jewels"...

If you're an *established* open-source project, you'll get
more attention (hence NetBSD). But, you'll still play on their
terms.

Re: Static analysis tool?

<87sg3ppc9s.fsf@nightsong.com>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=278&group=comp.arch.embedded#278

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: no.em...@nospam.invalid (Paul Rubin)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Sat, 17 Apr 2021 01:04:47 -0700
Organization: A noiseless patient Spider
Lines: 17
Message-ID: <87sg3ppc9s.fsf@nightsong.com>
References: <s5co8v$ck0$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain
Injection-Info: reader02.eternal-september.org; posting-host="1f32c92232ddfed75528bd14a09261c8";
logging-data="10179"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/cCLO1hducqcIq1nOPa9Ji"
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)
Cancel-Lock: sha1:81WoWShKJCZr0VZdrZMf2NO7eF0=
sha1:ToYki283cUxpQVTqcDcP1fMG4lg=
 by: Paul Rubin - Sat, 17 Apr 2021 08:04 UTC

Dave Nadler <drn@nadler.com> writes:
> Anybody able to recommend a tool they've used successfully?

I haven't personally used it, but Frama-C is well regarded for this.

This isn't specifically about static analysis, but you might find
it interesting:

https://dwheeler.com/essays/high-assurance-floss.html

Also, Dawson Engler's site http://web.stanford.edu/~engler has lots of
stuff about static analysis (he is the founder or a co-founder of
Coverity).

Finally, ask yourself why you are still using C in this day and age at
all, if correctness is critical. Ada, Rust, or even C++ can keep you
out of a lot of trouble.

Re: Static analysis tool?

<s5ec5j.5h0.1@stefan.msgid.phost.de>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=280&group=comp.arch.embedded#280

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: stefan.n...@arcor.de (Stefan Reuther)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Sat, 17 Apr 2021 10:09:54 +0200
Lines: 53
Message-ID: <s5ec5j.5h0.1@stefan.msgid.phost.de>
References: <s5co8v$ck0$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Trace: individual.net RdBsF6MqFvfO8ouEG3SDxwpZrEm2I680M+lajKNPFkC88MiqVs
Cancel-Lock: sha1:GQ6q9rhH1WRo13aJPEVXifq/cw8=
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:68.0) Gecko/20100101
Thunderbird/68.12.1 Hamster/2.1.0.1538
In-Reply-To: <s5co8v$ck0$1@gioia.aioe.org>
 by: Stefan Reuther - Sat, 17 Apr 2021 08:09 UTC

Am 16.04.2021 um 21:24 schrieb Dave Nadler:
> Tried CPPcheck, and while it found some less-than-optimal stuff it only
> found one of the real bugs discussed.
>
> Tried to get an evaluation copy of Coverity, but got a wildly annoying
> and clueless sales person who promises a member of the right team will
> contact me shortly (Real Soon Now).
>
> Bugs I had to fix and amenable to static analysis included:
> - uninitialized variable (only one found by CPPcheck)
> - use of magic 0xff index value as subscript off end of array
> - C macro with unguarded arguments getting wrong answer
> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>
> Anybody able to recommend a tool they've used successfully?

First and foremost: if you've been sloppy for decades, throwing ANY tool
at the existing codebase will bury you in "findings" and therefore not
be useful. So, you WILL have to dumb down the tool to make it usable. If
you're giving out big money for the tool, it'll be hard to predict
whether you'll end up using 90% or 10% of it.

That aside, I consider the free tools good enough. The bang-for-the-buck
ratio is hard to beat:

Recent gcc and clang versions learned to detect a lot of things that
previously only specialized tools would find (e.g. switch/case
fallthrough). Just turn on the bulk for a first test (-O2 -Wall
-Wextra), and turn on even more stuff later. For example, we're using
-Wconversion which can be really annoying but has found/would have found
a few real bugs in our codebase. Of course this will bury you in
warnings if you haven't tried it before.

cppcheck has the advantage of knowing some APIs, i.e. it will find some
file descriptor leaks. On the downside, it has some annoying false
positives (e.g. in C++11, it will flag every other method of a local
class if one method is using std::move on a member).

Now I've also used Klocwork (which would be the same league as
Coverity), but consider its gain minimal. In our codebase, it produces
lots of false positives, some of which lead to sore forehead due to
excessive facepalming. One annoying example is its attempt to implement
the MISRA pseudo-type system, where '1 << 10' is an error because '1'
has type uint8_t for MISRA. Problem is, it considers 'UINT32_C(1)' to
have type uint8_t as well. Another annoying example is that whenever I
call a class method 'open', it expects a call to 'close' somewhere or
flags a resource leak. And sometimes it gets lost inside STL and tells
me that standard class has a leak; at least you won't have that problem
when checking only C :) On the plus side, it has a database to silence
one finding for the future.

Stefan

Re: Static analysis tool?

<wfWdnbr1Fb_YM-f9nZ2dnUU78RfNnZ2d@giganews.com>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=281&group=comp.arch.embedded#281

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!4.us.feeder.erje.net!2.eu.feeder.erje.net!feeder.erje.net!newsfeed.xs4all.nl!newsfeed7.news.xs4all.nl!border2.nntp.ams1.giganews.com!nntp.giganews.com!buffer2.nntp.ams1.giganews.com!news.giganews.com.POSTED!not-for-mail
NNTP-Posting-Date: Sat, 17 Apr 2021 04:45:41 -0500
Reply-To: mk@mkesc.co.uk
Subject: Re: Static analysis tool?
Newsgroups: comp.arch.embedded
References: <s5co8v$ck0$1@gioia.aioe.org>
From: mk...@mkesc.co.uk (Michael Kellett)
Date: Sat, 17 Apr 2021 10:45:39 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.9.1
MIME-Version: 1.0
In-Reply-To: <s5co8v$ck0$1@gioia.aioe.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
Message-ID: <wfWdnbr1Fb_YM-f9nZ2dnUU78RfNnZ2d@giganews.com>
Lines: 49
X-Usenet-Provider: http://www.giganews.com
X-Trace: sv3-1xJFhPDDlvTuF3UyYBMyZPemusWrBVn6sJ+4Skh5FbKrEuTZmc3VZEMfLbYGnaDNENyolHtvLjevCHk!HXV3RDsnRKIESna5AQjlIl3tzWJ6+6CP7+nOpyHEg0EVd2wArxH8vsstNCwgTWQLAqWujb4alnY=
X-Complaints-To: abuse@giganews.com
X-DMCA-Notifications: http://www.giganews.com/info/dmca.html
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Original-Bytes: 3329
 by: Michael Kellett - Sat, 17 Apr 2021 09:45 UTC

On 16/04/2021 20:24, Dave Nadler wrote:
> Perhaps someone here can help...
>
> I'm doing a presentation on techniques for embedded, especially removing
> and keeping out bugs ;-) Using an example project from last year. A
> reviewer of my first draft suggested many of the bugs surfaced in the
> project would have been caught by static analysis - but I haven't had
> such great luck in the past.
>
> Tried CPPcheck, and while it found some less-than-optimal stuff it only
> found one of the real bugs discussed.
>
> Tried to get an evaluation copy of Coverity, but got a wildly annoying
> and clueless sales person who promises a member of the right team will
> contact me shortly (Real Soon Now).
>
> Bugs I had to fix and amenable to static analysis included:
> - uninitialized variable (only one found by CPPcheck)
> - use of magic 0xff index value as subscript off end of array
> - C macro with unguarded arguments getting wrong answer
> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>
> Anybody able to recommend a tool they've used successfully?
> Thanks in advance,
> Best Regards, Dave

I uses PC_Lint Version 9, not the latest, but Gimple now only sell site
licenses at rather high cost if you only need 1. It's still a cheapish
solution.
Ristan Case it nice but has not been updated for years and is not likely
to be.
Lint + MISRA is a bit like doing a code review with a colleague who
objects to pretty much everything you do. For me its main virtue is in
forcing you to think about stuff a little more.
On the current project (where I'm using these tools) it has certainly
caught a few bugs but a lot more instances of stuff that can (and
should) be expressed more clearly or simply.
The problem with working in a "MISRA compliant" environment is that
slavish obedience is required which is often daft. The documentation
burden of dealing with exceptions can become large.

On balance I think it improves my code. (And since on the current
project no code reviews ever happen - it's all I've got :-(

All the above applies to C only.

MK

Re: Static analysis tool?

<s5eeit$cie$1@dont-email.me>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=283&group=comp.arch.embedded#283

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: david.br...@hesbynett.no (David Brown)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Sat, 17 Apr 2021 12:51:09 +0200
Organization: A noiseless patient Spider
Lines: 43
Message-ID: <s5eeit$cie$1@dont-email.me>
References: <s5co8v$ck0$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Injection-Date: Sat, 17 Apr 2021 10:51:09 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="0add4463424a8564213ed2f08da3c485";
logging-data="12878"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19MjsGMmwl1lMPYQT7UGfeiISyHP/VL9HE="
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
Thunderbird/68.10.0
Cancel-Lock: sha1:ZbQaibJk2XcMQQUJaQaOYp93Eqo=
In-Reply-To: <s5co8v$ck0$1@gioia.aioe.org>
Content-Language: en-GB
 by: David Brown - Sat, 17 Apr 2021 10:51 UTC

On 16/04/2021 21:24, Dave Nadler wrote:
> Perhaps someone here can help...
>
> I'm doing a presentation on techniques for embedded, especially removing
> and keeping out bugs ;-) Using an example project from last year. A
> reviewer of my first draft suggested many of the bugs surfaced in the
> project would have been caught by static analysis - but I haven't had
> such great luck in the past.
>
> Tried CPPcheck, and while it found some less-than-optimal stuff it only
> found one of the real bugs discussed.
>
> Tried to get an evaluation copy of Coverity, but got a wildly annoying
> and clueless sales person who promises a member of the right team will
> contact me shortly (Real Soon Now).
>
> Bugs I had to fix and amenable to static analysis included:
> - uninitialized variable (only one found by CPPcheck)
> - use of magic 0xff index value as subscript off end of array
> - C macro with unguarded arguments getting wrong answer
> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>
> Anybody able to recommend a tool they've used successfully?
> Thanks in advance,
> Best Regards, Dave

Your first step should always be the compiler - a good compiler, with
optimisation enabled (that's essential) and lots of warnings will pick
up many such things. It won't do everything, but it is certainly a good
start. gcc in particular has got better and better at this over time -
I have found bugs in code (other people's code, of course :-) ) after
switching to a newer gcc and enabling more warnings.

Actually, that is perhaps the /second/ step. The first step is to adopt
good coding practices (and perhaps a formal standard) that make it
easier to avoid writing the bugs in the first place, and to spot them
when they are made accidentally. For example, a strong emphasis on
static inline functions rather than macros means your risk of macro
problems drops dramatically - and a coding standard that insists on
always guarding the arguments means you don't get the macro bug you
mentioned above.

Re: Static analysis tool?

<s5erma$1kek$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=284&group=comp.arch.embedded#284

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!aioe.org!Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org.POSTED!not-for-mail
From: drn...@nadler.com (Dave Nadler)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Sat, 17 Apr 2021 10:34:50 -0400
Organization: Aioe.org NNTP Server
Lines: 40
Message-ID: <s5erma$1kek$1@gioia.aioe.org>
References: <s5co8v$ck0$1@gioia.aioe.org>
NNTP-Posting-Host: Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Complaints-To: abuse@aioe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.9.1
X-Notice: Filtered by postfilter v. 0.9.2
Content-Language: en-US
 by: Dave Nadler - Sat, 17 Apr 2021 14:34 UTC

On 4/16/2021 3:24 PM, Dave Nadler wrote:
> Perhaps someone here can help...
>
> I'm doing a presentation on techniques for embedded, especially removing
> and keeping out bugs ;-) Using an example project from last year. A
> reviewer of my first draft suggested many of the bugs surfaced in the
> project would have been caught by static analysis - but I haven't had
> such great luck in the past.
>
> Tried CPPcheck, and while it found some less-than-optimal stuff it only
> found one of the real bugs discussed.
>
> Tried to get an evaluation copy of Coverity, but got a wildly annoying
> and clueless sales person who promises a member of the right team will
> contact me shortly (Real Soon Now).
>
> Bugs I had to fix and amenable to static analysis included:
> - uninitialized variable (only one found by CPPcheck)
> - use of magic 0xff index value as subscript off end of array
> - C macro with unguarded arguments getting wrong answer
> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>
> Anybody able to recommend a tool they've used successfully?
> Thanks in advance,
> Best Regards, Dave

Thanks all for the comments. I should have explained this project came
from elsewhere; landed in my lap to add a minor feature which resulted
in needing to do lots of debug of existing problems. I even rewrote part
of it in C++ ;-) Project is proprietary so Coverity scan is not
applicable as that's only for FOSS. Only 5 (maybe 6?) of the top dozen
bugs COULD be found by static analysis but certainly that would have
been helpful.

If anybody has an hour and would be interested to review the
presentation first draft video PM me - I can always use some
constructive comments and suggestions!

Thanks again,
Best Regards, Dave

Re: Static analysis tool?

<s6mh6p$fs1$1@gioia.aioe.org>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=390&group=comp.arch.embedded#390

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!aioe.org!Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org.POSTED!not-for-mail
From: drn...@nadler.com (Dave Nadler)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Sun, 2 May 2021 11:41:12 -0400
Organization: Aioe.org NNTP Server
Lines: 49
Message-ID: <s6mh6p$fs1$1@gioia.aioe.org>
References: <s5co8v$ck0$1@gioia.aioe.org> <s5erma$1kek$1@gioia.aioe.org>
NNTP-Posting-Host: Tgip5Y7XolJj69PZynN/8Q.user.gioia.aioe.org
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Complaints-To: abuse@aioe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
Thunderbird/78.10.0
Content-Language: en-US
X-Notice: Filtered by postfilter v. 0.9.2
 by: Dave Nadler - Sun, 2 May 2021 15:41 UTC

On 4/17/2021 10:34 AM, Dave Nadler wrote:
> On 4/16/2021 3:24 PM, Dave Nadler wrote:
>> Perhaps someone here can help...
>>
>> I'm doing a presentation on techniques for embedded, especially
>> removing and keeping out bugs ;-) Using an example project from last
>> year. A reviewer of my first draft suggested many of the bugs surfaced
>> in the project would have been caught by static analysis - but I
>> haven't had such great luck in the past.
>>
>> Tried CPPcheck, and while it found some less-than-optimal stuff it
>> only found one of the real bugs discussed.
>>
>> Tried to get an evaluation copy of Coverity, but got a wildly annoying
>> and clueless sales person who promises a member of the right team will
>> contact me shortly (Real Soon Now).
>>
>> Bugs I had to fix and amenable to static analysis included:
>> - uninitialized variable (only one found by CPPcheck)
>> - use of magic 0xff index value as subscript off end of array
>> - C macro with unguarded arguments getting wrong answer
>> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>>
>> Anybody able to recommend a tool they've used successfully?
>> Thanks in advance,
>> Best Regards, Dave
>
> Thanks all for the comments. I should have explained this project came
> from elsewhere; landed in my lap to add a minor feature which resulted
> in needing to do lots of debug of existing problems. I even rewrote part
> of it in C++ ;-)  Project is proprietary so Coverity scan is not
> applicable as that's only for FOSS. Only 5 (maybe 6?) of the top dozen
> bugs COULD be found by static analysis but certainly that would have
> been helpful.
>
> If anybody has an hour and would be interested to review the
> presentation first draft video PM me - I can always use some
> constructive comments and suggestions!
>
> Thanks again,
> Best Regards, Dave

Further follow-up: Never heard back from Coverity (as expected).
Tried Perforce Klocworks and got a very perky and slightly less annoying
sales person who promised prompt follow-up, and as usual none was
forthcoming.

Any other static analysis tools you folks can suggest?

Re: Static analysis tool?

<s6mhmb$vnh$1@dont-email.me>

 copy mid

https://www.novabbs.com/devel/article-flat.php?id=391&group=comp.arch.embedded#391

 copy link   Newsgroups: comp.arch.embedded
Path: i2pn2.org!i2pn.org!eternal-september.org!reader02.eternal-september.org!.POSTED!not-for-mail
From: blockedo...@foo.invalid (Don Y)
Newsgroups: comp.arch.embedded
Subject: Re: Static analysis tool?
Date: Sun, 2 May 2021 08:49:23 -0700
Organization: A noiseless patient Spider
Lines: 59
Message-ID: <s6mhmb$vnh$1@dont-email.me>
References: <s5co8v$ck0$1@gioia.aioe.org> <s5erma$1kek$1@gioia.aioe.org>
<s6mh6p$fs1$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Sun, 2 May 2021 15:49:32 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="e7edcc528bc140b1fe96cf5a85da1405";
logging-data="32497"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18gBAjwTR9Brlcst1yyYoZw"
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
Cancel-Lock: sha1:33mLjbFJGAikOQtKZMZfAdKyEBY=
In-Reply-To: <s6mh6p$fs1$1@gioia.aioe.org>
Content-Language: en-US
 by: Don Y - Sun, 2 May 2021 15:49 UTC

On 5/2/2021 8:41 AM, Dave Nadler wrote:
> On 4/17/2021 10:34 AM, Dave Nadler wrote:
>> On 4/16/2021 3:24 PM, Dave Nadler wrote:
>>> Perhaps someone here can help...
>>>
>>> I'm doing a presentation on techniques for embedded, especially removing and
>>> keeping out bugs ;-) Using an example project from last year. A reviewer of
>>> my first draft suggested many of the bugs surfaced in the project would have
>>> been caught by static analysis - but I haven't had such great luck in the past.
>>>
>>> Tried CPPcheck, and while it found some less-than-optimal stuff it only
>>> found one of the real bugs discussed.
>>>
>>> Tried to get an evaluation copy of Coverity, but got a wildly annoying and
>>> clueless sales person who promises a member of the right team will contact
>>> me shortly (Real Soon Now).
>>>
>>> Bugs I had to fix and amenable to static analysis included:
>>> - uninitialized variable (only one found by CPPcheck)
>>> - use of magic 0xff index value as subscript off end of array
>>> - C macro with unguarded arguments getting wrong answer
>>> - use of int8 to index 1kb buffer (so only 256 bytes got used)
>>>
>>> Anybody able to recommend a tool they've used successfully?
>>> Thanks in advance,
>>> Best Regards, Dave
>>
>> Thanks all for the comments. I should have explained this project came from
>> elsewhere; landed in my lap to add a minor feature which resulted in needing
>> to do lots of debug of existing problems. I even rewrote part of it in C++
>> ;-) Project is proprietary so Coverity scan is not applicable as that's only
>> for FOSS. Only 5 (maybe 6?) of the top dozen bugs COULD be found by static
>> analysis but certainly that would have been helpful.
>>
>> If anybody has an hour and would be interested to review the presentation
>> first draft video PM me - I can always use some constructive comments and
>> suggestions!
>>
>> Thanks again,
>> Best Regards, Dave
>
> Further follow-up: Never heard back from Coverity (as expected).
> Tried Perforce Klocworks and got a very perky and slightly less annoying sales
> person who promised prompt follow-up, and as usual none was forthcoming.
>
> Any other static analysis tools you folks can suggest?

You're not going to find anything of the same caliber as Klocwork/Coverity
in the "discount/FOSS" aisle.

But, as I said, elsewhere, with enough (machine) "eyes" looking at your code,
you may eke out some insights that would evade a normal review.

Look at PVS Studio. ConQAT won't necessarily give you the sorts of flags
that you're likely expecting from a static analysis tool; but, can help with
things like clone detection (more "smells" than actual "problems")

[Of course, there are other tools that do similar things]

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor