Presentation is loading. Please wait.

Presentation is loading. Please wait.

Parasoft® C++test Comprehensive Code Quality Tools for C/C++ Development.

Similar presentations


Presentation on theme: "Parasoft® C++test Comprehensive Code Quality Tools for C/C++ Development."— Presentation transcript:

1 Parasoft® C++test Comprehensive Code Quality Tools for C/C++ Development

2 Inroduction Parasoft ® C++test ™ is an integrated solution for automating a broad range of tools to improve software development, team productivity and software quality for C and C++:  Static analysis – static code analysis, data flow static analysis, and metrics analysis  Peer code review process automation–preparation, notification, and tracking  Unit testing – unit test creation, execution, optimization, and maintenance  Runtime error detection – memory access errors, leaks, corruptions, and more Parasoft® C++test by Alon Bialik

3 Introduction – features Some of the features :  Static analysis of code for compliance with user-selected coding standards  Graphical RuleWizard editor for creating custom coding rules  Static code path simulation for identifying potential runtime errors  Automated code review with a graphical interface and progress tracking  Application monitoring/memory analysis  Automated generation and execution of unit and component-level tests  Flexible stub framework  Full support for regression testing  Code coverage analysis with code highlighting  Runtime memory error checking during unit test execution  Full team deployment infrastructure for desktop and command line usage Parasoft® C++test by Alon Bialik

4 Introduction – Cross Platform Cross Platform Supported Host Environments: Host Platforms Windows NT/2000/XP/2003/Vista/7 Linux kernel 2.4 Linux kernel 2.6 Solaris 7, 8, 9, 10 IBM AIX 5.3 and a PowerPC processor IDEs Eclipse for C/C++ Developers 3.2, 3.3, 3.4, 3.5 (32-bit) Microsoft Visual Studio.NET 2003, 2005, 2008 with Microsoft Visual C++ Wind River Workbench 2.6, 3.0, 3.1, 3.2 Texas Instruments Code Composer Studio 4.x ARM Workbench IDE for RVDS 3.0, 3.1, 4.0 QNX Momentics IDE 4.5 (QNX Software Development Platform 6.4) Host Compilers Windows Microsoft Visual C++ 6.0,.NET (7.0),.NET 2003 (7.1), 2005 (8.0), 2008 (9.0) GNU and MingW gcc/g x, 3.2.x, 3.3.x, 3.4.x GNU gcc/g x, 4.1.x, 4.2.x, 4.3.x Green Hills MULTI for Windows x86 Native v4.0.x Linux (x86 target platform) GNU gcc/g x, 3.2.x, 3.3.x, 3.4.x, 4.0.x, 4.1.x, 4.2.x, 4.3.x Linux (x86_64 target platform) GNU gcc/g x, 4.0.x, 4.1.x, 4.2.x, 4.3.x Target/Cross Compilers ARM (Windows hosted) ARM RVCT 2.2, 3.x, 4.x ARM ADS 1.2 Embedded Linux (Windows, Linux, Solaris hosted) GNU gcc/g x, 3.2.x, 3.3.x, 3.4.x, 4.0.x, 4.1.x, 4.2.x, 4.3.x Green Hills (Windows, Solaris hosted) Green Hills optimized compilers line 4.0.x IAR (Windows hosted) IAR ANSI C/C++ Compiler V5.30 for ARM (C only) Keil (Windows hosted) ARM/Thumb C/C++ Compiler, RVCT3.1 for uVision C51 Compiler V8.18 (static analysis only) Microsoft (Windows hosted) Microsoft Visual C++ for Windows Mobile 8.0, 9.0 Microsoft Embedded Visual C QNX (Windows hosted) GCC 2.9.x, 3.3.x, 4.2.x STMicroelectronics (Windows hosted) ST20 (static analysis only) ST40 (static analysis only) Texas Instruments (Windows hosted) TMS320C6x C/C++ Compiler v5.1 TMS320C6x C/C++ Compiler v6.0 TMS320C2000 C/C++ Compiler v4.1 (static analysis only) Source Control AccuRev SCM Borland StarTeam CVS IBM/Rational ClearCase Microsoft Team Foundation Server Microsoft Visual SourceSafe Perforce SCM Serena Dimensions Subversion (SVN) Telelogic Synergy Parasoft® C++test by Alon Bialik

5 Embedded and Cross-Platform Development  C++test’s customizable workflow allows users to test code as it’s developed, then use the same tests to validate functionality in target environments For embedded and cross-platform development, C++test can be used in both host-based and target-based code analysis and test flows Parasoft® C++test by Alon Bialik

6 Overview - Static analysis What is Static Analysis? Static analysis is the term applied to the analysis of computer software that is performed without actually executing programs. - wikipedia  Low-tech static analysis: Software inspection Simple syntactic standards and manual checks  High-tech static analysis Enforced syntactic checks Well-formedness checks in specifications, designs, and code (e.g., matching connectors in design diagrams) Automated program analyses Often based on data flow analysis Finite-state verification and other “high-power” analyses of models Parasoft® C++test by Alon Bialik

7 C++test - Static analysis Automate Code Analysis for Monitoring Compliance a properly implemented coding policy can eliminate entire classes of programming errors by establishing preventive coding conventions. C++test statically analyzes code to check compliance with such a policy. static code analysis tool monitors whether code follows industry-standard or customized rules for ensuring that code meets uniform expectations around security, reliability, performance, and maintainability. User can choose out from over 1400 built-in rules, custom existing rules or define new ones Parasoft® C++test by Alon Bialik

8 C++test - Static analysis cont’d example Let’s review this example class A { public: A(int xval, int yval) : _x(xval), _y(yval) {} friend A& operator+(const A& p1, const A& p2); private: int _x, _y; }; A& operator+(const A& p1, const A& p2) { A *result = new A(p1._x + p2._x, p1._y + p2._y); return *result; } // Violation Returning a reference to a local object or a dereferenced pointer initialized by new within the function may cause a memory leak. C++ test has a built-in rule you can select: Never return a dereferenced local pointer initialized by new in function scope Parasoft® C++test by Alon Bialik

9 C++test - Static analysis cont’d example cont’d class A { public: A(int xval, int yval) : _x(xval), _y(yval) {} friend A& operator+(const A& p1, const A& p2); private: int _x, _y; }; A& operator+(const A& p1, const A& p2) { A *result = new A(p1._x + p2._x, p1._y + p2._y); return *result; // Violation }  Implementation of this rule is advised by Scott Meyers in his book "Effective C++: 50 Specific Ways to Improve Your Programs and Design“ Parasoft® C++test by Alon Bialik

10 C++test - Static analysis cont’d Define your own rule sets with built-in and custom rules. This is a good way to enforce standards of coding techniques like naming conventions that are customary in a programming team, variables initialization etc. #include using namespace std; class A { public: A( const char* file, const char* path ) { myFile = file; // Violation myPath = path; // Violation } private: string myFile; string myPath; }; and A( const char* file, const char* path ) : myFile(file), myPath(path) {} // OK Where Little anecdote for those who took MATAM before 2008, there is a rule Prefer initialization to assignment in constructors Parasoft® C++test by Alon Bialik

11 C++test - Static analysis cont’d Parasoft® C++test by Alon Bialik C++Test - Resources  Herb Sutter, Andrei Alexandrescu, C++ Coding Standards  Scott Meyers – Effective C++ & More Effective C++  Ellemtel Coding Standards (1990)  MISRA-C 2004, MISRA-C  Motorola Coding Standards  Meyers-Klaus Rules  JSF Coding Standards (2005)

12 C++test - Static analysis cont’d Parasoft® C++test by Alon Bialik Rules Categories  Coding Convention Rules  Comments Rules  Exceptions Rules  Formatting Rules  Initialization Rules  Metrics Rules  MISRA 2004 Rules  Memory and Resource  Management Rules  Naming Convention Rules  OOP Rules  Optimization Rules  Portability Rules  Possible Bugs Rules  Physical File Org. Rules  Qt Best Practices Rules  Security Rules  STL Best-Practices Rules  Templates Rules  Bug Detective (*) Coding Conventions: For example:  Magic numbers  Default in Switch-case  Const non-const conversion  Naming conventions int small = 20000; int big = small * 2; // or ? if (small < big) {} Q : Will the if’s body be executed? A : Depends… Rule: Use: UINT8, INT16, UINT32 etc… Initialization rules For example: Globals, static, member in C’tor etc Exception rules For example: Not from D’tor … (prevent stack unwinding) OOP Rules For example:  Multiple inheritance (diamond inheritance)  Avoid calling virtual-methods/global-data from C’tor / D’tor  Avoid public data members  Avoid down-casting  If a class has virtual functions it shall have a  virtual D’tor

13 C++test - Static analysis cont’d Define your test Parasoft® C++test by Alon Bialik Configure your static analysis test C++test configurations

14 C++test - Static analysis cont’d Define your test Parasoft® C++test by Alon Bialik

15 C++test - Static analysis cont’d Define your test Parasoft® C++test by Alon Bialik

16 C++test - Static analysis cont’d Define your test Parasoft® C++test by Alon Bialik

17 C++test - Static analysis cont’d Define your test Parasoft® C++test by Alon Bialik Configure your static analysis test Rule Editor

18 18

19 C++test - Static analysis cont’d Run Test Parasoft® C++test by Alon Bialik Run static analysis test on you code

20 C++test - Static analysis cont’d Test your code – test summary Parasoft® C++test by Alon Bialik

21 C++test - Static analysis cont’d Test your code – static analysis output Parasoft® C++test by Alon Bialik

22 C++test - Static analysis cont’d Define your test Parasoft® C++test by Alon Bialik Configure your static analysis test Bug Detective

23 C++test - Static analysis cont’d Bug Detective Parasoft® C++test by Alon Bialik

24 C++test - Static analysis cont’d Bug Detective – cont’d Parasoft® C++test by Alon Bialik

25 C++test - Static analysis cont’d Bug Detective – cont’d Parasoft® C++test by Alon Bialik

26 C++test - Static analysis cont’d Parasoft® C++test by Alon Bialik  Resource Leaks Allocation misuse of memory, pipes, file descriptors, and other system resources.  Bugs Runtime errors such as division by zero, array bounding and indexing flaws, NULL pointer dereferencing, and data initialization errors.  Security Vulnerabilities Detect read, write or indexing of potentially tainted data. Bug Detective – cont’d

27 C++test - Static analysis cont’d Bug Detective – cont’d Parasoft® C++test by Alon Bialik

28 C++test - Static analysis cont’d Bug Detective - Examples Parasoft® C++test by Alon Bialik void example(int src[100], int dest[100]) { int size; scanf("%d", &size); memcpy(dest, src, size); // VIOLATION ("size" is an arbitrary value possibly 100) } Buffer Overflow Security example Dereferencing a NULL Pointer int main(int argc, char* argv[]) { Point* point = 0; if (argc > 3) { point = new Point(atoi(argv[1]), atoi(argv[2])); } point->reflectAcrossX(); // VIOLATION ("point" might be NULL at this point) return 0; }

29 C++test - Static analysis cont’d Run Test Parasoft® C++test by Alon Bialik Run Bug Detective test on you code

30 C++test - Static analysis cont’d Test your code – test summary Parasoft® C++test by Alon Bialik

31 C++test - Static analysis How does it work? Parasoft® C++test by Alon Bialik An educated guess

32 C++test C++test - Static analysis how it is done? IDE Error Handler Syntax analyzer Syntax analyzer Lexical analyzer Lexical analyzer C/C++ Source program Semantic analyzer Semantic analyzer Symbol table Symbol table Properties table Properties table C++ EBNF User chosen rules Parasoft® C++test by Alon Bialik

33 C++test - Static analysis Lexical analysis in a nut shell  Lex is a program (generator) that generates lexical analyzers Lex  It reads the input stream (specifying the lexical analyzer ) and outputs source code implementing the lexical analyzer in the C programming language.  Lex will read patterns (regular expressions) then produces C code for a lexical analyzer that scans for identifiers. Lexical analyzer Lexical analyzer Stream of characters Stream of Tokens Parasoft® C++test by Alon Bialik

34 C++test - Static analysis Lexical analysis in a nut shell  A simple pattern: letter(letter|digit)* Lex  Regular expressions are translated by lex to a computer program that mimics an FSA.  This pattern matches a string of characters that begins with a single letter followed by zero or more letters or digits letter startLetter or digit other Parasoft® C++test by Alon Bialik

35 C++test - Static analysis Lexical analysis in a nut shell – cont’d ……..Definitions section…… D [0-9] L [a-zA-Z_] H [a-fA-F0-9] E [Ee][+-]?{D}+ Lex ……Rules section…….. "while" {return(WHILE); } "float" {return(FLOAT); } 0[xX]{H} {return(CONSTANT); } L?\"(\\.|[^\\"])*\" {return(STRING_LITERAL); } Parasoft® C++test by Alon Bialik

36 C++test - Static analysis Lexical analysis in a nut shell – cont’d ……….Code section (subroutines)…….. Here we do first analysis of the text. Give each Token it’s original text, original place in the code for reference. Lex Some of Lex variables: yytext:matching string yylval:data structure associated with a Token Parasoft® C++test by Alon Bialik

37 C++test - Static analysis Lexical analysis in a nut shell – cont’d Lex #include #include // for std::isspace(), etc. void someFunc(const std::string &data); Lexical analyzer Lexical analyzer [#] "include" [ ] [#] "include" [ ] [#] "include" [ ] [/] [/] "for" "std" [:] [:] "isspace" [(] [)] [,] "etc" [.] "void" "print“ “someFunc" [(] "const" "std" [:] [:] "string" [&] "data" [)] [;] "int" "main" [(] [)] [{] "std" [:] [:] "string" Line:4 Column:6 Text:some Func Etc Parasoft® C++test by Alon Bialik

38 C++test - Static analysis Syntax analyzer in a nut shell  reads the Grammars written in Backus Normal Form (BNF). and generate C code from Lex YACC  Generate Symbols table  Reports to IDE about syntax errors Semantic analyzer Semantic analyzer Stream of Tokens BNF grammer rules  BNF grammar used to express context-free languages  uses bottom-up or shift-reduce parsing Syntax analyzer Syntax analyzer Symbol table Symbol table Parasoft® C++test by Alon Bialik

39 C++test - Static analysis Syntax analyzer in a nut shell YACC – an example % statement : expression { printf (“ = %g\n”, $1); } expression : expression ‘+’ expression { $$ = $1 + $3; } | expression ‘-’ expression { $$ = $1 - $3; } | NUMBER { $$ = $1; } % According these two productions, – is parsed into: statement expression number

40 C++test - Static analysis Syntax analyzer in a nut shell YACC – an example cont’d S -> E E -> E + T E -> E - T E -> T T -> T * F T -> T / F T -> F F -> ( E ) F -> ID S -> E E -> E + E E ->E - E E -> E * E E -> E / E E -> ( E ) E -> ID Parasoft® C++test by Alon Bialik

41 C++test - Static analysis Syntax analyzer in a nut shell YACC – an example cont’d Precedence and Associativity %right ‘=' %left '-' '+' %left '*' '/' %right '^' Parasoft® C++test by Alon Bialik

42 C++test - Static analysis Syntax analyzer in a nut shell YACC – an example cont’d expr : expr '+' term { $$ = $1 + $3; } | term { $$ = $1; } ; term : term '*' factor { $$ = $1 * $3; } | factor { $$ = $1; } ; factor : '(' expr ')' { $$ = $2; } | ID | NUM ; Parasoft® C++test by Alon Bialik

43 C++test - Static analysis Syntax analyzer in a nut shell YACC – an example cont’d expr expr : expr '+' term { $$ = $1 + $3; } term | term { $$ = $1; } ; term term : term '*' factor { $$ = $1 * $3; } factor | factor { $$ = $1; } ; ( factor : '(' expr ')' { $$ = $2; } | ID | NUM ; $ Parasoft® C++test by Alon Bialik

44 C++test - Static analysis Syntax analyzer in a nut shell YACC – an example cont’d + expr : expr '+' term { $$ = $1 + $3; } | term { $$ = $1; } ; * term : term '*' factor { $$ = $1 * $3; } | factor { $$ = $1; } ; expr factor : '(' expr ')' { $$ = $2; } | ID | NUM ; $ Parasoft® C++test by Alon Bialik

45 C++test - Static analysis Syntax analyzer in a nut shell YACC – an example con’t term expr : expr '+' term { $$ = $1 + $3; } | term { $$ = $1; } ; factor term : term '*' factor { $$ = $1 * $3; } | factor { $$ = $1; } ; ) factor : '(' expr ')' { $$ = $2; } | ID | NUM ; $ Parasoft® C++test by Alon Bialik

46 C++test - Static analysis Syntax analyzer syntax analyzer At this point the syntax analyzer builds the symbol table and save all the properties of a symbol For example: Class symbol Name: Name Object Declared? Pure virtual? Variables ListVariable.. Methods ListVariable.. Static? Virtual? Parasoft® C++test by Alon Bialik

47 C++test - Static analysis Syntax analyzer in a nut shell Semantic analyzer Semantic analyzer test the generated symbol table against the defined rules and matches unwanted paterns Class symbol Name: Name Object Declared? Pure virtual? Variables ListVariable.. Methods ListVariable.. Static? Virtual? Parasoft® C++test by Alon Bialik

48 C++test – Bug Detective How does it work? Parasoft® C++test by Alon Bialik An educated guess

49 Bug Detective C++test - Static analysis Bug Detective Tree structure Intermediate Representation Semantics-safe Tree structure Semantic Analyzer CFG Generator Tree … Data Flow analysis Data Flow analysis Control Flow analysis CFG Parasoft® C++test by Alon Bialik

50 C++test - Static analysis Bug Detective  Compile-time reasoning about the run-time flow of values in the program  Represent facts about the run-time behavior  Represent effect of executing each basic block  Propagate facts around the control flow graph Data Flow Analysis Parasoft® C++test by Alon Bialik

51 C++test - Static analysis Bug Detective Data Flow Analysis – cont’d  Formulated as a set of simultaneous equations - Sets attached to the nodes and edges - Lattice to describe the relation between values - Usually represented as a bit or bit vectors  Solve equations using iterative framework - Start with initial guess of facts at each node - Propagate until stabilizes at maximal fixed point. - Would like meet over all paths (MOP) solution Parasoft® C++test by Alon Bialik

52 C++test - Static analysis Bug Detective Parasoft® C++test by Alon Bialik Data-flow analyses equations are distinguished by  Direction  Gen  Kill  May/Must  Merge  Flow values (initial guess, type) Data Flow analysis equation properties

53 C++test - Static analysis Bug Detective Reaching definitions  A definition of a variable x is a statement that may assign a value to x  A definition may reach a program point p if there exists some path from the point immediately following the definition to p such that the assignment is not killed along that path - A definition of a variable x is killed if there is any other definition of x anywhere along the path  Concept: relationship between definitions and uses Parasoft® C++test by Alon Bialik

54 What blocks do definitions d2 and d4 reach? d1 i = m – 1 d2 j = n d3 i = i + 1 d4 j = j - 1 B1 B2 B3 B4 B5 d2 d4 C++test - Static analysis Bug Detective Reaching definitions – cont’d Parasoft® C++test by Alon Bialik

55 C++test - Static analysis Bug Detective Reasoning about Basic Blocks Effect of single statement: a = b op c  Uses variables {b,c}  Kills all definitions of {a}  Generates new definition (i.e. assigns a value) of {a} Local Analysis:  Analyze the effect of each instruction  Compose these effects to derive information about the entire block Parasoft® C++test by Alon Bialik

56 C++test - Static analysis Bug Detective Reachability Analysis: Step 1  For each block, compute local (block level) information - DEDef(B): the set of downward-exposed definitions in B o Those for which the defined name is not subsequently redefined by the exit from B - DEFKill(B): the set of definitions that are obscured by a definition of the same name in B o Also consider definition points outside B  This information does not take control flow between blocks into account Parasoft® C++test by Alon Bialik

57 Reaching Definitions Example d1 i = m – 1 d2 j = n d3 a = u1 B1 B2 B3 B4 d4 i = i + 1 d5 j = j - 1 d6 a = u2 d7 i = u2 DEDef = 4,5 DEFKill = 1,2,7 DEDef = 1,2,3 DEFKill = 4,5,6,7 DEDef = 7 DEFKill = 1,4 DEDef = 6 DEFKill = 3 DEFKill need to consider the set of all definition points: {1,2,3,4,5,6,7} C++test - Static analysis Bug Detective Parasoft® C++test by Alon Bialik

58 C++test - Static analysis Bug Detective Parasoft® C++test by Alon Bialik Reachability Analysis: Step 2 Definitions that reach the exit point of predecessor x  Compute REACHES set for each block in a forward direction - REACHES(b): the set of definitions that reach the entry to a block b - Start with REACHES(n 0 ) = Ø - REACHES(b)=  x  pred(b) (DEDef(x)  (REACHES(x)-DEFKill(x)) )  Iterative algorithm: keep computing REACHES sets until a fixed point is reached Locally defined in x Propagated into x and not killed by any definition in x

59 C++test - Static analysis Bug Detective Parasoft® C++test by Alon Bialik Reachability Analysis: Step 2-cont’d Information propagated across blocksInformation propagated within blocks  Compute REACHES set for each block in a forward direction - REACHES(b): the set of definitions that reach the entry to a block b - Start with REACHES(n 0 ) = Ø - REACHES(b)=  x  pred(b)OUT(x) - OUT(x) = DEDef(x)  (REACHES(x)-DEFKill(x)) o OUT(x) is the set of definitions that reach the exit from a block x, which include definitions that are - Either generated within the block (DEDef(x)), or - Reach on entry to x and not killed by any definition in x (REACHES(x)-DEFKill(x))

60 C++test - Static analysis Bug Detective Array out of boundaries detection using Reaching Definition d1 i = 0 d2 j = n d3 k = a[i] B1 B2 B3 B4 d4 i = i + 1 d5 j = j - 1 d6 i = 0 d7 k = a[i] DEDef = 4,5 DEFKill = 1,2,7 DEDef = 1,2,3 DEFKill = 4,5,6,7 DEDef = 7 DEFKill = 3 DEDef = 6 DEFKill = 1,4 int a[10] Parasoft® C++test by Alon Bialik

61 C++test - Static analysis Bug Detective Array out of boundaries detection using Reaching Definition – cont’d For every use of operator[], i.e a[i] on block b, we check all paths leading to block b for possible definitions of i that are out of a’s bounderies May – true on some path (set union) Parasoft® C++test by Alon Bialik Disadvantage of this way:  search of all paths can yield not feasible paths Advantage of this way:  at most cases reaching definitions that sets value of indexes are very short and not complicated

62 C++test - Static analysis Bug Detective “Conditions that always evaluated the same” detection using Reaching Definition In a similar way we could go over the CFG and look for Boolean conditions and check if it always (on all paths evaluates the same) Must – true on all paths (set intersection) Parasoft® C++test by Alon Bialik Reaching Definition can also be used the same way to detect Division by zero, Unreachable switch branches And more..

63 C++test - Static analysis Bug Detective Parasoft® C++test by Alon Bialik  The CFG contains all function calls, uses of global variables, uses of parameter pointer variables, and optionally uses of all local variables, concurrency operations.  The CFG includes the symbolic information for these objects, such as their names, types, whether an access is read or write, whether a variable is a parameter or not, whether a function or variable is static or not, the line number, etc. Control Flow Analysis

64 C++test - Static analysis Bug Detective Parasoft® C++test by Alon Bialik Traverse the whole system CFG can find - Dead code. - Resources not freed. - Not allocated/initilized memory access. and more.. Control Flow Analysis

65 C++test - Static analysis Comparing models Parasoft® C++test by Alon Bialik ToolStatic /dynamicCompletenessSoundnesscustomizableOS BlastStaticYesNo –false alarms Nowindows CBMCStaticNoYesNowindows C++testStatic+dynamicNo C+ test does not proof you code Yes – all violations can happen highlyWindows/ Linux/ Solaris and more

66 Conclusion Parasoft® C++test by Alon Bialik Disadvantages…  Slow…  Not Open-Source  No “Quick-Fix”  Expensive…  Does not prove your code Advantages…  Easy to operate  Highly customizable  Can verify your code meets coding standards  Prevents errors that compromise security, reliability, and performance


Download ppt "Parasoft® C++test Comprehensive Code Quality Tools for C/C++ Development."

Similar presentations


Ads by Google