Reviews

  • Christian Holler. Trying new code analysis techniques

    27.01.2012
    In this short post, the author tells us about his experience of using two static analysis tools each of which provides its own technique - Address Sanitizer (ASan) and Clang Static Analyzer.

  • Jim Bird. Static Analysis isn't Development Testing

    06.01.2012
    The post focuses on the false idea that static analysis tools are testing tools or can be a good substitute for them. The author explains the difference between various kinds of testing and static analysis bringing out the point of the latter and its role in development. He agrees that static analyzers are necessary tools, but they are intended for detecting a "narrow band of code-related defects".

  • Frank Kim. Seven Tips for Picking a Static Analysis Tool

    13.12.2011
    This short post gives you some tips about how to choose a static analysis tool for your projects. Following these tips will help you to maximize your choice.

  • Development Testing with Static Analysis

    07.11.2011
    The post refers us to an article by Coverity describing the benefits of static analysis and mentioning three analysis techniques it can provide: dataflow analysis, interprocedural analysis and false-path pruning. Each of this technique is illustrated by a code sample.

  • Arthur Hicken. What is Static Analysis... and What is it Good For?

    05.10.2011
    Static analysis includes many techniques each of which helps developers to find various bugs and issues at different stages of the development process. In his article, Arthur Hicken describes these techniques (peer code review, pattern based analysis, flow analysis, metrics, compiler/build output) and the types of problems they are meant to solve.

  • Pierre Morel-Fourrier. C++ code analysis in Visual Studio 2012

    11.09.2011
    The article concerns the C++ code analyzer integrated into the Visual Studio 2012 development environment. The author speaks on the improvements introduced into the new version of the application and cites several code samples to show how it works and demonstrate various features of the analyzer. The text is complemented with screenshots explaining how to handle the analyzer.

  • S.G. Ganesh. Joy of Programming: The Technology Behind Static Analysis Tools

    01.09.2011
    The article deals with the technology of static analysis. The main principle of static analysis tools' operation is explained and different techniques that comprise static analysis are described. Among them are bug pattern matching, data-flow analysis, abstract interpretation, model checking and program querying. The author also mentions tools specializing in each of these techniques. Information given in the article can help students in trying to make their own tools.

  • Michael Barr. How to enforce coding standards automatically

    27.07.2011
    Compliance with coding standards accepted in a company or a development team helps developers to avoid bugs and focus their attention on the general and more efficient review of the code. Unfortunately, the human factor often interferes with the necessity of following the rules, so there should be techniques of automated enforcement of coding standards. The article describes two widely-used static analysis tools that can be useful in solving this task - PC-Lint and RSM.

  • Military Embedded Systems. Static analysis is going deeper with deep-flow data flow - Interview with Jill Britton, Consultancy Services Group Manager at PRQA

    22.06.2011
    This item includes an interview with Jill Britton who tells about the trends in the static analysis field, most common problems they meet when testing code, testing approaches applied in different areas and the exclusive method of code analysis created by the PRQA company.

  • Magnus Unemyr. Embedded Software development - a lot more than programming

    04.06.2011
    In his article, Magnus Unemyr discusses the problem of lack of up-to-date tools for embedded developers. According to him, while embedded software systems get more complex, tools intended to help developers in the development process still remain at the same level as 20 years ago, addressing common tasks (editing, compiling and debugging) without getting more flexible and powerful and capable of addressing a wider set of tasks. Among these are tasks of preliminary graphical modeling of the project's code to come, tracking changes in code and creation of version control systems, bug reports, automated unit-test development and many other things.