Dr. Dobb's Journal - March 2008 - (Page 24) Core Technology DETECTING BUGS IN SAFETY-CRITICAL CODE Figure 1: Null pointer dereference report from CodeSonar. following illustrates some of the most important classes. The first class is the most serious—bugs that either cause the program to terminate abnormally or result in highly unpredictable behavior. These include buffer overrun and underrun, null pointer dereference, division by zero, and use of uninitialized variables. Memory allocation errors are those that result from the misuse of malloc or new. These can be tricky to debug because the erroneous behavior may only show up long after the event that caused the error. Such errors include double free, use after free, and memory leak. Concurrency bugs may be caused by misuse of the threads library. Double locks or unlocks, race conditions, and futile attempts to lock are among the checks that are available. A second class of check is for inconsistencies or redundancies. These are not bugs per se, but are often indicators that a programmer misunderstood something. For example, if you check the return value of a function 99 percent of the time, then that 1 percent that is left unchecked may indicate such a problem. This class includes redundant conditions, useless assignments, and checking whether a pointer is null after it has already been dereferenced. Finally, some tools let you author your own checks. The mechanism for this differs widely between tools. CodeSonar (the tool I work on) lets you write little C code stubs that use a simple API to check for properties. These stubs are never actually executed: They are fed to the analysis alongside your own source code and are then symbolically executed. Statements that are analogous to asserts are used to signal that a warning should be reported. Static analysis can’t check all properties of your program. If your code contains a logic error that causes your program to produce the wrong result, then static analysis will usually be of little help finding that bug. That’s what testing is for. Code Sample FREE NEWSLETTER • Timely news • Colorful commentary • Timeless technical features SIGN UP TODAY! ddj.com/newsletters 24 To illustrate the kinds of flaws that advanced static analysis is capable of detecting, take a look at the report in Figure 1. All examples are distilled from real flaws found in production software. The code in red is on the path to the error and the column on the left shows the values that the conditions that must hold for the error to occur. Code with a yellow background is where the error occurs, and code with a green background indicates that something directly relevant to the error occurred at that line. In this report, the analysis has found that the variable named state may be null (actually <= 4095 indicates that it is in the 0th page of virtual memory). Following the path back, you can see that this was returned by a call to acquire_state on line 24. Note also that the conditional on line 26 was not true, indicating that the analysis has deduced that the value of acquire_err is REG_NOERROR along this path. That variable also gets assigned to in the call to acquire_state. To see what happens in there, refer to Figure 2 where you can see that on the path taken, *err (which gets passed back as acquire_err at the call site) is indeed REG_NOERROR, and the return value Dr. Dobb’s Journal l www.ddj.com l March 2008 http://ddj.com/newsletters http://ddj.com/newsletters http://www.ddj.com
Table of Contents Feed for the Digital Edition of Dr. Dobb's Journal - March 2008 Dr. Dobb's Journal - March 2008 Contents Hmmmm Alia Vox Developer Diaries Developer’s Notebook Social Networks and Software Development Conversations Detecting Bugs in Safety-Critical Code Change Code Without Fear Continuous Integration and Performance Testing Wt: A Web Toolkit Automating Release Notifications The Agile Edge Effective Concurrency Swaine’s Flames Dr. Dobb's Journal - March 2008 Dr. Dobb's Journal - March 2008 - (Page Belly1) Dr. Dobb's Journal - March 2008 - (Page Belly2) Dr. Dobb's Journal - March 2008 - Dr. Dobb's Journal - March 2008 (Page Cover1) Dr. Dobb's Journal - March 2008 - Dr. Dobb's Journal - March 2008 (Page Cover2) Dr. Dobb's Journal - March 2008 - Dr. Dobb's Journal - March 2008 (Page 1) Dr. Dobb's Journal - March 2008 - Dr. Dobb's Journal - March 2008 (Page 2) Dr. Dobb's Journal - March 2008 - Dr. Dobb's Journal - March 2008 (Page 3) Dr. Dobb's Journal - March 2008 - Contents (Page 4) Dr. Dobb's Journal - March 2008 - Contents (Page 5) Dr. Dobb's Journal - March 2008 - Hmmmm (Page 6) Dr. Dobb's Journal - March 2008 - Hmmmm (Page 7) Dr. Dobb's Journal - March 2008 - Hmmmm (Page 8) Dr. Dobb's Journal - March 2008 - Hmmmm (Page 9) Dr. Dobb's Journal - March 2008 - Alia Vox (Page 10) Dr. Dobb's Journal - March 2008 - Alia Vox (Page 11) Dr. Dobb's Journal - March 2008 - Developer Diaries (Page 12) Dr. Dobb's Journal - March 2008 - Developer Diaries (Page 13) Dr. Dobb's Journal - March 2008 - Developer’s Notebook (Page 14) Dr. Dobb's Journal - March 2008 - Developer’s Notebook (Page 15) Dr. Dobb's Journal - March 2008 - Social Networks and Software Development (Page 16) Dr. Dobb's Journal - March 2008 - Social Networks and Software Development (Page 17) Dr. Dobb's Journal - March 2008 - Social Networks and Software Development (Page 18) Dr. Dobb's Journal - March 2008 - Social Networks and Software Development (Page 19) Dr. Dobb's Journal - March 2008 - Conversations (Page 20) Dr. Dobb's Journal - March 2008 - Conversations (Page 21) Dr. Dobb's Journal - March 2008 - Detecting Bugs in Safety-Critical Code (Page 22) Dr. Dobb's Journal - March 2008 - Detecting Bugs in Safety-Critical Code (Page 23) Dr. Dobb's Journal - March 2008 - Detecting Bugs in Safety-Critical Code (Page 24) Dr. Dobb's Journal - March 2008 - Detecting Bugs in Safety-Critical Code (Page 25) Dr. Dobb's Journal - March 2008 - Detecting Bugs in Safety-Critical Code (Page 26) Dr. Dobb's Journal - March 2008 - Detecting Bugs in Safety-Critical Code (Page 27) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 28) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 29) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 30) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 31) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 32) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 33) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 34) Dr. Dobb's Journal - March 2008 - Change Code Without Fear (Page 35) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 36) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 37) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 38) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 39) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 40) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 41) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 42) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 43) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 44) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 45) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 46) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 47) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 48) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 49) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 50) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 51) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 52) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 53) Dr. Dobb's Journal - March 2008 - Continuous Integration and Performance Testing (Page 54) Dr. Dobb's Journal - March 2008 - Wt: A Web Toolkit (Page 55) Dr. Dobb's Journal - March 2008 - Wt: A Web Toolkit (Page 56) Dr. Dobb's Journal - March 2008 - Wt: A Web Toolkit (Page 57) Dr. Dobb's Journal - March 2008 - Wt: A Web Toolkit (Page 58) Dr. Dobb's Journal - March 2008 - Wt: A Web Toolkit (Page 59) Dr. Dobb's Journal - March 2008 - Automating Release Notifications (Page 60) Dr. Dobb's Journal - March 2008 - Automating Release Notifications (Page 61) Dr. Dobb's Journal - March 2008 - Automating Release Notifications (Page 62) Dr. Dobb's Journal - March 2008 - Automating Release Notifications (Page 63) Dr. Dobb's Journal - March 2008 - Automating Release Notifications (Page 64) Dr. Dobb's Journal - March 2008 - The Agile Edge (Page 65) Dr. Dobb's Journal - March 2008 - The Agile Edge (Page 66) Dr. Dobb's Journal - March 2008 - The Agile Edge (Page 67) Dr. Dobb's Journal - March 2008 - Effective Concurrency (Page 68) Dr. Dobb's Journal - March 2008 - Effective Concurrency (Page 69) Dr. Dobb's Journal - March 2008 - Effective Concurrency (Page 70) Dr. Dobb's Journal - March 2008 - Effective Concurrency (Page 71) Dr. Dobb's Journal - March 2008 - Swaine’s Flames (Page 72) Dr. Dobb's Journal - March 2008 - Swaine’s Flames (Page Cover3) Dr. Dobb's Journal - March 2008 - Swaine’s Flames (Page Cover4)
For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.