Better Software - July/August 2008 - (Page 39)

routine does not return to the calling code, an ASA-reported error of “not checking the error flag” after the error routine returns would be superfluous. Many ASA tools have the ability to be trained to ignore these types of implementation-specific errors. ASA tools can also be used by developers in the unittesting phase of a project. Some ASA tools can be seamlessly added as a tool bar of integrated development environments (IDEs) such as Eclipse and IBM Rational Application Developer. At the time of this writing, there were seventeen open source ASA tools (primarily lint types) and thirty-eight commercial ASA tools listed on wikipedia.org. The ASA tool used in our case studies classifies defects in four major categories: • Defects • Header file problems • Low-level interface problems • Security vulnerabilities At the time of the case studies, the tool was capable of detecting more than fifty-two defect types from coding style, memory management, and null pointer dereferences to weak cryptography and access problems. Depending on the application, some defect types will be more critical than others. The ASA tool Klocwork provides a mechanism for tailoring the defect types detected at build time. In fact, Klocwork also provides an application-programming interface that allows an organization to create highly customized code checkers. The case studies presented here focus only on the defect checkers that are shipped with the tool and should be adequate for the vast majority of applications. The types of defects detected are: • Coding style • Concurrency • Memory-management problems • Null pointer dereference • Use of uninitialized data There are eleven sub-types of defects found under coding style: • Assignment in condition • Inappropriate iterator usage • Inconsistent use of types • Invalid pointer arithmetic • Loss of data Memory Leak (mlk.must) 1 2 3 4 5 6 7 8 9 10 class A { void foo(); }; void A::foo() { int *ptr = new int; *ptr = 25; ptr = new int; *ptr = 35; } Klocwork produces a defect report like the following: mlk.must.cc:8:Error:Memory leak. Dynamic memory stored in ‘ptr’ allocated through function ‘new’ at line 6 is lost at line 8 mlk.must.cc:10:Error:Memory leak. Dynamic memory stored in ‘ptr’ Figure 1 Memory Leak (mlk.might) 1 2 3 4 5 6 7 8 void foobar(int i) { char *p = (char*)malloc(12); if(i) { p = NULL; } return; } Klocwork produces a defect report like the following: mlk.might.c:7:Error:Possible memory leak. Dynamic memory stored in ‘p’ Figure 2 • • • • • • Statement has no effect Suspicious semicolon Unreachable code Unused code Unused data Suspicious return values The types of header file problems detected are: • Cycle in include files • Missing include files • Unnecessary include files • Missing direct include files The types of low-level interface problems detected are: • Object defined in header and declared in header • External object defined in header • Static object defined in header • Duplicated header • File uses local declaration of object without using interface file • Usage of object without declaration There are seven sub-types of defects under memory management: • Attempt to use memory after free • Freeing mismatched memory • Freeing non-heap memory • Freeing unallocated memory • Inconsistent freeing of memory • Memory leak • Returning reference to local variable www.StickyMinds.com JULY/AUGUST 2008 BETTER SOFTWARE 39 http://wikipedia.org http://www.StickyMinds.com Table of Contents for the Digital Edition of Better Software - July/August 2008Better Software - July/August 2008ContentsMark Your CalendarContributorsTechnically SpeakingeLightenmentCode CraftTest ConnectionManagement ChroniclesHow To Fail with AgileA Galaxy of PatternsGive Your Defects Some StaticProduct Announcements10 Things You Might Not Know About …The Last WordAd IndexSQE STARWEST ConferenceBetter Software - July/August 2008Better Software - July/August 2008 - Better Software - July/August 2008 (Page Cover1)Better Software - July/August 2008 - Better Software - July/August 2008 (Page Cover2)Better Software - July/August 2008 - Better Software - July/August 2008 (Page 1)Better Software - July/August 2008 - Better Software - July/August 2008 (Page 2)Better Software - July/August 2008 - Contents (Page 3)Better Software - July/August 2008 - Mark Your Calendar (Page 4)Better Software - July/August 2008 - Mark Your Calendar (Page 5)Better Software - July/August 2008 - Contributors (Page 6)Better Software - July/August 2008 - Contributors (Page 7)Better Software - July/August 2008 - Contributors (Page 8)Better Software - July/August 2008 - Technically Speaking (Page 9)Better Software - July/August 2008 - Technically Speaking (Page 10)Better Software - July/August 2008 - Technically Speaking (Page 11)Better Software - July/August 2008 - eLightenment (Page 12)Better Software - July/August 2008 - eLightenment (Page 13)Better Software - July/August 2008 - eLightenment (Page 14)Better Software - July/August 2008 - eLightenment (Page 15)Better Software - July/August 2008 - Code Craft (Page 16)Better Software - July/August 2008 - Code Craft (Page 17)Better Software - July/August 2008 - Code Craft (Page 18)Better Software - July/August 2008 - Code Craft (Page 19)Better Software - July/August 2008 - Test Connection (Page 20)Better Software - July/August 2008 - Test Connection (Page 21)Better Software - July/August 2008 - Management Chronicles (Page 22)Better Software - July/August 2008 - Management Chronicles (Page 23)Better Software - July/August 2008 - How To Fail with Agile (Page 24)Better Software - July/August 2008 - How To Fail with Agile (Page 25)Better Software - July/August 2008 - How To Fail with Agile (Page 26)Better Software - July/August 2008 - How To Fail with Agile (Page 27)Better Software - July/August 2008 - How To Fail with Agile (Page 28)Better Software - July/August 2008 - How To Fail with Agile (Page 29)Better Software - July/August 2008 - A Galaxy of Patterns (Page 30)Better Software - July/August 2008 - A Galaxy of Patterns (Page 31)Better Software - July/August 2008 - A Galaxy of Patterns (Page 32)Better Software - July/August 2008 - A Galaxy of Patterns (Page 33)Better Software - July/August 2008 - A Galaxy of Patterns (Page 34)Better Software - July/August 2008 - A Galaxy of Patterns (Page 35)Better Software - July/August 2008 - Give Your Defects Some Static (Page 36)Better Software - July/August 2008 - Give Your Defects Some Static (Page 37)Better Software - July/August 2008 - Give Your Defects Some Static (Page 38)Better Software - July/August 2008 - Give Your Defects Some Static (Page 39)Better Software - July/August 2008 - Give Your Defects Some Static (Page 40)Better Software - July/August 2008 - Give Your Defects Some Static (Page 41)Better Software - July/August 2008 - Give Your Defects Some Static (Page 42)Better Software - July/August 2008 - Product Announcements (Page 43)Better Software - July/August 2008 - Product Announcements (Page 44)Better Software - July/August 2008 - Product Announcements (Page 45)Better Software - July/August 2008 - 10 Things You Might Not Know About … (Page 46)Better Software - July/August 2008 - The Last Word (Page 47)Better Software - July/August 2008 - Ad Index (Page 48)Better Software - July/August 2008 - Ad Index (Page Cover3)Better Software - July/August 2008 - Ad Index (Page Cover4)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW1)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW2)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW3)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW4)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW5)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW6)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW7)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW8)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW9)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW10)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW11)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW12)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW13)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW14)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW15)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW16)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW17)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW18)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW19)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW20)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW21)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW22)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW23)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW24)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW25)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW26)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW27)Better Software - July/August 2008 - SQE STARWEST Conference (Page SW28)http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_1109http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0909http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0709http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0509http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0409http://www.nxtbook.com/nxtbooks/sqe/bettersoftware_0309http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0109http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1208http://www.nxtbook.com/nxtbooks/sqe/stf_spring08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1108_v2http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1108http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1008http://www.nxtbook.com/nxtbooks/sqe/agile08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0908http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0708http://www.nxtbook.com/nxtbooks/sqe/sw08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0608http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0408http://www.nxtbook.com/nxtbooks/sqe/bettersoftware-confexpo08http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0308http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0108http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1207http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1107http://www.nxtbook.com/nxtbooks/sqe/bettersoftware1007http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0907http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0807http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0607http://www.nxtbook.com/nxtbooks/sqe/bettersoftware0507http://www.nxtbookMEDIA.com

For optimal viewing of this digital publication, please enable JavaScript and then refresh the page. If you would like to try to load the digital publication without using Flash Player detection, please click here.