Category list

Understanding Static Code Analysis

Static Code Analysis is a way of analyzing source code to look for flaws in the constructs and semantics of a computer program. Your application is broken down into several flow models that simulate execution within several paths. The technical details are outlined in the section entitled "How the C/C++ Code Analyzer Works."

Static analysis through Team System (or a third-party static code analyzer) can deliver the following benefits:

Correctness: Static code analysis checks for bad coding practices, thus improving the quality of your code.
Machine detection: Static code analysis will help you hone in on defects that would be hard to find using manual processes.
Automation: Static code analysis automates your testing process, enabling you to fix bugs , rather than spend your time doing extensive code reviews.

Code Analysis for C/C++ looks for specific categories of defects. You can easily use these categories to plan or model your tests. These defect categories (covered later in the chapter) can help you develop solid code review methodologies. For a complete list of warnings and errors, please refer to the C/C++ Code Analysis Warnings section in the MSDN Team System documentation.

How the C/C++ Code Analyzer Works

During the normal compilation of a C++ application, the compiler creates an internal representation of the program as objects. The linker then links these objects and converts them into executables ( .exe ) or Dynamic Link Libraries ( .dll ). Code Analysis for C/C++ intercepts the build process and attempts to run through every single execution path of your application, one function at a time. Each function is isolated; if defects are found, they are logged and displayed in the Error List within the Visual Studio 2005 IDE (more about this later).

The last three letters in the word "PREfast" stand for Abstract Structure Tree (AST). The compiler must convert your C++ into an AST to transform them into object files. ( .obj ). Figure 9-1 shows an example of a typical Abstract Syntax Tree. The algorithm represented in the tree is TOTAL = A+B*C/D.

image from book
Figure 9-1

An AST can be used for both code optimization and static analysis. The static code analyzer finds bugs by walking through and analyzing the AST using every execution path it can find. If during the inspection of the tree any rules are found to be violated, an error is raised. In the following simple example, the uninitVar variable is uninitialized. As a result, the Team System PREfast analysis tool returns a C6001 warning "using uninitialized memory <variable>":

if (NULL != parameter) { uninitVar = myFunction(parameter); } return uninitVar;

Figure 9-2 shows how this code looks represented as an AST structure. You can see precisely where the rule was violated and where PREfast throws a warning or error.

image from book
Figure 9-2

Visual Studio 2005 Integration

The incorporation of Code Analysis for C/C++ in Team System is a significant development. Until a few years ago, this feature was only available internally at Microsoft. Now, any C++ developer can benefit from the features of integrated static code analysis for maintaining better and more secure code.

Enabling and disabling C/C++ Code Analysis

Much of the work you will be doing with the C/C++ code analyzer will be within the Visual Studio 2005 test environment. You can access most of the Test windows by selecting Test Windows from the main menu. To enable Code Analysis for C/C++, right-click on your C++ project in the Solutions Explorer and select Properties.

The project Property Pages window is shown in Figure 9-3.

Expand the Configuration Properties node.
Expand the Code Analysis node, and then click General.
Under the Enable Code Analysis for C/C++ Option, select Yes (/analyze).

image from book
Figure 9-3

You can also enable Code Analysis for C/C++ another way:

Right-click on your C/C++ project in the Solutions Explorer and select Properties.
Expand the Configuration Properties node.
Expand the C/C++ node.
Select Advanced.
Set Enable Code Analysis for C/C++ to Yes (/analyze), as shown in Figure 9-4.

Figure 9-4

To disable C/C++ Code Analysis, set any of the above options to No, rather than Yes (/analyze).

Note

Even though there are two ways of enabling C/C++ Code Analysis, you can enable or disable it in one spot, and it will automatically appear enabled or disabled in the other.

Setting warning levels in Visual Studio 2005

You can set warning level options using the Configuration Properties section of the Property Pages window. Follow these steps to change the warning levels from within the Visual Studio 2005 IDE:

Right-click on your C++ project and select Properties.
Expand Configuration Properties, then C/C++, and then General.

Using this window, you can set several options, including the following: Warning Level (/W<n>), Detect 64-bit Portability Issues (/Wp64), and Treat Warnings as Errors (/WX). The C/C++ General options are shown in Figure 9-5.

image from book
Figure 9-5

Note

You can also programmatically set warning levels using #pragma directives and as options when you compile your code with the command-line compiler. Both scenarios are covered in detail later in the chapter.

Viewing code analysis warnings and errors

From this point on, if you compile or build the project, all C/C++ code analysis– related warnings and errors will be logged and displayed on the Error List. Figure 9-6 shows how the warnings are represented in the Error List window.

image from book
Figure 9-6

One of the killer features from the integration of Code Analysis for C/C++ is code highlighting. If you click on any of the warnings, Visual Studio will automatically highlight in yellow the "defect path " (in other words, all the spots in your code) where errors may have occurred. As you can imagine, this greatly facilitates the debugging process.

Buy on amazon.com >>

David J. L., Loton T., Gunvaldson E.

<< Previous page

Table of contents

Next page >>

Flylib.com

Category list

Similar pages

Understanding Static Code Analysis