Download - Tech Days 2015: Static Analysis CodePeer
Static Analysis with CodePeer
Arnaud CharletOctober 1st 2015
What is Static Analysis?• Basic Static Analysis: coding standard checking, metrics, compiler
warnings and style checks
• Advanced Static Analysis: symbolic execution/interpretation of source code, whole program analysis to perform software verification
• Formal Verification: verify high level or abstract properties on your application, give strong guarantees
Why Use Static Analysis?• Make software more reliable at reasonable cost
– Full coverage of your code (detect corner cases)
– No missing check when needed (no “false negatives”)
• Anticipate problems (get results before testing)
• Automate part of code review
• Express and verify your requirements and architecture
CodePeer Overview• Advanced static analysis tool for Ada
– Includes also basic static analysis (gnatcheck, gnatmetric)
• Detects runtime and logic errors
– Buffer overflow, division by zero, dead code, …
• Analyzes complete or partial programs (e.g. libraries)
– Supports all versions of Ada
– Supports most Ada compilers and targets
– Can tune level of analysis and accuracy
CodePeer Overview• Generates human readable annotations
• Support for IEEE 754 floating point semantics
• Integrated in GPS, GNATbench and third party tools
• Uses project files (.gpr)
• Comes with an HTML server
A Qualifiable ToolDO178C (Avionics)• Automate part of DO178C 6.3.4.f - determine the correctness and
consistency of the Source Code• Qualified as a verification tool (TQL 5 in DO178C)• Generation of a detailed report file (date of run, switches,
messages, limitations, …)
EN50128 (Railway)• Qualified as a tool class T2• Used for boundary value analysis, control flow and data flow
analysis
CodePeer Use Cases1. Early testing: detect errors earlier on code modifications/new
code
2. Find bugs (on existing code)
3. Impact analysis (before making a change)
4. Code review: help focusing on potential problems/complex code
5. Check consistent use of (third party) libraries:Detect inconsistencies between assumptions in callee and caller
6. Identify race conditions7. Provide evidence for program verification
CodePeer 3.1• Integration with Jenkins - Continuous Builder• Integration with Sonar, Squore - Dashboards• CWE compatibility – Security Analysis• Detection of dangling references• Static Debugger• Incremental (re)analysis
Integration with Jenkins
Integration with Jenkins
Integration with Dashboards
Integration with Dashboards
CWE - Security Analysis• cwe.mitre.org• Filters on 36 detected
CWE ids
Detection of Dangling References• Detect use after free
with Unchecked_Deallocation;
procedure Dangling is type Ref is access Integer; procedure Free_Int is new Unchecked_Deallocation (Integer, Ref); Ptr1 : constant Ref := new Integer; Ptr2 : Ref := Ptr1;begin Free_Int (Ptr2); Ptr1.all := 123; -- high: validity check fails here: requires not Ptr1’Freedend;
Static DebuggerDisplay possible values of variables
Static DebuggerBacktrace capability on messages related to preconditions
Incremental Analysis• Ability to re-analyze only impacted files
On a 10K SLOC project, 75 files
Time to analyze from scratch: 75 files in 18 minutes
Time to re-analyze and update the database: 9 seconds
Modifying a few files and re-analyzing: 44 files in 2 minutes
• Ability to refine analysis (more precise on new runs)