When it comes to ensuring software quality, reliability, and security in today's sophisticated code bases, traditional debugging and testing methods simply fall short. Automated tools such as static source code analyzers are more effective in finding defects that could result in buffer overflows, resource leaks, and other security and reliability issues. This class of defects are often not detected by compilers during standard builds, run-time testing, or typical field operation.
While other source code analyzers run as separate tools, DoubleCheck is an integrated static analyzer, built into the Green Hills C/C++ compiler. DoubleCheck leverages accurate and efficient analysis algorithms that have been tuned and field-proven in 30+ years of producing embedded development tools. DoubleCheck can be used as a single integrated tool to perform compilation and defect analysis in the same pass.
A typical compiler issues warnings and errors for some basic potential code problems, such as violations of the language standard or use of implementation-defined constructs. In contrast, DoubleCheck performs a full program analysis, finding bugs caused by complex interactions between pieces of code that may not even be in the same source file.
DoubleCheck determines potential execution paths through code, including paths into and across subroutine calls, and how the values of program objects (such as standalone variables or fields within aggregates) could change across these paths.
DoubleCheck looks for many types of flaws, including:
- Potential NULL pointer dereferences
- Access beyond an allocated area (also known as buffer overflow)
- Potential writes to read-only memory
- Reads of potentially uninitialized objects
- Resource leaks (e.g. memory leaks and file descriptor leaks)
- Use of memory that has already been deallocated
- Out of scope memory usage (e.g. returning the address of an automatic variable from a subroutine)
- Failure to set a return value from a subroutine
- Buffer and array underflows
Simply set an option and DoubleCheck reviews source code each time it's compiled. DoubleCheck runs much faster than traditional static analysis tools, so developers can have it on all the time.
The analyzer understands the behavior of many standard runtime library functions. For example it knows that subroutines like free should be passed pointers to memory allocated by subroutines like malloc. The analyzer uses this information to detect errors in code that calls or uses the result of a call to these functions.
Many software development organizations employ an internal coding standard which governs programming practices to help ensure quality, maintainability, and reliability. DoubleCheck can automate the enforcement of these coding standards.
For example, DoubleCheck has a Green Hills Mode that adds a range of sensible quality controls to its bug-finding mission, including several MISRA compliance checks, enforcement of optional but important language standards, and more.
Metric computations and enforcement of other coding rules do not incur significant overhead since DoubleCheck is already traversing the code tree to find bugs. DoubleCheck can be configured to generate a build error that highlights problem code to keep developers from accidentally submitting software that violates the coding rule. Using DoubleCheck as an automated software quality control saves the time and frustration typically associated with peer reviews.
DoubleCheck is capable of emitting errors as part of the build process as well as generating an intuitive set of web pages, powered by an integrated web server. Users can browse high level summaries of the different flaws found by the analyzer and then click on hyperlinks to investigate specific problems. Within a specific problem display, DoubleCheck highlights the errors with the surrounding code, making it easy to understand. Function names and other objects are hyperlinked for convenient browsing of the source code. Since the web pages are running under a web server, the results can easily be shared and browsed by any member of the development team.
Higher-performance code analysis
Unlike other analyzers used sporadically as testing tools, DoubleCheck is fast enough to be used by all developers, all the time. DoubleCheck executes five times faster than other commercial analyzers. This advantage increases to a factor of 20 or more when DoubleCheck's distributed build engine is used to automatically parallelize the analysis across available workstation resources on the developers' network.
Additionally, DoubleCheck uses sophisticated subroutine-level dependency checking. With other analyzers, a simple change to a single source file results in a lengthy re-analysis. With DoubleCheck, analysis time is limited to parts of the code base affected by the edit, enusing that DoubleCheck can be used throughout the development cycle.
Errors found by DoubleCheck are displayed inline with the surrounding code, making them easy to understand.
Click here for a larger view.
Resolve problems sooner
DoubleCheck reduces development cost by enabling engineers to detect and resolve problems more efficiently and earlier in the development cycle. By reducing development time, products reach market faster and stay in market longer, translating into higher sales and profits. By increasing product quality, DoubleCheck reduces post-sales costs such as product failures, recalls, and in-field maintenance. Furthermore, increased quality improves market positioning and reputation, enabling organizations to command higher prices which filter directly to the bottom line.
Many studies have attempted to estimate the cost to produce and deliver software to market. The findings have ranged from from $1000 per line of code for government aerospace projects to cost $33 per line of commercial Linux code. Other studies that estimate how development time is spent concur that more than half of software development time is spent debugging—identifying and correcting software defects.
Most development teams would agree that the cost of identifying and correcting defects grows dramatically as the development cycle progresses. Some studies have shown that the time to fix a bug grows from an average of 2-3 hours during the coding phase to 16-18 hours to uncover defects during post-integration quality assurance testing.
When a defect is identified using static analysis, the most expensive part of defect resolution—tracking down the bug—is reduced to a negligible amount: the tool automatically locates defects and elucidates the offending code sequence leading to the failure. As software grows in complexity, integrated static analyzers represent a powerful and cost-effective tool to help manage and control that complexity.
Studies have shown that the cost of identifying and correcting problems in code grows dramatically as the development cycle progresses—from 2-3 hours during development to 16-18 hours during quality assurance testing.