I’ve recently come across an EE Times article written by Coverity stressing the benefits of static analysis and how it can help finding potential issues in the code early. They mentioned 3 static analysis techniques: Dataflow analysis This technique can find the defect in the listing below during compile time.
If value of x passed into the function is not zero, p is assigned a null pointer with p=0. Then, the next conditional check (x!=0) takes a true branch and in the next line p is dereferenced, leading to a null pointer dereference. This type of issue can be detected at compiled time with dataflow analysis. Interprocedural analysis This technique can find defects across function and method boundaries. See listing below:
structS *s=(structS *)zero_alloc(sizeof(*s));
There are 3 functions: example_leak, create_S and zero_alloc. Interprocedural analysis can go through the code and identify the memory leak. The analysis engine has to trace the execution to understand that memory is allocated in zero_alloc, initialized […]
The Low Level Virtual Machine (LLVM) is a compiler and toolchain infrastructure, written in C++, designed for compile-time, link-time, run-time, and “idle-time” optimization of programs written in arbitrary programming languages. Originally implemented for C/C++, LLVM is now used with a variety programming languages such as Python, Ruby and may others. Code in the LLVM project is licensed under the “UIUC” BSD-Style license. LLVM can be used to replace and/or supplement the GNU tools such as gcc, g++, gdb, etc… LLVM now consists of a number of different sub-projects including: The LLVM Core libraries provide a source- and target-independent optimizer, along with code generation support for many popular CPUs. These libraries are built around a well specified code representation known as the LLVM intermediate representation (“LLVM IR”). The LLVM Core libraries are well documented, and it is particularly easy to invent your own language (or port an existing compiler) to use LLVM as an optimizer and code generator. Clang is a […]
Boost provides free peer-reviewed portable C++ source libraries. Ten Boost libraries are already included in the C++ Standards Committee’s Library Technical Report and will be in the new C++11 Standard. The Boost C++ libraries are already included in popular Linux and Unix distributions such as Fedora, Debian, Ubuntu and NetBSD and are used by projects such as Python, Xibo, Civilization IV, etc.. Here are the steps to cross-compile Boost C++ libraries for arm using arm-linux-guneabi-g++: Download the source code:
This was tested in Ubuntu 11.04 (natty) and 10.04 LTS with linaro g++ toolchain. Jean-Luc Aufranc (CNXSoft)Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write […]
Thomas Honold wrote an article published on EETimes giving 17 steps to safer C code. Not only this article provides tips to write safer C code, but I believe those steps are simply best practices when writing C code for embedded systems as they shorten the software life cycle by making it easier for a software team to write, debug and maintain code and by improving the software QA procedure. Here’s a summary of the 17 steps to achieve safer C code: Follow the rules you’ve read a hundred times: Initialize variables before use. Do not ignore compiler warnings. Check return values. Use enums as error types. Define an ENUM_MAX value at the end, so that the code to check the range does not have to be modified each time you add a new error code. Expect to fail Always assume there will be an error and set to default return value to error. Check input values: never trust a […]
“What programming language should I learn ?” is a question often asked by people new to software development. The answer is always “it depends”. But for embedded systems, it seems C language is a must as you can see in the chart below (Source: “The 2011 Embedded Market Study” by Embedded.com). For the 2011 survey, 1886 respondents from across the embedded industry answered that their embedded project was mostly programmed in C language (62%), followed by C++ (22%), assembler (5%) and Java (2%). The other languages were all under 1%. Jean-Luc Aufranc (CNXSoft)Jean-Luc started CNX Software in 2010 as a part-time endeavor, before quitting his job as a software engineering manager, and starting to write daily news, and reviews full time later in 2011. www.cnx-software.com
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.