| Podcast profiles embedded Linux code analysis tools |
Sep. 14, 2007
TimeSys has published another episode in its series of free, half-hour podcasts about embedded Linux development. In the new edition, hosts Gene Sally and Maciej Halasz discuss half a dozen free code analysis tools, including both dynamic and static tools.
Dynamic tools examine code while it's running. The application under test is typically "instrumented" at link time, when special functions are substituted for standard C library calls. For instance, special versions of malloc and free in mpatrol can find memory leaks by discovering memory that is allocated but never freed, the co-hosts note.
They mainly discuss valgrind (pronounced "val grinned"), mpatrol, and electric fence, leaving out discussion of commercial alternatives. They seem to prefer valgrind, in part because it supports extension by user plugins. However, they note that mpatrol has the widest target support.
The penalty of dynamic testing is performance, however; Sally estimates that data generation overhead and processing overhead lead to performance as much as 100 percent slower. He said, "Some instrumentation is okay to leave in applications, but not code analysis instrumentation. It's better to leave home without it."
Next the team takes a look at static code analysis tools, focusing mainly on lint's GNU knock-off (Gnock-off?), "splint."
Not unlike a spell-checker or grammar parser, static code analysis tools work by searching source code for semantic errors -- improper memory handling, scope errors, stack-pointer errors, and array out-of-bounds issues are a few mentioned by the podcasters. Unlike a simple spell-checker, static code analysis tools generally create a "parse tree" first -- a process that can take as long or longer than actually compiling code.
The podcasters sensibly conclude that a mix of static and dynamic tools gives testing teams the best chance of doing their work effectively. Each type can provide code analysis that the other kind can't do.
Then, perhaps realizing they have a few more minutes of airtime remaining, the pair broach the topic of gprof, and the discussion returns once more to dynamic profiling. They note that gcc is rarely built without gprof, and thus adding the -g flag will produce a binary that generates voluminous data about "what line runs when, and how long it took," Sally said. Noting that TimeSys's Eclipse-based IDE integrates gprof, the pair opine that gprof is underutilized, in part due to ignorance of its existence, and in part due to ignorance of how to evaluate its output. "There's fantastic documentation at GNU.org," Sally said, "But you have to read the documentation."
After a brief discussion of uno, a kind of lightweight version of lint that ferrets out only uninitialized data, nil-pointer dereferencing, and out-of-bound array indexing, the pair hint that sparse could be the focus of next week's podcast. Sparse in a tool that's embedded in the kernel itself, and aims to offer static analysis of actual kernel source code.
As per usual, the latest podcast edition can be found here.
-- Henry Kingman
Related Stories:
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
Use of this site is governed by our Terms of
Service and Privacy Policy.
Except where otherwise specified, the contents of this site are copyright © 1999-2008
Ziff Davis Enterprise Holdings Inc. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is
prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.
news feed