It seems that the static analyser for use with the .NET 4.0 Code Contracts is only going to be available for Team Suite editions of Visual Studio - this puts it well outside the budget for my team. Are there any alternatives (open source, free or reasonably priced) which offer similar static analysis for design by contract style code (n...
I'm in a situation where I'm required to make at least some effort to remove never-used code from my source code. The general preference is to use a static code analysis tool. We've had great luck with this in other projects, but the folks I hear from are mostly C/C++ developers working on device level code. I'm a web developer work...
I am looking to write a static analyser for a university class. To provide more power for the tool I would like to be able to look up the call hierarchy (as Ctrl+Alt+H does in Eclipse). This would also have to be a fast operation, so the lookup would probably have to be done against an index rather than bytecode scanning. However, writi...
In Visual Studio 2008 Team System, I just ran Code Analysis (from the Analyze menu) on one of my C# projects. One of the warnings produced was the following: Microsoft.Design : Because field 'Connection._domain' is visible outside of its declaring type, change its accessibility to private and add a property, with the same accessibil...
I have an abstract class that implements IDisposable, like so: public abstract class ConnectionAccessor : IDisposable { public abstract void Dispose(); } In Visual Studio 2008 Team System, I ran Code Analysis on my project and one of the warnings that came up was the following: Microsoft.Design : Modify 'ConnectionAccessor.Dis...
I want to write a semantic patch for coccinelle, so that it will add if (ptr == NULL) ... checks after calls to malloc where they are missing. Let's say I have the following input source code: #include <stdio.h> #include <stdlib.h> #include <string.h> // memory leaks ignored static void OK_simple(void) { char *ptr; ptr = malloc(100...
In multi-threaded embedded software (written in C or C++), a thread must be given enough stack space in order to allow it to complete its operations without overflowing. Correct sizing of the stack is critical in some real-time embedded environments, because (at least in some systems I've worked with), the operating system will NOT dete...
I have been trying out Splint with a C program I recently wrote and trying to understand and remove the warnings it gives. One I understand but can't understand how to remove it comes from the following code snippet: static MyType_t *findById(const int id) { int i; for (i = 0; i < MY_ARR_SIZE; i++) { if (my_arr[i].i...
A developing consensus among the iPhone developer community is that Apple has recently started using a static code analysis tool to detect use of undocumented API calls. Just for the sake of the argument, I wonder if it would be possible to work around this tool by generating the invocation at runtime like this: NSString *const aMethod...
Does anyone have experience with Sparse? I seem unable to find any documentation, so the warnings and errors it produces are unclear to me. I tried checking the mailing list and man page but there really isn't much in either. For instance, I use INT_MAX in one of my files. This generates an error (undefined identifier) even though I #in...
Can impact analysis be done in Eclipse? If there are a few classes and methods that need to be changed, finding the impact of that change on rest of the application code (other classes and methods) The core issue is when there is code apart from core java that is XML, JSP, framework code etc ...
I'm working in a Linux environment with C++, using the GCC compiler. I'm currently working on modifying and upgrading a large pre-existing body of code. As part of this, it has been necessary to add quite a large number of small references throughout the code in a variety of places to link things together, and also to add in several new...
Does anyone know if Lua has been certified to run on an airframe or road vehicle? Certification processes such as DO178B (RTCA) or standardization such as ISO 26262 (Road vehicles). Certification is like case law and I would feel more confident evaluating the language knowing that another company has successfully made it through a proce...
Assume a table definition in SQL Server as follows: CREATE TABLE MyTable ( Id UNIQUEIDENTIFIER NULL, Info VARCHAR(MAX) ) And a query: DECLARE @id UNIQUEIDENTIFIER DECLARE @info VARCHAR(MAX) IF @id IS NOT NULL BEGIN SELECT @info = Info FROM MyTable WHERE Id = @id END In that case, the Visual Studio static code analyz...
A customer recently performed static analysis of my employer's C codebase and gave us the results. Among useful patches was the request to change the famous do { ... } while(0) macro to do { ... } while(0,0). I understand what their patch is doing (using the sequence operator to return evaluate to the value of the second "0", so the effe...
Hi friends I am new in Hudson. I would like to execute a 'sourcecodeanalyzer' command in Hudson as Post-build Actions to generate an html report. Please let me know is this at all possible, if yes let me know the Hudson configuration steps to execute the command. Your earliest response in this regard will be extremely helpful. Thanks ...
Need to know about static tool analysis options via Eclipse plug-ins for Java code with framework especially for Struts, Spring and Hibernate. The purpose is primarily analysis (and not Quality metrics) of references (similar to References option in Eclipse). The task to accomplis is impact analysis for applications with a lot of framewo...
If VS2010 is installed alongside VS2008, is there a way to incorporate VS2010 static code analysis within projects being developed in VS2008? We would like to use the additional code analysis rules that ship with VS2010. I'm on a project where we have a primary solution developed with VS2010 and a satellite .NET Compact Framework soluti...
hi all... i have a while,if,elseif statements in a file with multipe conditions inside it... it is a C language...the format is mentioned below is standard for all the multiple conditions.So no worries about the indendation.The only problem is to check how many conditions are there and list as per output format that i have descr...
I was just wondering if anyone is using Coverity or Coverity 5 with .net development and if yes what your feelings are about it. ...