Tag / Static Analysis

  • During my LinuxCon EU talk last year I briefly touched on the sparse semantic parser tool started by Linus Torvalds in 2003 (slide 7). While it might not be as powerful as other static analyzers I described, it still might be worthwhile to run on your code. Many distributions ship a sparse package already, which makes it easy to test. If not you might want to grab the latest tarball and build it yourself. Once you have sparse installed, running it on your code should be easy as it provides a build wrapper around the CC environment variable. If you do not have any special requirements for CC in your build setup you should be able to run sparse like this:

    Use Filters to Find What Matters Depending on your code, you might be overwhelmed by the amount of warnings and maybe errors sparse is producing. While you should […]

    Read More
  • This year at LinuxCon EU, I gave a talk titled Static Analysis of Your OSS Project with Coverity. In this talk, I briefly touched on using the Travis Continuous Integration system to submit builds to the Coverity Scan service (slide 22). This is an extremely easy way for GitHub projects to use static analysis, and I think it deserves some more detail. While I was setting it up for another project I’m working on, I collected some notes to provide a steb-by-step guide to enable it for a project you have on GitHub. The project I’ll be using as an example is wpan-tools, the user space tools for Linux IEEE 802.15.4 stack. It is written in C with autotools for the build system, and it has only a few dependencies, making it easy to understand this guide. The final goal is to automatically submit new builds to the Coverity Scan […]

    Read More