Presentation is loading. Please wait.

Presentation is loading. Please wait.

Axel Naumann. Outline  Static Code Analysis  Coverity  Reporting Tools, Report Quality  "Demo": Examples 2010-01-20Axel Naumann Application Area Meeting2.

Published byDarleen Horton Modified over 9 years ago

Similar presentations

Presentation on theme: "Axel Naumann. Outline  Static Code Analysis  Coverity  Reporting Tools, Report Quality  "Demo": Examples 2010-01-20Axel Naumann Application Area Meeting2."— Presentation transcript:

1 Axel Naumann

2 Outline  Static Code Analysis  Coverity  Reporting Tools, Report Quality  "Demo": Examples 2010-01-20Axel Naumann Application Area Meeting2

3 2010-01-20Axel Naumann Application Area Meeting3

4 Relevance  US Dept Homeland Security contract for 150 Open Source tools  Consequence: 6000 bugs fixed "security hole in X Windows that allows any user with a login to gain root privileges" CNET: "Key bugs in core Linux code squashed" Samba: "errors found by Scan can save the reputation of a project" 2010-01-20Axel Naumann Application Area Meeting4

5 Static Code Analysis  Only looking at sources  Code does not run  "Replacement" for compiler  Reflects theoretically possible code path 2010-01-20Axel Naumann Application Area Meeting5 if (a) delete p;... if (x) p->call();

6 Static vs Dynamic Analysis  Dynamic closer to reality: all actual code paths  Static more thorough: all possible code paths  Major issues with static analysis: false positives ("noise") cannot distinguish relevant from hypothetical complex, time consuming analysis 2010-01-20Axel Naumann Application Area Meeting6

7 The Company Behind the Tool 2010-01-20Axel Naumann Application Area Meeting7

8 Coverity: Open Source Scans  Famous for their annual open source reports with static checker Prevent, e.g. Linux, FreeBSD, NetBSD Apache, Samba, Squid, Postfix MySQL, PostgreSQL Perl, Python, PHP, gcc OpenSSH, libjpeg, libtiff, pcre Firefox, Thunderbird 2010-01-20Axel Naumann Application Area Meeting8

9 Coverity: Commercial Clients  >900 customers  ARM, Philips, RIM, Samsung, UBS, Symbian, Palm, RSA, Yahoo, McAfee  Used to large (i.e. huge) software bases, n*10M LOC  Used to funny build systems 2010-01-20Axel Naumann Application Area Meeting9

10 Coverity as Company  Founded 2002  About 150 employees  Headquarters in San Francisco  European sales office (UK)  Engineers currently based in US 2010-01-20Axel Naumann Application Area Meeting10

11 First Contact  I want code quality for ROOT, CERN  They want increased visibility in Europe "Free check for you, press release for us"  Need more than Coverity's free open source support Responsiveness Customization "We want it, too": cernvm, ALICE, CMS,… 2010-01-20Axel Naumann Application Area Meeting11

12 Offer Waiting for written offer from Coverity; agreement:  Update code and re-run checker on their servers "for life", for free  Training: one engineer for one week upload code configure build run checker 2010-01-20Axel Naumann Application Area Meeting12

13 Visualization and Tracking Of Reports 2010-01-20Axel Naumann Application Area Meeting13

14 Reporting Tools  Web interface  Code hierarchy products ("ROOT") components ("Math", "CINT") files, functions, individual  Evolution over time  Used to assign, mark, comment defects  Customizable DB queries  Graphs 2010-01-20Axel Naumann Application Area Meeting14

15 Annotated Source  Reports embedded in actual source so you see what’s wrong (see demo)  Identifiers linked, to jump into call etc  enormous amount of data: each defect has its own source "view" 2010-01-20Axel Naumann Application Area Meeting15

16 Triage  Flag defects as pending / false / intentional / bug  Determine action fix / resolved / ignore  Assess severity  Assign to owner 2010-01-20Axel Naumann Application Area Meeting16

17 Report Quality  Thousands of reports for ROOT's 2MLOC  Of the handled defects, 35 times more true than false reports  Reason e.g.: scanner looks for context  Watch out: defects are painful! 2010-01-20Axel Naumann Application Area Meeting17 case kFunc: func(); // intentional fallthrough case kWhatever:...

18 Checkers  Checker analyze code for defect type uninitialized variables use after delete unused code array bounds stack size …  Documentation with each checker 2010-01-20Axel Naumann Application Area Meeting18

19 Checkers' Reach  C / C++ checkers bad free, infinite loop, return local, pass by value, missing break…  Security overflows (string, int), unchecked user input, time of check vs. time of use…  Concurrency atomicity, lock, sleep,… 2010-01-20Axel Naumann Application Area Meeting19

20 Examples  Historical Samba reports  Examples from ROOT 2010-01-20Axel Naumann Application Area Meeting20

Download ppt "Axel Naumann. Outline  Static Code Analysis  Coverity  Reporting Tools, Report Quality  "Demo": Examples 2010-01-20Axel Naumann Application Area Meeting2."

Similar presentations

Software Assurance Metrics and Tool Evaluation (SAMATE) Michael Kass National Institute of Standards and Technology

Software Assurance Metrics and Tool Evaluation (SAMATE) Michael Kass National Institute of Standards and Technology
Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.

Using Programmer-Written Compiler Extensions to Catch Security Holes Authors: Ken Ashcraft and Dawson Engler Presented by : Hong Chen CS590F 2/7/2007.
Dynamic Web Pages. Web Programming  All our web pages so far have been static pages. 1. We create a web page 2. We upload it to the web server 3. People.

Dynamic Web Pages. Web Programming  All our web pages so far have been static pages. 1. We create a web page 2. We upload it to the web server 3. People.
Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister, Engin Kirda, and Christopher Kruegel RAID ’08 1 Seoyeon Kang November.

Leveraging User Interactions for In-Depth Testing of Web Applications Sean McAllister, Engin Kirda, and Christopher Kruegel RAID ’08 1 Seoyeon Kang November.
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Server & Client  Client: Your computer  Server: Powerful & Expensive computer. Requires network access.

Server & Client  Client: Your computer  Server: Powerful & Expensive computer. Requires network access.
Personal Software Process Overview CIS 376 Bruce R. Maxim UM-Dearborn.

Personal Software Process Overview CIS 376 Bruce R. Maxim UM-Dearborn.
8/17/2015CS346 PHP1 Module 1 Introduction to PHP.

8/17/2015CS346 PHP1 Module 1 Introduction to PHP.
CSCI 5801: Software Engineering

CSCI 5801: Software Engineering
Open Source: It's Already Here Dave Cross Magnum Solutions Ltd

Open Source: It's Already Here Dave Cross Magnum Solutions Ltd
Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.

Web Application Access to Databases. Logistics Test 2: May 1 st (24 hours) Extra office hours: Friday 2:30 – 4:00 pm Tuesday May 5 th – you can review.
Cmpe 589 Spring 2008. Software Quality Metrics Product  product attributes –Size, complexity, design features, performance, quality level Process  Used.

Cmpe 589 Spring Software Quality Metrics Product  product attributes –Size, complexity, design features, performance, quality level Process  Used.
Open Source Software An Introduction. The Creation of Software l As you know, programmers create the software that we use l What you may not understand.

Open Source Software An Introduction. The Creation of Software l As you know, programmers create the software that we use l What you may not understand.
CS 501: Software Engineering Fall 1999 Lecture 16 Verification and Validation.

CS 501: Software Engineering Fall 1999 Lecture 16 Verification and Validation.
1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.

1 PHP and MySQL. 2 Topics  Querying Data with PHP  User-Driven Querying  Writing Data with PHP and MySQL PHP and MySQL.
15.1.2003Software Engineering 2003 Jyrki Nummenmaa 1 CASE Tools CASE = Computer-Aided Software Engineering A set of tools to (optimally) assist in each.

Software Engineering 2003 Jyrki Nummenmaa 1 CASE Tools CASE = Computer-Aided Software Engineering A set of tools to (optimally) assist in each.
University of Maryland Bug Driven Bug Finding Chadd Williams.

University of Maryland Bug Driven Bug Finding Chadd Williams.
Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory.

Development Strategies for Web Applications Jonathan Babbage National Superconducting Cyclotron Laboratory.
Project Tracking. Questions... Why should we track a project that is underway? What aspects of a project need tracking?

Project Tracking. Questions... Why should we track a project that is underway? What aspects of a project need tracking?
Natalia Yastrebova 02.08.2010. What is Coverity? Each developer should answer to some very simple, yet difficult to answer questions: How do I find new.

Natalia Yastrebova What is Coverity? Each developer should answer to some very simple, yet difficult to answer questions: How do I find new.

Similar presentations

Ads by Google