HP UX Web Development Tools manual Example 55 Out of bound access, Example 56 Out of scope access

Page 49

Example 55 Out of bound access

When an array is referenced and the index is greater than the declared (or dynamically allocated) size, unexpected runtime behavior may occur. In such cases, cadvise flags it as potential array out of bound access violation. Such potential issues are flagged by cadvise, as shown in the following code:

int a[100]; int foo(int i)

{

if (i < 100) a[i] = 0;

else

a[i] = 20; // potential out of bound access return 0;

}

Cadvise detects out of bound accesses on both statically and dynamically allocated arrays.

In such cases, cadvise generates the following warning:

"oob.c", line 7, procedure foo: warning #20206-D: Out of bound access (In expression "&a[i]", array "a" [oob.c:1] (type: int [100]) has element range [0 .. 99], writing element range [100 .. ?].)

Example 56 Out of scope access

Cadvise flags out of scope access of variables in the application. Unexpected results may occur in the following cases:

When the local variable address is returned and dereferenced by the caller.

When the allocated memory is returned and dereferenced by the caller.

When an inner block scope variable is accessed indirectly in the enclosing scope. The Code Advisor flags such potential issues, as shown in the following code:

#include <stdio.h> int foo()

{

int *p;

{

int q; scanf("%d", &q); p = &q;

}

//out of scope reference to q return *p;

}

In such cases, cadvise generates the following warning:

"oos.c", line 20, procedure foo: warning #20203-D: Potential out of scope use of local variable q

8.2 Detecting generic programming errors 49

Page 48 Page 50
Image 49
Page 48 Page 50
Contents HP Code Advisor C.02.20 User Guide Page Contents Contents About this document Document conventions and symbolsIntended audience Related informationCadvise-help@lists.hp.com HP encourages your commentsCadvise user interface Features FeaturesIntroduction Cadvise user interface$ cadvise cc -c hello.c Advanced static code analysis$ cadvise -pdb ./mypdb +wlint aCC hello.cpp Supported compilersSteps in using cadvise Using CadviseSupported platforms Installing Cadvise Getting startedInvoking Cadvise For information on PDB, see Using the Program Database PDB Using Cadvise as a wrapper around Compiler or LinkerSee the following makefile content Integrating Cadvise with the makefiles and build processGenerating code complexity metrics Enabling different categories of diagnostic messagesExample 2 Sample wrapper script Objfile.metrics Example 3 Generating code complexity metricsGenerating code complexity metrics $ cat /tmp/example.c Example 4 Code complexity metrics+wcodeguide=rules-library Example 5 Writing a rule to enforce naming convention Source structure in the rules libraryUsing the Program Database PDB Specifying the PDB location PDB options tableDeleting PDB Disabling locks in PDB operationsDisplaying PDB version Creating a PDB snapshot at a specified locationExample 8 Removing object file information from the PDB Example 9 Creating a PDB snapshotUsage Using cross-file analysisCross-file analysis options Crossfile=auto Example 15 Specifying the location of object files Diagnostic configuration options table Configuring diagnostic messagesSuppressing warnings selectively Enabling warnings selectivelyDisabling warnings in a macro Interpreting selective warnings as errorsManaging warnings in a source file Report generation options table Generating reportsCadvise report report-options -pdb pdbdir Cadvise report report-options logfileGenerating file summary report Generating summary reportsGenerating detailed report $cadvise report -summary -pdb testpdb -noheaderGenerating Html report To save reports, run the following commandExample 23 Generating detailed report $ cadvise report -pdb testpdb -allFollowing example shows the command to generate XML report Printing diagnostics with specific diagnostic numbersGenerating XML report Example 24 Generating an XML reportGenerating reports based on severity Suppressing diagnostics for specific files$ cadvise report -pdb testpdb -diag Example 26 Generating reports based on severityReporting program complexity metrics Reporting diagnostics from specific files$ cadvise report -pdb test.pdb -summary -exclude inflate.c $ cadvise report -pdb test.pdb -summary -include inflate.cExample 29 Reporting program complexity metrics Generating report for a module$ cadvise report -pdb gzip.pdb +metrics -include inflate.c Suppressing report header Modifying the default severity level of a diagnosticGenerating PDB comparison report $ cadvise report -pdb test.pdb -summary -module test1$ cadvise report -pdb tmp.pdb -basepdb tmp1.pdb -all Example 34 Generating detailed diff report with the header$ cadvise report -pdb tmp.pdb -basepdb tmp1.pdb -diag Example 35 Generating diff report for any particular warning$ cadvise -pdb pdb1 cc one.c two.c $ cadvise report -pdb tmp.pdb -basepdb tmp1.pdb -severity$ cadvise report -pdb new.pdb -basepdb old.pdb -all Report options fileGenerate report for migration related warnings Example 42 Generating a report using -migration optionGenerating consolidated report from multiple PDBs Example 41 Report options fileGenerating PDB diffs with multiple PDBs Recommended process for analyzing the diagnostic messagesReport options interoperability $ cadvise report -pdb 1.pdb2.pdb3.pdb4.pdb -all$ cadvise report -pdb test.pdb -diag 2549 -exclude b.c Example 44 Reporting options interoperabilityExample 45 Ignoring the -includeoption $ cadvise report -pdb test.pdb -summary -include a.cb.cMiscellaneous driver options Example 48 Using -noabortHelp-h-H Example 47 Displaying the list of cadvise optionsFollowing command creates the file cadvdir/foo.cad Example 49 Using -nobuild optionExample 51 Using -tee option Following example shows the usage of -nobuildoptionLine generates the following messages Example 52 Using +opts filename optionCategories of diagnostics table Categories of diagnostics with examplesDetecting generic programming errors Categories of diagnostics with examples Such cases, cadvise generates the following warning Example 53 Null pointer dereference checkSuch cases, cadvise generates the following warnings Example 54 Potential memory leak checkExample 56 Out of scope access Example 55 Out of bound accessExample 57 Use of pointer after free Such cases, cadvise generates the following errorExample 58 Allocator/deallocator mismatch Detecting endianness migration issues Detecting 32-bit to 64-bit migraton issuesExample 60 Detecting 32-bit to 64-bit migraton issues Example 59 Signed bit field of lengthExample 61 Detecting endian dependent code fragments Detecting potential security vulnerabilitiesConsider the following code fragment This case, cadvise generates the following error Detecting multi-threaded programming issuesRunning cadvise generates the following error Example 63 Detecting multi-threaded programming issuesDetecting potential performance improvement opportunities Detecting potential performance improvement opportunities Fixing the warnings by source change AC++ standard conformance and compatibility changes Incompatibilities on PA-RISC based systemsIndex Symbols
Top Page Image Contents