HP UX Web Development Tools manual Introduction, Cadvise user interface, Features

Page 7

1 Introduction

HP Code Advisor (cadvise) is a static analysis tool for C and C++ programs. Cadvise reports various programming errors in the source code. This tool enables programmers to identify potential coding errors, porting issues, and security vulnerabilities. Cadvise leverages the advanced analysis capabilities of HP C and HP aC++ compilers available on the HP Integrity systems.

This chapter addresses the following topics:

•“Cadvise user interface” (page 7)

•“Features” (page 7)

1.1Cadvise user interface

You can use cadvise through the CLI. Also, you can use the HP Code Advisior GUI, which is part of the Eclipse Remote Development Plugin run remotely on MS-Windows x86 platforms. For more information, see http://www.hp.com/go/eclipse-remotedevplugin.

Cadvise takes C or C++source files as inputs for finding potential errors, security violations, and so on and then stores this information in a Program Database (PDB). The reporting utility helps you generate reports from the PDB in various formats, such as Text, XML, and HTML.

Figure 1 shows the HP Code Advisor components.

Figure 1 Cadvise Components (User Interfaces)

1.2 Features

This section discusses the following major features and benefits of cadvise:

•“Advanced static code analysis” (page 8)

•“Defect detection” (page 8)

•“Security vulnerability checks” (page 8)

•“Porting and migration” (page 8)

1.1 Cadvise user interface

7

Image 7

Contents HP Code Advisor C.02.20 User Guide Page Contents Contents Related information Document conventions and symbolsAbout this document Intended audienceCadvise-help@lists.hp.com HP encourages your commentsCadvise user interface FeaturesCadvise user interface Features Introduction$ cadvise cc -c hello.c Advanced static code analysis$ cadvise -pdb ./mypdb +wlint aCC hello.cpp Supported compilersGetting started Using CadviseSteps in using cadvise Supported platforms Installing CadviseInvoking Cadvise Integrating Cadvise with the makefiles and build process Using Cadvise as a wrapper around Compiler or LinkerFor information on PDB, see Using the Program Database PDB See the following makefile contentGenerating code complexity metrics Enabling different categories of diagnostic messagesExample 2 Sample wrapper script Objfile.metrics Example 3 Generating code complexity metricsGenerating code complexity metrics $ cat /tmp/example.c Example 4 Code complexity metrics+wcodeguide=rules-library Example 5 Writing a rule to enforce naming convention Source structure in the rules libraryUsing the Program Database PDB Disabling locks in PDB operations PDB options tableSpecifying the PDB location Deleting PDBExample 9 Creating a PDB snapshot Creating a PDB snapshot at a specified locationDisplaying PDB version Example 8 Removing object file information from the PDBUsage Using cross-file analysisCross-file analysis options Crossfile=auto Example 15 Specifying the location of object files Enabling warnings selectively Configuring diagnostic messagesDiagnostic configuration options table Suppressing warnings selectivelyDisabling warnings in a macro Interpreting selective warnings as errorsManaging warnings in a source file Cadvise report report-options logfile Generating reportsReport generation options table Cadvise report report-options -pdb pdbdir$cadvise report -summary -pdb testpdb -noheader Generating summary reportsGenerating file summary report Generating detailed report$ cadvise report -pdb testpdb -all To save reports, run the following commandGenerating Html report Example 23 Generating detailed reportExample 24 Generating an XML report Printing diagnostics with specific diagnostic numbersFollowing example shows the command to generate XML report Generating XML reportExample 26 Generating reports based on severity Suppressing diagnostics for specific filesGenerating reports based on severity $ cadvise report -pdb testpdb -diag$ cadvise report -pdb test.pdb -summary -include inflate.c Reporting diagnostics from specific filesReporting program complexity metrics $ cadvise report -pdb test.pdb -summary -exclude inflate.cExample 29 Reporting program complexity metrics Generating report for a module$ cadvise report -pdb gzip.pdb +metrics -include inflate.c $ cadvise report -pdb test.pdb -summary -module test1 Modifying the default severity level of a diagnosticSuppressing report header Generating PDB comparison report$ cadvise report -pdb tmp.pdb -basepdb tmp1.pdb -all Example 34 Generating detailed diff report with the header$ cadvise report -pdb tmp.pdb -basepdb tmp1.pdb -diag Example 35 Generating diff report for any particular warning$ cadvise -pdb pdb1 cc one.c two.c $ cadvise report -pdb tmp.pdb -basepdb tmp1.pdb -severity$ cadvise report -pdb new.pdb -basepdb old.pdb -all Report options fileExample 41 Report options file Example 42 Generating a report using -migration optionGenerate report for migration related warnings Generating consolidated report from multiple PDBs$ cadvise report -pdb 1.pdb2.pdb3.pdb4.pdb -all Recommended process for analyzing the diagnostic messagesGenerating PDB diffs with multiple PDBs Report options interoperability$ cadvise report -pdb test.pdb -summary -include a.cb.c Example 44 Reporting options interoperability$ cadvise report -pdb test.pdb -diag 2549 -exclude b.c Example 45 Ignoring the -includeoptionExample 47 Displaying the list of cadvise options Example 48 Using -noabortMiscellaneous driver options Help-h-HFollowing example shows the usage of -nobuildoption Example 49 Using -nobuild optionFollowing command creates the file cadvdir/foo.cad Example 51 Using -tee optionLine generates the following messages Example 52 Using +opts filename optionCategories of diagnostics table Categories of diagnostics with examplesDetecting generic programming errors Categories of diagnostics with examples Such cases, cadvise generates the following warning Example 53 Null pointer dereference checkSuch cases, cadvise generates the following warnings Example 54 Potential memory leak checkExample 56 Out of scope access Example 55 Out of bound accessExample 57 Use of pointer after free Such cases, cadvise generates the following errorExample 58 Allocator/deallocator mismatch Example 59 Signed bit field of length Detecting 32-bit to 64-bit migraton issuesDetecting endianness migration issues Example 60 Detecting 32-bit to 64-bit migraton issuesExample 61 Detecting endian dependent code fragments Detecting potential security vulnerabilitiesConsider the following code fragment This case, cadvise generates the following error Detecting multi-threaded programming issuesRunning cadvise generates the following error Example 63 Detecting multi-threaded programming issuesDetecting potential performance improvement opportunities Detecting potential performance improvement opportunities Fixing the warnings by source change AC++ standard conformance and compatibility changes Incompatibilities on PA-RISC based systemsIndex Symbols