|
|
|
|||||
|
|
|
|
|
|
|
|
|
|||||||
 |
|
|
|
|
||
|
> FAQs
|
||||||
| What is static error detection? Before programs are run, static error detection mathematically analyzes every line of source code to find programming errors that would result in crashes or meaningless results due to a coding error. How is that different from what is often called static analysis or style checking? Static analysis is the process of evaluating a software system or component based on its form, structure, content, or documentation. How does SofCheck Inspector work? SofCheck Inspector technology goes well beyond the
normal type checking provided by some programming languages, and scales
better than alternative static error detection approaches such as program
verification or model checking. SofCheck Inspector is designed to support
large, multi-language systems and to detect a wide range of programming
errors such as misuse of pointers, array index out of bounds (buffer overruns,
a recognized source of security breaches), numeric overflows, numeric
wraparounds, dimensional unit mismatch, storage leaks, and improper use
of Application Programming Interfaces (APIs). Doesn’t a compiler do that? Compilers perform similar functions but they can
not: What components does SofCheck Inspector identify? SofCheck Inspector considers every callable unit (function, procedure, or method) as a component. Generally, it identifies every variable modified by each component, every variable that is read only, and every newly allocated object. For each component, the Inspector generates pre-conditions that must hold true to avoid runtime failures, and post-conditions that are guaranteed to hold when the component is called. SofCheck Inspector generates an annotated code listing on a per-source-file basis, containing the above characterization of each component. Does SofCheck Inspector work on existing code? Yes. SofCheck Inspector automatically generates annotations when none are available, and finds runtime bugs in legacy code. Does the Inspector work on component modules that are not yet integrated with the entire system? Yes. The Inspector can be run on any component, even if the component is not yet integrated into a finished system. How fast does SofCheck Inspector run? Since static analysis can be time consuming, SofCheck Inspector has a number of performance enhancements built in. Typically, SofCheck Inspector averages about 1000 lines per minute, more or less depending on CPU speed, amount of RAM, and complexity of code. What do you mean by full path coverage — isn’t that a large number of permutations? Actually, many programs have an infinite number of control-flow paths. SofCheck Inspector analyzes infinite sets of control-flow paths with finite resources by performing an iterative, mathematical closure operation over the flow graph until the results stabilize. Does the Inspector identify unreachable code? The Inspector identifies unreachable code within a procedure—including uncalled procedures—which might not be appropriate when analyzing a library or subsystem, as opposed to a complete program. Does SofCheck Inspector replace my existing testing tools? SofCheck Inspector is a flexible, complementary tool that seamlessly integrates with your existing test environment and testing strategy. What languages does the SofCheck Inspector inspect? The present version of SofCheck Inspector works with Java and Ada. Future versions will work with C, C++, and C#.
|
||||||
|