-
I am Dave Jing Tian, an Assistant Professor in the Department of Computer Science at Purdue University working on system security. My research involves embedded systems, operating systems, and trusted computing. All opinions are my own.
Shoot me:
root@davejingtian.org Categories
Resource
Tags
- ABNF
- agile
- AI/ML
- Alcatel-Lucent
- android
- arp
- asn1c
- assembly
- bash
- ber
- bison
- BNF
- build
- C
- CentOS
- CIS122
- Coverity
- crypto
- csv
- cuda
- DCA
- ddclient
- debugfs
- DH
- Diffie-Hellman
- drd
- drig
- elixir
- fedora
- fedup
- flex
- fsck
- gcc
- gdb
- GFW
- git
- github
- gnome
- gprof
- gpu
- guitar
- gumstix
- helgrind
- intel
- itevad
- Java
- jmgsim
- JVM
- kenai
- kernel
- kill
- ksh
- kvm
- ld
- Linux
- list
- netbeans
- netlink
- nvidia
- OS
- overo
- Python
- relay
- security
- selinux
- sgx
- socket
- ssh
- Ubuntu
- UO
- USB
- valgrind
- x86
- x86_64
- yocto
Blog Stats
- 182,963 hits
-
All blogs on this website are licensed under a Creative Commons Attribution 4.0 International License.
Category Archives: Static Code Analysis
Valgrind – dynamic code analysis tool – part I – basic trial and hints
We are recently trying to find a tool providing the ability for concurrency issue detection. For this topic, generally, I believe in 3 steps: 1. CPR (capacity, performance, redundancy) testing, 2. Static code analysis, 3. Dynamic code analysis. CPR testing … Continue reading
A bad include in C – why static code analysis is needed for modern C/C++ projects
We have already had a long discussion and argument for ‘include’ mechanism in C/C++, no matter good or bad, and this is not my intention here. I am writing this post to show a confusing compiler error we have recently … Continue reading
Posted in Programming, Static Code Analysis, Stuff about Compiler
Tagged C/C++, SCA, splint
Leave a comment
cccmt – Coverity code complexity metrics tool
cccmt is used to parse the METRICS.errors.xml generated by cov-analyze of Coverity to produce a Code Complexity Metrics (CCM) report of different functions. SAX is used to parse XML file instead of DOM as the XML file may be very … Continue reading
Posted in Dave's Tools, Programming, Static Code Analysis
Tagged cccmt, ccm, Coverity, Java, netbeans, SAXParser, xml
Leave a comment
uninit member in destructor – Coverity UNINIT and UNINIT_CTOR checkers
Recently we encountered a serious bug like the code below – destructor function delete one member ptr, which was never init’d. At first, we were assuming checker UNINIT could help figure it out as we do not see any difference … Continue reading
Print unsigned long long – SegV in C
This post shows a potential bug in printing unsigned long long, which cost David, Leo and me a few days for debugging. One product got segv on cPSB lab – a platform based on MontaVista Linux and PowerPC CPU. Back … Continue reading
Posted in Programming, Static Code Analysis, Stuff about Compiler
Tagged Coverity, longlong, printf, segv
2 Comments
Uninit structure member – Uninit checking and static code analysis
A recent software bug caused a serious data damage in our customer’s side, which is using an uninit sturcture member. This post gives a practical comparison between kinds of static code analysis tools for this specific bug among popular commerical … Continue reading
Posted in Static Code Analysis
Tagged Coverity, cppcheck, gcc, Klocwork, splint, Static Code Analysis, uninit, uno
Leave a comment