Rutul Dave, Coverity
EETimes (10/28/2011 1:57 AM EDT)
Static analysis finds the bugs, even if you're working under an Agile development process. Here's when and where to use static analysis.
It's close to midnight and after hours of debugging you've finally identified the root cause of a defect. It's a nasty null pointer dereference that gets triggered after various conditional checks, and it's buried deep inside a code component that has not been touched in a while. The challenges of debugging pale in comparison with the fact that you still have a long road ahead in checking whether the bug exists in three other branches, merging the fix, and then unit testing the changes in all four branches to make sure you didn't break anything else, especially when you changed something in the legacy code component. Think about how many times you might have been in a similar situation right before code freeze for a major release or the night before a hot-fix is scheduled to go out?
Static analysis can help you avoid some of the late nights. In this article, I discuss the advantages of static analysis for finding and fixing the most common coding defects, the Agile programming techniques used in modern static analysis to identify precise defects that lead to actual crashes, and the technologies that enhance the analysis results, beyond just a list of defects, by providing valuable information such as where the defect exists in the different branches of code.
Click here to read more ...