Coverity

[Deutsch]

Coverity Prevent ™ C/C++: Enabling High-Quality C/C++ Software, Automatically

What Is It?

Coverity Prevent ™ is the market-leading automated approach to identify and resolve the most critical defects in C, C++ and Java source code. By providing a complete understanding of your build environment, source code, and development process, Prevent sets the standard in enabling high-quality software across organizations worldwide.

Prevent for C/C++ automatically analyzes large, complex C and C++ code bases and detects critical, must fix defects that could lead to system crashes, memory corruption, security vulnerabilities, unpredictable behaviour, and performance degradation.

Prevent features:

  • 100% path coverage: Prevent for C/C++ analyzes 100% of paths through your source code, ensuring that all possible execution branches are followed, while avoiding impossible paths to maintain fast execution.
  • Low false positive rate: Prevent for C/C++ maintains a very low false positive rate, ensuring that developers´ time spend inspecting defects will result in noticeable quality improvements.
  • Highly scalable: Prevent for C/C++ analyzes millions of lines of code in a matter of hours, easily integrating into your regular build process with little or no additional hardware and no disruption to your development process.

What Makes It Great?

Unlike other C/C++ analysis tools that focus on programming style and syntax-based checks, Prevent for C/C++ performs deep, interprocedural analysis to uncover the critical, must-fix defects that matter most to developers. Prevent for C/C++ leverages multiple analysis engines to uncover hard-to-find defects including:
  • Path Flow Engine understands the control flow through each function in your code base, allowing Prevent to analyze 100% of the paths through your code.
  • Statistical Engine tracks behavioral patterns throughout your entire code base, allowing Prevent to infer correct behavior based on previously observed behaviour.
  • Interprocedural Summary Engine enables Prevent to perform a whole program analysis of complex call chains at any depth across files and modules in a form that is most similar to the eventual executing Binary. This result in the highest-fidelity results available.
  • False Path Engine solves each branch condition to determine if it will be true, false, or unknown on the current path. This allows Prevent to efficiently remove obvious false positives from the set of defects reported.
Coverity Prevent Defect Manager   Coverity Prevent Defect Status
Prevent analysis results are committed to the central Defect Manager which provides automatic defect assignment and email notification whenever a new defect is detected.   Prevent provides graphical reports with up-to-date information on current and historical defect status, resulting in instant visibility into code quality.

 

Coverity Extend ™ C/C++: Customizing Static Analysis for C and C++

Coverity Extend is an easy to use Software Developoment Kit (SDK) that allows developers to detect unique defects types in C and C++ code.
Coverity Extend comes with all the out-of-the-box checkers in Coverity Prevent and leverages the Coverity Analysis Engine.

Coverity Extend is used for:

  • Finding custom or domain specitic defects unique to your code
  • Complying with company or industry standards such as MISRA
  • Automating parts of the manual code review
To use Coverity Extend, developers utilize the simple but powerful SDK to write checkers in C++. Next, Coverity Extend analyzes the code to pinpoint the developer-defined defects. All the discovered defects are consolidated in the Coverity Prevent ™ code browser alongside standard defects. All the extensions build by developers are stored in a Custom Checker Library so developers can build, execute and store an unlimited number of checkers.

How Does it Work?

Writing Coverity Extend checks only requires C++ programming skills. Once developers compose an extension, it hooks into the Coverity Analysis Engine which executes the checks across the entire code base.

Building an Extend check involves a three-step process:

  • Define a rule The developer begins the process of creating a check by defining a sequence of source code actions along a code path that could trigger a defect. To simplify the process for the developer, Coverity Extend provides a very simple library of macros and templates to perform highly complex analysis functions via the Coverity analysis engine.
  • Specify pattern matches The developer then specifies a pattern to match against the line and artifact in the source code. At the simplest level, matches can be textual based, such as a function name. However, very complex defects can be captured since nearly any type of pattern can be expressed as an Extend rule.
  • GUI integration Coverity Extend provides a standard set of customizable routines for creating error messages and GUI integration.

Documents:

[PDF]  Coverity Prevent ™ (304 KB)
[PDF]  Coverity Extend™ (84 KB)

Coverity Home page
Coverity Mainpage		 Free trial Next
Next page

last updated: 13.01.2009

© 2008-2009 Coverity Inc., San Francisco
Coverity Prevent, coverity Extend, Coverity Architecture Analyzer for C/C++ and Coverity Architecture Analyzer for Java are products and trademarks of Coverity, San Francisco (USA)
all other trademarks of this site are the property of their respective owners.