Archive for the ‘Static Analysis’ Category

  • Parallel Lint

    on Jun 22, 09 • by Alen Zukich • with 2 Comments

    Interesting article on static analysis tools to help find concurrency issues.  These so called “Parallel Lint” tools are specific to finding these types of issues.  Overall there are some great discussions on certain tools, and it is always nice when Klocwork gets mentioned.  But my problem is with the categorization of these tools.  It always makes me feel sick every time someone puts Klocwork in the same category of “powerful static analysis” with JLint, C++Test, FXCop and my favorite PC-Lint. This article goes deeper into PC-Lint and what they are doing with deadlocks.  The author

    Read More »
  • False positives in modern static analyzers

    on May 22, 09 • by Alen Zukich • with 1 Comment

    In response to Jason’s post about false positives.  First of all there is a general misconception of false positives.  Modern static source code analysis tools have changed the game.  It is not the Lint tool of the past, a focus with deep inter-procedural technology has placed the requirement that static tools today produce more real issues than false reports. With that said, Jason is right, large code bases never running static analysis will produce a large number of issues no matter how accurate it is.  Even though static analysis tools do provide a number of

    Read More »
  • Findbugs not recognizing exceptions? Java static analysis

    on May 4, 09 • by Alen Zukich • with 1 Comment

    We’ve posted previously on some of the differences between Findbugs’ open source Java analysis and commercial Java static analysis tools, specifically on the JSR-305 specification and source code versus byte code analysis topics. Due to these differences, many Java shops will use a commercial Java static analysis tool in conjunction with Findbugs to make sure they’re getting as complete issue detection as possible. One area that’s been discussed previously is the ability to identify situations of possible null pointer dereference. This peaked my interest and led me to do some benchmarking against a few open

    Read More »
Scroll to top