Perhaps someone here can help...
I'm doing a presentation on techniques for embedded, especially removing and keeping out bugs ;-) Using an example project from last year. A reviewer of my first draft suggested many of the bugs surfaced in the project would have been caught by static analysis - but I haven't had such great luck in the past.
Tried CPPcheck, and while it found some less-than-optimal stuff it only found one of the real bugs discussed.
Tried to get an evaluation copy of Coverity, but got a wildly annoying and clueless sales person who promises a member of the right team will contact me shortly (Real Soon Now).
Bugs I had to fix and amenable to static analysis included:
- uninitialized variable (only one found by CPPcheck)
- use of magic 0xff index value as subscript off end of array
- C macro with unguarded arguments getting wrong answer
- use of int8 to index 1kb buffer (so only 256 bytes got used)
Anybody able to recommend a tool they've used successfully? Thanks in advance, Best Regards, Dave