Basically, static analysis is a way to find bugs in the code without testing. Anyone who’s compiled code is familiar with warnings that can be generated. Sometimes these are warnings that can be ignored, but other times they raise awareness of potential problems in the code. Static analysis can go beyond compiler warnings and examine code paths for potential issues. Defect categories that Ma highlighted in his presentation included:
- Memory corruption, illegal access
- Null pointer dereference
- Resource leak
- Concurrency and deadlock issues
- Incorrect expressions
- Insecure data handling
- Library and API misuse
- Uninitialized data
Ma gave an example of C code that compiled cleanly yet clobbered memory that hadn’t been properly allocated. Being a former C developer, I’m quite familiar with this scenario. I was going through a period of getting a lot of memory corruption errors causing unfortunate system crashes along with disturbing messages about the program aborting. This came at a time when I was very pregnant causing me to have a very geeky nightmare one night: I hadn’t allocated enough memory in my womb for the baby! Oh dear!
Coverity Integrity Manager is the tool Ma used to demo how static analysis can be used by development organizations to catch these types of bugs before any test cases are written. As I wrote in Eight free tools to automate your test processes, FindBugs is an open source static analysis alternative for Java developers.
Since this presentation was part of an agile conference, I was curious if static analysis had any additional benefits in an agile environment. It seemed to me it would be just as beneficial in traditional environments. I asked Ma about this during the panel Q&A and he confirmed that static analysis was methodology-agnostic. He said, however, that if you run the tool on old, legacy code, be prepared for a very long report to go through!
My advice to testers? If the developers haven’t done the static analysis, then you do it! You’ll find the problem areas before you’ve written a single test case!