Static Analysis Problem Type Reference
Static analysis finds errors and security weaknesses in software through detailed source code analysis. This Static Analysis Problem Type Reference documents every problem type that can be detected by the Intel C/C++ or Fortran compiler when running in static analysis mode, and displayed through the Intel® Inspector explain problem tool. For instructions on using the Intel Inspector static analysis feature, see the documentation for Intel Inspector XE and your Intel C/C++ or Fortran compiler.
The Intel Inspector XE static analysis feature requires a full Intel® Parallel Studio, Intel® C++ Studio, Intel® Fortran Studio, Intel® Visual Fortran Studio, or Intel® Cluster Studio suite. Use the Intel C/C++ or Fortran compiler to perform the analysis, and view the results through the Intel Inspector GUI. You can run analysis on one machine and view results on another. In this case, only the Intel® Composer product needs be installed on the analysis machine. On the viewing machine, both the Intel Composer and Intel Inspector suite components must be installed, along with a valid suite license. The descriptions in these Static Analysis Problem Type References presume the diagnostic is being viewed in the Intel Inspector GUI.
Static analysis searches static code for a wide range of problems that can compromise application correctness and security. Each of the Static Analysis Problem Type References documents a problem type in detail, and provides an example that illustrates the problem or suggests ways to correct it. Note that it is not possible to detect every instance of every problem type, so the absence of a diagnostic does not ensure that a program is completely free of a specific type of problem.
The static analysis feature may identify more than one form of the same type of problem. For example, an integer variable set to zero and then used as a divisor is identified as a Divide by zero error. When this divide operation is preceded by an "if" statement that either sets the integer to zero or to something non-zero, this is identified as a Possible divide by zero error, since the divide operation may, or may not, divide by zero, depending on which execution path is taken. A single Static Analysis Problem Type Reference topic describes both of these errors.
In the Intel Inspector GUI, source references associated with diagnostics are displayed as code locations, also known as observations. For example, a Uses address after free error has two code locations: the location where storage was deallocated, and the location where it was subsequently used. In the Static Analysis Problem Type References, these two code locations are described in a table that looks like this:
|
ID |
Code Location |
Description |
|---|---|---|
|
1 |
Deallocation site |
The place where the storage was deallocated |
|
2 |
Memory access |
The place where the storage was referenced |
The Intel Inspector static analysis feature combines related problems into a single problem set. For example, suppose an assignment statement sets a pointer to zero. If this is followed by an "if" statement where both branches of the "if" statement use the same pointer value, each branch results in a null pointer dereference. During static analysis, the two null pointer diagnostics are combined into a single problem set, with one "Memory write" code location, and two "Null dereference" code locations. Generally, the code locations for a problem set consist of all code locations from the individual problems, with any duplicates removed.