Confessions of a Wall Street Programmer

practical ideas (and perhaps some uncommon knowledge) on software architecture, design, construction and testing

Mo’ Static

In my day job, one of my main focuses is software reliability and correctness, so it makes sense that I would be a big fan of static analysis.

I’ve written previously about the static analysis provided by clang. Today, I want to take a bit of a “deep-dive” into the whole subject by putting both clang and cppcheck through their paces, using them to analyze a benchmark suite designed to exercise static analysis tools. In the course of doing that, I’ll also provide some helper scripts that make working with the tools easier.

Remote Scripting with bash and ssh

Nowadays it’s pretty common for applications to be distributed across multiple machines, which can be good for scalability and resilience.

But it does mean that we have more machines to monitor – sometimes a LOT more!

Read on for a handy tip that will let you do a lot of those tasks from any old session (and maybe lose some of those screens)!

Static Analysis with clang

I keep singing the praises of clang, and with good reason – the clang project has been advancing the state of C/C++ compiler technology on Linux and OS X for quite a while now.

The modular design of the compiler has also enabled the creation of a set of ancillary tools, including run-time “sanitizers” (which I wrote about earlier), as well as pretty-printers, and a tool to automatically upgrade code to C++11.

Today I want to talk about clang’s static analysis engine, which can do a deep-dive on your code and find problems that are hard for a human to detect, but that are amenable to a brute-force approach that models the run-time behavior of a piece of code, but at compile-time.

Who Knows What Evil Lurks …

Pity the poor Shadow! Even with the recent glut of super-heroes in movies, games and TV, the Shadow is nowhere to be seen.

But I guess that’s the whole point of being the Shadow.

According to this, the Shadow had “the mysterious power to cloud men’s minds, so they could not see him”. Hmmm, that sounds like more than a few bugs I’ve known.

Read on to learn how to get your compiler to help you find and eliminate these “shadow bugs” from your code.

Building clang on RedHat

clang is a great compiler, with a boatload of extremely helpful tools, including static analysis, run-time memory and data race analysis, and many others.  And it’s apparently pretty easy to get those benefits on one of the supported platforms – basically Ubuntu and Mac (via XCode).

That’s fine, but if you get paid to write software, there’s a good chance it’s going to be deployed on RedHat, or one of its variants.  And, getting clang working on RedHat is a huge pain in the neck.  The good news is that I did the dirty work for you (ouch!), so you don’t have to.

Into the Void

I keep reading talk of the sort “I don’t know why anyone bothers with C++ — real programmers use C. C++ is for wussies”, or words to that effect.

Well, a while ago I had to go back to C from working exclusively in C++ for a while, and I have to say that I think the C fanboys are just nuts.

Repent, Sinner!

When I was a kid I went to Catholic school, and back in those days the nuns would indeed rap your knuckles with a ruler if you misbehaved. That doesn’t happen so much any more, but when I see someone making use of the copy-paste anti-pattern, I’m tempted to reach for a ruler myself. (I know, probably not a good career move ;-)

Short of rapping someone’s knuckles with a ruler, though, how do you show some poor sinner the error of his ways?

Status Meetings

One of the banes of corporate life is the status meeting. It would be nice to get rid of them, but then it would be nice to get rid of all the lawyers too1, and I don’t see that happening either.

So, how do we make them better? Well, for starters we could make them shorter. Here’s a way to do that.

Guess What Day It Is!

No, not that – it’s Perl day. (Well, actually it’s just Wednesday, but you get the idea).

Sometimes it seems that everybody likes to hate on Perl, but I think their animus is misdirected. It’s not Perl that’s the problem, it’s those \^\$(.#!)?$ regular expressions.

Or, as Jamie Zawinski once said “Some people, when confronted with a problem, think “I know, I’ll use regular expressions.” Now they have two problems.”.

Well, I’m here to tell you that it’s possible to write whole Perl programs that actually accomplish useful work, without any regular expressions at all! And, if you do that, you can actually read the code!

It turns out that Perl is a dandy scripting language, and while some may take issue with its flexibility (“There’s more than one way to do it”), others (including me) find that flexibility very useful.

Where Am I?

From Robinson Crusoe to Gilligan’s Island to Lost, tales of being stranded on a desert island seem to resonate with people in a special way. Some of that likely has to do with the exotic locales, and the practical challenges of getting water, food and shelter.

But an even more basic part is the unanswered question: “Where am I?” that makes things so – well, mysterious.

Shell scripting can be pretty mysterious too at times, but in this installment we’ll learn how to answer that basic question of “Where am I?” to make shell scripting a little less mysterious.