Can Parasoft detect signed/unsigned role of variables in code?

shjalilian

Hi, I have tested my code by various static tests of parasoft. My code had somthing like the following:
uint8_t a;
a = input_from_a _port(); // this function returns a signed char value
if(a > 0)
do_something1();
else
do_somthing2();
This code has fault. when "a" is set to a negative value using input_from_a _port(), fault is generated. Because it was defined unsigned.
Parasoft static analysis tests did not detect it for me. What is the problem with parasoft?

Bogdan Czwartkowski

@shjalilian ,

Regarding
"Parasoft static analysis tests did not detect it for me. What is the problem with parasoft?"
I would not jump just yet to conclusions that there is a problem with Parasoft tool.

I just fixed your code to make it compile:

#include <stdint.h>
int8_t input_from_a_port(void) { return 12; }
void do_something1(void) { }
void do_something2(void) { }
int main()
{
    uint8_t a;
    a = input_from_a_port(); // this function returns a signed char value
    if (a > 0) {
        do_something1();
    } else {
        do_something2();
    }
    return 0;
}

and then I run C/C++test Static Analysis on it. More than 10 different rules from various standards that C/C++test implements reported this exact issue:

In the light of the above, there are now a few questions
1. which exact rule set you run on your code?
2. did you enable in your rule set any rules that detect this issue?
3. if so, does the code compile and is the static analysis configured correctly for your code?

Thank you.

shjalilian

Thanks for your reply with detail. I used parasoft's built-in various static tests such as: flow analysis ... , recommended rules, global analysis. But it didn't detect that mentioned bug. I expected that built-in tests cover such common bugs. It seems that I should reconfigure the tests. But I dont know which rule should I add. My be I should add all rules!
@Bogdan Czwartkowski