C and C testing tools: Static code analysis, code review, unit testing | Parasoft

C/C++ Static Analysis, Code Review, Unit Testing, Runtime Error Detection

Current version: 9.5.0.49 (March 21, 2013)

Parasoft^® C/C++test^®: C/C++ Testing, Static Analysis, Code Review

Parasoft^® C/C++test^® is an integrated Development Testing solution for automating a broad range of best practices proven to improve software development team productivity and software quality for C and C++. C/C++test facilitates:

Static analysis – static code analysis, data flow static analysis, and metrics analysis
Peer code review process automation–preparation, notification, and tracking
Unit testing – unit test creation, execution, optimization, and maintenance
Runtime error detection – memory access errors, leaks, corruptions, and more

This provides teams a practical way to prevent, expose, and correct errors in order to ensure that their C and C++ code works as expected. To promote rapid remediation, each problem detected is prioritized based on configurable severity assignments, automatically assigned to the developer who wrote the related code, and distributed to his or her IDE with direct links to the problematic code and a description of how to fix it.

For embedded and cross-platform development, C/C++test can be used in both host-based and target-based code analysis and test flows.

Parasoft's customers, including 58% of the Fortune 500, rely on C/C++test for:

Preventing errors that compromise security, reliability, and performance
Complying with internal or regulatory quality initiatives
Ensuring consistency across large teams
Increasing productivity by automating tedious yet beneficial development practices
Successfully implementing popular development methods like TDD, Agile, and XP

For a Printable Version, Click Here (1,108 KB PDF).

C/C++test: C/C++ Static Analysis, Code Review, Unit Testing, Security

Comprehensive Code Quality Tools for C/C++ Development

Parasoft C/C++test enables teams to produce better code, test it more efficiently, and consistently monitor progress towards their quality goals. With C/C++test, critical time-proven Development Testing best practices—such as static analysis, comprehensive code review, unit and component testing with integrated coverage analysis, and runtime error detection—are automated on the developer's desktop, early in the development cycle. A command line interface enables fully automated execution within regression and continuous integration environments, providing data for monitoring and analyzing quality trends. Moreover, C/C++test integrates with Parasoft Concerto's reporting system, which provides interactive Web-based dashboards with drill-down capability. This allows teams to track project status and trends based on C/C++test results and other key process metrics.

For embedded and cross-platform development, C/C++test can be used in both host-based and target-based code analysis and test flows.

Automate Code Analysis for Monitoring Compliance

A properly implemented coding policy can eliminate entire classes of programming errors by establishing preventive coding conventions. C/C++test statically analyzes code to check compliance with such a policy. To configure C/C++test to enforce a coding standards policy specific to their group or organization, users can define their own rule sets with built-in and custom rules. Code analysis reports can be generated in a variety of formats, including HTML and PDF.

Hundreds of built-in rules—including implementations of MISRA, MISRA 2004, and the new MISRA C++ standards, as well as guidelines from Meyers' Effective C++ and Effective STL books, and other popular sources—help identify potential bugs from improper C/C++ language usage, enforce best coding practices, and improve code maintainability and reusability. Custom rules, which are created with a graphical RuleWizard editor, can enforce standard API usage and prevent the recurrence of application-specific defects after a single instance has been found.

Identify Runtime Bugs without Executing Software

BugDetective, the advanced interprocedural static analysis module of C/C++test, simulates feasible application execution paths—which may cross multiple functions and files—and determines whether these paths could trigger specific categories of runtime bugs. Defects detected include using uninitialized or invalid memory, null pointer dereferencing, array and buffer overflows, division by zero, memory and resource leaks, and various flavors of dead code. The ability to expose bugs without executing code is especially valuable for embedded code, where detailed runtime analysis for such errors is often not effective or possible.

C/C++test greatly simplifies defect analysis by providing a complete path trace for each potential defect in the developer's IDE. Automatic cross-links to code help users quickly jump to any point in the highlighted analysis path.

Streamline Code Review

Code review is known to be the most effective approach to uncover code defects. Unfortunately, many organizations underutilize code review because of the extensive effort it is thought to require. The C/C++test Code Review module automates preparation, notification, and tracking of peer code reviews, enabling a very efficient team-oriented process. Status of all code reviews, including all comments by reviewers, is maintained and automatically distributed by the C/C++test infrastructure. C/C++test supports two typical code review flows:

Post-commit code review. This mode is based on automatic identification of code changes in a source repository via custom source control interfaces, and creating code review tasks based on pre-set mapping of changed code to reviewers.
Pre-commit code review. Users can initiate a code review from the desktop by selecting a set of files to distribute for the review, or automatically identify all locally changed source code.

The effectiveness of team code reviews is further enhanced through C/C++test's static analysis capability. The need for line-by-line inspections is virtually eliminated because the team's coding policy is monitored automatically. By the time code is submitted for review, violations have already been identified and cleaned. Reviews can then focus on examining algorithms, reviewing design, and searching for subtle errors that automatic tools cannot detect.

Monitor the Application for Memory Problems

Runtime Error Detection is the best known approach to eliminating serious memory-related bugs with zero false positives. The running application is constantly monitored for certain classes of problems—like memory leaks, null pointers, uninitialized memory, and buffer overflows—and results are visible immediately after the testing session is finished.

Without requiring advanced and time-consuming testing activities, the prepared application goes through the standard functional testing and all existing problems are flagged. The application can be executed on the target device, simulated target, or host machine. The collected problems are presented directly in the developer's IDE with the details required to understand and fix the problem (including memory block size, array index, allocation/deallocation stack trace etc.)

Coverage metrics are collected during application execution. These can be used to see what part of the application was tested and to fine tune the set of regression unit tests (complementary to functional testing).

Unit and Integration Test with Coverage Analysis

C/C++test's automation greatly increases the efficiency of testing the correctness and reliability of newly-developed or legacy code. C/C++test automatically generates complete tests, including test drivers and test cases for individual functions, purely in C or C++ code in a format similar to CppUnit. These tests, with or without modifications, are used for initial validation of the functional behavior of the code. By using corner case conditions, these automatically-generated test cases also check function responses to unexpected inputs, exposing potential reliability problems.

Test creation and management is simplified via a set of specific GUI widgets. A graphical Test Case Wizard enables developers to rapidly create black-box functional tests for selected functions without having to worry about their inner workings or embedded data dependencies. A Data Source Wizard helps parameterize test cases and stubs—enabling increased test scope and coverage with minimal effort. Stub analysis and generation is facilitated by the Stub View, which presents all functions used in the code and allows users to create stubs for any functions not available in the test scope—or to alter existing functions for specific test purposes. Test execution and analysis are centralized in the Test Case Explorer, which consolidates all existing project tests and provides a clear pass/fail status. These capabilities are especially helpful for supporting automated continuous integration and testing as well as "test as you go" development.

A multi-metric test coverage analyzer, including statement, branch, path, and MC/DC coverage, helps users gauge the efficacy and completeness of the tests, as well as demonstrate compliance with test and validation requirements, such as DO-178B. Test coverage is presented via code highlighting for all supported coverage metrics—in the GUI or color-coded code listing reports. Summary coverage reports including file, class, and function data can be produced in a variety of formats.

Automated Regression Testing

C/C++test facilitates the development of a robust regression test suite that detects if incremental code changes break existing functionality. Whether teams have a large legacy code base, a small piece of just-completed code, or something in between, C/C++test can generate tests that capture the existing software behavior via test assertions produced by automatically recording the runtime test results. As the code base evolves, C/C++test reruns these tests and compares the current results with those from the originally captured "golden set." It can easily be configured to use different execution settings, test cases, and stubs to support testing in different contexts (e.g., different continuous integration phases, testing incomplete systems, or testing specific parts of complete systems). This type of regression testing is especially critical for supporting agile development and short release cycles, and ensures the continued functionality of constantly evolving and difficult-to-test applications.

Configurable Detailed Reporting

C/C++test's HTML, PDF, and custom format reports can be configured via GUI controls or an options file. The standard reports include a pass/fail summary of code analysis and test results, a list of analyzed files, and a code coverage summary. The reports can be customized to include a listing of active static analysis checks, expanded test output with pass/fail status of individual tests, parameters of trend graphs for key metrics, and full code listings with color-coding of all code coverage results. Generated reports can be automatically sent via email, based on a variety of role-based filters. In addition to providing data directly to the developers responsible for the code flagged for defects, C/C++test sends summary reports to managers and team leads.

Efficient Team Deployment

C/C++test establishes an efficient process that ensures software verification tasks are ingrained into the team's existing workflow and automated—enabling the team to focus on tasks that truly require human intelligence. Defect review and correction are facilitated through automated task assignment and distribution. Each defect detected is prioritized, assigned to the developer who wrote the related code, and distributed to his or her IDE with full data and cross-links to code. To help managers assess and document trends, centralized reporting ensures real-time visibility into quality status and processes. This data also helps determine if additional actions are needed to satisfy internal goals or demonstrate regulatory compliance.

Benefits

Increase team development productivity — Apply a comprehensive set of best practices that reduce testing time, testing effort, and the number of defects that reach QA.
Achieve more with existing development resources — Automatically vet known coding issues so more time can be dedicated to tasks that require human intelligence.
Build on the code base with confidence — Efficiently construct, continuously execute, and maintain a comprehensive regression test suite that detects whether updates break existing functionality.
Gain instant visibility into C and C++ code quality and readiness — Access on-demand objective code assessments and track progress towards quality and schedule targets.
Reduce support costs — Automate negative testing on a broad range of potential user paths to uncover problems that might otherwise surface only in "real-world" usage.

Features

Static analysis of code for compliance with user-selected coding standards
Graphical RuleWizard editor for creating custom coding rules
Static code path simulation for identifying potential runtime errors
Automated code review with a graphical interface and progress tracking
Automated generation and execution of unit and component-level tests
Flexible stub framework
Full support for regression testing
Code coverage analysis with code highlighting
Runtime memory error checking during unit test execution and application-level testing
Full team deployment infrastructure for desktop and command line usage

Runtime Error Detection

Identify complex memory-related problems through simple functional testing—for example:
- memory leaks
- null pointers
- uninitialized memory
- buffers overflows
Collect code coverage from application runs
Increase test result accuracy through execution of the monitored application in a real target environment

Embedded and Cross-Platform Development

As the software components in embedded systems are becoming increasingly critical, the attention to quality in embedded software increases across the board. Long-standing quality strategies such as testing with a debugger are no longer efficient or sufficient. To further complicate matters, many developers cannot readily run a test program in the actual deployment environment because they lack access to the final system hardware. To address these challenges, code quality needs to be realized throughout the development lifecycle—using a synergy of time-proven techniques for early defect prevention, assisted by automation for implementation and monitoring. C/C++test from Parasoft Embedded enables teams to produce better code for embedded systems, test it more efficiently, and consistently monitor progress towards their quality goals. With C/C++test, critical time-proven best practices—such as static analysis, comprehensive code review, and unit and component testing with integrated coverage analysis—are enabled on the developer's desktop, early in the development cycle. A command line interface enables fully automated execution within regression and continuous integration environments, providing data for monitoring and analyzing quality trends.

For highly quality-sensitive industries, such as avionics, medical, automobile, transportation, and industrial automation, the addition of Parasoft's Web-based audit and reporting system, with interactive Web-based dashboards and drill-down capability powered by a SQL database, enables an efficient and auditable quality process with complete visibility into compliance efforts.

Test on the Host, Simulator, and Target

C/C++test automates the complete test execution flow, including test case generation, cross-compilation, deployment, execution, and loading results (including coverage metrics) back into the GUI. Testing can be driven interactively from the GUI or from the command line for automated test execution, as well as batch regression testing. In the interactive mode, users can run tests individually or in selected groups for easy debugging or validation. For batch execution, tests can be grouped based either on the user code they are liked with, or their name or location on disk.

High Degree of Customization

C/C++test allows full customization of its test execution sequence. In addition to using the built-in test automation, users can incorporate custom test scripts and shell commands to fit the tool into their specific build and test environment. This unparalleled flexibility enables users to realize their desired test flow without being constrained by the preset tool options.

C/C++test can be utilized with a wide variety of embedded OS and architectures, by cross-compiling the provided runtime library for a desired target runtime environment. All test artifacts of C/C++test are source code, and therefore completely portable.

Advanced Unit Test Features

Automatic generation of tests and stubs
Automatic generation of assertions based on observed test results
Graphical Test Case Wizard for interactive definition of tests
Complete visibility into test and stub source code
Intelligent, test-case-sensitive stubs
Parameterization of tests and stubs
Multi-metric coverage analysis for DO-178B (including MC/DC)
Flexible support for continuous regression testing
Annotation of tests against bug and requirement IDs
Execution of tests under debugger
Special mode for testing template code

"For our client, the RATP, we are working on the automation of line 13 of the Paris metro. This will allow an increase in train frequency on this saturated line. We produce software which, thanks to three systems of redundant sensors installed on the train, will enable real-time transmission of all train information to the line's central control station of the line.

Since it involves transport of persons, our software must comply with SIL level 4 - the highest level. This is the primary reason that we have chosen Parasoft C/C++test, which is also SIL level 4 certified, to test our software. Another key competitive differentiator is that C/C++test is extremely simple to use: setup is very fast, and it produces test reports of high quality.

Thanks to C/C++test, we have detected and corrected several defects. Within Thalès Communications, we have decided to use this tool in other projects where performance in the field of static code analysis is precious to us."

Thierry Badeuil
Thalès Communications

“Parasoft C++test has become an integral part of our development process. It allows us to unit test our software in way that would otherwise be extremely difficult to do. It enables us to assure the accuracy and reliability of our applications.”

Matt Klaustermeier, Director of Software Engineering
Stauder Technologies

"Based on my experience with the Beta version, I am very impressed with the new capabilities and overall feel of the new C++test product. This new version offers a number of important additions and improvements.”

Martin Brodeur, Senior Software Developer
Adacel, Inc.

"As part of our corporate quality initiative, we deployed Parasoft C++test to improve the readability, maintainability and reliability of our software. The full IDE integration makes all the features easy to access on the desktop."

Scott Lushbough, Software Engineer
InterDigital.

”By deploying C++test as the coding standard analysis tool, Mobile solution project in the SW Center of Samsung Electronics have decreased the amount of coding violations by 80%; a significant improvement on their development/testing process.”

Samsung Electronics Mobile Project SW Center

“Parasoft C++test has made it easy to transfer knowledge to new people, reducing the negative impact when experienced developers leave and new ones come in to replace them. It’s easier to teach new people how to merely use the software rather than the concepts of QA and all the things that they need to know in order to adhere to those internal quality initiatives, such as code review, scope, and range of testing. Automation makes it a lot easier for us…. Parasoft C++test enhances the quality of our products and the quality of our lives.”

Joel Calderon, Software Design Supervisor
NEC Telecom Software Philippines

“Parasoft provides a quality development solution that our entire team can grow with and experience continuous improvement. Parasoft's solution is teaching us all to be better programmers. It helps us find errors that we didn't even realize were errors. Parasoft's solution has saved the Global Modeling and Analysis team both time and resources that we would have otherwise spent finding and fixing defects. Instead, we get to spend that time adding new features and functionality.”

Jim Spielbauer, Development Engineer
Trane

"We have automated and standardized our best practices for providing customers the highest quality code. We have dramatically improved the productivity of our testing efforts and this helps strengthen our position as a global provider of IT solutions."

Vidya Kabra, Software Engineering Tools Group Head
Wipro

"[Parasoft C++test and .TEST] teach our development team better coding habits so that we can make our source code more fault-tolerant; more robust. I'm not talking about obvious bugs that software developers can find without automated testing tools; I'm talking about difficult-to-find logic issues that can take many hours of manual unit and integration testing to discover.… We are able to get our product to market approximately 6 months sooner with Parasoft solutions than we could have if we had gone back to the testing vendor.”

Gary Malfa, Software Engineer
Bovie Medical

"With minimal effort on my part I can come up to speed on C++test very fast after a few months of not using it. All of Parasoft's C development tools are extremely easy to use. The user manuals are quite informative, and the graphical user interface provides an intuitive mechanism for retrieving pertinent debugging information."

Robert Luppold, President
Luppold & Associates, Inc.

"Bad code costs money, and comes back to haunt support and development teams. Parasoft is an automated, non-invasive solution that scans under-development applications for syntax and coding errors before they become production problems. This alerts developers to coding problems and gives managers the reports they need to set strategic goals. Parasoft can provide significant value to software development organizations."

Julie Craig
EMA

“[Parasoft Jtest and C++test have] increased confidence in our software, decreased testing time and produced a more reliable product. We are able to double code coverage in our test cases.”

Jeremy Kincaid, Senior Software Engineer
Intermoco

C/C++test is available in the following editions:

Desktop Edition: A completely integrated tool suite that enables developers/testers to perform automated code analysis (with built-in coding standards/rules and any custom rules developed in RuleWizard) and automated unit testing (with automatically-generated and user-defined test cases) from the desktop. Tests that scan multiple classes/files/directories can be performed directly from the development environment, with results immediately reported in the GUI for review/repair. Additionally, problems identified by Server Edition tests can be imported into the GUI for review/repair. This edition also provides the RuleWizard module, which enables the creation of custom coding standards/rules using a graphical interface. The Desktop edition is intended to be installed and licensed on every developer, architect, and tester desktop.
Server Edition: Includes the Desktop edition functionality, and adds support for performing test and analysis as batch or “server” processes. The provided command-line interface can test the complete project code base and be integrated into the automated build process. Results are written to customizable reports, which can be easily accessed by team members and automatically e-mailed to designated recipients. Additionally, team members can import Server Edition test results into the desktop GUI for review/repair.
The Server Edition also provides:
- The Team Server module, which enables centralized administration and sharing of coding standards/rule sets, test configurations, and test assets. Team Server is designed for development teams that want to ensure consistency in test practices across the team. When Team Server is implemented team-wide, the architect/lead developer can configure and upload standard team-wide test settings/configurations/files, then Team Server will automatically share them across all team C/C++test installations. Team Server may be installed and run on any supported computer system (e.g., one of the developers' workstations, the server hosting a Parasoft Server Edition product, or an independent system).
- The Code Review module, which automates preparation, notification, and tracking of peer code reviews, addresses the known shortcomings of this very powerful development practice. C/C++test automatically identifies updated code by scanning the source control system, matches the code with designated reviewers, and tracks the progress of each review item until closure. With the Code Review module, teams can establish a bulletproof review process—where all new code gets reviewed and all identified issues are resolved.
- BugDetective, advanced flow analysis technology that identifies paths which trigger runtime defects. Defects detected include using uninitialized memory, null pointer dereferencing, division by zero, and memory and resource leaks.

Host Platforms

Windows
Linux
Solaris UltraSPARC

IDEs

Eclipse IDE for Developers
Microsoft Visual Studio
Wind River Workbench
ARM Workbench IDE for RVDS
ARM Development Studio
QNX Momentics IDE (QNX Software Development Platform)
Texas Instruments Code Composer Studio

IDEs with Project Import Support

ARM ADS
Green Hills MULTI
IAR Embedded Workbench
Keil µVision IDE
Keil RealView
Microsoft eMbedded Visual C++
Microsoft Visual Studio
Texas Instruments Code Composer
Wind River Tornado

Host Compilers

Windows
- Microsoft Visual
- GNU and MingW gcc/g++
- GNU gcc/g++
- Green Hills MULTI for Windows
Linux 32 and 64 bit processor
- GNU gcc/g++
- Green Hills MULTI for Linux
Solaris
- Sun ONE Studio
- GNU gcc/g++
- Green Hills MULTI for SPARC Solaris

Target/Cross Compilers

Altera NIOS GCC
ADS (ARM Development Suite)
ARM for Keil uVision
ARM RVCT
ARM DS-5 GNU Compilation Tools
Cosmic Software 68HC08
eCosCentric GCC
Freescale CodeWarrior C/C++ for HC12
Fujitsu FR Family SOFTUNE
GCC (GNU Compiler Collection)
Green Hills MULTI for V800
IAR C/C++ for ARM
IAR C/C++ for MSP430
Keil C51
Microsoft Visual C++ for Windows Mobile
Microsoft Embedded Visual C++
QCC (QNX GCC)
Renesas SH SERIES C/C++
STMicroelectronics ST20
STMicroelectronics ST40
TASKING 80C196 C
TASKING TriCore VX-toolset C/C++
TI TMS320C2x/C2xx/C5x
TI TMS320C2000 C/C++
TI TMS320C54x C/C++
TI TMS320C55x C/C++
TI TMS320C6x C/C++
TI MSP430 C/C++
Wind River GCC
Wind River DIAB

Build Management

GNU make
Sun make
Microsoft nmake

Source Control

AccuRev SCM
Borland StarTeam
CVS
Git
IBM Rational ClearCase
IBM Rational Synergy
Microsoft Team Foundation Server
Microsoft Visual SourceSafe
Perforce SCM
Serena Dimensions
Subversion (SVN)

	Copyright © 1996-2013 Parasoft \| Privacy Policy \| Site Map