1. splint
Splint is an open-source static code check tool. It can be used as follows:
The program to be tested is as follows:
#include <stdio.h>static void display(int i){printf("i = %d\n",i);}int main(void){int i,j;i = 1;i = i + 1;display(i);return 0;}
Debugging is as follows:
$ Splint main. c
Splint 3.1.2 --- 03 May 2009
Main. C: (IN function main)
Main. C: 10: 8: Variable J declared but not used
A variable is declared but never used. Use/* @ [email protected] */In front
Declaration to suppress message. (use-varuse to inhibit warning)
Finished checking --- 1 code warning
The prompt defines a variable J, but it has never been used.
After removing the J definition, check again:
$ Splint main. c
Splint 3.1.2 --- 03 May 2009
Finished checking --- no warnings
Splint has a large flag that can be used. When used, add the '+' or '-', '+' sign before the flag to enable the flag. '-' indicates that the flag is disabled.
The following statements are used to check the program's data out-of-bounds.
Splint + bounds main. c
2. stracestrace is often used to track system calls and received signals during process execution. Perform a tracing test on the above program: $ strace./A. Out
Execve ("./A. Out", ["./A. Out"], [/* 50 vars */]) = 0
BRK (0) = 0x1033000
Access ("/etc/lD. So. nohwcap", f_ OK) =-1 enoent (no such file or directory)
MMAP (null, 8192, prot_read | prot_write, map_private | map_anonymous,-1, 0) = 0x7f64fa550000
Access ("/etc/lD. So. preload", r_ OK) =-1 enoent (no such file or directory)
Open ("/etc/lD. So. cache", o_rdonly | o_cloexec) = 3
Fstat (3, {st_mode = s_ifreg | 0644, st_size = 77020,...}) = 0
MMAP (null, 77020, prot_read, map_private, 3, 0) = 0x7f64fa53d000
Close (3) = 0
Access ("/etc/lD. So. nohwcap", f_ OK) =-1 enoent (no such file or directory)
Open ("/lib/x86_64-linux-gnu/libc. so.6", o_rdonly | o_cloexec) = 3
Read (3, "\ 177elf \ 2 \ 1 \ 1 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 0 \ 3 \ 0> \ 0 \ 1 \ 0 \ 0 \ 0 \ 0 \ 200 \ 30 \ 2 \ 0 \ 0 \ 0 \ 0 \ 0 "..., 832) = 832
Fstat (3, {st_mode = s_ifreg | 0755, st_size = 1815224,...}) = 0
MMAP (null, 3929304, prot_read | prot_exec, map_private | map_denywrite, 3, 0) = 0x7f64f9f70000
Mprotect (0x7f64fa125000, 2097152, prot_none) = 0
MMAP (0x7f64fa325000, 24576, prot_read | prot_write, map_private | map_fixed | map_denywrite, 3, 0x1b5000) = 0x7f64fa325000
MMAP (0x7f64fa32b000, 17624, prot_read | prot_write, map_private | map_fixed | map_anonymous,-1, 0) = 0x7f64fa32b000
Close (3) = 0
MMAP (null, 4096, prot_read | prot_write, map_private | map_anonymous,-1, 0) = 0x7f64fa53c000
MMAP (null, 4096, prot_read | prot_write, map_private | map_anonymous,-1, 0) = 0x7f64fa53b000
MMAP (null, 4096, prot_read | prot_write, map_private | map_anonymous,-1, 0) = 0x7f64fa53a000
Arch_prctl (arch_set_fs, 0x7f64fa53b700) = 0
Mprotect (0x7f64fa325000, 16384, prot_read) = 0
Mprotect (0x600000,409 6, prot_read) = 0
Mprotect (0x7f64fa552000, 4096, prot_read) = 0
Munmap (0x7f64fa53d000, 77020) = 0
Fstat (1, {st_mode = s_ifchr | 0620, st_rdev = makedev (136, 0),...}) = 0
MMAP (null, 4096, prot_read | prot_write, map_private | map_anonymous,-1, 0) = 0x7f64fa54f000
Write (1, "I = 2 \ n", 6i = 2
) = 6
Exit_group (0) =?
3. ltraceltrace is used to track the process calling database functions.
Perform a tracing test on the above program:
$ Ltrace./A. Out
_ Libc_start_main (0x400518, 1, 0x7ffff364a1a8, 0x400550, 0x4005e0 <unfinished...>
Printf ("I = % d \ n", 2I = 2
) = 6
++ Exited (status 0) ++