- Marshall Aerospace choose PRQA

- Scaleochip select QA·C

- Rhapsody Integration

- Managing Legacy Code

- New Client/Server Quality System

- FAQ of the Month

- New & Noteworthy

- Coding Guideline

- The Next Issue

Hello and welcome to our 2nd issue and our first one for 2009. The last few months have flown by, and while the general business sentiment has become more precarious, we continue to achieve significant wins in many software industry segments - we outline a few of these below - and to have rewarding engagements with forward-thinking software organizations. It is now more important than ever to innovate and extract greater synergies and cost efficiencies from your development activities.

In this issue, you can read how a combined QA·C and VectorCAST static and dynamic solution allowed Marshall Aerospace to gain DO 178B level C accreditation. You can discover our sophisticated and accurate technology for managing legacy code, and hear some early news of our upcoming Management Information System. We also detail our deep integration of QA·C/QA·C++ into the Rhapsody modelling environment, and showcase another customer operating in the AUTOSAR environment. Plus, catch up on our latest product release news and regular features putting a spotlight on our product FAQs and our Coding Guidelines.

Happy reading!

Fergus Bolger,
CTO Programming Research

Marshall Aerospace, a well-established provider of aerospace components, produces innovative products for the aerospace and defence markets. With a requirement to obtain DO 178B level C accreditation on their work for the Hercules C130 Aircraft program, they evaluated a range of software tool solutions and chose PRQA's comprehensive static/dynamic solution, based on cost effectiveness and expertise. Read more...

Scaleochip is a leading proponent of System-on-Chip technology and has created an automotive platform compliant to the AUTOSAR standard for code generation. With recognition that the tooling environment is critical to ensure high quality software, Scaleochip selected QA·C to meet their rigorous compliance and quality goals. Among QA·C's capabilities, they were most impressed with its comprehensive and accurate analysis, the professional and competent support offered by PRQA, and the product's flexibility in handling auto-generated code. Read more...

Auto-generated code presents a particular challenge to advocates of coding standards. In many instances, systematic coding rule violations are generated all through the code. This is a great challenge to both the users and their static analysis tools in trying to separate the faults created by human endeavour - the ones you want to address - and the faults created through the generation process - the ones you cannot fix.

PRQA have worked on this problem with one of our leading customers, on their Rhapsody-based C++ development. Using our suppression technology and the ability to accurately match up against analysis diagnostics, developers can see analysis output focussed solely on the code they authored. We will shortly offer this appealing solution to all Rhapsody users. Let us know if this forthcoming Rhapsody Integration announcement will be of interest to you.

The bane of many a development team is how to deal with archaic and sometimes fragile legacy code. You cannot fix every detected bug and coding non-compliance without impacting on release quality. PRL have a sophisticated technology solution for our QA·C and QA·C++ products, based on detection of source code changes across the entire code base, and with the additional ability to expose those specific code bugs and non-compliances you choose to deal with. Request our Managing Legacy Code white paper.

Our users derive great value from QA·C and QA·C++ analysis tools on their development desktops, and at a detailed code-interaction level. We have been working hard on a Management Information System (MIS), which will meet the demand for presentation of relevant and focussed analytics, portraying the quality of code using objective measurements. MIS is soon to enter an Alpha testing program leading to full release this year, and will deliver web-based annotated source and instant baselining between analyzed versions, full suppression and deviation support, user-definition of compound metrics, compliance and code quality reporting, and trend and summary analysis. Ask us for a sneak preview of our MIS specification.

PRQA has an active, vibrant, and well-regarded support function, staffed by experts. We apply our knowledge and feedback to a set of FAQs on our website to share knowledge on typical customer queries.

How can I run Wrapper on a Make structure consisting of a hierarchy of source directories?
PRQA's Wrapper component leverages off your Make environment to run analysis seamlessly as part of your build. In more complex build environments, Wrapper will create a file list in each subdirectory that Make descends into. To create a master file list you simply concatenate the individual file lists generated in each directory. Use the following command from the top level to create a master file list, which will then allow you to open the Message Browser for the complete project analysis:

$ find . -name myfiles.lst | xargs cat >> allmyfiles.lst
$ viewer qac -via /home/work/person/critical.p_s -list allmyfiles.lst"

View All Wrapper FAQs

The various add-on components to our tool suit provide significant additional benefit to users. These sometimes track more frequent updates than the main products, here is our most recent news.

QA·C++ 2.5
The latest release of QA·C++, offering a very high enforcement of the MISRA-C++:2008 coding standard, is now available on all platforms.

Visual Studio Integrations
Look for new upcoming releases of the VS2005 and VS2008 integrations, with improvements to the project converters and enhancements for the VISTA platform.

Project Creator
A new tool, built on Wrapper technology, to aid creating projects from makefile-driven customer code is undergoing beta testing. Let us know if this is of interest to you.

Structure101 Released
The Structure101 add-on to QA·C and QA·C++ has reached full general release. Contact sales for an evaluation of this structural and architectural analysis component.

QA·C/QA·C++ Legacy Mode
The new legacy code management package for baselining against an established version of source code, and incorporating a replacement Message Browser and Main Windows GUI, is now available for download. Contact Sales for download details.

To learn more about the PRQA range, visit our Product Overview.

With our high level of activity on public standards bodies and coding standards committees, we have a pool of noteworthy coding rules along with explanations of their genesis and rationale.

Featured Rule:
MISRA-C:2004 Rule 8.1: Functions shall have prototype declarations and the prototype shall be visible at both the function definition and call. MISRA-C:2004 Rule 8.8: An external object or function shall be declared in one and only one file.
We think these might be just about the most important rules in a C coding standard. The issue comes very clearly into focus on legacy code containing K&R style declarations and definitions. Prudence might suggest that you slowly migrate the function interfaces over to the more correct and safe use of ISO prototypes over time. However, very serious issues can arise from this approach in relation to mixing of old and new declarations & definitions:

/* source file A */
int main(void)
{
foo(1.0F); /* no prototype: float arg promoted to double */
exit(0);
}

/* source file B */
#include

extern void foo(f)
float f; /* K&R style: expects to receive promoted arg */
{
printf("x=%g", f);
}
The code in these files is fully compliant with ISO-C but could be improved by introducing function prototypes. However, this cannot be done piecemeal, as we will see in the following scenario:

When function 'foo' is called in the absence of a function prototype, the float argument '1.0F' will be promoted to a double, under Default Argument Promotion rules. It occurs just the same if a K&R style function declaration is visible, as in 'extern void foo( )'.

Default argument promotion is not a problem if the function is defined in K&R style - as shown in file B. Although the function parameter is declared with type float, the function will expect to receive an argument of type double and will perform an appropriate conversion.

If a prototype declaration of function 'foo' is inserted into file A, the argument is passed as a float rather than a double. However, the K&R function definition in file B still expects a promoted argument, and will continued to convert the argument back to float. Major bug ensues!

A similar danger exists if the definition of function 'foo' in file B is modified to prototype style without introducing the corresponding prototype declaration into file A. The receiving function will expect a float but will receive a double.

Partial migration from K&R style to prototype interfaces is dangerous. Any function which is referenced in more than one translation unit should be declared with function prototype syntax in one header file only. The header file should then be included in the translation unit where the function is defined and any other unit where the function is called or referenced.

Our next newsletter will include descriptions and an early release program for our MIS system; we'll talk about how to introduce our tools into the DO-178B process; and we'll have a particular focus on MISRA-C++ rules, with examples and compliance verification.

Thank you for taking the time to read this issue of PRQA News. We hope you have found it useful. If you would like any further information on the range of software analysis tools we can provide, visit us at the programming research website or meet us at one of these upcoming exhibitions.

- MISRA-C++ Released

- SELEX selects PRQA

- Structure101 Integration

- C99/GCC Support

- FAQ of the Month

- New & Noteworthy

- Coding Guideline

- The Next Issue

Hello and welcome to PRQA's brand new newsletter. We invite you to explore our industry news items, product and solution information and helpful hints. Whether you have only recently adopted our code analysis technology, or you are a seasoned power user, we think you'll find some useful information in here.

In this issue, you will find articles on the new MISRA-C++ Coding Standard, our release of QA·C with support for C99 language features and GCC extensions, and some interesting information on our products. A particular highlight is SELEX Galileo's decision to use PRQA's analysis tools for their critical projects based in the UK across a range of application areas including Radar & Advanced Targetting and Electronic Warfare.

Happy reading!

Fergus Bolger,
CTO Programming Research

The eagerly-awaited release of MISRA-C++:2008 arrived on June 5th, and PRQA immediately announced availability of a compliance module for its industry leading QA·C++ product.We contributed strongly to the development of this standard, and were the sole ISO C++ representative on the committee. With our high-fidelity technology, we can demonstrate the highest available rule compliance, and will continue to refine and perfect QA·MISRA compliance to meet our customers' expectations. more...

SELEX Galileo begins national deployment of PRQA's software analysis tools for mission and safety-critical software development. A member of the Finmeccanica Group, SELEX Galileo have selected PRQA's QA·C and QA·C++ language analysis tools for its software development sites in the UK. SELEX Galileo's requirement is for tools that can enforce coding standards, as well as helping to ensure the code developed matches the aspirations of SELEX Galileo's own high quality directives. Galileo's Head of UK Software, Ian Anderson commented, "In our market place high reliability and uptime is imperative and therefore the quality of our products needs to be second to none. We feel that the use of Programming Research's products will contribute significantly to achieving our goals." more...

Structure101 helps developers to understand the high-level dependencies in their code bases. It provides visualization of the structure and dependencies in code, displays associated structural metrics, and allows developers to manage and limit complexity and dependency across each code base" more...

Our integration is now in public beta; general release to follow in a few months.

PRQA has released QA·C version 7.1, with support for additional C99 language features and GCC extensions. In particular, QA·C can now analyze code containing designated initializers, variable length arrays, compound literals, declarations within "for" statements, variadic macros, empty structs, empty struct initializers, and zero-length arrays. With QA·C 7.1, you can now analyze the most varied code bases. more...

PRQA has an extensive support function, staffed by experts. As part of sharing our knowledge, we regularly post FAQs on typical customer queries.

How can I reduce compile dependencies in my C++ project?
Reducing dependencies between translation units can improve compilation speed and also help to enforce design boundaries and modularisation through forward declarations. QA·C++ 2.4 introduced logic to support these objectives through actions to permit reduction of file inclusion. Diagnostics include repeated inclusion of the same header, unnecessary header inclusion, and opportunities for forward declaration of classes and templates to avoid direct inclusion. more...

The various add-on components to our tool suite provide significant additional benefit to users. These sometimes track more frequent updates than our main products; here is the most recent news.

Compiler Personality Generator
Our CPG wizard automatically creates compiler configuration personalities through a process of interrogation and detection for various language behaviours. Currently at version 2.0, it handles a wide selection of compiler versions. (Downloads: Windows, Linux, or Solaris)

PDF Reports
We now supply a PDF-based report package (Windows and Unix) that includes Code Review, Compliance, Suppression, and Quality (statistical overview) reports.

Compiler Wrapper
Wrapper is used during make/build operation to feed the appropriate project settings direct to our parser components. Version 2.6 of wrapper now permits user control over where to locate analysis output. Contact support to obtain this.

With our high level of activity on public standards bodies and coding standards committees, we have a pool of interesting coding rules along with explanations of their genesis and rationale.

Featured Rule: MISRA-C++ Rule 7-5-3: Multiple declarations for an identifier in the same namespace shall not straddle a using-declaration for that identifier.
A using-declaration (not to be confused with a using-directive) selectively brings a name from one namespace, and makes it visible to lookup in another scope. An interesting detail however is that only declarations visible before the using-declaration appears will be made visible, i.e. names that are introduced to the target namespace later are not made visible (retrospectively, you might say). This is different to the behaviour of the more common using-directive where all names in a namespace will be visible to lookup no matter where the using-directive appears in the source.

namespace NS {
void f(char);
void b(char);
}

using NS::f; // Only 'f(char)' brought into current namespace
namespace NS {
void f(int);
void b(int);
}
using NS::b; // Both 'b(int)' and 'b(char)' brought into current namespace
void bar() {
f (0); // Overload resolution chooses 'f(char)'
b (0); // Overload resolution chooses 'b(int)' as expected.
}
This is one of many rules featuring in the MISRA-C++ coding standard. To learn more about the PRQA range, visit our Product Overview.

Our next newsletter will include some exciting news about our Rhapsody Integration Capabilities, shortly to be productized for general use; details on our certification through a DO-178B process; and an explanation of the MISRA-C:2004 guidelines.

Thank you for taking the time to read this first issue of PRQA News. We hope you have found it useful. If you would like any further information on the range of software analysis tools we can provide, visit us at www.programmingresearch.com