Simple Rules Detecting Complex Problems
These examples show very simple coding for illustrative purposes. But these simple rules are important to consider: they can be defined with clarity and implemented with robustness. As well, if implemented in static analysis tools, they can detect subtle defects which exist inside complex code. As datatypes are defined with higher complexity the syntax and semantic guidelines can be violated in very obscure ways, resulting in defects. Likewise, as coding is modified over time, protocol violations can be mismanaged in non-obvious manners, where incorrect execution paths result in unexpected but feasible cases, resulting in defects.
Higher Quality Code Earlier In the Development Cycle
With correct development of static analysis tools, defects can be found early in the development cycle: If the code can be compiled, defects can be detected. Detection with a compile-time warning can be developed as a custom warning for the environment and application, warning of potential endianness errors. Even with false positives, our experience has shown that clustering of warnings on issues can indicate problems where protocols and/or data definitions may not quite be clean enough, which could warrant re-coding. And any software engineering requirement that all code should pass a designated coding standard could certainly be applied to passing static analysis tools which strictly enforce the standard and detect defects and enforce correctness.
Some Basic Best Practices for Utilizing Static Analysis Tools
Technology cannot always be left to do the job: the working plans and processes of the software engineering teams must be considered.
The beginning of the project is the best phase to define and institute any endian defect detection processes: "How are we going to find the problems?". The answers to that question are done in parallel with identifying the strategy for coding around endian issues: "byte-swapping methods?", "data definitions?", "what is the correct process?".
If static analysis tools are to be used, the most important phase is in the definition of violations and corrections. This is the phase when detection methods can be developed. Once these are developed, the results of the detection during development can be improved upon by retuning the algorithms to improve analysis detection and iterating on more improvements.
The final step in the process is enforcing fixes to be made, reviewing false positives for validity, and maintaining a regular analysis schedule to detect defects as early as possible.