Cobra Static Code Analyzer

Cobra Interactive Static Code Analyzer

about

papers

manpages

downloads

The most recent Version, with Query Libraries

Cobra is available on Github at github.com/nimble-code/Cobra.

Installation

choose a directory where you want to install the tool, below this is referred to as directory $COBRA

   $ git clone https://github.com/nimble-code/Cobra

which gives you a directory with a set of sub-directories like this:


   drwxrwxr-x 2 gh gh 4096 May 16 12:59 bin_linux  # executables for linux
   drwxrwxr-x 2 gh gh 4096 May 16 12:59 bin_cygwin # executables for cygwin
   drwxrwxr-x 2 gh gh 4096 May 16 12:59 bin_mac    # executables for macs
   drwxrwxr-x 2 gh gh 4096 May 16 10:03 doc     # change history, manpage, license
   drwxrwxr-x 2 gh gh 4096 May 16 10:03 gui     # optional tcl/tk gui to cobra
   drwxrwxr-x 8 gh gh 4096 May 16 15:55 rules   # cobra checker libraries
   drwxrwxr-x 1 gh gh 4096 May 16 12:43 src     # cobra source files
   drwxrwxr-x 1 gh gh 4096 May 16 12:43 src_app # standalone cobra checkers

to compile the tool (if you are not using precompiled executables in one of the ./bin_... directories)

   $ cd src
   # depending on your platform, do:
   	$ sudo make install_linux
     or
   	$ make install_cygwin
     or
   	$ make install_mac

add $COBRA/bin_... to your search PATH environment variable, matching the platform you are using. if you use the bash shell, you can add this line at the end of the ~/.bashrc script, where $COBRA is defined as above, for instance:
```
     export PATH=$PATH:$COBRA/bin_linux
```
configure the tool so that it knows where to find the rule libraries (using the $COBRA directory set at the beginning):
```
   $ cobra -configure $COBRA/rules
```
this creates a ~/.cobra file in your home directory, which cobra reads on startup to find the predefined checker libraries
you can also tell Cobra where the libraries are by setting and exporting an environment variable C_BASE, for instance as follows:
```
     export C_BASE=$COBRA/rules
```
if both a ~/.cobra file exists and the $C_BASE variable is set, the latter will be used.

Basic Usage

cd to the directory with the source files you want to work on, and start cobra. Try a pattern search, for instance for empty if-statements:
```
   $ cobra -pattern 'if ( .* ) ;' *.[ch]
```
Or try some predefined checks:
```
   $ cobra -terse -f basic *.[ch]
```
or for more detail, and with preprocessing enabled:
```
   $ cobra -cpp -f basic *.[ch]
```
add C preprocessor directives on the command-line as needed

some of predefined checks:

  $ cobra -terse -f stats     *.[ch]
  $ cobra -terse -f metrics   *.[ch]
  $ cobra -terse -f misra1997 *.[ch]
  $ cobra -terse -f basic     *.[ch]

for a list:

  $ cobra -lib

for all command-line options:

  $ cobra --

or check the online manual pages, which also give details on writing inline cobra programs

for interactive use, type for instance:

   $ cobra -cpp *.[ch]
   1 core, 14 files, 93623 tokens
   :           # << the cobra command prompt
   :           # << type your queries here
   : q         # << quit
   $

Support

report problems and bug reports: gholzmann [atsign] acm [dot] org

License

Caltech/JPL and Nimble Research License Text