Perl Static Source Code Analysis

From TeraGrid Wiki

Jump to: navigation, search

Contents

Introduction

This page contains a collection of tools for analyzing Perl code. Analyzing a static program runs headlong into the halting problem -- no automatic process can find all infinite loops, or fully model dynamic data generated within an arbitrary program. If you need to solve that kind of problem, a runtime debugger, human insight, and good programming practices go a long way. On the other hand, if you're reading a new Perl code for the first time, you've come to the right place.

The tools on this page are really intended to provide a visual guide to help a smart human read a Perl script for the first time. Like a table of contents or an index in a book. The hope is that the relationships within the code which are obvious to the author of the program can be automatically recognized, and displayed in an intuitive way. These tools can't catch every subtlety and nuance of a program any more than a table of contents can show contents of a textbook, but they should be able to highlight the most important parts of the code, so you can focus your reading on the most relevant parts of the code.

For other types of Perl static source code analysis, Wikipedia has a number of up-to-date links:

Perl Subroutine Call Tree

Author: Luke Scharf

Date: October 2008

Purpose

To analyze a Perl script, and generate a subroutine call-tree graph. The subroutines are shown as nodes, and the calls are shown as directed edges.

This script was inspired by an exercise that we did by hand in an undergraduate Computer Science class. This script automates the process for a Perl script, which is made vastly easier by the PPI and Graphviz. This exercise was called a "function call-tree" in C, but since Perl calls everything a "sub", I use the Perl nomenclature.

I think of this diagram as a kind of visual table-of-contents. Hopefully this will make it easier for people for people to become familiar with existing Perl programs.

Usage

Usage:
	./calltree-perl.pl -i <inputfile.pl> -o <outfile> [-debug]

<outfile> is the image file to be written.  The format is selected
	based on the extension of the filename.  The supported types
	are: .png, .bmp, .cmapx, .imap, .svg, .vrml, .gv, and .txt.

Dependencies

This script depends on the following Perl modules:

  • Getopt: Parses command-line parameters
  • PPI: Parses the input-file
  • GraphViz: Generates the graph, including layout and image-generation
  • Digest::SHA1: Used to pick colors in a repeatable way. By using a cryptographic hash of the destination node-name, instead of a random number, the edges can be the same color as the node they point to. The edge-labels sometimes appear in surprising places, so providing a color-grouping que makes the graph more readable in most cases.

All of these modules are available through aptitude on Ubuntu/Debian, and should be available via rpm or CPAN on other systems.

Subroutines

Since this program is all about subroutines and their relationships, I'll describe the purpose of each subroutine here:

  • usage: Print the command-line help.
  • bangline: Retrieve the bangline of the input file.
  • wcl: Determine the number of lines in the input file.
  • graphviz_escape: Escape strings for use as graphviz labels. Some punctuation will trip up the language that graphviz uses to represent the graph internally.
  • elipsis: Truncate a label -- take an arbitrary string, make it a single line, truncate it to 30 characters. Also add a "..." (an elipsis) to the line, if anything was removed.
  • calledfrom: Traverse the PPI data-structure to find out which function holds the subroutine-call we're examining.
  • MAIN: The main is implicit in Perl, but there's a lot of action here.

Subroutine Call-Tree Diagram:

Here is a self-generated diagram of subroutine calls:

Downloads

Perl Data Assignment Graph

Purpose

FIXME!

Usage

FIXME!

Dependencies

This script depends on the following Perl modules:

  • Getopt: Parses command-line parameters
  • PPI: Parses the input-file
  • GraphViz: Generates the graph, including layout and image-generation
  • Digest::SHA1: Used to pick colors in a repeatable way. By using a cryptographic hash of the destination node-name, instead of a random number, the edges can be the same color as the node they point to. The edge-labels sometimes appear in surprising places, so providing a color-grouping que makes the graph more readable in most cases.

All of these modules are available through aptitude on Ubuntu/Debian, and should be available via rpm or CPAN on other systems.

Subroutines

FIXME!

Downloads

FIXME!

Personal tools