Static syntax analysis

static syntax analysis refers to debugging that can be done via inspection of the code for a program, without actually running the program.

See Also

static analyzers
another list by Cameron Laird
debugging
Brace-level pretty printer
Statically verifying arithmetic and regular expressions
AM 2007-08-18: an idea to check such various Tcl "sublanguages" as the arithmetic and regular expressions
Source Code Comprehension Tools
an older list
Comparison of Static Tcl Code Validity Testers
an comparison done circa 1997 by the developer of TclTutor.

Description

Static syntax analysis is the process of looking at a text file and attempting to identify errors, warnings, etc. from the text without executing the code. This is tricky to do in-depth because in an interpretive environment, programmers often make use of dynamic techniques for code generation, etc. These dynamic code fragments typically won't be evaluated during a static syntax sweep. Another short-coming, at least as far as procheck and frink go, is that they operate only on the source code specified on the command line. This means that calls to autoloaded or sourced commands are treated as unknowns, unless the file in which they are defined was specified before the invocation.

A C programmer will be familar with a program called lint; this program provides static syntax analysis for C.

Analysing C

CBrowser
open-source GUI frontent to source-code searching tools. Primarily designed to work with cscope, but also works with cs.
logiscope c rulechecker
a proprietary product that allows users to define and verify coding rules in Tcl
Euclide
is a new Constraint-Based Testing tool for verifying safety-critical C programs. By using a mixture of symbolic and numerical analyses (namely static single assignment form, constraint propagation, integer linear relaxation and search-based test data generation), it addresses three distinct applications in a single framework: structural test data generation, counter-example generation and partial program proving.

Euclide is written in Prolog with a Tcl interface and a Tk GUI.

http://euclide.gforge.inria.fr/img/euclide_v0_1_small.jpg

Analyzing Tcl

frink
source code formatter with syntax and style checking
Nagelfar
reads one or more Tcl scripts and checks them for correctness, conflicts and even a little style.
_scriptFormat
reads one Tcl script and fixes indentation. Simplistic and open source.
XotclIDE
includes a syntax checker for Tcl and XOTcl code
TDK
has a program called tclchecker that does static syntax
procheck
a component of TclPro
Sugar
a macro system that can be used as a programmable SSA tool.
SoftGuard
appears to do at least some sorts of SSA [Does SoftGuard deserve its own page in the Wiki? I think so. Anyone familar with it? The web page mentions sgxCP profiling, sgxCT tracing, sgxDbg procedure debugging, sgxRSM resource standard metrics, and sgxTVC variable consistency testing]
Source Navigator
code-analysis and comprehention tool that provides a graphic framework for understanding and re-engineering large or complex software projects
bracecheck , by Andreas Leitgeb
a "mostly heuristic script ... which compares bracing with indentation ..."
tclCheck, by Lindsay Marshall
A very simple C program that carries out a sanity check for brackets and their nesting.
ttclcheck
advanced syntax checker for Tcl, TclOO, XOTcl, ITcl code with html generation.
tcl-golems
Count lines, find mismatched braces/quotes.
tclparse
A static analysis tool for Tcl 7.6 and Tk 4.2 programs.
tcl_cruncher (download )
transforms nice Tcl 7.x/TclX/Itcl sources into an ugly but faster standard output: it removes all unneeded white spaces, ; , all comments, etc... the result is unreadable, but can be twice as fast & as small than original. It can also be used to check syntax of your programs.
tclscan
Rust program that scans tcl for command injection.
ECG
is a TCL static source code analysis tool. It is a commercial solution able to detect real and complex security vulnerabilities in TCL/ADP source-code.