StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
text
Body
copied!<p>I ran a number of static analysis tools on my current project and here are some of the key takeaways:</p> <ul> <li><p>I used <a href="http://www.riverblade.co.uk/products/visual_lint" rel="noreferrer">Visual Lint</a> as a single entry point for running all these tools. VL is a plug-in for VS to run third-party static analysis tools and allows a single click route from the report to the source code. Apart from supporting a GUI for selecting between the different levels of errors reported it also provides automated background analysis (that tells you how many errors have been fixed as you go), manual analysis for a single file, color coded error displays and charting facility. The VL installer is pretty spiffy and extremely helpful when you're trying to add new static analysis tools (it even helps you download Python from ActiveState should you want to use Google cpplint and don't have Python pre-installed!). You can learn more about VL here: <a href="http://www.riverblade.co.uk/products/visual_lint/features.html" rel="noreferrer">http://www.riverblade.co.uk/products/visual_lint/features.html</a></p></li> <li><p>Of the numerous tools that can be run with VL, I chose three that work with native C++ code: cppcheck, Google cpplint and Inspirel Vera++. These tools have different capabilities.</p></li> <li><p>Cppcheck: This is probably the most common one and we have all used it. So, I'll gloss over the details. Suffice to say that it catches errors such as using postfix increment for non-primitive types, warns about using size() when empty() should be used, scope reduction of variables, incorrect name qualification of members in class definition, incorrect initialization order of class members, missing initializations, unused variables, etc. For our codebase cppcheck reported about 6K errors. There were a few false positives (such as unused function) but these were suppresed. You can learn more about cppcheck here: <a href="http://cppcheck.sourceforge.net/manual.pdf" rel="noreferrer">http://cppcheck.sourceforge.net/manual.pdf</a></p></li> <li><p><a href="http://code.google.com/p/google-styleguide/" rel="noreferrer">Google cpplint</a>: This is a python based tool that checks your source for style violations. The style guide against which this validation is done can be found here: <a href="http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml" rel="noreferrer">http://google-styleguide.googlecode.com/svn/trunk/cppguide.xml</a> (which is basically Google's C++ style guide). Cpplint produced ~ 104K errors with our codebase of which most errors are related to whitespaces (missing or extra), tabs, brace position etc. A few that are probably worth fixing are: C-style casts, missing headers.</p></li> <li><p><a href="http://www.inspirel.com/vera" rel="noreferrer">Inspirel Vera++</a>: This is a programmable tool for verification, analysis and transformation of C++ source code. This is similar to cpplint in functionality. A list of the available rules can be found here: <a href="http://www.inspirel.com/vera/ce/doc/rules/index.html" rel="noreferrer">http://www.inspirel.com/vera/ce/doc/rules/index.html</a> and a similar list of available transformations can be found here: <a href="http://www.inspirel.com/vera/ce/doc/transformations/index.html" rel="noreferrer">http://www.inspirel.com/vera/ce/doc/transformations/index.html</a>. Details on how to add your own rule can be found here: <a href="http://www.inspirel.com/vera/ce/doc/tclapi.html" rel="noreferrer">http://www.inspirel.com/vera/ce/doc/tclapi.html</a>. For our project, Vera++ found about 90K issues (for the 20 odd rules). </p></li> </ul>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload