November 13, 2009 at 10:05Static C ++ Code Analysis
For me, the beauty of C ++ lies primarily in the permissiveness and terrifying power of the language. We can work with memory as tightly as in C, and at the same time we have such abstraction tools as templates and STL, where you can parameterize anything and anything.
The fee for this is appropriate - not always comprehensible compiler errors (try to forget to put a semicolon after defining the class), a very long time for the preparation and training of programmers, but most importantly, some bugs become noticeable only during program execution.
We want more useful vorings before launching our programs. One way to get what you want is static code analysis. Static means not running the program. Not only probable errors, cases of undefined behavior, memory leaks are interesting, but also things like inaccessibility / unused code, recommendations for increasing the intuitiveness of the programming style.
Means of obtaining software metrics obtained by static analysis methods are not considered in this article. The comments related to programming standards (the curly brace must be on a separate line, oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo! Goodbye)
Evaluation criteria are simple - the number and usefulness of bugs found, ease of use (in particular, the lack of code modification requirements), free / reasonable price / good crack.
We conduct an initial review and issue a bunch of links on the mountain:
First of all, it is necessary to use all possible regular means. gcc provides the following interesting keys related to vigilance of the compiler and preprocessor.
Of course, I’m not so smart myself, but I read everything in this man-article about keys related to warnings
Perhaps the most worthy of the programs found.
The official website of the program and its plug-in for eclipsoids. It recognizes quite a lot, finds the following errors:
It is possible to mark classes as smart pointers (so as not to report about false memics), a GUI on Qt4.
Vera ++ , unlike cppcheck, is focused on style checking. Has a replenished rule base. By default, the database has a lot of really idiotic pieces like “there must be a space before the colon”. The only useful feature is the prohibition of using using namespace in header files. Rules, however, you can write yourself in Tcl. :)
RATS tells pretty convincing horror stories about security and buffer overflow attacks. I didn’t look closely because I don’t know very much about protected code.
Surprisingly, pure C programmers seem to care more about static analysis. Here we have a list once and twice
Will they be useful to plus developers? If you have code without classes and you remember which C ++ programs will not be compiled by the C compiler, then why not?
Here is such a thing for pure C. It is assembled almost effortlessly, but it works cleanly and looks for a lot of things - see the manual.
Simian - similarity analyzer. Looking for code duplication, means. Honestly, I did not come up with her application
CIL - With Intermediate Language. Compiles C to Simplified C! Simplified C can already be fed to other analyzers, which theoretically should improve the quality of their work.
And not enough of it. Many analyzers cost a lot of dollars and do not have cracks.
Here is an example of such an analyzer, you can go to their website and ask for the Cleanscape trivial . The possibilities are not much different from cppcheck.
Not all errors in the code that can be analyzed statically were presented in existing programs. I would like to:
The fee for this is appropriate - not always comprehensible compiler errors (try to forget to put a semicolon after defining the class), a very long time for the preparation and training of programmers, but most importantly, some bugs become noticeable only during program execution.
We want more useful vorings before launching our programs. One way to get what you want is static code analysis. Static means not running the program. Not only probable errors, cases of undefined behavior, memory leaks are interesting, but also things like inaccessibility / unused code, recommendations for increasing the intuitiveness of the programming style.
Means of obtaining software metrics obtained by static analysis methods are not considered in this article. The comments related to programming standards (the curly brace must be on a separate line, oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo! Goodbye)
Evaluation criteria are simple - the number and usefulness of bugs found, ease of use (in particular, the lack of code modification requirements), free / reasonable price / good crack.
We conduct an initial review and issue a bunch of links on the mountain:
- Static_code_analysis
- Wikipedia
- Scott Meyers article on analyzers
- Stack overflow topic on free analyzers
Found items
Gcc pedantic keys
First of all, it is necessary to use all possible regular means. gcc provides the following interesting keys related to vigilance of the compiler and preprocessor.
- -Wall includes all vorings, including compatibility with the new standard, array boundaries (in my opinion, it doesn’t plow, although they say it will work with -O2), volatile / register variables (it will tell you that it doesn’t care about your smart words and that // register //, and what not, he will decide for himself), the sequence points (i ++ + ++ i)
- -Wextra - another bunch of empty-type bodywork in ifs, signed and unsigned comparison
- -pedantic - following the ISO C ++ standard. For example, a ban of type long long.
- -Weffc ++ must have option. It does not turn on with -Wextra or -Wall and contains a check of Scott Meyers recommendations:
- Item 11: Define a copy constructor and an assignment operator for classes with dynamically allocated memory.
- Item 12: Prefer initialization to assignment in constructors.
- Item 14: Make destructors virtual in base classes.
- Item 15: Have “operator =” return a reference to * this.
- Item 23: Don't try to return a reference when you must return an object.
- Item 6: Distinguish between prefix and postfix forms of increment and decrement operators.
- Item 7: Never overload "&&", "||", or ",".
- -Woverloaded-virtual - overloading virtual functions looks bad.
- -Wctor-dtor-privacy - unused classes - with private constructors and destructor
- -Wnon-virtual-dtor - non-virtual destructor
- -Wold-style-cast - C cast is bad
- -Werr = 'type of vorning' - perceive vorning as an error. For tuning samurai -Werr without parameters
- -Wconversion -Wsign-conversion - type conversion vorning. at which the value may change. Oddly enough, not included in -wall
- -Winit-self - int i = i;
- -Wunreachable-code - code that will never be executed
Of course, I’m not so smart myself, but I read everything in this man-article about keys related to warnings
Cppcheck
Perhaps the most worthy of the programs found.
The official website of the program and its plug-in for eclipsoids. It recognizes quite a lot, finds the following errors:
- some memory leaks, for example, the absence of delete and delete [], the absence of delete in the destructor
- outbound array
- exception thrown in the destructor
- dereferencing a null pointer
- dereferencing after clearing memory
- base class destructor virtuality
- using the same iterator for different containers
- different smaller things
It is possible to mark classes as smart pointers (so as not to report about false memics), a GUI on Qt4.
Vera ++
Vera ++ , unlike cppcheck, is focused on style checking. Has a replenished rule base. By default, the database has a lot of really idiotic pieces like “there must be a space before the colon”. The only useful feature is the prohibition of using using namespace in header files. Rules, however, you can write yourself in Tcl. :)
Rats
RATS tells pretty convincing horror stories about security and buffer overflow attacks. I didn’t look closely because I don’t know very much about protected code.
Checkers for C without pluses
Surprisingly, pure C programmers seem to care more about static analysis. Here we have a list once and twice
Will they be useful to plus developers? If you have code without classes and you remember which C ++ programs will not be compiled by the C compiler, then why not?
Splint
Here is such a thing for pure C. It is assembled almost effortlessly, but it works cleanly and looks for a lot of things - see the manual.
Simian
Simian - similarity analyzer. Looking for code duplication, means. Honestly, I did not come up with her application
Cil
CIL - With Intermediate Language. Compiles C to Simplified C! Simplified C can already be fed to other analyzers, which theoretically should improve the quality of their work.
Incomprehensible, offtopic
- Oink . Be careful if you want to use it. When compiling it seemed to me that I was building at least the linux kernel for some exotic architecture. requires Flex and Bison, I guessed for a long time ... (: And you also have to fix a bunch of errors during compilation - it seems that the developers are not something they never launch - they never collected. In the end, the beast was defeated, but here’s a list of features It turned out to be far from impressive. It works with preprocessor files, but it gives out some nonsense on it: setting a simple error with an array border - I get silence. But if I feed something to Cink with C ++ with STL - it will break out in a lot of tirade many lines. And I got it at the cost of 3 hours of compilation and editing of source codes?
- Mozilla Dehydra - something based on this very Oink'e. I would be glad if someone tells about this coinage, because the word Mozilla this time did not mean "everything is simple and clear." I did not see the list of bugs found, I did not want to compile after Oink.
- There are still compilers that provide more vorings based on static analysis. For example Rose
- Rational Purify - the renowned company IBM Rational has its own set of tools for static and dynamic analysis. I will be glad if someone tells about this program, the trial software for Linux was only for x64-architecture.
Trial / grunt software
And not enough of it. Many analyzers cost a lot of dollars and do not have cracks.
Here is an example of such an analyzer, you can go to their website and ask for the Cleanscape trivial . The possibilities are not much different from cppcheck.
What else would you like
Not all errors in the code that can be analyzed statically were presented in existing programs. I would like to:
- An exception specification policy as in Java.
- using auto_ptr in STL containers, dereferencing auto_ptr after assigning to another auto_ptr.
- using namespace in h-files
- overridden delete without new or new without delete
- call delete [] for non-arrays
- using vector with bool values inside