yu****@gmail.com wrote:
Is there a findbugs type tool that analyzes C/C++ code?
I don't know what "findbugs" does but there are several tools which
capture certain kinds of errors:
- Most compilers will warn about certain supposedly problematic
code. You might consider even compiling your code with different
compilers to get different kinds of warning. Note, however, that
not all warnings are really justified and that the compilers
frequently warn about perfectly OK code.
- PC-Lint and QA-C++ are two tools which do statical analysis of
C++ code beyond the warnings issues by compilers. They e.g. do
whole program analysis and can be configured to check for certain
stylistic restrictions. However, I have never really used these
products in a real project.
- Purify locates problems at run time at the cost of decreased
performance. For example, purify detects uninitialized memory
reads, freed memory writes, out of bounds accesses, etc. It is a
brilliant tool although running the purified code will takes
quite long to execute.
- Some STL implementations have a debugging mode which can be
enabled to detect certain violations of restrictions, e.g. using
invalidated iterators.
If at all affordable, using multiple or even all of these tools
could detect many bugs. Especially the run-time tools (debug
versions of STL and purify) work best when combined with extensive
testsuites for your code and possibly verifying coverage with a
tool, too, e.g. purecov or gcov. I enjoyed working in a setting
where code could only be checked in if a certain level of code
coverage was guaranteed by tests and purify didn't issue any reports
when the tests are run.
--
<mailto:di***********@yahoo.com> <http://www.dietmar-kuehl.de/>
<http://www.eai-systems.com> - Efficient Artificial Intelligence
