Thread: tools for static code analysis

  1. #1
    Registered User
    Join Date
    Jan 2009
    Posts
    159

    tools for static code analysis

    Hi,
    I happen to come across this info on http://en.wikipedia.org/wiki/List_of..._code_analysis.
    I was wondering if some of you are using and also would recommend tools for static code analysis to find memory leaks, buffer overruns and many other common errors? Would they give some advantage over the compilation message from gcc/g++? Are valgrind and profile also among those tools?
    Thanks!

  2. #2
    Officially An Architect brewbuck's Avatar
    Join Date
    Mar 2007
    Location
    Portland, OR
    Posts
    7,396
    Valgrind and profile are runtime analysis tools. Static analysis occurs directly on your source code to find logical problems. Coverity is the only static analysis tool I've familiar with, and it's extremely expensive.

    In general, static analysis is much more difficult than runtime analysis, and tends to find a different set of problems. Because it is so difficult, not many people are giving away such tools for free.

    If your goal is to find memory leaks and out-of-bounds accesses, you can use runtime analysis with tools like Valgrind, BoundsChecker, Purify, etc. Also, combine these tools with a good coverage profiler. Runtime analysis can only find problems in code that actually executes -- analyzing coverage is necessary to make sure you're actually finding a significant fraction of bugs.

    Don't worry if your coverage ends up low, like 60%. It's really difficult to design tests that actually exercise your code completely. Even Microsoft only requires 80% code coverage for people checking in directly to their tree, but 80% is high.
    Code:
    //try
    //{
    	if (a) do { f( b); } while(1);
    	else   do { f(!b); } while(1);
    //}

  3. #3
    Registered User
    Join Date
    Jan 2009
    Posts
    159
    Thanks, brewbuck!

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Explain this C code in english
    By soadlink in forum C Programming
    Replies: 16
    Last Post: 08-31-2006, 12:48 AM
  2. Obfuscated Code Contest
    By Stack Overflow in forum Contests Board
    Replies: 51
    Last Post: 01-21-2005, 04:17 PM
  3. Updated sound engine code
    By VirtualAce in forum Game Programming
    Replies: 8
    Last Post: 11-18-2004, 12:38 PM
  4. Interface Question
    By smog890 in forum C Programming
    Replies: 11
    Last Post: 06-03-2002, 05:06 PM
  5. Replies: 4
    Last Post: 01-16-2002, 12:04 AM