findbugs for C/C++?

[yusufm]

Is there a findbugs type tool that analyzes C/C++ code?

Thanks.

 

[Victor Bazarov]

Is there a findbugs type tool that analyzes C/C++ code?

I don't know what 'findbugs' is, but perhaps you should check out
'PC-lint'.

V

 

[Aleksander Beluga]

Is there a findbugs type tool that analyzes C/C++ code?

Thanks.

Maybe it is off-topic but I'd suggest you to check out Test-Driven
Development techniques. It is REALLY good thing to catch logic bugs.

 

[Dietmar Kuehl]

Is there a findbugs type tool that analyzes C/C++ code?

I don't know what "findbugs" does but there are several tools which
capture certain kinds of errors:
- Most compilers will warn about certain supposedly problematic
code. You might consider even compiling your code with different
compilers to get different kinds of warning. Note, however, that
not all warnings are really justified and that the compilers
frequently warn about perfectly OK code.
- PC-Lint and QA-C++ are two tools which do statical analysis of
C++ code beyond the warnings issues by compilers. They e.g. do
whole program analysis and can be configured to check for certain
stylistic restrictions. However, I have never really used these
products in a real project.
- Purify locates problems at run time at the cost of decreased
performance. For example, purify detects uninitialized memory
reads, freed memory writes, out of bounds accesses, etc. It is a
brilliant tool although running the purified code will takes
quite long to execute.
- Some STL implementations have a debugging mode which can be
enabled to detect certain violations of restrictions, e.g. using
invalidated iterators.

If at all affordable, using multiple or even all of these tools
could detect many bugs. Especially the run-time tools (debug
versions of STL and purify) work best when combined with extensive
testsuites for your code and possibly verifying coverage with a
tool, too, e.g. purecov or gcov. I enjoyed working in a setting
where code could only be checked in if a certain level of code
coverage was guaranteed by tests and purify didn't issue any reports
when the tests are run.

 

[Dave Steffen]

Is there a findbugs type tool that analyzes C/C++ code?

I don't know what "findbugs" does but there are several tools which
capture certain kinds of errors: [...]
- Purify locates problems at run time at the cost of decreased
performance. For example, purify detects uninitialized memory
reads, freed memory writes, out of bounds accesses, etc. It is a
brilliant tool although running the purified code will takes
quite long to execute.

FWIW, Valgrind is a similar beastie, but open source and specific to
certain platforms (x86 Linux). We've had much better luck with
Valgrind than we did with Purify.

----------------------------------------------------------------------
Dave Steffen, Ph.D. Nowlan's Theory: He who hesitates is not
Software Engineer IV only lost, but several miles from the
Numerica Corporation next freeway exit.
ph (970) 419-8343 x27
fax (970) 223-6797 The shortest distance between two points
(e-mail address removed) is under construction. -- Noelie Alito

 

[Dietmar Kuehl]

FWIW, Valgrind is a similar beastie, but open source and specific to
certain platforms (x86 Linux). We've had much better luck with
Valgrind than we did with Purify.

Thank you very much for pointing out valgrind! I had read the name
before occasionally but I was unaware of the power of this tool. It
looks indeed like an alternative to purify for Linux.