Looking for C++ Program Analyzers (eg, "lint for C++")

Discussion in 'C++' started by Matt England, Dec 1, 2006.

  1. Matt England

    Matt England Guest

    I lead a large C++ development project (the open-source portion of
    which can be found here: <http://svn.cleversafe.org/dscore/>), and I'm
    interested in leveraging C++ "Program Analyzers" to detect problematic
    code and to help condition my development team to proactively avoid
    pitfalls that these tools hopefully expose.

    Does anyone have any product recommendations based upon their
    experience?

    More details:

    I see this article by Scott Meyers and Martin Klaus that appears to be
    about 10 years old:

    http://www.aristeia.com/ddjpaper1.html

    And I wonder: what's the current state of the art?

    The article above doesn't speak highly of "g++ -Wall" (which we are
    currently using); maybe it's gotten better in 10 years?

    Are the following tools (which I reference from the above article) or
    anything else still significantly "better" than g++?

    http://www.parasoft.com/jsp/products/home.jsp?product=Wizard
    http://www.ics.com/products/centerline/testcenter/index.html
    http://www.gimpel.com/html/lintfaq.htm
    http://www.abxsoft.com/codchk.htm
    http://www.programmingresearch.com/QACPP_FAMILY.htm

    Specifically, I will be looking for people's experience describing
    tools/products that caught real problems instead of just spewing a
    bunch of errors/suggestions that end up just being busy work and not
    squashing any bugs. Alas, I expect some "busy work," but I do want to
    proactively kill bugs/solve problems, as well.

    Thanks in advance for any help,
    -Matt
    Dispersed Storage: http://cleversafe.org
    Remove the "downwithspammers-" text to email me.
     
    Matt England, Dec 1, 2006
    #1
    1. Advertising

  2. Matt England

    Matt England Guest

    On Thu, 30 Nov 2006 20:55:53 -0600, I wrote:
    >I'm interested in leveraging C++ "Program Analyzers" to detect problematic
    >code and to help condition my development team to proactively avoid
    >pitfalls that these tools hopefully expose.
    >Does anyone have any product recommendations based upon their
    >experience?


    More details can be found here:

    http://cleversafe.org/forums/viewtopic.php?t=1285

    -Matt
    Dispersed Storage: http://cleversafe.org
    Remove the "downwithspammers-" text to email me.
     
    Matt England, Dec 1, 2006
    #2
    1. Advertising

  3. Matt England

    Zara Guest

    On Thu, 30 Nov 2006 20:55:53 -0600, Matt England
    <> wrote:

    >I lead a large C++ development project (the open-source portion of
    >which can be found here: <http://svn.cleversafe.org/dscore/>), and I'm
    >interested in leveraging C++ "Program Analyzers" to detect problematic
    >code and to help condition my development team to proactively avoid
    >pitfalls that these tools hopefully expose.
    >
    >Does anyone have any product recommendations based upon their
    >experience?
    >

    <...>>
    >Specifically, I will be looking for people's experience describing
    >tools/products that caught real problems instead of just spewing a
    >bunch of errors/suggestions that end up just being busy work and not
    >squashing any bugs. Alas, I expect some "busy work," but I do want to
    >proactively kill bugs/solve problems, as well.
    >


    I am using pc-lint (www.gimpel.com) and I am happy with it. It has
    located for me some errors the compiler would not complain of.


    Zara
     
    Zara, Dec 1, 2006
    #3
  4. Matt England

    Mirek Fidler Guest

    Matt England wrote:
    > I lead a large C++ development project (the open-source portion of
    > which can be found here: <http://svn.cleversafe.org/dscore/>), and I'm
    > interested in leveraging C++ "Program Analyzers" to detect problematic
    > code and to help condition my development team to proactively avoid
    > pitfalls that these tools hopefully expose.
    >


    In our little project (www.ultimatepp.org) there is semi-heuristic C++
    parser and it was used by one of our users (Sandor Hojtsy) to implement
    small GUI utility for his company that parses through C++ sources and
    computes the metric to detect "overcomplicated" loops and methods.

    The source code for the utility can be found here:

    http://www.ultimatepp.org/examples$CodeMetric.html

    for your convenience, I have placed compiled binary here:

    http://www.ultimatepp.org/download/CodeMetric.zip

    Maybe it will be of any use for you.

    Mirek
     
    Mirek Fidler, Dec 1, 2006
    #4
  5. Matt England

    mlimber Guest

    Zara wrote:
    > I am using pc-lint (www.gimpel.com) and I am happy with it. It has
    > located for me some errors the compiler would not complain of.


    My company also uses it, and it is valuable. For instance, I had
    something like this in some multithreaded code:

    boost::mutex mutex;

    void Foo()
    {
    boost::mutex::scoped_lock( mutex );
    // Do protected, single-threaded stuff here
    }

    Of course the first line in the function should have been something
    like:

    boost::mutex::scoped_lock lock( mutex );

    so that the lock existed through the duration of the function. The
    compiler didn't complain about it (nor did my brain), but thankfully
    PC-Lint did.

    On the other hand, there are a number of problems with the PC-Lint, as
    the forum at Gimpel.com proves. In particular, it not infrequently
    generates spurious messages that take time (and sometimes support from
    Gimpel) to ferret out. Still, I have not used anything better.

    Cheers! --M
     
    mlimber, Dec 1, 2006
    #5
  6. Matt England

    Mirek Fidler Guest

    mlimber wrote:
    > Zara wrote:
    > > I am using pc-lint (www.gimpel.com) and I am happy with it. It has
    > > located for me some errors the compiler would not complain of.

    >
    > My company also uses it, and it is valuable. For instance, I had
    > something like this in some multithreaded code:
    >
    > boost::mutex mutex;
    >
    > void Foo()
    > {
    > boost::mutex::scoped_lock( mutex );
    > // Do protected, single-threaded stuff here
    > }
    >
    > Of course the first line in the function should have been something
    > like:
    >
    > boost::mutex::scoped_lock lock( mutex );


    Little bit off-topic, but I have done this error so many times that I
    rather ended with macro

    void Foo() {
    INTERLOCKED {
    // Do protected stuff here...
    }
    }

    Mirek
     
    Mirek Fidler, Dec 1, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. C B
    Replies:
    0
    Views:
    3,518
  2. trend5
    Replies:
    0
    Views:
    384
    trend5
    May 31, 2004
  3. Replies:
    10
    Views:
    582
    Dennis Lee Bieber
    Aug 15, 2006
  4. Mark
    Replies:
    9
    Views:
    188
    Patrick Hurley
    Mar 10, 2006
  5. Kris Stark
    Replies:
    1
    Views:
    115
    John Bokma
    Sep 8, 2005
Loading...

Share This Page