Looking for C++ Program Analyzers (eg, "lint for C++")

M

Matt England

I lead a large C++ development project (the open-source portion of
which can be found here: <http://svn.cleversafe.org/dscore/>), and I'm
interested in leveraging C++ "Program Analyzers" to detect problematic
code and to help condition my development team to proactively avoid
pitfalls that these tools hopefully expose.

Does anyone have any product recommendations based upon their
experience?

More details:

I see this article by Scott Meyers and Martin Klaus that appears to be
about 10 years old:

http://www.aristeia.com/ddjpaper1.html

And I wonder: what's the current state of the art?

The article above doesn't speak highly of "g++ -Wall" (which we are
currently using); maybe it's gotten better in 10 years?

Are the following tools (which I reference from the above article) or
anything else still significantly "better" than g++?

http://www.parasoft.com/jsp/products/home.jsp?product=Wizard
http://www.ics.com/products/centerline/testcenter/index.html
http://www.gimpel.com/html/lintfaq.htm
http://www.abxsoft.com/codchk.htm
http://www.programmingresearch.com/QACPP_FAMILY.htm

Specifically, I will be looking for people's experience describing
tools/products that caught real problems instead of just spewing a
bunch of errors/suggestions that end up just being busy work and not
squashing any bugs. Alas, I expect some "busy work," but I do want to
proactively kill bugs/solve problems, as well.

Thanks in advance for any help,
-Matt
Dispersed Storage: http://cleversafe.org
Remove the "downwithspammers-" text to email me.
 
Z

Zara

I lead a large C++ development project (the open-source portion of
which can be found here: <http://svn.cleversafe.org/dscore/>), and I'm
interested in leveraging C++ "Program Analyzers" to detect problematic
code and to help condition my development team to proactively avoid
pitfalls that these tools hopefully expose.

Does anyone have any product recommendations based upon their
experience?
Click to expand...
Specifically, I will be looking for people's experience describing
tools/products that caught real problems instead of just spewing a
bunch of errors/suggestions that end up just being busy work and not
squashing any bugs. Alas, I expect some "busy work," but I do want to
proactively kill bugs/solve problems, as well.
Click to expand...

I am using pc-lint (www.gimpel.com) and I am happy with it. It has
located for me some errors the compiler would not complain of.


Zara
 
M

Mirek Fidler

Matt said:
I lead a large C++ development project (the open-source portion of
which can be found here: <http://svn.cleversafe.org/dscore/>), and I'm
interested in leveraging C++ "Program Analyzers" to detect problematic
code and to help condition my development team to proactively avoid
pitfalls that these tools hopefully expose.
Click to expand...

In our little project (www.ultimatepp.org) there is semi-heuristic C++
parser and it was used by one of our users (Sandor Hojtsy) to implement
small GUI utility for his company that parses through C++ sources and
computes the metric to detect "overcomplicated" loops and methods.

The source code for the utility can be found here:

http://www.ultimatepp.org/examples$CodeMetric.html

for your convenience, I have placed compiled binary here:

http://www.ultimatepp.org/download/CodeMetric.zip

Maybe it will be of any use for you.

Mirek
 
M

mlimber

Zara said:
I am using pc-lint (www.gimpel.com) and I am happy with it. It has
located for me some errors the compiler would not complain of.
Click to expand...

My company also uses it, and it is valuable. For instance, I had
something like this in some multithreaded code:

boost::mutex mutex;

void Foo()
{
boost::mutex::scoped_lock( mutex );
// Do protected, single-threaded stuff here
}

Of course the first line in the function should have been something
like:

boost::mutex::scoped_lock lock( mutex );

so that the lock existed through the duration of the function. The
compiler didn't complain about it (nor did my brain), but thankfully
PC-Lint did.

On the other hand, there are a number of problems with the PC-Lint, as
the forum at Gimpel.com proves. In particular, it not infrequently
generates spurious messages that take time (and sometimes support from
Gimpel) to ferret out. Still, I have not used anything better.

Cheers! --M
 
M

Mirek Fidler

mlimber said:
My company also uses it, and it is valuable. For instance, I had
something like this in some multithreaded code:

boost::mutex mutex;

void Foo()
{
boost::mutex::scoped_lock( mutex );
// Do protected, single-threaded stuff here
}

Of course the first line in the function should have been something
like:

boost::mutex::scoped_lock lock( mutex );
Click to expand...

Little bit off-topic, but I have done this error so many times that I
rather ended with macro

void Foo() {
INTERLOCKED {
// Do protected stuff here...
}
}

Mirek
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Looking for C++ tester 0
Looking for automated C++ beautifier/styler 2
Looking for C++ Professionals (Bangalore) 4
C++ Now 2013 Call for Submissions 0
[C++ Now! 2012] Call for Submissions 0
MNC Hyderabad is Looking for C++ Developer... 0
[C++ Now! 2012] Deadline extension: Call for Submissions, newdeadline is January 20th, 2012 3
ASP.Net,C#.Net with healt care for TX 1

Members online

Total: 40 (members: 2, guests: 38)
Robots: 193

Forum statistics

Threads
473,764
Messages
2,569,566
Members
45,041
Latest member
RomeoFarnh

Latest Threads

Top