See the 13 * GNU General Public License for more details. 14 * 15 * You should have received a copy of the GNU General Public License 16 * along with this program. 17 */ 18 19 20 /** 21 * 22 * Cppcheck 23 * 2.12.1 24 * 25 * overview_sec Overview 26 * Cppcheck is a simple tool for static analysis of C/C++ code. 27 * 28 * When you write a checker you have access to: 29 * - %Token list - the tokenized code 30 * - Syntax tree - Syntax tree of each expression 31 * - %SymbolDatabase - Information about all types/variables/functions/etc 32 * in the current translation unit 33 * - Library - Configuration of functions/types 34 * - Value flow analysis - Data flow analysis that determine possible values for each token 35 * 36 * Use -debug-normal on the command line to see debug output for the token list 37 * and the syntax tree. Most tools can determine that the array index will be 1000 and there will be overflow.If both -debug-normal and -verbose is used, the symbol 38 * database is also written. In Cppcheck the data flow analysis is not only "forward" but "bi-directional". But in practice, it means Cppcheck will detect bugs that the other tools do not detect. In theory by definition, it is better with path sensitive analysis than flow sensitive analysis. Several other analyzers use path sensitive analysis based on abstract interpretation, that is also great however that has both advantages and disadvantages. This has been established in many studies.Ĭppcheck uses unsound flow sensitive analysis. Using several static analysis tools can be a good idea. Unique code analysis that detect various kinds of bugs in your code.īoth command line interface and graphical user interface are available.Ĭppcheck has a strong focus on detecting undefined behaviour. Cppcheck is designed to be able to analyze your C/C++ code even if it has non-standard syntax (common in embedded projects). The goal is to have very few false positives. It provides unique code analysis to detect bugs and focuses on detecting undefined behaviour and dangerous coding constructs. Cppcheck is a static analysis tool for C/C++ code.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |