Slashdot Mirror

← Back to Stories (view on slashdot.org)

Static Code Analysis Tools?

Posted by Cliff on from the something-else-for-the-tool-box dept.

rewt66 asks: "We are looking for a good static analysis tool for a fairly large (half a million lines) C/C++ project. What tools do you recommend? What do you recommend avoiding? What experience (good or bad) have you had with such tools?"

5 of 87 comments (clear)

  1. Re:Ideas by Anonymous Coward · · Score: 4, Insightful

    1. If you have 500k lines in a single project, consider re-factoring it into separate libraries that you can divide and conquer. Also, if you have 500k lines of code, consider cleaning it up, re-factoring it, etc. Fewer lines of code is more impressive than more.

    That's great and all, but some things just take a lot of code. Refactoring into libraries only goes so far, you're still going to have a ton of code, it'll just be split up in libraries. That's useful, and it's good advice, but since the poster didn't ask about it, you could at least give him the benefit of the doubt and assume the project is already organized appropriately. Half a million lines isn't that big, certainly not big enough to automatically assume their codebase is organized badly.

  2. Static analysis tool? by Moggyboy · · Score: 5, Funny

    India.

    --
    Work smarter, not harder.
    1. Re:Static analysis tool? by tfinniga · · Score: 4, Funny

      doing cut'n paste coding
      Seriously, that's a huge problem. All of a sudden your code stops working, and when you check it out, it's all missing.
      "Sorry, I needed it somewhere else."

      Copy and paste coding is much better.
      --
      Powered by Web3.5 RC 2
  3. Coverity by LLuthor · · Score: 4, Informative

    I strongly suggest you look at coverity.

    They have excellent checks as well as the best framework for creating custom tests that I have ever come across.

    NOTE: I am not affiliated with coverity, just a very satisfied user.

    --
    LL
  4. FlexeLint / PC-lint by DoofusOfDeath · · Score: 4, Informative

    http://www.gimpel.com/html/lintinfo.htm/

    I've never tried it for a code base as large as 500k. My guess it that I used it up to 15k. I was very pleased with it. I agreed with just about every warning it raised, and was able to easily suppress individual instances or whole classes of errors. I also found it somewhat easier to get started with compared to the big tools from Rational et al.

    I think it's a bit pricey for a an open-source coder like me, but it should be cheap enough for a company with a tools budget.